NEW research from the Citizen Lab has found signs that Kenyan authorities used a commercial forensic extraction tool manufactured by Israeli company Cellebrite to break into a prominent dissident’s phone while he was in police custody. The device belonged to Boniface Mwangi, a Kenyan pro-democracy activist who has announced plans to run for president in 2027, and the indicators were observed on his Samsung phone after his arrest in July 2025.
The phone was returned to him nearly two months later, in September, at which point Mwangi found that it was no longer password-protected and could be unlocked without a password, according to the Citizen Lab. The findings assess with high confidence that Cellebrite’s technology was used on the phone on or around July 20 and July 21, 2025, raising concerns about the potential full extraction of materials from the device, including messages, private files and other sensitive information.
The Guardian quoted a Cellebrite spokesperson saying the company’s technology is used to access private data only in accordance with legal due process or with appropriate consent to aid investigations after an event has occurred. The study forms part of a growing body of evidence of surveillance tool misuse by government clients.