Taylor Lorenz’s Power User - ICE can now hack your phone without you knowing
Episode Date: September 5, 2025SUPPORT ME ON PATREON: https://www.patreon.com/c/taylorlorenzBuy a subscription to my Tech and Online Culture newsletter, User Magazine to support my work!!!! 🙏 https://www.usermag.co ICE agents w...ill soon have access to one of the world’s most sophisticated hacking tools thanks to a government contract with Paragon Solutions, an Israeli spyware company that lets people hack into any mobile phone without the person even clicking a link or opening a document. The new agreement between Paragon and ICE gives ICE access to the Israeli spyware platform, Graphite. Once Graphite infects your phone it can see everything you do on your phone, even stuff on encrypted apps, and you wouldn't even know it's there. I break down what that means for activists, journalists, dissidents, and how Paragon is already rolling out in other countries across the world. I also discuss how to keep yourself as safe as possible from this new tech. Follow me:https://www.instagram.com/taylorlorenz https://www.instagram.com/taylorlorenz3.0 https://www.tiktok.com/@taylorlorenz
Transcript
Discussion (0)
Imagine the government being able to break into your phone without you doing anything at all.
You don't have to click a link or open a file.
Just getting a text message can be enough.
Once the spyware has infected your phone, they have access to everything.
Your messages, email, photos, real-time location, and even messages on encrypted apps.
This new spyware uses what are called zero-click exploits, and it's a sprawling multi-million dollar industry.
Now, the U.S. government is buying this exact type of tech.
Welcome back to Free Speech Friday, my series covering the fight for free expression and civil liberties online.
Just this week, it was announced that U.S. Immigrations and Customs Enforcement officials, aka ICE agents, will soon have access to one of the world's most sophisticated hacking tools, thanks to the Trump administration lifting a hold on a government review of a contract with Paragon Solutions, a company founded in Israel that makes spyware that can hack into any mobile phone, including any application, even encrypted.
apps. This new agreement between Paragon and ICE gives ICE access to the Israeli spyware's platform
Graphite. Unlike old school wiretap programs, graphite doesn't need to break the math behind
encryption. Instead, graphite infects a phone directly and once it's inside, it can see your messages
before they're scrambled into encryption. Or right after they've been unscramble to display on your
screen. This means photos, texts, calls literally everything, including the microphone on your phone
can be exposed. Paragong software turns every single personal cell phone into a surveillance gadget
working against the person that owns it. Now, this ICE Paragon deal has had a very strange
journey. The contract was initially signed in late 2024, but then it was quickly put on hold by the
White House because the Biden administration had sort of made a show of limiting federal use
of commercial spyware. In fact, in March 20203, President Biden signed an executive order called
14093 designed to restrict agencies from buying tools that pose national security risks or have been
used to target dissidents, journalists, and U.S. personnel abroad. The contract with Paragon looked like
an early test of whether they would basically be enforcing these rules or whether this was
just another meaningless declaration for the government. So for almost a year, it's been sitting
basically under review. Now, just this week, it's been announced that the pause was lifted quietly
and the deal went live.
ICE's cyber unit,
Homeland Security Investigations,
suddenly had access pretty much overnight
to one of the most powerful spyware systems
on the entire planet.
Now, Paragon is often compared to the NSO group,
the Israeli company behind Pegasus,
which is the world's most famous spyware.
Pegasus became really famous initially back in 2016,
but then again in 2021 with the Pegasus papers,
when watchdog groups found the spyware
on the phones of journalists, activists,
and even heads of state.
Like Pegasus, Paragon Groups graphite
doesn't crack encryption on the wire.
It compromises the phone itself,
giving the person operating the spyware information
to messages, calls, etc.,
everything on your phone, basically.
So let's talk a little bit more about Paragon,
because I think this is a company
that not everybody has heard of,
and it hasn't really been in the news as much.
Like a lot of these spyware firms,
Paragon has ties to Israel's defense industry.
And just like NSO, it's graphical.
sci-white spyware has already been detected in the wild, according to researchers at Citizen Lab,
which is a very well-respected watchdog group. The University of Toronto actually published evidence
just earlier this year linking Paragon spyware to real-world infections of the phones on journalists in
Europe. Apple even sent threat notifications to some Paragon victims in April 2025,
alerting them that they had been targeted with state-sponsored spyware. Paragon suspended a contract with
Italy after reports surfaced that the tool had been used to spy on reporters. So I just want you guys to
realize that these aren't hypotheticals. Like this shows exactly how quickly spyware, no matter how
carefully it's like marketed, can and will be used against people who have nothing to do with
terrorism or national security. So this is now what ICE has access to. So when people say ICE can read
your texts, what they're saying is that if ICE wants, it can now target anybody with graphite.
And if they manage to infect that person's phone, which they don't really need approval for, right?
