Paragon Spyware: A Year of Silence on the Italian Investigation
Paragon Solutions has not responded to the Italian judiciary on Graphite spyware used against journalists. Here is why the case remains open after a year.
Amid the silence of Italian courtrooms, a glaring absence resonates: that of Paragon Solutions, the Israeli company producing Graphite spyware, which for twelve months has ignored the Italian judiciary's requests for cooperation. The scandal that emerged in the spring of 2025 brought to light a digital surveillance system targeting journalists and activists, but a year later, the framework of responsibility remains shrouded in shadow.
What emerged a year ago
According to reports, at the beginning of 2025, several infections attributable to the Graphite spy software, produced by Paragon Solutions, were discovered in Italy. The company, of Israeli origin but controlled by a US fund, claims to provide its tools exclusively to governments for investigations into serious crimes and terrorism. However, the victims identified in Italy include figures far from this profile: among them, the director of Fanpage Francesco Cancellato and activist Luca Casarini, for a total of seven Italian citizens monitored without apparent justification.
The suspected infection vector is a simple WhatsApp chat, through which the spyware was allegedly inoculated into the victims' devices. Once installed, Graphite allows for the collection of geographical location with an accuracy of a few meters and device identification through unique digital fingerprints, as well as access to communications and sensitive data.
Paragon's stone wall
Despite formal requests from the Italian judiciary, Paragon Solutions has provided no information regarding the Graphite infections discovered in Italy. The company has maintained an attitude of total non-cooperation, leaving investigators and institutions without answers. This lack of response becomes even more significant considering that, according to some sources, Paragon claimed the Italian government had the tools to verify if the system had been used against journalist Francesco Cancellato but chose not to use that possibility.
This statement shifts the debate from a technical level to one of institutional responsibility, suggesting that the truth might be accessible but intentionally unsought.
The role of Italian institutions
The case has involved various levels of Italian institutions. Palazzo Chigi assigned the investigation to the National Cybersecurity Agency, directed by Prefect Bruno Frattasi since March 2023. Parallel to this, the issue came to the attention of COPASIR, the Parliamentary Committee for the Security of the Republic, which oversees the intelligence services.
The controversy also concerned the nature of the contract between the Italian government and Paragon Solutions. The Graphite software was licensed to the Italian executive, which was supposed to ensure its use complied with the stated purposes. The discovery that the same tool was used against journalists and activists raised questions about who authorized such operations and under whose supervision.
Some press reports have indicated leads pointing toward the judiciary, while other reconstructions highlighted potential responsibilities within the security services. However, the lack of answers from the Israeli company makes it impossible to clarify who actually managed the spying operations.
Implications for freedom of the press
The use of spyware against media professionals represents a direct threat to press freedom. Tools designed to combat terrorism and organized crime end up being used against those performing a democratic oversight role, creating an intimidating effect that goes far beyond the individual victims.
The Italian case fits into a broader pattern of surveillance technology misuse in various countries, where companies like Paragon and NSO Group – the latter producing the notorious Pegasus spyware – provide powerful tools to governments that do not always guarantee ethical and legal use.
Paragon's failure to respond after a year of investigation raises questions about the ability of democratic states to control surveillance companies and protect the fundamental rights of citizens.
What Paragon's silence means
Paragon's choice not to cooperate with the Italian justice system can be interpreted on several levels. From a commercial perspective, the company has an interest in protecting its reputation and the technical details of its product. Strategically, remaining silent avoids exposing any government clients who may have used the system improperly.
However, this attitude hinders investigative work and prevents victims from obtaining compensation and justice. It also creates a dangerous precedent: if surveillance companies can operate without being held accountable for the consequences of using their tools, any form of democratic control becomes ineffective.
The technical profile of Graphite spyware
Graphite belongs to the category of so-called "zero-click spyware," capable of infecting devices without requiring any interaction from the target user. According to analyses by the University of Toronto's Citizen Lab, the software was designed to operate discreetly, leaving minimal traces and allowing for almost total control over the compromised device.
Graphite's capabilities include access to encrypted messages, precise geolocation, activation of the microphone and camera, and interception of real-time communications. These are extremely powerful tools that, in the wrong hands, can turn any smartphone into a portable bug.
The infection via WhatsApp confirms a trend observed in other similar cases: popular messaging applications represent favored vectors for the distribution of spyware, exploiting unpatched vulnerabilities or sophisticated social engineering techniques.
Frequently Asked Questions
- What is Graphite spyware?
- Graphite is spy software produced by the Israeli company Paragon Solutions, designed to infect smartphones and allow complete surveillance of the device, including communications, geographic location, and access to the microphone and camera.
- Who are the surveillance victims in Italy?
- According to sources, seven Italian citizens were targeted, including Fanpage director Francesco Cancellato and activist Luca Casarini. These individuals are journalists and activists, not subjects linked to investigations into terrorism or organized crime.
- Why hasn't Paragon responded to the Italian judiciary?
- The reasons for the silence have not been officially clarified. The company has not provided public reasons for its lack of cooperation with the Italian judiciary, leaving open various hypotheses ranging from commercial protection to safeguarding relationships with government clients.
- What were the consequences for the contract between Italy and Paragon?
- According to reports, the Graphite software can no longer be used by the Italian executive that held a license for it, but details on the termination of the contract and any penalties remain unclear.
This article is a summary based exclusively on the listed sources.
Sources
- https://www.wired.it/article/paragon-spyware-risposte-indagine-italia-procura/
- https://ilmanifesto.it/spyware-rissa-tra-paragon-e-i-servizi-italiani
- https://www.wired.it/article/paragon-spyware-italia-cos-e-spyware-giornalisti-cancellato-governo-fanpage/
- https://www.meltingpot.org/2025/03/indagine-civile-sul-caso-paragon-lo-spyware-israeliano-che-ha-colpito-attivisti-italiani/
- https://www.ilfoglio.it/cronaca/2025/02/07/news/che-cosa-sappiamo-del-caso-paragon-e-dello-spyware-usato-per-spiare-giornalisti-e-attivisti-7400217/