Kenyan authorities used Israeli tech to crack activist’s phone, report claims

. UK edition

Boniface Mwangi
Boniface Mwangi: ‘I know that my phone calls are monitored and my messages are read.’ Photograph: Tony Karumba/AFP/Getty Images

Citizen Lab report suggests Cellebrite software was used to break into Boniface Mwangi’s phone while he was under arrest

When Boniface Mwangi, the prominent Kenyan pro-democracy activist who plans to run for president in 2027, had his phones returned to him by Kenyan authorities after his controversial arrest last July, he immediately noticed a problem: one of the phones was no longer password protected and could be opened without one.

It was Mwangi’s personal phone, which he used to communicate with friends and mentors, and contained photos of private family moments with his wife and children. Knowing that its contents could be in the hands of the Kenyan government made Mwangi – who has described harassment and even torture – feel unsafe and “exposed”, he told the Guardian.

A report released on Tuesday by Citizen Lab, which tracks digital threats against civil society, has found with “high confidence” that Kenyan authorities used Israeli technology to break into Mwangi’s phone while he was under arrest last year, when the device was in police custody.

Authorities’ use of the technology, made by Cellebrite, “could have enabled the full extraction of all materials from Mwangi’s device, including messages, private materials, personal files, financial information, passwords, and other sensitive information”, Citizen Lab said.

The findings, researchers claimed, add to the growing body of evidence that Cellebrite’s technology is being “abused by its government clients, and the company is failing to prevent those abuses from happening”.

In a statement to the Guardian, Cellebrite said it maintained a “rigorous process for reviewing allegations of technology misuse” and that it took “decisive action”, including licence termination, when credible and substantiated evidence is presented to the company.

“We do not respond to speculation and encourage any organisation with specific, evidence-based concerns to share them with us directly so we can act on them,” the company said.

The Guardian reached out to Kenya’s police spokesperson and the Kenyan embassy in Washington for comment but did not receive a response.

Amnesty International said last July, after Mwangi’s arrest and charges that he unlawfully possessed ammunition in connection to his role in street protests, that the legal campaign against him appeared to be “part of a broader effort to intimidate lawful dissent and those committed to upholding the rule of law”. Mwangi was released on bond a few days after his arrest and is expected again in court on Wednesday.

In an interview, Mwangi said he knew he operated in an environment of constant surveillance. By the time authorities came for him, he said, they had collected information about him from other people’s phones, and “knew my role in the movement”.

“We know that I get spied on all the time. I know that my phone calls are monitored and my messages are read,” he said.

Last year, a forensic analysis by Citizen Lab found that the FlexiSPY spyware had been installed on phones belonging to Kenyan film-makers Bryan Adagala and Nicholas Wambugu while the devices were in police possession. Police were investigating them in connection with a BBC documentary incriminating security forces in killings during anti-government protests in 2024. The BBC denied the two men were involved in the production.

The latest findings by Citizen Lab, Mwangi said, pointed to the role played by “non-state actors” in enabling the surveillance of pro-democracy activists by a government accused of abducting people.

“By them giving the government the access to spy on me, they’re putting my life in jeopardy,” he said.

Citizen Lab’s latest findings follow a separate report released in January, in which the researchers said authorities in Jordan appeared to be using Cellebrite to extract information from the mobile phones of activists and protesters who had been critical of Israel and spoken out in support of Gaza.

In response to the report, Cellebrite said at the time that its technology was used to “access private data only in accordance with legal due process or with appropriate consent to aid investigations legally after an event has occurred”.

Cellebrite products have reportedly also been used to target members of civil society in other parts of the world, including in Myanmar and Botswana. There have also been indications of its use in Serbia and Belarus.

John Scott-Railton, a senior researcher at Citizen Lab, said: “Your phone holds the keys to your life, and governments shouldn’t be able to help themselves to the contents just because they don’t like what you are saying … When Cellebrite sells their technology to a security service with a track record of abuses, journalists, activists, and people speaking their conscience are at risk.”