An Israeli digital intelligence firm that supplies police, prison, and immigration authorities, as well as repressive regimes around the world, with hacking technologies.
Cellebrite DI Ltd is a digital intelligence firm headquartered in Israel. It became a publicly traded company in September 2021 when it merged with WC Holdings II, a San Francisco–based Special Purpose Acquisition Company (SPAC). As of August 2024, Cellebrite’s parent company and largest shareholder, Japanese computer manufacturing company Sun Corporation, owns 47.07% of its shares. In addition to its three main locations in Israel, Cellebrite also operates offices in Australia, Brazil, Canada, England, Germany, India, Japan, and the United States (in New Jersey and Virginia).
Cellebrite provides “digital investigative” tools, including data extraction software, primarily to law enforcement and government agencies around the world. According to the company, its clients include police departments in all 50 U.S. states, national law enforcement agencies in 25 of the 27 European Union countries, and eight out of the 10 largest U.S. banks. In 2023, 90% of the company’s revenue derived from sales to law enforcement and government agencies.
The company’s flagship tool, the Universal Forensic Extraction Device (UFED), unlocks and extracts data—including contacts, locations, deleted messages, calls, and data collected by apps—from smartphones, computers, drones, SIM cards, GPS devices, and more. A single UFED can be used on up to 3,000 phones. These devices are used in conjunction with Cellebrite’s Physical Analyzer, computer software that ingests and analyzes data extractions from UFED and creates customized reports.
In 2020, Cellebrite acquired computer forensics company BlackBag Technologies. Shortly thereafter, Cellebrite announced the release of Inspector and Digital Collector, formerly known as BlackLight and MacQuisition, respectively. Like Cellebrite’s UFED technology, these products are used to extract personal data, including internet history, downloads, locations, recent searches, messages, and multimedia files, from mobile devices and computers. Notably, Cellebrite has claimed that Digital Collector is the only tool on the market capable of extracting data from Mac devices equipped with the Apple T2 security chip. The company has also stated that future updates to Digital Collector will focus on remote collection capabilities.
The Israeli police have been using Cellebrite technology since 2016. In 2021, the agency awarded Cellebrite a contract worth approximately $6 million for multiple technologies, including UFEDs for PC and mobile devices, BlackLight, and MacQuisition. This contract ended in March 2024.
Outside of Israel and the U.S., Cellebrite technology has been used by many other countries that have been implicated in grave human rights abuses, including the persecution of journalists, civil rights activists, political dissidents, and racial/ethnic minorities, as documented by the Database of Israeli Military and Security Export (DIMSE).
Immigrant Surveillance in the US
Cellebrite provides U.S. immigration authorities with technologies that allow them to hack into, search, and analyze information stored on electronic devices. Between 2008 and September 2023, Immigration and Customs Enforcement (ICE) awarded Cellebrite at least 212 contracts worth over $39 million for UFED technology and related license renewals, computer software, communications equipment, and training and support services. This includes a contract for “Macintosh forensics training” from BlackBag Technologies, now a part of Cellebrite.
ICE awarded Cellebrite a 1-year $6.2 million contract for UFED technology. A Cellebrite UFED product costs around $10,000, with a $3,000 to $4,000 annual licensing fee; based on ICE’s UFED contracts, this suggests that the agency is using this technology on a large scale.
The hacking devices, software, and training provided to ICE grant the agency access to an immense amount of personal data without a warrant, including geolocation and internet browning history, bank records, text messages, and photos. This data is used to track, detain, and deport immigrants, as well as to intimidate, criminalize, and repress immigrant communities. ICE used Cellebrite technology in 2017 to plan its “largest immigration raid in history” aimed at criminalizing, arresting, and deporting alleged gang members.
A 2018 internal ICE memorandum noted that one UFED could download information from 3,000 cellular devices with “virtually no training,” and that “contacts and texts could be imported into FALCON, the data analysis system provided by Palantir, “for further exploitation.”
