You can also read a pdf version of this technical briefing.

Amnesty International’s Security Lab, in collaboration with Amnesty’s European Regional Office, has uncovered a new case of misuse of a Cellebrite product to break into the phone of a youth activist in Serbia. The attack closely matches the form of attack that we previously documented in a report, ‘A Digital Prison’, published in December 2024. This new case provides further evidence that the authorities in Serbia have continued their campaign of surveillance of civil society in the aftermath of our report, despite widespread calls for reform, from both inside Serbia and beyond, as well as an investigation into the misuse of its product, announced by Cellebrite.

On 26 February 2025, Amnesty International filed written submissions to the European Court of Human Rights in the case of Krzysztof Brejza v. Poland and 8 Other Applications. The case raises important questions of significance for domestic and regional legal systems around the world grappling with the intersection of human rights and digital surveillance through spyware. Based on its research, Amnesty International submits that, to comply with international and regional human rights law and standards, states should adopt a ban on highly invasive spyware because, as is explained, its technical features render it incompatible with international human rights law and standards.

This is the Executive Summary of Amnesty International’s report on surveillance and the suppression of civil society in Serbia. Please click here for the full report in PDF format.

Women and LGBTI activists in Thailand are being subjected to an online onslaught of abusive speech laced with misogynistic, homophobic and transphobic language, sexualized content and other forms of technology-facilitated gender-based violence (TfGBV), Amnesty International said in a new report released today.

Amnesty International research relies on collaborations across multiple teams. The Security Lab recently had the opportunity to provide technical research support to a new report about the CBP One app. The report was researched and written by human rights experts from Amnesty International’s Americas Regional Office and Amnesty International USA, based on several research trips and numerous interviews with asylum seekers and local and international organisations. The Security Lab supported the research through a technical analysis of the CBP One application. 

Click here for a PDF version of this briefing.

Amnesty International, in partnership with The Washington Post, has unearthed shocking new details about the continued use of NSO Group’s highly invasive spyware Pegasus to target prominent journalists in India, including one who had previously been a victim of an attack using the same spyware.

This forensic appendix outlines forensic evidence on the use of highly invasive spyware against two journalists from India. Our investigation confirms that the devices of both individuals were targeted with NSO Group’s Pegasus spyware between August and October 2023. More information about the context for these attacks is available in an accompanying press release.

Together with civil society partners the SHARE Foundation, Access Now, and the Citizen Lab, Amnesty International can reveal that sophisticated spyware is being used to target civil society in yet another European country  – Serbia.

Shocking spyware attacks have been attempted against civil society, journalists, politicians and academics in the European Union (EU), USA and Asia, according to a major new investigation by Amnesty International. Among the targets of Predator spyware are United Nations (UN) officials, a Senator and Congressman in the USA and even the Presidents of the European Parliament and Taiwan.  The investigation is part of the ‘Predator Files’ project, in partnership with the European Investigative Collaborations (EIC) and backed by additional in-depth reporting by Mediapart and Der Spiegel.

On 5 October 2023, a major global investigation – the “Predator Files” – was published exposing the proliferation of surveillance technologies around the world and the failure of governments and the European Union (EU) to properly regulate the industry. The Security Lab at Amnesty International is a technical partner in the “Predator Files”, a project coordinated by the European Investigative Collaborations (EIC) media network into the Intellexa alliance, the makers and marketers of the Predator spyware. As part of this collaboration, the Security Lab has reviewed technical documentation, marketing material and other records obtained by Der Spiegel and Mediapart – who are part of EIC – which shed light on the ecosystem of surveillance products offered by the Intellexa alliance.