This post was originally published on this site.
Ireland is considering new legislation to give its law enforcement agencies more surveillance powers, including allowing the use of spyware.
The Irish government announced this week the introduction of the Communications (Interception and Lawful Access) Bill, which would regulate the use of so-called lawful interception, the industry term for surveillance technology, including spyware made by companies such as Intellexa, NSO Group, and Paragon Solutions.
“There is an urgent need for a new legal framework for lawful interception which can be used to confront serious crime and security threats,” said Jim O’Callaghan, Ireland’s minister for justice, home affairs, and migration.
“The new legislation will also include robust legal safeguards to provide continued assurance that the use of such powers is necessary and proportionate,” said O’Callaghan.
The main driver for this new law is that Ireland’s existing 1993 law governing the use of lawful interception tools predates most modern means of communications, such as messages and calls made with end-to-end encrypted apps. Communications encrypted in this way are generally speaking only accessible if authorities hack into a target’s devices, both remotely using government-grade spyware, or locally using forensic technology like Cellebrite devices.
The announcement specifically mentions that the new law will cover “all forms of communications, whether encrypted or not,” and can be used to obtain both content of communications and related metadata.
Contact Us
Do you have more information about government spyware? From a non-work device, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram and Keybase @lorenzofb, or email. You also can contact TechCrunch via SecureDrop.
The Irish government also promised that these surveillance powers will come with “the necessary privacy, encryption and digital security safeguards,” including judicial authorization and a requirement to be used “in specific cases and only where the circumstances meet a test of being necessary and proportionate to deal with issues relating to serious crime or threats to the security of the State.”
Techcrunch event
San Francisco
|
October 13-15, 2026
The announcement lacked specifics on how these new powers will work in practice, given that the law still needs to be written. But there is a specific section that mentions the need for “a new legal basis for the use of covert surveillance software as an alternative means of lawful interception to gain access to electronic devices” — a clear reference to computer and mobile spyware — to investigate serious crimes.
The state of spyware in Europe
Ireland’s bid to allow its law enforcement to use spyware comes as government spyware continues to proliferate, including across Europe, despite recent abuses that have highlighted how spyware has been used to violate human rights.
While a decade ago most spyware scandals had been largely limited to countries in the Middle East and South America, where the standards of human rights vary wildly, there have been several cases of abuse of spyware in Europe in recent years, including in Greece, Hungary, Italy, and Poland.
Yet, spyware has been used in Europe for more than two decades.
In 2004, in what may be the first documented government spyware sale, the Italian cybercrime unit Polizia Postale signed its first contract with Hacking Team, at the time a small cybersecurity startup in Milan, whose name would go on to become synonymous with a data breach that resulted in the company’s shutting down.
Later in 2007, Jörg Zierckethe, the head of the German’s federal criminal police office, the Bundeskriminalamt (or BKA), told a local magazine that his agency was using computer spyware. Then in 2008, WikiLeaks revealed the existence of DigiTask, a company that was selling spyware to German authorities for capturing Skype calls.
By 2011, hackers at the German Chaos Computer Club found a sample of spyware on the computer of a businessman passing through Munich’s airport customs, which they attributed to German police. The hackers called the malware Bundestrojaner, which is German for “federal trojan.”
At the time, these were stories that received little public attention. A few years later, as security researchers started documenting the abuse of European-made spyware in countries like Egypt, Ethiopia, Mexico, Morocco, the United Arab Emirates, and several more, spyware went mainstream, and is now a relatively normalized technology.
While some countries like Italy have legislation regulating the use of spyware, the European Union has since attempted to set common standards for the use of this type of technology in response to the scandals in the continent.