Cellebrite also provides its technologies to Customs and Border Protection (CBP). Between 2009 and 2024, CBP awarded Cellebrite numerous annual contracts worth over $6.1 million for UFED equipment, software renewals, and personnel training. CBP uses Cellebrite software to track and surveil immigrants, performing warrantless searches at the border and between points of entry as part of the “digital border wall.” These searches allow agents to gather intimate details about individuals’ lives in order to interrogate, detain, and ultimately deport them.
Civil rights organizations and activists have protested these electronic border searches, claiming that the unregulated searches and seizures are unconstitutional. In a 2017 lawsuit filed against the federal government, the ACLU claimed that searches performed by CBP and ICE were “warrantless and suspicionless,” and that they violated individuals’ First and Fourth Amendment rights. In February 2021, however, a judge ruled that both basic and “advanced” searches fall within “permissible constitutional grounds” at the U.S. border.
Prison and Police Surveillance in the US
Prison agencies in the U.S. use Cellebrite technology in order to locate and hack into incarcerated individuals’ mobile devices. The company markets its technologies to prisons as “the key” to locating “contraband phones” and preventing crime. According to the company, “E-mails, text messages, video clips, geolocation data, cryptocurrency information (wallets and transaction information) gathered from contraband phones can provide valuable evidence in stopping crimes both inside and outside corrections facilities, while providing the ability to trace deadly crime networks across state and international boundaries.”
Cellebrite technology has been purchased by state prison agencies in, for example, California, Kentucky, Louisiana, Mississippi, New York, Oklahoma, South Carolina, and Virginia. The Arizona, Iowa, Illinois, and New Jersey Departments of Public Safety have all spent upwards of $200,000 on Cellebrite software purchases, renewals, and training. Seven cities in California alone—Beverly Hills, Burbank, Greenfield, Orange County, Sacramento, San Luis Obispo, and Watsonville—documented their use of Cellebrite technology between 2018 and 2021. The technology has also been purchased by police departments in, for example, Delaware, Florida, Maine, Missouri, Pennsylvania, Rhode Island, and Wisconsin. These police departments use the software for everything from traffic accidents to homicide investigations.
Federal prison and police agencies in the U.S. similarly use Cellebrite hacking technology. As of August 2024, the Department of Justice has held at least 839 contracts worth over $15.4 million with Cellebrite for the company’s UFED technology. Between 2015 and 2018, the Federal Bureau of Investigations held contracts with BlackBag Technologies—later acquired by Cellebrite—for its MacQuisition software, now called Digital Collector. According to a 2020 Forbes article, the technology has effectively made Cellebrite a “one-stop-shop for the feds’ Apple hacking needs.”
Outside of the U.S., police agencies in Canada, Germany, the Seychelles, Tanzania, Turkey, and the U.K. have also purchased Cellebrite’s hacking devices.
Immigrant Surveillance in Other Countries
Cellebrite hacking technology has been used by immigration authorities outside of the U.S. to effectively “spy on” asylum seekers who use smartphones to plan safe routes and access information about vital services once they arrive in a safe country. The growing surveillance industry has allowed European countries to use data from migrants’ phones in order to criminalize and deport them.
In 2019, in a pitch made in Morocco to government officials from around the world, Cellebrite employees outlined the potential use of Cellebrite technologies for investigating people seeking asylum. According to the company, “77% of refugees arrive without document[s],” while “43% have a smartphone during their journey”; as such, “in lieu of documents, a person’s phone could be used to find out who they are, what they have been doing, where they have been, and ultimately why they are seeking asylum.”
In a 2022 statement made in response to allegations that its technologies are being used to investigate “the digital lives of people seeking asylum in Morocco,” Cellebrite affirmed its commitment to ensuring the “appropriate use” of its technology; it did not respond directly to whether or how its technologies are used to “spy on” asylum seekers.