There are more than 2,800 US government Cellebrite customers, according to the smartphone hacking company. The tech can be used to extract most data from both iPhones and Android phones.
The company also boasts that its private sector clients include “six out of the world’s 10 largest pharmaceutical companies and six of the 10 largest oil refineries”…
Background
Cellebrite is an Israel-based company that makes hardware and software designed to bypass passcode locks on smartphones.
It came to public attention when it was reported to have been used by the FBI to unlock the iPhone belonging to the San Bernardino shooter. It later turned out that this was probably not the case, but it put the company in the spotlight – with subsequent revelations that the phone-cracking tech has been widely used by US law enforcement.
US government Cellebrite customers
But a new report today based on an SEC filing suggests that US government use of Cellebrite is far more widespread than previously indicated. The company revealed that it has over 2,800 US government customers, including some surprising ones. The Intercept reports.
Investigators with the US Fish and Wildlife Service frequently work to thwart a variety of environmental offenses, from illegal deforestation to hunting without a license. While these are real crimes, they’re not typically associated with invasive phone hacking tools. But Fish and Wildlife agents are among the increasingly broad set of government employees who can now break into encrypted phones and siphon off mounds of data with technology purchased from the surveillance company Cellebrite.
Across the federal government, agencies that don’t use Cellebrite technology are increasingly the exception, not the rule. Federal purchasing records and Cellebrite securities documents reviewed by The Intercept show that all but one of the 15 U.S. Cabinet departments, along with several other federal agencies, have acquired Cellebrite products in recent years. The list includes many that would seem far removed from intelligence collection or law enforcement, like the departments of Agriculture, Education, Veterans Affairs, and Housing and Urban Development; the Social Security Administration; the U.S. Agency for International Development; and the Centers for Disease Control and Prevention […]
In a filing to the Securities and Exchange Commission, the company said that it had over 2,800 government customers in North America.
Unlike NSO’s spyware, Pegasus, Cellebrite does require physical access to the device. This makes it less dangerous – but the highly intrusive tool is reportedly cheap enough to be routinely used to check the phones of travellers at immigration checkpoints, and suspects in crimes as trivial as shoplifting and being drunk in public, raising obvious privacy and civil liberties concerns.
The sheer number of US customers cited suggests that this includes many police departments.
Last spring, secure messaging service Signal managed to disrupt Cellebrite’s access to iPhones, but the company quickly revealed a workaround.
FTC: We use income earning auto affiliate links. More.
Comments