Technology Against Human Rights

Cellebrite’s Surveillance Software

Cellebrite, an Israeli digital intelligence company known for making software tools used to extract data from smartphones, has announced it will halt sales to Russian and Belarus state security services.

All our phones are hacked. Minsk, September 2020.

The decision comes on the heels of revelations that the company’s technology was used by governments to persecute and pressure minority groups and opposition activists in both Russia and Belarus, as well as Hong Kong and Bangladesh.

Israeli newspaper Haaretz, which was the first to cover the hacking practices exposed by civil rights activists, reports that Yossi Carmil, Cellebrite’s CEO, announced a change to the company’s export policies on 18 March, saying this was to ensure that Cellebrite operates “according to accepted international rules and regulations”.

In July 2020, human rights activist and lawyer Eitay Mack, along with dozens of other activists in Israel and Hong Kong, blew the whistle on documents linking Cellebrite’s software with state persecution of political opposition, ethnic minority and LGBTQI+ activists, and rights defenders in Russia.

They also circulated a petition calling on the digital intelligence company to stop exporting their tools to repressive states. By October, Mack had successfully pressured Cellebrite to stop selling its wares to Chinese and Hong Kong law enforcement.

One of Cellebrite’s most popular tools is UFED, a software solution used to force entry into and automate data extraction from smartphones.

Russia’s Investigative Committee has openly disclosed the frequent use of UFED by the country’s security forces.

In March, Russian independent news outlet MediaZona reported that the use of UFED was mentioned in the case file of Lyubov Sobol, a lawyer at the Anti-Corruption Foundation and political associate of Russian oppositionist Alexey Navalny.

In December 2020, Sobol was detained after attempting to visit one of Navalny’s alleged poisoners at home. State investigators confiscated her phone and attempted to break into it.

Sobol is currently under house arrest in the wake of mass protests in January, in support of Navalny.

Belarusian President Aliaksandr Lukashenka’s de facto regime has been putting increasing pressure on the country’s opposition and activists since the disputed election in August 2020, and has also cracked down on the mass protests in the country.

Though Cellebrite has denied selling its solutions to Belarus in the past, Mack claims the Belarusian government has used Cellebrite tools to hack into the phones of detained protest participants.

Belarusian IT news website found 17 records on the Belarus state procurement website indicating that between 2013 and 2019, the regime’s Investigative Committee and Forensic Analysis Committee had purchased the UFED software, renewed licenses, secured technical support and other services from Cellebrite.

In the past year, Cellebrite has also pitched its phone spying and tracking capabilities to governments around the world to assist with contact tracing during the COVID-19 pandemic.

Privacy advocates have cautioned that authoritarian regimes may use the pretext of the unprecedented public health crisis to significantly expand citizen surveillance, data collection without consent, and location tracking.

recent report by Pandemic Big Brother, a joint initiative of Russian digital rights organization Roskomsvoboda and Belarusian human rights centre Human Constanta, found that such unchecked surveillance can present “a threat to privacy, freedom of movement, choice of residence and freedom of assembly, and can undermine public trust in authorities”.

This article originally appeared in GlobalVoices and is reprinted with permission. Photograph courtesy of Natallia Rak. Published under a Creative Commons license.