Publications
Location data collected from mobile apps and digital advertising can reveal habits, interests and almost any other aspect of someone’s life. In this report, we uncover how a geolocation surveillance system called Webloc uses ad-based data to monitor hundreds of millions of people across the globe.
Following the widely-condemned arrest in July 2025 of prominent Kenyan opposition voice Boniface Mwangi, the Citizen Lab analyzed artefacts from devices seized during the arrest. We found that Cellebrite’s forensic extraction tools were used on his Samsung phone while it was in police custody. This case adds to the concerning pattern of the misuse of Cellebrite technology by government clients.
Through a multi-year investigation, we find that the Jordanian security apparatus has deployed forensic extraction products manufactured by Cellebrite against civil society devices. We release these findings alongside reporting from the Organized Crime and Corruption Reporting Project (OCCRP) which includes interviews with a few of the victims.
Citizen Lab senior legal advisor Siena Anstis co-authored an article with Jillian Sprenger (McGill University) in the International Journal of Human Rights on the ways that members of civil society targeted by spyware attempt to seek remedy. Anstis and Sprenger analyze gaps and challenges that remain in obtaining a remedy for targets, suggesting areas for reform through which members […]
Our investigation of a spearphishing campaign that targeted senior members of the World Uyghur Congress in March 2025 reveals a highly-customized attack delivery method. The ruse used by attackers replicates a pattern in which threat actors weaponize software and websites aimed at preserving and supporting marginalized and repressed cultures to target those same communities.
