A surveillance incident involving Graphite spyware has emerged in Italy, sparking renewed scrutiny over the proliferation of invasive cyber tools developed by private intelligence firms. Francesco Nicodemo, a political adviser and former communication strategist for Italy’s government, publicly disclosed being targeted with the Israeli-made Graphite surveillance tool. This development marks the fifth confirmed case of such cyber intrusion against individuals in Italy.
The spyware, developed by Paragon Solutions, operates with a high degree of stealth and aims to penetrate smartphones, extracting sensitive data while eluding user awareness and system auditing. The targeting of figures like Nicodemo raises significant alarms about state-backed surveillance programs and the unchecked deployment of zero-click spyware tools across democratic societies.
Graphite Spyware Expands its Reach in Italy
The use of Graphite spyware in Italy underscores a disturbing pattern of digital surveillance targeting civil society stakeholders.
Political Figures and Journalists Under Surveillance
Francesco Nicodemo’s infection adds to the growing list of Italian public figures targeted with Graphite spyware. Previously disclosed victims include political consultants and individuals with roles in shaping democratic dialogue. While the motivations behind these infections remain unclear, security experts suggest the individuals’ political and civic engagement could make them targets for government-aligned interests.
The Graphite spyware is designed for zero-click delivery—meaning it can compromise devices without any user interaction—and leverages advanced surveillance capabilities to silently record communications, monitor locations, and extract data from mobile applications. Victims are often unaware their devices have been compromised, making it challenging to detect or prevent ongoing surveillance.
How Paragon’s Graphite Functions so Intrusively
Graphite, produced by Israeli defense contractor Paragon Solutions, represents a new generation of military-grade surveillance tools sold to governments under regulatory secrecy. Classified as a non-auditable spyware, Graphite:
- Operates independently of traditional system logging
- Bypasses user notifications and mobile OS safeguards
- Supports remote command and control operations
- Extracts content from encrypted messaging apps
Its invasive nature places it in a similar category to Pegasus, the infamous spyware developed by NSO Group. Both are sold exclusively to governments—at least officially—and are intended to serve counterterrorism and law enforcement goals. However, as seen in Italy and elsewhere, they are increasingly being reported in politically motivated surveillance.
A Growing Trend of Unregulated Commercial Spyware
The Nicodemo case highlights the urgent need for transparent governance over how governments deploy commercial spyware.
Spyware Proliferation Risks Civil Liberties
With the commercial spyware industry estimated to be worth billions, more countries are acquiring these capabilities. The lack of consistent oversight mechanisms increases the chances for abuse. Italy, along with other EU nations, faces increasing pressure from digital rights organizations to enact stronger controls and ensure spyware procurement is tied to clear legal authorization and judicial surveillance frameworks.
“This isn’t just about personal privacy—this is about democratic integrity,” Nicodemo stated in response to the targeting, calling for broader legislative investigations into the spyware’s deployment inside the country.
Although Paragon Solutions markets Graphite exclusively for state use in tackling serious crimes and terrorism, legal experts and privacy watchdogs warn that ambiguous end-use definitions leave room for misuse, especially in political contexts.
Italy Emerges as a Key Front in Spyware Debates
The concentration of spyware targets in Italy places it at the center of ongoing European debates surrounding surveillance reform. The European Parliament continues to grapple with regulatory tools for overseeing the purchase and use of offensive cybersecurity products by member states.
Italy’s domestic intelligence and law enforcement agencies have not issued public statements regarding the spyware incidents, leading to further speculation about accountability and operational transparency in spyware acquisition and deployment.
Looking Ahead: Calls for Accountability Grow Louder
As more cases of Graphite spyware infections come to light, Italy may soon be forced to reckon with its surveillance infrastructure and the political motivations that may underpin it.
Privacy advocates, technologists, and civil society groups are urging the Italian government and European regulators to take concrete steps, including:
- Instituting mandatory notification for individuals targeted by spyware after investigations conclude.
- Creating independent oversight bodies for state surveillance tools.
- Enhancing cross-border cooperation to track the spyware vendor ecosystem within the EU.
Graphite’s usage in Italy reveals how commercial spyware tools are increasingly intersecting with partisan interests, creating a volatile dynamic at the intersection of cybersecurity, democratic governance, and human rights. As the fifth confirmed case reverberates through Italian politics, attention now shifts toward whether policymakers will intervene to halt the unchecked spread of cyber surveillance technologies.
