The Biden administration has announced an executive order that would ban U.S. federal agencies from using commercially developed spyware that poses threats to human rights and national security. This powerful surveillance technology often exploits previously undisclosed flaws found in an iPhone or Android’s software to steal a person’s photos, contacts, call logs, messages and real-time location data. It has been used to target journalists, lawyers, and human rights defenders who are critical of their government.

The criteria of the executive order would likely affect known government spyware makers and vendors known to sell to authoritarian governments that commit human rights abuses, including NSO Group, Cytrox and Candiru. It includes both domestic and foreign-made spyware, as to not incentivize companies to relocate to the United States, but the list of banned spyware would not necessarily be made public.

The order comes after several U.S. government personnel had their phones targeted, including former Meta trust and safety manager Artemis Seaford, who holds both U.S. and Greek passports, and several U.S. Embassy employees in Uganda. At least 50 U.S. federal employees in 10 countries on multiple continents are suspected or confirmed as being compromised by spyware, though the actual number may be higher.

The FBI reportedly bought a license for an Israeli company’s spyware for research and development, and the Drug Enforcement Administration uses Graphite, a spyware tool developed by an Israel-based company. The DEA claims to only use this tool outside of the U.S., but would not say if Americans are targeted.

The executive order is the latest in a rash of responses by the executive branch in recent weeks following years of congressional inaction on human rights and national security. It can be revoked at any time, including by any subsequent administration.