They could just go ahead and do it.
Suddenly, they can literally read everything from your messages on signal, WhatsApp, I message.
It's basically like they're looking over your shoulder and they're able to see everything
that you're doing on that device.
Now, I don't want that to just make you give up and say, oh, you know, what's the point
of using all these encrypted apps?
The government can just see and do anything anyway.
Like, why do I have to use encryption?
Encryption still does matter.
It stops like bulk interception and it keeps companies like meta or not.
your phone carrier from casually peeking into your conversations. So you do want to keep using encrypted
apps. But once your device is compromised by Paragon's graphite, encryption won't help, unfortunately.
Now, I do want to talk about some of the limitations of this new spyware. Tools like graphite are
not designed for mass surveillance. So each infection has to be deployed against a specific target,
often with a very tailored attack. That's why these government agencies tend to use them kind of sparingly.
cases that they consider high priority. Of course, sparingly is a completely relative word. ICE is a very
big agency with a very wide mandate that goes well beyond immigration enforcement. Homeland Security
Investigations, the unit that's getting access to graphite also works on things like smuggling,
drug cases, money laundering, cybercrime, and it has a terrible record of stretching its surveillance
powers in ways that go way beyond its original mission. For example, it's used customs summonses
basically these tools meant to narrow trade investigations to demand high amounts of information
from telecon companies, schools, and even just get people's health information. So giving agencies
like this spyware capable of burrowing into phones raises a lot of questions about sort of how
wide this net might eventually stretch. But it's important to note that like ICE can't just show up
to a protest and like deploy this spyware, you know, at scale to all like 200 people out of
protests. Like they would have to individually, in fact, each one of those phones. It's very cold
comfort, I know. And if you're wondering how on earth can they do all of this without a warrant,
the legal system is very murky. In principle, the Constitution requires a search warrant
for rummaging through someone's phone in principle. Courts have recognized that phones hold
privacies of life, meaning that they're different from old like filing cabinets or the trunk of a car.
If spyware captures live communications as they happen,
prosecutors also might need to obtain a wiretap order under Title III of the Wiretap Act,
which is slightly harder to get than a regular warrant.
But technology moves faster than any of the case law around this.
And judges just do not understand often what they're authorizing when they're authorizing it.
And there are a lot of gray areas like the so-called border searches,
where ICE and Customs and Border Protection claim much broader powers.
I talked about that in a previous video about what's going on right now in airports.
These claims are increasingly challenged in court, especially after the Supreme Court's carpenter ruling, signaled that digital records deserve more protection.
But this whole area of law is basically very far from settled.
And in the meantime, ICE is kind of doing whatever they want.
So there's also the executive order itself.
Biden's executive order, which barred federal agencies from using spyware that threatens national security or was misused against activists and journalists.
obviously Trump's in power now. And so, you know, it's an executive order that can be sort of quite
easily negated. And these agencies are also arguing right now that Paragon and Graphite have been
unjustly vilified by the media. You know, they say, well, you know, this is actually a really
useful vendor for us. They've cleaned up their act. Yes, this spyware has traditionally been used to
censor journalists and is being used to censor journalists around the world, but we would never
do something like that here. And what's happening in this case as well is ICE is arguing that this
particular use case that they need it for right now doesn't fall under the ban. So that's probably
how ICE got this contract with Paragon approved. So how worried should the average person be?
Because I know all my videos are kind of like scary and I'm like everyone's spying on your phone.
They can see everything. Most Americans are not targeted in these schemes, right? Most like naturalized
Americans or people that are born here, they're not going to be targeted by graphite. And the cost of
deploying it on, you know, hundreds of millions of citizens is unrealistic. Although I'm
the government would love to eventually roll that out. But anyone doing anything like immigrants,
rights organizing, journalists, content creators, lawyers, even doctors serving vulnerable communities,
local vendors even, anybody that might have contact with an undocumented person,
their risk is very real. And even if you're not a direct target, spyware often sweeps people
up around the person being watched. So if ICE hacks the phone of an activist, every one of their
contacts, chats, and private groups might be exposed. So there's this big ripple effect. And of course,
once this spyware is on your phone, it's going to stay on your phone. And so the pool of people
that will have their information exposed just grows and grows and grows. So this ripple effect is
exactly what fuels the chilling of speech. When journalists suspect that their phones might be
compromised or activists suspect that the government is spying on their text messages, they're going
to change how they communicate with vulnerable people or groups. Imagine a reporter cover
conditions inside an ICE detention center. If they worry that their texts with whistleblowers
could be intercepted, they might not reach out or be able to pursue that story or it would water
down their reporting because they don't want to put someone at risk. So just the possibility
of surveillance is often enough to quell activism and journalism. And that's really terrifying. So many
extremist governments and authoritarian regimes rely on this broader chilling effect. Like,
It's people knowing that they will be watched, not necessarily that they are targeted, but that they could be targeted.
