Since 2015, 73 governments around the world have purchased and/or used invasive spyware manufactured by 17 companies. Europe and the U.S. are home to almost 50% of these companies. When combined with Israel, the figure rises to 76%.
Their customers are predominantly repressive regimes looking for new ways to control the flow of information and stifle dissent. Less than 10% of suspected customers are considered full democracies by the Economist Intelligence Unit.
This report reveals how companies based in economically developed and largely democratic states are profiting from exporting highly invasive surveillance technologies to repressive regimes where its misuse is likely.
We analyzed almost 100 reports and articles published since 2015 and documented approximately 250 individual transactions between governments and private companies. While some of these deals may have been made before 2015, they were not unearthed until more recently.
The findings provide a comprehensive view of this largely unrestricted and highly secretive market and demonstrate the need for meaningful regulation and increased transparency within the sector.
The technologies discussed in this report can all secretly monitor someone’s digital activity from afar. They range from highly sophisticated and expensive exploits such as NSO’s “zero-click attacks” to those that exploit widespread vulnerabilities in telecommunication protocols.
The impact of these tools on civil society is increasingly well known, with the likes of NSO Group becoming household names due to their alleged role selling invasive tools to repressive regimes that use them to track down and silence dissidents. Despite growing evidence, most of the companies named in this report have vehemently denied enabling human rights abuses.
“The private surveillance industry is a free-for-all… States and industry are collaborating in the spread of technology that is causing immediate and regular harm to individuals and organisations that are essential to democratic life” – David Kaye, former UN Special Rapporteur on Freedom of Expression
The true number of those impacted by spyware is almost impossible to discern, particularly given that many people will fall victim to the technology and not notice.
Despite this, we have found over 3,000 individuals that have been affected. While their precise identities are often concealed due to security concerns, many of those identified are prominent figures that play an important role in defending freedom of expression and promoting human rights.
Activists & dissidents were the most frequently targeted, followed by government officials and journalists. We also discovered that spyware had been used to target individuals across nation state boundaries at least 85 times, including the targeting of Rwandan political figures based in Belgium.
This report shows that despite repeated criticisms and attempted regulation, the commercial spyware industry continues to grow unabated. Estimated to be worth $12 billion, it is clear more needs to be done to reign in the industry to protect human rights and safeguard freedom of expression.