Paragon Solutions Refuses Cooperation With Italian Prosecutors Over Graphite Spyware Case

Italian prosecutors are still waiting for cooperation from Paragon Solutions in a spyware case that began after WhatsApp and Apple notified people in Italy that their phones had been targeted with government spyware.

“Reacting to the publication of a Citizen Lab report identifying multiple cases involving the use of Paragon's spyware against journalists and human rights defenders in Italy, Donncha Ó Cearbhaill, head of Amnesty International's Security Lab, said: "The worrying discovery of Paragon's intrusive Graphite spyware against human rights defenders and journalists in Italy illustrates the scale of the digital surveillance crisis across Europe”

Amnesty International

TechCrunch reports that WhatsApp pointed the finger at Paragon as the provider of technology for a hacking campaign that targeted around 90 people around the world with its “Graphite” spyware, and that victims then filed criminal complaints with Italian authorities.

Amnesty International

Wired Italy is cited by TechCrunch as saying Italian prosecutors sent a formal request for information to Paragon, via the Israeli government, but “a year after the investigations were opened, the company has yet to respond.”

TechCrunch adds that Paragon publicly called out the Italian government, claiming it refused the company’s offer to investigate whether a journalist was hacked and spied on with its Graphite spyware, and that Paragon canceled its contract with Italy’s two spy agencies, AISE and AISI.

The same TechCrunch report says Paragon, the Israeli embassy in Washington, D.C., and the prosecutors’ offices in Rome and Naples “did not respond to TechCrunch’s request for comment.”

In parallel, Wired Italia’s investigation as described by “Wanted in Rome” says the conclusion is “unambiguous: Paragon Solutions, the Israeli company that makes Graphite, has provided no useful cooperation to Italian justice.”

The “Wanted in Rome” account also states that “more than a year after Italian magistrates sent formal requests to Israeli authorities,” prosecutors are still waiting “for anything at all,” including “not for partial answers, not for redacted documents, not for a meeting.”

The Paragon “Graphite” spyware case in Italy centers on journalists and human-rights defenders who received alerts after attempted intrusions, and on the question of whether Italian intelligence services used the tool.

Amnesty International Italia says that Ciro Pellegrino, a journalist of Fanpage.it, “si aggiunge alla lista” of Italian journalists and human-rights defenders targeted with Graphite, and it lists other names including Francesco Cancellato, Luca Casarini and Giuseppe “Beppe” Caccia, as well as David Yambio.

Amnesty International Italia

Amnesty International Italia also says that after publication of an Italian parliamentary report confirming Graphite’s use by internal and external secret services, Paragon announced it had “annullato il contratto con l’Italia,” and that the decision followed the authorities’ refusal to use a technical process to verify whether spyware was used against Francesco Cancellato.

It adds that Copasir responded denying it had been informed of a proposed collaboration advanced by Paragon to investigate what happened to Cancellato.

Wired describes a broader European context in which dozens of Italian users were alerted by Apple and Meta that they were targets of a spyware attack, and it names journalists Francesco Cancellato and Ciro Pellegrino as well as activists.

Wired also reports that COPASIR found Graphite was used by Italy’s intelligence to spy on two Mediterranea Saving Humans activists, Luca Casarini and Giuseppe Caccia, and David Yambio, a spokesperson for Refugees in Libya.

Amnesty International’s Security Lab head Donncha Ó Cearbhaill said the “worrying discovery” of Graphite against human-rights defenders and journalists in Italy “illustrates the scale of the digital surveillance crisis across Europe.”

Amnesty International Italia further states that the Citizen Lab identified Ciro Pellegrino and another journalist who chose to remain anonymous as “le ultime vittime” of Graphite, and it quotes Elina Castillo Jiménez saying that the discovery “conferma l’uso sempre più diffuso e sistematico” of these tools.

As the Paragon case drags on, European lawmakers are trying to create new oversight mechanisms while Italian prosecutors continue to pursue information from abroad.

“A notification, a sound on the screen, a message that looks like a scam”

IrpiMedia

Wired reports that the first demands of a new European Parliament intergroup dedicated to spyware software are to be presented on January 21 in Strasbourg, and it describes an “informal inquiry committee” against abuses promoted by Sandro Ruotolo, with Saskia Bricmont, Krzysztof Brejza, and Veronika Cifrová Ostrihoňová joining.

Wired quotes Ruotolo telling the outlet, “It is unacceptable that the government refuses to clarify,” and it frames the Paragon case in Italy as urgent because “Dozens of Italian users were alerted by Meta and Apple because they were targeted by spyware, and many more are not yet aware of it.”

Wired also describes the precedent of the Pega inquiry committee, which concluded in June 2023 with recommendations addressed to the Council and the European Commission to limit state use of spyware in Europe to 'exceptional and specific cases,' and it quotes the document’s condemnation of use to 'monitor, blackmail, intimidate, manipulate and discredit the opposition, critics and civil society, eliminate democratic oversight and press freedom, manipulate elections and undermine the rule of law.'

