Spyware maker cuts ties with Italy after government refused audit into hack of journalist’s phone

The spyware manufacturer Paragon said Monday that it has ended its contract with Italy because a special government committee investigating alleged abuses there declined to let the company independently verify that Italian authorities did not hack into the phone of a well-known journalist.

"The company offered both the Italian government and parliament a way to determine whether its system had been used against the journalist," Paragon said in a statement issued to the Israeli publication Haaretz. Because Italian authorities “chose not to proceed with this solution, Paragon terminated its contracts in Italy,” the company said.

Last Wednesday, the Parliamentary Committee for the Security of the Republic (COPASIR) approved its report, which acknowledged that Italian foreign and domestic intelligence services used Paragon’s spyware product, Graphite, to target phones belonging to civil society activists.

The committee found no evidence the surveillance technology was used against journalist Francesco Cancellato, the report said. Cancellato — known for an investigative report documenting ties between Prime Minister Giorgia Meloni and young Italian fascists — is among about 90 WhatsApp users who Meta notified about spyware targeting in January. 

COPASIR said it searched the intelligence agencies’ databases for Cancellato’s number and did not find it. The report also said there is no evidence that Italian officials asked for permission to spy on Cancellato.

A spyware manufacturer has never before publicly acknowledged terminating a contract with a government client due to abuse.

A spokesperson for Israel-based Paragon declined to comment beyond the statement it provided to Haaretz.

Spokespersons for the Italian Parliament and the prime minister’s office did not immediately respond to requests for comment.

Several Italian news outlets reported Monday that the government’s Department of Information for Security (DIS), which oversees Italy’s intelligence agencies, has stated it rejected Paragon’s offer to check Graphite system logs because they are “invasive practices, unverifiable in scope, results and method and, therefore, not compliant with national security requirements.”

Two WhatsApp users contacted by Meta, activists Luca Casarini and Giuseppe Caccia, came forward earlier this year to reveal they were among those targeted. The men work for a a nonprofit that rescues migrants attempting to enter Italy by sea. 

Casarini and Caccia were targeted legally because of their alleged role fueling illegal immigration, COPASIR’s report said.

Activists who document and crusade against government abuses of spyware worldwide said Paragon’s statement undercuts the report’s legitimacy.

The fact that the intelligence services were “offered help from Paragon and the committee which conducted the inspection at the offices of DIS either did not know about this or knew and omitted it puts the comprehensiveness and the conclusions of the report under question,” said Natalia Krapiva, senior tech counsel at the digital freedoms nonprofit Access Now.

In February, Cancellato told Recorded Future News the attack on his phone has been devastating.

“It affects a lot of things,” he said. “It affects my ability to do my job. I don't know how many people will rely on me from now on.”

On Friday, Cancellato published a column saying “there are a lot of things in that report that don't add up.”

“Case closed? Not even a little.”