Predatorgate: Breaking the chain of impunity of the spyware underworld

A landmark conviction of spyware vendors by Greek courts, thanks to investigative journalists

In 2022, as spyware scandals rippled across Europe, Greece’s ‘Predatorgate’ erupted: an explosive espionage affair that exposed the targeting of dozens of journalists, politicians, and business figures by – allegedly – the Greek authorities, shaking the country’s political system. The perpetrators used Predator, a spyware developed by the Israeli company Intellexa, to gain full access and control of the target’s devices.

At the end of February 2026, after a series of lengthy hearings, the case against Intellexa came to a close. The Misdemeanour Court of First Instance of Athens delivered a first-instance conviction against Tal Dilian, a former Israeli military officer and founder of Intellexa, and two other senior company figures, Sara Aleksandra Fayssal Hamou and Felix Bitzios, as well as Yiannis Lavranos, a Greek businessman linked to Krikel, the company that had purchased the spyware.

The court found all four defendants guilty of multiple offences, including:

• Unlawful interference with a personal data filing system

• Violation of the confidentiality of telephone communications and oral conversations

• Unlawful access to an information system or data

In an unprecedented ruling in the European Union, the court imposed on the defendants a cumulative sentence of 126 years and 8 months, calculated by aggregating the penalties for each individual target who had been spied on. However, because the charges were classified as misdemeanors under Greek law, a maximum of eight years of imprisonment per defendant is effectively enforceable. The execution of the sentence has been suspended pending appeal.

Recognition is due to the investigative journalists who brought the Predator scandal to light. Reporters United and inside.story played a decisive role in uncovering the surveillance network, despite facing many SLAPP lawsuits. Throughout the legal proceedings, they continued to follow the case closely by monitoring hearings, documenting developments, and ensuring sustained public scrutiny.

Their work has been essential in pushing this case forward, but also in demonstrating the essential role of investigative journalism in exposing spyware abuses that would otherwise remain hidden from public view.

The internal chain reaction: investigations trigger more investigations, but perpetrators still at large

Evidence presented during the proceedings triggered the opening of a series of additional investigations. The Public Prosecutor at the Court of First Instance will now examine potential further criminal liability, both for the four defendants and for other people. Due to several factors – the scale and diversity of the persons placed under surveillance, the organisation and training involved, and the possible involvement or complicity of foreign powers, in particular Israeli actors – the Courts will analyse if this could also trigger criminal responsibility for the offence of espionage.

Espionage constitutes a serious felony – not only a misdeamenor – and could lead to significantly harsher penalties and to a relevant analysis of the ties between Israeli spyware companies, their clients, and the Israeli Government. This development could finally address the question of whether – and which – state authorities were involved in Predatorgate, since the trial focused only on private individuals.

As relevant and groundbreaking this ruling is, it is also incomplete: it identified and punished some of the enablers, but it did not bring criminal consequences to whoever ordered this espionage at scale. In 2024, the Supreme Court cleared Greek authorities and state officials from responsibility in the scandal, despite their more-than-likely involvement.

The Greek government, and its secret services, have consistently denied any involvement. However, in a recent interview to Inside.story, Tal Dilian pointed to Greece’s intelligence agency, EYP. “(M)any witnesses mentioned the possible intervention of the EYP. The judgement itself refers to the use of identities linked to senior government figures, yet no effort was made to fully investigate those directions. Our group developed a Pro-active defence software and legally provide it exclusively to authorised government and law-enforcement entities(…)National agencies define the targets and execute the operation without our knowledge. We don’t know who made the interferences.” Dilian then, continues to say that he will not become a scapegoat “I believe it is a crime for private individuals to interfere communications. But it is even more serious crime to organise a conspiracy crime to send innocent people to jail to cover up political authorities.”

These direct accusations further intensify political pressure surrounding the major wiretapping scandal in Greece. It is imperative for the Greek judiciary system to identify and punish those responsible for it.

