Authorities in Jordan have reportedly accessed the phones of activists and human rights defenders using Cellebrite’s forensic technology, according to findings released by the University of Toronto’s Citizen Lab. The investigation highlights concerns about data privacy and the tools available to law enforcement. Regionally, digital privacy has become an increasingly tense issue, with rights groups warning against intrusive technological measures deployed by governments. Jordan’s use of such technology, especially during periods of unrest, underscores ongoing debates around legal frameworks and the scope of surveillance in civil society. Experts note a growing tension between national security imperatives and international human rights standards.
Earlier reporting summarized Jordan’s use of phone-cracking technology as an emerging pattern rather than an isolated incident. Investigations in previous years linked Cellebrite tools to repeated targeting of activists across the Middle East and elsewhere. Various human rights organizations have called for more transparency and accountability in the deployment of such forensic tools, noting a lack of public data on their usage and efficacy. Past analysis also drew connections to trends in neighboring countries, pointing to a regional strategy relying heavily on digital access to control dissent.
How did Cellebrite tools get used against Jordanian activists?
Between late 2023 and mid-2024, Citizen Lab partnered with the Organized Crime and Corruption Reporting Project to analyze phones seized from four Jordanian activists. The investigation found what it described as “high confidence” evidence that Cellebrite’s products were employed to extract information following phone confiscation by authorities. This aligned with legal documents from court cases involving the 2023 Cybercrime Law, detailing processes used against a range of civil society figures, including student organizers and political activists.
What does Cellebrite say about its customer screening policies?
A spokesperson for Cellebrite asserted that the company cannot comment on specific countries but stated that all clients are checked against U.S. and international sanctions, and adherence to internal human rights policies is required. According to Victor Cooper, the firm does not license products to any group on sanctions lists, and products are intended for use only within legal boundaries.
“Beyond these baselines, the company vets potential customers against internal human rights parameters, leading us to historically cease business in jurisdictions where risks were deemed incompatible with our corporate values,”
Cooper said. Cellebrite maintains that their technology cannot access or monitor phones in real time but is utilized for data extraction after legal procedures.
How have activists and human rights groups responded to these findings?
Activists affected by the probes reported a significant erosion of trust and indicated greater caution in their communications. The uncertainty regarding the reach and scope of such forensic technologies has contributed to fears of increased self-censorship among civil society members. Citizen Lab described Cellebrite’s responses to requests for clarification as insufficient.
“Surveillance is not limited to spyware. Authoritarian states access smartphone data remotely with spyware like Pegasus or by physically seizing a device and using Cellebrite to access the contents.”
a Citizen Lab research fellow stated.
While Jordanian officials offered no public comment, analysts anticipate continued debate over the relationship between state security technologies and internationally recognized human rights. Human rights organizations and privacy advocates have been calling for audits and greater transparency concerning the use of digital forensic tools. The Citizen Lab findings suggest an entrenched reliance on technologies such as Cellebrite since at least 2020, raising urgent questions about oversight, consent, and the potential for legal reform in Jordan and similar jurisdictions.
Technology-assisted access to private data now forms a key part of law enforcement investigations, especially where governments seek to assert control during periods of protest or dissent. Readers interested in protecting their personal data may benefit from practices such as regular security updates, strong passcodes, and encrypted communications. For organizations operating in sensitive environments, digital security training and routine device audits provide an added layer of protection against unauthorized access. As the demand for forensic tools continues across various sectors, ongoing scrutiny is likely from rights groups, watchdog organizations, and technology companies alike.
