Amnesty International has accused Serbian authorities of conducting a surveillance campaign targeting journalists and activists using a combination of homegrown spyware and technology supplied by Israeli surveillance firm Cellebrite DI Ltd. In a report released on Monday, Amnesty detailed how Serbian officials allegedly hacked dozens of mobile devices, citing digital forensic evidence and testimony from affected individuals.
According to the report, Serbian authorities used Cellebrite’s software to unlock phones before infecting them with a spyware program dubbed “NoviSpy” by Amnesty. Once installed, NoviSpy covertly captured screenshots, copied contacts, and uploaded sensitive data to a government-controlled server.
“In multiple cases, activists and a journalist reported signs of suspicious activity on their mobile phones directly following interviews with Serbian police and security authorities,” Amnesty stated.
Cellebrite’s Chief Marketing Officer, David Gee, responded to the allegations, saying the company is investigating the matter. “Should those accusations be accurate, that could potentially be in violation of our end user license agreement,” Gee told Reuters. If confirmed, Cellebrite may suspend the use of its technology by Serbian authorities.
Gee emphasized that installing surveillance software is not part of Cellebrite’s operations and noted that the company is contacting Serbian officials for clarification.
Amnesty’s report included accounts from activists who noticed suspicious activity on their phones shortly after meetings with Serbia’s Security Intelligence Agency (BIA). One activist discovered that their contacts and private photos had been exported to a BIA-controlled server. Digital forensic experts confirmed the presence of NoviSpy on their device.
Amnesty also highlighted that Serbia received Cellebrite’s phone-cracking devices as part of a broader initiative funded by Norway and managed by the United Nations Office for Project Services (UNOPS). The program, running from 2017 to 2021, aimed to assist Serbia in combating organized crime as part of its efforts to meet European Union integration standards.
Norwegian authorities temporarily halted the delivery of Cellebrite devices in 2018 due to concerns about misuse. However, the devices were eventually delivered in June 2019. Norway’s Deputy Foreign Minister Maria Varteressian called the allegations “alarming” and “unacceptable,” adding that Norwegian officials would meet with Serbian authorities and UNOPS to gather more information.
UNOPS issued a statement welcoming Amnesty’s report and emphasized that it had enhanced mechanisms to assess and mitigate potential adverse effects since 2017. The agency did not elaborate on these measures.
Deputy Foreign Minister Varteressian stated, “We expect UNOPS to investigate the allegations,” underscoring Norway’s commitment to ensuring accountability in its aid programs.
Serbia’s interior ministry, foreign ministry, and the BIA have yet to comment on the allegations despite requests made on December 12.
The case raises broader concerns about the misuse of surveillance technologies supplied by private firms to governments. Cellebrite’s tools are widely used by law enforcement agencies, including the FBI, for legitimate investigative purposes, but this incident underscores the potential for abuse in authoritarian or semi-authoritarian contexts.
Amnesty’s findings cast a spotlight on the need for stricter oversight of surveillance technology and its deployment, particularly in nations with a history of press suppression and human rights violations. The revelations also challenge international donors and organizations to ensure that their aid programs do not inadvertently enable human rights abuses.
Bd-pratidin English/ Jisan
