Listen to this article now

For years, law enforcement agencies globally have relied on phone hacking technology provided by Cellebrite to unlock devices and access their data. The company has maintained a stance of keeping the utilization of its technology under wraps. As part of agreements with government entities, Cellebrite has requested that users maintain the confidentiality of its technology, along with any indication of its use, according to sources at GREYJournal. This demand has raised questions among legal experts who argue that the transparency and oversight of potent technologies like those developed and sold by Cellebrite should be subject to public scrutiny.

A leaked training video meant for law enforcement clients, obtained by GREYJournal, features a senior Cellebrite employee advising customers to keep the methods they employ as discreet as possible: “Ultimately, you’ve extracted the data, it’s the data that solves the crime, how you got in, let’s try to keep that as hush hush as possible.” The identity of the employee remains undisclosed.

Legal professionals find this request troubling as it poses challenges to the fundamental requirement of transparency for judicial authorization of searches and the admissibility of evidence. Secrecy in such matters, experts argue, undermines defendants’ rights and compromises public interests.

Riana Pfefferkorn, a research scholar at Stanford University’s Internet Observatory, emphasized the significance of openness: “The results these super-secretive products spit out are used in court to try to prove whether someone is guilty of a crime.” She further stated that defendants and their representatives must be able to fully comprehend the inner workings of Cellebrite’s devices to ensure fair legal processes.

Hanni Fakhoury, a seasoned criminal defense attorney specializing in surveillance technology, emphasized that disclosure is essential to assess the legality of evidence collection: “The reason why that stuff needs to be disclosed is the defense needs to be able to figure out ‘was there a legal problem in how this evidence was obtained? Do I have the ability to challenge that?'”

The Cellebrite employee in the leaked video contends that revealing the technology’s application could aid criminals and impede law enforcement efforts. They argued that safeguarding the knowledge of their capabilities is paramount to prevent criminals from adapting to more complex defenses.

In response, Cellebrite spokesperson Victor Cooper maintained the company’s commitment to ethical law enforcement and emphasized their adherence to lawful use and due process. Cooper stated, “We do not advise our customers to act in contravention with any law, legal requirements or other forensics standards.”

The Electronic Frontier Foundation (EFF) expressed concerns that Cellebrite’s approach facilitates a global environment where various entities exploit vulnerable devices for unauthorized activities. EFF staff attorney Saira Hussain and senior staff technologist Cooper Quintin warned that this practice enables authoritarian regimes, criminal organizations, and cyber mercenaries to compromise privacy, silence opposition, and commit crimes.

Cellebrite’s insistence on secrecy is not unprecedented. Government contractor Harris Corporation, which produced the cellphone surveillance tool “stingrays,” has previously required law enforcement agencies to sign non-disclosure agreements, raising ethical and legal concerns.

The leaked training video highlights Cellebrite’s efforts to emphasize confidentiality, cautioning users against sharing information related to the technology’s capabilities. It also underscores the necessity of securing physical components and written documentation to preserve the technology’s integrity.

However, critics argue that transparency is paramount in ensuring the legality and accountability of evidence collection methods. Disclosure enables defendants to challenge evidence fairly and upholds the principles of justice.