The end of impunity? A conviction that resonates across the EU

The judicial procedures started by spyware victims seeking remedy across Europe vary in their targets: some are directed at the State authorities behind the espionage, others at companies that developed the spyware used to spy, and in some cases, at both. However different in scope, they share a common feature: most cases remain stalled and paralysed in constant procedural delays, facing obstacles such as secrecy laws, jurisdictional limitations, lack of expertise by judges and even prosecutorial opposition.

When it comes to accountability of the spyware companies, the conviction of Intellexa executives in the Predatorgate case represents a first-of-its-kind criminal conviction of spyware vendor executives in the EU. It shows that national criminal law protecting private and safe communications can, in some cases, be leveraged to hold commercial spyware makers to account. It also exemplifies how, if punished and cornered, these companies’ executives might shed light on the authorities that hired them. It also marks a rare landmark outcome in an industry that has otherwise operated with impunity. This gives legal arguments to others pursuing similar cases in other jurisdictions. Finally, the continuation of the process might shed some light on the relationship between Israeli-linked spyware companies (which are many) and the state of Israel.

While there have been some successes – such as the condemnation of the NSO Group in US courts and, the effective shutdown of FinFisher and Hacking Team after civil society’s efforts in Europe – these have not resulted in criminal convictions against company executives. The Predatorgate case is a unique example of criminal accountability in the EU, which might also have a relevant deterrent effect.

In Europe, other promising legal processes against spyware vendors remain ongoing. Iridia, representing victims of the Catalangate scandal – in which Spanish authorities spied on at least 65 people – has achieved the indictment of three executives of NSO Group in a case involving cooperation between Spanish and Luxembourg courts. Similarly, a complaint brought forward by Sentinel Alliance, representing other Catalangate victims, has led to the indictment of founders and directors of NSO Group and Saito Tech, the company behind Candiru. The Greek ruling gives civil society hope that these and other processes might lead to justice being served. However, even though spyware vendor accountability is beginning to emerge, it remains slow, uneven and uncertain across jurisdictions.

The complex and lengthy legal battles are pinned under an important structural point: the commercial spyware market in Europe is effectively unregulated. This is despite longstanding calls from civil society to ban a market that thrives in opacity and violates fundamental rights for profit. This systemic gap enables widespread abuse and for spyware to be developed, sold and deployed with virtually no oversight – judicial or other. This fact, added to the secrecy surrounding these companies and their deceiving commercial structures further complicates victims’ access to effective remedies. Allowing the market to continue operating only fuels its proliferation, perpetuates abuses, and goes against the EU’s own rules protecting fundamental rights and against the European Parliament’s recommendations. It also means giving a free pass to technology that has been mostly developed and tested in the context of occupation and genocide on the Palestinian population.

The need for a ban on spyware

In Greece, the aftermath of Predatorgate exposed a fundamental contradiction. While criminal proceedings have delivered a landmark conviction of actors linked to Intellexa, the question of who ordered and authorised the surveillance remains unresolved. At the same time, the legal framework is moving in the opposite direction: since 2022, Greek law has allowed the use of spyware by state authorities, with the safeguards still undefined. This was done through a law-making process without transparency or independent oversight by Greece’s supervisory authorities.

Across Europe, a similar pattern is emerging. Proceedings against those who conducted or authorised spyware abuses have seen some movement – such as indictments of former intelligence chiefs in Spain and Poland – but none have resulted in definitive criminal convictions of state actors. Moreover, some countries, like Austria or Ireland, are passing new legislations legalising spyware.

Holding spyware companies to account is a necessary step, but without addressing the responsibility of those who authorise and deploy these tools, enforcement remains incomplete. To close this accountability gap and protect fundamental rights, the EU and its Member States must take two urgent actions: ban the commercial spyware market to prevent companies from developing and selling these tools, and ban spyware use entirely, since any deployment of spyware is inherently incompatible with human rights.

Contribution by: Aljosa Ajanovic Andelic, Policy Advisor, EDRi & Eleftherios Chelioudakis, Executive Director, EDRi Member, Homo Digitalis