So they sort of proactively change their own behavior and like pre-compli with authoritarianism.
Aside from the immigrants themselves, I do think that community organizers working with immigrants will face significantly more scrutiny and potentially be targeted by this spyware.
Or this spyware will be used to plan things like raids or intimidation, you know, campaigns to survive.
people who do attend public protests.
Just adding this spyware to the mix,
it makes it so that every time people are planning things
in WhatsApp groups or private messages,
it just adds, again, this chilling effect of being exposed.
There's this knowledge that ICE does have the technical capacity
to compromise everyone's phones.
And that's just terrifying in itself.
And I think this will discourage certain people's participation
in activism altogether,
which could fracture movements as people worry about
informants or hack devices or, you know, their strategies leaking. The end result is weaker advocacy,
less coordination, and this broad silencing of dissent. I also think lawyers should be especially
worried because right now there's this legal confidentiality, right, where lawyers representing
clients in immigration cases, they rely on encrypted messaging apps for sensitive conversation.
If spyware can pierce that communication, attorney-client privilege is effectively obliterated. And
If lawyers start to fear that their communications aren't secure, they will probably avoid discussing sensitive strategies with clients at all electronically, which is going to leave vulnerable clients even less informed about their own cases.
So this chilling effect really erodes so many institutions meant to protect immigrant rights.
This whole terrifying situation is something that tons of civil liberties orgs and digital rights activists and people like myself that care a lot about free speech have been warning about.
The Electronic Frontier Foundation has been warning for years that giving domestic agencies access to spyware will undeniably lead to misuse.
They have pointed to ICE's history of overreaching, and they've made it clear that it's only a matter of time before this tool is misused and removed from the context under which it was improved.
ICE is also not primarily an intelligence agency, and so it has a lot weaker oversights, meaning less transparency and fewer guardrails.
The Paragon Graphite situation is all part of a lot.
larger pattern where a spyware gets introduced under the guise of national security or fighting terrorism
or cracking down on illegal immigration, but slowly and surely it migrates.
Predictive policing tools originally meant for counterterrorism end up in routine patrols.
License plate readers like we've talked about like flock, which are installed, end up logging millions
of commuters and being used by the police.
Facial recognition, which is originally deployed for serious threats.
is suddenly just being used to catch petty shoplifters or seize people off the street.
Once the infrastructure is built for mass surveillance, it is never going to be confined.
And spyware is even more dangerous in this way because it doesn't just target a single place or
car or device.
It targets the person and their personal private life and their networks.
Like everything that's happening on your phone, it could not be more personal.
And the government is not really fighting back against this.
Surprise, surprise.
some members of Congress have demanded more disclosure about federal spyware use and journalists are
combing through procurement databases for new contracts, Wired and 404 media have done such great
work covering this topic. And then researchers at places like Citizen Lab are examining infected
phones and they're trying to build this case against the government with forensic evidence.
But right now it doesn't seem like ICE will even be required to report how often it uses
graphite or under what authority and against whom? Without any answers on these questions,
it's just impossible for the public to know even like how much is this tool being used?
Who's it being used against? Like, is it on my phone? Like, you won't know. This type of really
dangerous spyware could soon be used in regular police investigations. It's all just so
authoritarian. So what can you do to stay safe? First of all, keep your phone updated. Google and
Apple often push through patches meant to protect your phone security. So that's one thing.
Don't click on suspicious links. Obviously, that's not how this type of infection happens,
but it's smart to take these precautions, especially if you're at higher risk. Consider using
features like Apple lockdown mode. And end-to-end encryption still does matter, even though this spyware
can bypass it because it protects against the kind of bulk surveillance that is much more common.
And above all, just don't assume that a government seal of approval means that these tools are
used responsibly. I know that if you're watching this video, you already know this, but it's just
so important because there's so much misinformation in the media that sort of manufacturers consent
for mass surveillance under the guise of safety. I think this whole ice paragon graphite thing shows
that in a single executive order is not enough to stop the rollout of this type of spyware or,
you know, institute any sort of restraint. We need comprehensive privacy legislation and we need people
in Congress to finally wake up and start caring about user privacy and data privacy.
We're in this period of time right now where there is still a chance to stop the mass
rollout of these tools or at least stop their mass expansion.
And the stakes are really high.
Thanks again for watching.
Don't forget to subscribe to my tech and online culture newsletter, usermag.com.
That's usermag.com where I write about all of this stuff and more.
Also, if you like my work, please, please support me on Patreon.
I just launched a Patreon. It's linked below. It is one of the best ways to ensure that I can continue to report on data privacy and surveillance capitalism and all of these horrible things.
That's it for this week's Free Speech Friday and I'll see you next week.