Read on the GuardianKenyan Authorities Accused of Using Israeli Tech to Crack Activist's Phone
A new report from Citizen Lab claims with 'high confidence' that Kenyan authorities used technology from the Israeli firm Cellebrite to break into the personal phone of pro-democracy activist and presidential aspirant Boniface Mwangi while he was under arrest. The incident, which left Mwangi's device without its password protection, raises serious concerns about the misuse of surveillance tools against civil society and the failure of tech companies to prevent such abuses. This case highlights the growing global pattern of governments employing advanced digital forensics to target activists, journalists, and political opponents.
The intersection of technology, state power, and civil liberties faces a critical test in Kenya, following a disturbing report from the University of Toronto's Citizen Lab. The research group alleges that authorities used sophisticated Israeli-made software to bypass the security on the personal phone of prominent activist Boniface Mwangi. This incident is not an isolated case but part of a troubling global trend where powerful digital forensics tools, sold for legitimate law enforcement purposes, are allegedly weaponized against political dissent and lawful activism. The implications extend far beyond Kenya's borders, challenging international norms on privacy, corporate responsibility, and the protection of fundamental rights in the digital age.
The Incident: A Compromised Device and a Violated Privacy
In July 2025, Boniface Mwangi, a well-known Kenyan pro-democracy figure with presidential ambitions for 2027, was arrested and charged with unlawful possession of ammunition in connection to street protests. Amnesty International described the charges as part of a "broader effort to intimidate lawful dissent." When his phones were eventually returned, Mwangi discovered a critical breach: his personal device, which contained intimate family photos and private communications, was no longer password-protected. He could open it without any security barrier, a clear sign that the device had been accessed and its security mechanisms disabled while in police custody.
Mwangi described the violation as making him feel unsafe and "exposed," a sentiment compounded by his previous experiences of harassment and torture. For an activist operating under constant surveillance, the knowledge that the state potentially possesses his most private data represents a profound threat. As Mwangi stated in an interview referenced by The Guardian, "I know that my phone calls are monitored and my messages are read." The phone's compromise confirmed his worst fears about the extent of state monitoring.
Citizen Lab's Findings: Pointing to Cellebrite
On February 17, 2026, Citizen Lab released a report detailing its forensic investigation into Mwangi's device. The researchers concluded with "high confidence" that the technology used to break into the phone was manufactured by Cellebrite, an Israeli company specializing in digital intelligence solutions for law enforcement and government agencies. According to the report, the use of Cellebrite's tools "could have enabled the full extraction of all materials from Mwangi’s device, including messages, private materials, personal files, financial information, passwords, and other sensitive information."
This extraction capability is the core product offered by firms like Cellebrite. Their Universal Forensic Extraction Device (UFED) is marketed as a tool for accessing data from mobile devices during criminal investigations. However, Citizen Lab's report argues this case adds to evidence that such technology is being "abused by its government clients, and the company is failing to prevent those abuses from happening." The researchers contend that selling powerful surveillance tools to governments with documented records of human rights abuses inherently puts journalists, activists, and dissidents at risk.
Corporate Accountability and Government Secrecy
The report places significant responsibility on Cellebrite itself. In a statement to The Guardian, the company defended its practices, stating it maintains a "rigorous process for reviewing allegations of technology misuse" and takes "decisive action," including license termination, when presented with credible evidence. Cellebrite emphasized it does not "respond to speculation" and encouraged organizations to share evidence-based concerns directly. However, this response highlights a central tension: the burden of proof often falls on under-resourced civil society groups to definitively prove misuse, while the company profits from sales to potentially repressive regimes.
On the government side, transparency is absent. The Guardian's attempts to get a comment from Kenya's police spokesperson and its embassy in Washington were unsuccessful. This lack of official response is typical in such cases, leaving the allegations unchallenged in the public sphere and denying citizens accountability from their own institutions. The silence reinforces a climate of impunity where high-tech surveillance operates in the shadows, away from judicial or parliamentary oversight.
A Global Pattern of Abuse
The targeting of Boniface Mwangi is not an anomaly in Kenya or globally. Citizen Lab's report notes this incident follows a similar pattern discovered in 2025, where the phones of Kenyan film-makers Bryan Adagala and Nicholas Wambugu were found to have FlexiSPY spyware installed while in police possession. Furthermore, a separate Citizen Lab report in January 2026 suggested authorities in Jordan were using Cellebrite technology to extract data from the phones of activists critical of Israel and supportive of Gaza.
John Scott-Railton, a senior researcher at Citizen Lab, framed the issue starkly: "Your phone holds the keys to your life, and governments shouldn’t be able to help themselves to the contents just because they don’t like what you are saying." Reports indicate Cellebrite tools have also been used against civil society in Myanmar, Botswana, Serbia, and Belarus. This global pattern reveals a lucrative industry supplying authoritarian and democratic governments alike with tools that can easily be turned against citizens exercising their fundamental rights.
Conclusion: Safeguarding Digital Rights in an Age of Surveillance
The case of Boniface Mwangi's phone is a microcosm of a much larger crisis. It underscores the urgent need for robust international regulations governing the export and use of dual-use surveillance technology. Companies like Cellebrite must implement far more stringent human rights due diligence processes before sales, with mechanisms for independent auditing and severe penalties for violations. Nationally, countries like Kenya require stronger legal frameworks that mandate judicial warrants for phone extraction, provide transparency about the tools law enforcement uses, and create avenues for redress when these tools are abused.
Ultimately, the integrity of the digital space as a domain for free expression and assembly is at stake. Without decisive action from the international community, tech companies, and domestic legislatures, the powerful tools designed to combat crime will continue to be repurposed to silence dissent, chill activism, and undermine democracy itself. The security of one activist's phone is a bellwether for the security of us all in the connected world.
