New research has uncovered evidence that Kenyan authorities used a commercial phone hacking tool to access the device of a prominent activist while it was in police custody. The findings, published by the University of Toronto’s Citizen Lab, point to the use of technology from the Israeli firm Cellebrite, marking another instance of such forensic tools being deployed against civil society figures.
Details of the Forensic Investigation
The investigation was conducted by Citizen Lab, an interdisciplinary research unit at the University of Toronto’s Munk School of Global Affairs and Public Policy. Their technical analysis identified digital traces consistent with the use of Cellebrite’s Universal Forensic Extraction Device (UFED) on the activist’s smartphone.
The device was seized by Kenyan police during the activist’s detention. The UFED tool is designed for law enforcement and intelligence agencies to extract data from mobile phones, including deleted messages, call logs, and location history.
Context of the Incident
This case is part of a broader pattern documented by digital rights groups, where powerful surveillance and extraction technologies sold to governments are used to target journalists, opposition members, and human rights defenders. Cellebrite markets its products strictly to government agencies for lawful investigations.
Kenyan authorities have not publicly commented on the specific allegations raised in the Citizen Lab report. The identity of the activist was not disclosed in the research summary for security reasons.
Broader Implications for Digital Security
The incident highlights ongoing concerns about the export and use of dual-use surveillance technologies. While intended for criminal investigations, these tools can be misused for political repression or to silence dissent.
Civil society organizations have repeatedly called for stricter human rights due diligence and export controls on companies that manufacture digital forensic and intrusion tools. The lack of transparency around the sale and use of these technologies makes oversight difficult.
Company Policy and Past Scrutiny
Cellebrite states that its customers must use its products in accordance with the law and respect human rights. The company has a published Human Rights Policy and states it conducts due diligence on potential clients.
However, Citizen Lab and other researchers have previously documented cases where Cellebrite tools were found on devices belonging to activists in other countries, leading to criticism of the company’s compliance mechanisms. Cellebrite has previously stated it investigates any allegations of misuse.
Next Steps and Ongoing Scrutiny
The full technical report from Citizen Lab is expected to be published in the coming weeks, which may provide further details on the forensic methodology. Digital rights advocates are likely to use the findings to renew calls for regulatory action.
Attention will now turn to the official response from the Kenyan government and whether Cellebrite will initiate an inquiry into the alleged use of its system in this case. The outcome may influence the ongoing global debate on the ethics of the surveillance technology industry.
Source: Citizen Lab, University of Toronto
