In a Q&A for the Digital Front Lines report by Foreign Policy Analytics, The Citizen Lab director Ron Deibert and human rights activist Carine Kanimba talk about the psychological impact of being targeted by mercenary spyware and the growing threat of surveillance technologies being misused by both state and non-state actors. They discuss how spyware… Read more »

In March 2024, Emile Dirks, research associate at The Citizen Lab, along with Ausma Bernot (Griffith University), and Yves Moreau (University of Leuven) prepared a written submission in response to the United Nations’ Office of the High Commissioner for Human Rights call for input on the application of digital technologies in the administration of justice. 

Apple has decided to drop its lawsuit against commercial spyware vendor NSO Group, citing a shifting risk landscape that could risk revealing the security methods used to combat commercial surveillance tools.

In an article for Lawfare, The Citizen Lab’s senior research associate Kate Robertson analyzes how, in its current form,  the draft treaty is poised “to become a vehicle for complicity in the global mercenary spy trade.”

As part of a collaborative investigation led by Access Now, Citizen Lab researchers conducted forensic analysis of iPhones belonging to members of Jordan-based civil society.

Siena Anstis, senior legal advisor at the Citizen Lab, highlights the urgent need for an international treaty to tackle digital transnational repression in her article “Regulating Transnational Dissident Cyber Espionage,” published by the Cambridge University Press’ journal International and Comparative Law.  In the article, Anstis argues that the absence of an international law to prevent… Read more »

This report provides a comprehensive guide to geolocation-related threats sourced from 3G, 4G, and 5G network operators. Case studies, references, examples, and evidence are provided to give a complete and contextual understanding of mobile network-based location tracking in order to formulate policies and actions that protect civil society from current and future geolocation surveillance.

In this report, we analyze the Windows, Android, and iOS versions of Tencent’s Sogou Input Method, the most popular Chinese-language input method in China. Our analysis found serious vulnerabilities in the app’s custom encryption system and how it encrypts sensitive data. These vulnerabilities could allow a network eavesdropper to decrypt sensitive communications sent by the app, including revealing all keystrokes being typed by the user. Following our disclosure of these vulnerabilities, Sogou released updated versions of the app that identified all of the issues we disclosed.

We identified widespread Pegasus spyware infections within Armenian civil society. We also identified two suspected Pegasus operators in Azerbaijan, whom we call BOZBASH and YANAR.

In 2022, the Citizen Lab gained extensive forensic visibility into new NSO Group exploit activity after finding infections among members of Mexico’s civil society, including two human rights defenders from Centro PRODH, which represents victims of military abuses in Mexico.