Trump Reinstates Contract with Israeli Spy Firm with Sweeping Powers. By: Maryam Qarehgzolu
Donald Trump’s administration has quietly reinstated a contract with the previously banned Israeli spyware company Paragon Solutions, granting Immigration and Customs Enforcement (ICE) unprecedented access to hack into any mobile phone, including encrypted apps.
By: Maryam Qarehgzolu
The decision, published last Saturday on an official U.S. government procurement website, has set off alarms among human rights organizations and digital freedom advocates in the country.
They warn that the measure, authorized by the Trump administration, strengthens the offensive cyberespionage industry and accelerates repression against immigrants — policies that have already included pretrial imprisonment, separation of families and deportations to third countries.
Paragon was founded in 2019 in the occupied Palestinian territories by Ehud Schneorson, commander of the feared Israeli cyber espionage unit, Unit 8200, with the backing of then-Prime Minister Ehud Barak.
In September 2024, under Joe Biden’s administration, the Department of Homeland Security (DHS) signed a $2 million contract with Paragon.
However, the agreement was quickly suspended and placed under review to ensure compliance with the March 2023 executive order limiting the use of commercial spyware by the U.S. government.
The order expressly prohibited the acquisition of tools that posed “significant counterintelligence or security risks to the U.S. government or significant risks of misuse by a foreign government or individual.”
How did ICE’s contract with Paragon get reinstated?
For several months, the contract remained frozen. But just two months after the suspension order was issued, Florida-based private equity firm AE Industrial Partners acquired Paragon and merged it with Virginia-based intelligence contractor REDLattice, opening the way for the reinstatement of the deal.
With this acquisition, Paragon was classified as a domestic supplier rather than a foreign one, as it was under U.S. ownership. According to multiple reports, the company has also forged close ties with former CIA officials and senior U.S. military commanders.
Independent journalist Jack Poulson revealed in his Substack that John Finbarr Fleming, former deputy director of the CIA for Korea, took over as executive chairman of Paragon’s U.S. subsidiary in January 2024, months before the public announcement of the acquisition, according to his LinkedIn profile.
Similarly, Andrew G. Boyd, who led the CIA’s Cyber Intelligence Center until mid-2023, joined the board of REDLattice in October 2023.
Just two months earlier, former U.S. Army Chief of Staff James McConville had also become part of REDLattice’s management team.
The Joint Special Operations Command (JSOC), the U.S. military’s so-called elite unit for counterterrorism and direct action operations, which works closely with the CIA, has declared more than $11 million in expenditures earmarked for REDLattice products.
Procurement data shows that $6 million of that sum was allocated on July 18 alone, reflecting the U.S. military’s deep reliance on these technologies.
With the lifting of the ban, ICE has emerged as the contracting agency for the deployment of Paragon’s spyware.
Civil rights and human rights organizations warn that this effectively puts one of the most powerful covert cyberweapons ever created — a tool originally developed outside the U.S. — in the hands of an agency known for violating fundamental rights.
The reinstated contract includes a complete package: software licenses, specialized hardware, operator training, and ongoing maintenance.
How Does Paragon Spy Software Work?
When successfully deployed against a target, Paragon’s hacking software — called Graphite — is capable of infiltrating virtually any smartphone in the world.
Once the device is compromised, operators — in this case ICE — can not only monitor a person’s physical movements, but also read text messages, view stored photographs, and extract content from encrypted apps like WhatsApp and Signal.
The software can even hijack the phone’s microphone and turn it into a real-time listening device.
The company claims that Graphite is an “ethical alternative” to spyware such as NSO Group’s Pegasus, which in 2021 was embroiled in an international scandal after it was revealed that it had been used by governments to spy on journalists, dissidents and even heads of state.
In response, the U.S. Department of Commerce blacklisted NSO in 2021, prohibiting U.S. companies from supplying it with technology.
In 2022, Citizen Lab at the University of Toronto, a Canadian tech organization, revealed that Israel’s Pegasus spyware had infected computers used by staff in the British prime minister’s office, despite the fact that the UK is one of Tel Aviv’s closest allies.
Paragon has tried to differentiate itself from NSO Group, claiming that it only does business with so-called “democracies.”
Despite its proclaimed “ethical” standards, the company has failed to offer transparency.
It also maintains that it has a zero-tolerance policy and that it breaks relations with governments that use spyware against members of civil society, such as journalists; however, it has not disclosed the list of its customers or detailed specific safeguards to prevent abuse of its technology.
How has Paragon targeted civil society?
In practice, Paragon’s technology has already been implicated in abuses against privacy and freedom of expression.
