Abstract illustration of people using mobile phones with lines interconnecting them, below an icon with the text, 'Predator Files'.

Global: ‘Predator Files’ investigation reveals catastrophic failure to regulate surveillance trade

A new investigation into the global surveillance crisis by the European Investigative Collaborations (EIC) media network, with technical assistance from Amnesty International’s Security Lab, today begins to reveal the shocking truth about how far the industry’s tentacles have spread and how ineffective EU regulation has been in controlling it. 

The ‘Predator Files’ focuses on the “Intellexa alliance” — a complex, morphing group of interconnected companies — and Predator, its highly invasive spyware. This spyware, and its rebranded variants, can access unchecked amounts of data on devices. It cannot, at present, be independently audited or limited in its functionality to only those functions that are necessary and proportionate to a specific use and target. Predator can infiltrate a device when the user simply clicks on a malicious link, but it can also be delivered through tactical attacks, which can silently infect nearby devices. 

Intellexa alliance’s products have been found in at least 25 countries across Europe, Asia, the Middle East and Africa and have been used to undermine human rights, press freedom, and social movements across the globe.  

Intellexa says it is an “EU-based and regulated company” which is, in itself, a damning indictment of how EU member states and institutions have failed to prevent the ever-expanding reach of these surveillance products despite a series of investigations such as the ‘Pegasus Project’ in 2021.  

“The ‘Predator Files’ investigation shows what we have long feared: that highly invasive surveillance products are being traded on a near industrial scale and are free to operate in the shadows without oversight or any genuine accountability. It proves, yet again, that European countries and institutions have failed to effectively regulate the sale and transfer of these products,” said Agnès Callamard, Amnesty International’s Secretary General. 

“Surveillance technology companies that are EU-based and supposedly EU-regulated are subject to EU controls under the EU Dual Use Regulation, which seeks to prevent human rights harms by establishing export controls on surveillance technologies exported by EU-based companies. As the Predator Files investigation demonstrates, EU regulators are unable or unwilling to control and prevent human rights harms in relation to the export of spyware. There is only one possible conclusion: given the ineffectiveness of the regulation, proven time and time again, the use of highly invasive spyware like Predator must be outlawed.”  


Surveillance technology running wild 

The year-long investigation was conducted by European Investigative Collaborations (EIC), a partnership of over a dozen media organizations, and assisted by Amnesty International’s Security Lab through the analysis of technical information obtained by the EIC. The Security Lab also conducted its own independent research, which will be published as part of the ‘Predator Files’ investigation in the coming days. 

“The ‘Predator Files’ investigation is equally as damning as the ‘Pegasus Project’ that preceded it. It is arguably worse, as very little has changed. Mercenary surveillance companies like the Intellexa alliance have continued to peddle their wares and make millions in profit at the expense of human rights with almost complete impunity. European Union states must stop shirking their responsibilities and start reining in these companies,” said Donncha Ó Cearbhaill, Head of Amnesty International’s Security Lab.  

The Intellexa Group, part of the Intellexa alliance, produces the Predator spyware and advertises itself as an “EU-based and regulated company”. It was founded in 2018 by Tal Dilian, a former Israeli army officer, and several of his associates and is controlled by the holding company Thalestris, which is based in Ireland. The Intellexa alliance brings together the Intellexa group with the Nexa group of companies, which operated mainly from France. 

Among the 25 countries that the EIC consortium of media outlets found Intellexa alliance products have been sold to are Switzerland, Austria and Germany. Other clients include Oman, Qatar, Congo, Kenya, the United Arab Emirates, Singapore, Pakistan, Jordan and Viet Nam. 

Amnesty International’s analysis of recent technical infrastructure linked to the Predator spyware system indicates its presence, in one form or another, in Sudan, Mongolia, Madagascar, Kazakhstan, Egypt, Indonesia, Viet Nam, and Angola, among others.  

Amnesty International reached out to the entities involved for comment but received no response. However, EIC did receive a response from the main shareholders and former executives of Nexa group, who claim that the Intellexa alliance has ceased to exist.  

Regarding exports of surveillance technologies to the states mentioned above, they claim that either “a commercial relationship was established in full compliance with applicable regulations, or there has never been a contract and/or delivery”.  

Finally, they claim that the entities of Intellexa alliance “scrupulously respected export regulations”, while acknowledging that they established “commercial relations” with countries that ”were far from perfect in terms of the rule of law,” further stating that it was often a function of “political choices” from the French government. 

The Amnesty International Security Lab published an in-depth technical analysis of the surveillance products offered by the Intellexa Alliance on 6 October as part of the ‘Predator Files’ investigation.

A comprehensive report on the Amnesty International Security Lab’s findings, ‘The Predator Files: Caught in the Net’, will be published on 9 October.