Highly invasive spyware and other rights-threatening surveillance technologies have been used to target human rights defenders, journalists and other members of civil society worldwide, as documented by an ever-growing body of research. Unfortunately, technical obstacles inherent in forensic investigations and a culture of secrecy surrounding the sale and transfer of surveillance tools keeps civil society and human rights defenders in the dark about the full extent of their deployment or use.
This research provides a case study on how one country, Indonesia, is relying on a murky ecosystem of surveillance suppliers, brokers and resellers that obscures the sale and transfer of surveillance technology. The investigation also showcases the continued failure of multiple countries to regulate and provide transparency on the exports of dual-use technologies, such as spyware, and the non dual-use hardware that hosts the spyware or surveillance technology which pose serious human rights risks.
This months-long investigation by Amnesty International’s Security Lab, in collaboration with Haaretz, Inside Story, Tempo, WAV research collective and Woz into the global surveillance trade has found evidence of extensive sales and deployment of highly invasive spyware and other surveillance technologies in Indonesia-sourced from Israel, Greece, Singapore and Malaysia between 2017 and 2023. Surveillance suppliers whose products are identified in Indonesia in this research include Q Cyber Technologies (linked to NSO Group), the Intellexa consortium, Saito Tech (also known as Candiru), FinFisher and its wholly-owned subsidiary Raedarius M8 Sdn Bhd, and Wintego Systems.