Authorities in Jordan appear to be using an Israeli digital tool to extract information from the mobile phones of activists and protesters who have been critical of Israel and spoken out in support of Gaza, according to a new report by the Citizen Lab.
A multiyear investigation found with high confidence that Jordanian security authorities have been using forensic extraction tools made by Cellebrite against members of civil society, including two political activists, a student organizer, and a human rights defender, the researchers said.
When Cellebrite’s tool is deployed by authorities who have physical access to a mobile phone, it can extract data including photos, videos, chats, files, saved passwords, location history, wifi history, phone usage records, web history, social media accounts and in some cases data that a user has attempted to delete.
The Citizen Lab, which investigates digital threats against civil society, said its forensic investigation of devices that were previously seized by authorities in Jordan, as well as court records shared with researchers, indicate that the use of Cellebrite by authorities “likely violated human rights treaties Jordan has ratified”. Under the international covenant on civil and political rights (ICCPR), Jordan is required to comply with strict limits on the targeting of political dissidents and civil society with surveillance technology.
Researchers said they analyzed four mobile phones between January 2024 and June 2025 that belonged to members of Jordanian civil society who had been detained, arrested or interrogated by authorities, and that all had been subjected to forensic extraction using Cellebrite.
The names of individuals who were targeted were not released because the individuals feared reprisals. In one case described in Citizen Lab’s report, researchers said they analyzed the iPhone of a political activist whose device was seized after an interrogation by Jordan’s general intelligence department, and that the phone remained in their custody for 35 days.
In another case, a student activist refused to provide a passcode to their phone to officers, who then unlocked it using Apple’s Face ID while holding it up to the activist’s face. The person was taken to prison the next day. Upon their release, the activist was given their phone back but found their passcode written on a piece of tape that had been stuck to the back of the phone. An analysis of the device later found that it had been connected to an external device that was attributed to Cellebrite, and was also connected to a cybercrime unit in Amman while it was in the custody of authorities.
In a statement to the Guardian, a spokesperson for Cellebrite said that unlike spyware made by companies like NSO Group, the company’s technology is forensic in nature and used to “access private data only in accordance with legal due process or with appropriate consent to aid investigations legally after an event has occurred”.
“The company vets potential customers against internal human rights parameters, leading us to historically cease business in jurisdictions where risks were deemed incompatible with our corporate values,” the spokesperson said. The company added: “We take seriously all allegations of potential misuse of our technology in ways that would run counter to both explicit and implied conditions outlined in our end-user agreement. Once solid information is shared with Cellebrite, we review the allegations and take proactive precise steps to investigate each claim in accordance with our ethics and integrity policies.”
The Jordanian government did not respond to a request for comment.
Cellebrite products have reportedly been used to target members of civil society in other parts of the world, including in Myanmar and Botswana. There have also been indications of its use in Serbia and Belarus.
