How Little We Know About Spyware Makers' Government Ties

Vas Panagiotopoulos is a fellow at Tech Policy Press.

In a recent report, we looked into NSO’s lobbying efforts and how these provide a stark case study of how spyware firms deploy vast resources to influence government and democratic decision-making in pursuit of their commercial interests.

However, NSO is not alone. A number of other commercial spyware companies – including Paragon Solutions, Candiru/Saito Tech and the Intellexa Alliance – have sought to influence government in recent years by hiring lobbying, law and PR firms and other external consultants.

These consultants have attempted to reverse trade restrictions, lift visa bans, advise on US and European market strategies, and assist in formulating spyware companies’ human rights policies. In this second ‘spyware lobbying’ installment, we take a closer look at this activity.

This is important, as influencing democratic decision-making through lobbyists and consultants is prohibitively expensive, putting it out of reach for ordinary citizens and leaving it largely to powerful actors – such as the commercial spyware industry – whose interests often diverge from the public and have been shown to harm human rights and national security.

Here are some key recent examples of commercial spyware vendors engaging external consultants:

Paragon used external consultants to remain in Washington’s ‘good graces’

Paragon Solutions, which signed a $2 million deal with US Immigration and Customs Enforcement (ICE) in 2024 – reactivated in 2025 for use in drug trafficking cases – is one of several spyware vendors that have engaged in government lobbying.

Between 2023 and 2025, Paragon retained Washington, DC–based consultancy Holland & Knight. According to lobbying disclosure filings, this involved a minimum total lobbying spend of $380,000 across 2023, 2024 and 2025. Intelligence Online points out that Holland & Knight enjoys a “good track record in avoiding sanctions” and that Paragon’s campaign objective was to remain in the US government’s “good graces.”

Indeed, right from its inception, Paragon sought to position itself as an ‘ethical’ surveillance technology provider. In 2019, as it was developing its flagship tool, Graphite, Paragon enlisted WestExec Advisors, a prominent Washington, DC, consulting firm cofounded by former US secretary of state Antony Blinken, to advise on its “strategic approach to the US and European markets,” as well as well as “the formulation of its industry-leading ethical commitments designed to ensure the appropriate use of its technology,” a company executive told The Financial Times. 

Very quickly, Paragon’s ethics credentials came into question, as the company became embroiled in early 2025 in a high-profile scandal in Italy that involved the targeting of journalists, activists and top business people among others and led the company to cut ties with its Italian customers.

In late 2024, Paragon was bought by US private equity giant AE Industrial Partners. It's worth pointing out that AE Industrial is itself registered for lobbying and its 2025 lobbying spend amounted to $1.1 million.

Candiru hired lobbyists to lift US trade restrictions

Israeli spyware firm Candiru, whose technology has been used to target civil society globally and was placed alongside NSO Group under trade restrictions by the Biden administration in 2021, has also been lobbying the government.

Candiru, which has been renamed to Saito Tech, enlisted between 2021 and 2024 the services of Washington law firm Arent Fox to be “removed from BIS Entity List and to obtain items subject to US export controls,” according to lobbying disclosure filings (LD-1).

The firm also enlisted the services of lobbying firm Bridge Public Affairs between April and September 2022 for the same purposes.

In April 2025, Candiru was acquired by US firm Integrity Partners in a $30 million deal to “bypass US sanctions,” according to Israeli technology media Calcalist.

At the time of writing, the spyware vendor remains on the BIS Entity List and the regulatory effects of this deal remain to be seen.

Intellexa Alliance consultants were active on both sides of the Atlantic

France’s Nexa Technologies, a company that a joint civil society-media 2023 investigation revealed to have sold Predator spyware to repressive regimes including Egypt, Vietnam, and Madagascar, has also retained Washington-based consultants.

Between at least March and October 2022, Nexa retained law firm Hogan Lovells to respond to calls by more than a dozen Democratic lawmakers urging the Biden administration to sanction Nexa and three other cyber-surveillance firms.

Nexa – now rebranded as RB 42 – was part of the Intellexa Alliance, the network of companies involved in developing and selling Predator spyware. The alliance was linked to the wider Intellexa Consortium, which was eventually sanctioned by Washington in March 2024 for using Predator to “covertly surveil US officials, journalists, and policy experts”.