In the same Wired report, Ruotolo says, “The repeated scandals point to an extended phenomenon: a network of political, commercial, and military surveillance that spans Europe and undermines press freedom and fundamental rights,” and he adds that “Illegal spying is something of regimes and a sign of a deep democratic regression.”

Wired says the intergroup’s first formal request will be to follow up on the Pega recommendations, while also emphasizing a political and cultural goal to raise awareness and encourage victims who received notifications from Apple and Meta to testify.

Meanwhile, Amnesty International’s Security Lab says national and European authorities have not taken effective action despite repeated scandals in Serbia, Spain, Greece, Poland, Hungary, and now Italy, and it argues that “Europe’s lax regulation of the surveillance industry fuels the global spyware crisis.”

Amnesty International also states that the European Commission has not implemented recommendations of the European Parliament's inquiry committee formulated more than a year ago regarding Pegasus and other surveillance spyware (PEGA Commission).

Multiple reports describe the Paragon case as a problem of cooperation that extends beyond corporate refusal into questions about how Israeli authorities handle requests.

TechCrunch says it is unclear why Paragon has not responded to the prosecutor’s request and suggests “It’s possible that the Israeli government intervened,” while also pointing to a 2024 Guardian report that “Israeli government seized documents from NSO’s office to prevent the company from complying with demands in the lawsuit against WhatsApp.”

mezha.net

TechCrunch also quotes Israeli human rights lawyer Eitay Mack to Wired Italy, saying the Israeli government could force local companies to cooperate with foreign judicial requests for information, “but this has never happened.”

The “mezha.net” local report similarly says it remains unclear why Paragon did not respond and states there “may have been influence from the Israeli government,” then repeats Mack’s line that “The Israeli government can compel local companies to cooperate with foreign requests for information, but this has never happened.”

“Wanted in Rome” goes further by characterizing the lack of cooperation as reflecting “the Israeli government's broader policy of treating its surveillance technology industry as a strategic national asset, shielding companies it considers sensitive from foreign legal scrutiny.”

It describes a cycle in which “Spyware is deployed, infections are discovered, investigations are opened, requests are sent, and nothing comes back,” and it says this pattern leaves victims without technical confirmation and courts without evidence needed to establish responsibility.

Wired adds that the Paragon case is part of a wider European problem in which “The promised transparency proved to be a bluff,” and it quotes Ruotolo saying “The repeated scandals point to an extended phenomenon” of surveillance undermining press freedom and fundamental rights.

Amnesty International Italia frames the issue as a “grave violazione delle norme internazionali” and says the lack of transparency and collaboration raises “forti preoccupazioni” about Italy’s commitment to the process of Pall Mall and its code of conduct for states.

The sources describe immediate next steps that range from continued Italian investigations to new European oversight efforts and calls for victims to come forward.

“Last year, WhatsApp and Apple notified several people in Italy, including journalists and activists, that they had been targeted with government spyware”

TechCrunch

TechCrunch says prosecutors in Rome and Naples are jointly investigating the case and that Paragon, the Israeli embassy in Washington, D.C., and the prosecutors’ offices “did not respond to TechCrunch’s request for comment,” leaving the information request unanswered.

TechCrunch

“Wanted in Rome” says “Italian magistrates are continuing their work,” and it emphasizes that they “have the infections, they have the victims, and have the formal requests sitting unanswered in Tel Aviv,” while lacking “the technical cooperation that would allow them to build a complete picture of what happened, who authorised it, and who is responsible.”

Wired reports that the European Parliament intergroup’s first formal request will be to follow up on the Pega recommendations, and it quotes Ruotolo urging that “Those who have received notifications from Apple and Meta should not be afraid to testify.”

Amnesty International Italia urges Italian authorities to “rendere pubblici tutti i dettagli relativi a queste operazioni di sorveglianza” and to “attivare percorsi concreti di riparazione chi ne è stato colpito,” warning that when governments do not respond adequately to credible abuse denouncements they send a “pericoloso messaggio di impunità.”

Amnesty International’s Security Lab adds that “It is almost certain that civil society research will reveal additional victims,” and it says the tool “cannot be subject to independent oversight” and “must be banned.”

The Amnesty International report also ties the Paragon case to a broader pattern, noting that “Last month, WhatsApp informed 90 people that they had been targeted by spyware,” and it says reports confirmed that most victims were journalists and human-rights activists.

In Italy, Amnesty International Italia says Copasir’s report confirmed Graphite use by secret services to target activists while denying targeting of Francesco Cancellato, and it states that the committee “ha negato che il direttore di Fanpage.it Francesco Cancellato fosse stato preso di mira.”