The company insists that its products are intended to “prevent organized crime and terrorist attacks,” but in the past its software has been used extensively to spy on innocent people.
Earlier this year, Graphite was linked to a spying campaign in Italy that targeted at least 90 journalists, migrant rights activists and even people close to Pope Francis.
Among the targets were human rights defenders who had been vocal critics of Italy’s “colonial project” in Libya.
Following public outrage, Paragon was forced to cut ties with the Italian authorities; However, the scandal increased scrutiny over his international activities.
In early 2025, Meta-owned WhatsApp announced that it had thwarted a massive hacking attempt using Paragon’s spyware. The campaign targeted about 90 people, including journalists, pro-immigration activists and members of civil society.
WhatsApp said it not only blocked the attack, but also sent Paragon a cease and desist letter, citing the precedent of its successful lawsuit against NSO Group.
Why does ICE’s acquisition of Graphite matter?
ICE, as the main investigative arm of DHS, has been harshly criticized for its aggressive approach to U.S. immigration enforcement under the current administration.
Since Trump returned to the White House in January, the agency has been at the center of controversy over family separation, reported abuses in detention centers and mass deportation operations that human rights organizations call human rights violations.
According to US media, the administration has allocated 170 billion dollars to implement Trump’s immigration policy, setting a daily target of 3000 arrests for the authorities.
To reach this goal, ICE is recruiting 10,000 agents, offering hiring bonuses of $50,000.
DHS has already taken steps such as increasing surveillance of immigrants’ social media accounts, and reports have emerged of plans to use various technologies to track hundreds of thousands of immigrants.
Adding Graphite to ICE’s technological arsenal could allow it to monitor migrant communities more deeply than ever before, as well as track activists, journalists, or political adversaries.
These concerns are especially acute given Trump’s increased efforts to crack down on pro-Palestinian activism on college campuses.
In March, Secretary of State Marco Rubio announced the revocation of the visas of at least 300 international students accused of “destabilizing” universities, a move widely condemned as politically motivated.
ICE already has contracts with large surveillance firms such as Palantir and Babel Street.
Palantir is a CIA-backed tech giant that collaborates in Israel’s genocidal war on Gaza using artificial intelligence targeting systems. Babel Street provides Babel X, an AI-powered surveillance platform.
Earlier this year, human rights organizations revealed that Palantir’s Babel X and Immigration OS have automated capabilities that allow for constant mass surveillance and screenings of individuals, often for the purpose of persecuting non-U.S. citizens, which also poses risks to those who speak out in favor of the rights of the Palestinian people.
Reactions of rejection
Graphite’s hacking capabilities take surveillance to an unprecedented level and increase the risk of illegal and arbitrary arrests amid the ongoing crackdown on pro-Palestine activists, migrants, refugees and asylum seekers in the US, experts warn.
Digital rights groups also warned that Trump’s policies, along with the renewal of the contract with Paragon, show that the U.S. is reversing its previous attempts to regulate the spyware industry and that, instead of setting global standards of accountability, Washington is normalizing abuses.
They warn that this represents a “profound threat to freedom of expression and privacy”.
John Scott-Railton, a senior fellow at the University of Toronto’s Citizen Lab and one of the world’s leading experts on spyware abuse, said in a statement that these tools “were designed for dictatorships, not democracies built on freedom and the protection of individual rights.”
“The invasive and secret power of hacking is corrupting. That is why the list of spyware scandals in democracies is growing, including Paragon’s Graphite,” he said, referring to the controversy in Italy.
Sen. Ron Wyden (D-Ore.) expressed his alarm in an email to reporters, confirming that he has requested a detailed report from ICE.
“ICE is already shredding due process and ruining lives in its rush to lock up children, cooks, and firefighters who pose no threat to anyone,” Wyden wrote.
“I am extremely concerned about how ICE will use Paragon’s spyware to continue trampling on the rights of Americans and anyone Donald Trump deems an enemy,” he added.
Michael De Dora, head of U.S. policy at digital rights organization Access Now, said Paragon’s overseas record should set off alarm bells in Washington.
“Paragon’s technology has been misused by other governments around the world to target human rights defenders and political dissidents alike… Americans should be deeply concerned about how the administration might use this new tool for purposes of domestic repression, and the administration should also be very cautious,” De Dora warned.
The Electronic Frontier Foundation (EFF), the leading nonprofit in the U.S. dedicated to defending digital freedoms, echoed these concerns in a post in X, stating that ICE’s contract with Paragon “is extremely alarming.”
“Without strong legal safeguards, there is a legitimate risk that such intrusive and powerful tools will be misused again,” he warned.