“Nexa has never designed or sold any spyware, and had no capitalistic links to Intellexa. Nexa activities have been sold to another French company and the company is terminated,” RB 42 told Tech Policy Press in a written statement.

In December 2025, as the Trump administration eventually lifted sanctions on three officials linked to Intellexa, Bloomberg reported that some of these Intellexa-linked executives were represented by the law firm Ferrari & Associates, although it did not specify which individuals.

Over in Europe, Intellexa recruited former coordinator of Germany’s secret service Bernd Schmidbauer, who actively represented the company to German authorities in 2021-2022, according to Die Welt newspaper.

In late 2021 to early 2022, Schmidbauer contacted Arne Schönbohm, head of the Federal Office for Information Security (BSI) at the time, to arrange a meeting with Intellexa, which was to be attended by its vice-president, Ehud Olmert, though the meeting ultimately did not take place, Die Welt notes.

In February 2022, Schmidbauer also approached the president of ZITiS (an infosec authority) to organize an Intellexa presentation, according to the same report. Additionally, his contact with the vice-president of the Federal Office for the Protection of the Constitution (BfV) reportedly led to a presentation to BfV personnel in early July 2022.

Intellexa executives appear to have also met with European lawmakers alongside legal consultants. The chair of the PEGA Inquiry Committee, Jeroen Lenaers, has declared a meeting with Intellexa and the leading Israeli law firm Meitar taking place in his European Parliament office in Brussels on 30 March 2023. The declared subject is “PEGA report and recommendations.” It is unclear whether Meitar had been engaged by Intellexa.

Other spyware firms’ lobbyists

Israeli cyber-intelligence firm Cognyte retained the Vogel Group – whose clients have also included NSO – between March and June 2022 to work on “issues relating to cybersecurity policy,” according to lobbying disclosure filings.

Cognyte was among seven “surveillance-for-hire” firms that Meta removed in December 2021 for using Facebook to target at least 50,000 individuals across 100 countries. The company has also faced significant accusations regarding its involvement in human rights abuses through the sale of surveillance technology to authoritarian regimes, including Myanmar, prior to the coup.

Interionet Systems, a company identified by the Atlantic Council as a developer of “malware for internet routers” and noted for compromising Internet of Things (IoT) devices such as video surveillance cameras, enlisted the services of the lobbying firm Goodland Advisors between January and June 2025.

Only a snapshot

It should be noted that this non-exhaustive overview focuses on known commercial spyware vendors – particularly those publicly associated with human rights abuses – and does not include the lobbying activity of key ‘Five Eyes’ or European surveillance technology providers such as L3 Harris, BAE Systems and Thales, digital forensics providers like Cellebrite, or other lawful interception providers.

Although the picture is far from complete, our ‘spyware lobbying’ series offers a rare snapshot of these companies’ efforts to influence political decision-making in pursuit of their commercial interests.

Still, our understanding of this lobbying activity remains severely constrained. Much of what is publicly known about NSO Group’s lobbying efforts comes from Foreign Agents Registration Act (FARA) filings. Lobbyists representing foreign commercial interests – when their work is not intended to benefit a foreign government or political party – may be exempt from FARA and instead register under the Lobbying Disclosure Act (LDA).

However, the LDA does not require disclosure of specific meetings and is, overall, far less transparent than FARA. As a result, the examples above – primarily based on LDA filings – reveal little about the targets of lobbying efforts, let alone the substance of meetings or other outreach, and, most importantly, their potential impact on policy and government decisions. Transparency is even more limited under the voluntary lobbying disclosure regime in Brussels.

Given the documented harms to human rights and national security associated with commercial spyware – and with the Trump administration’s stance on the issue remaining somewhat unclear – civil society, journalists, and researchers should continue to closely monitor the efforts of the spyware industry to shape policymaking and regulation, reverse trade restrictions, lift sanctions and visa bans.

Paragon Solutions, Saito Tech, Cognyte, Interionet Systems and Jeroen Lenaers did not reply to Tech Policy Press’s request for comment before publication.