Cellebrite Banned Russia. Russia Kept Using Its Tools Anyway.
Cellebrite Cut Off Russia in 2021 — But Russian Authorities Used Its Tools Anyway
On March 18, 2021, Israeli digital forensics company Cellebrite made a public pledge: it would immediately halt all sales of its products and services to customers in Russia and Belarus, citing the need to operate "according to accepted international rules and regulations." Five years later, the evidence shows that ban did not stop Russian authorities from continuing to use Cellebrite's technology — including against at least one anti-war activist whose phone data helped put him behind bars for more than eight years.
The case raises hard questions about whether a company can meaningfully enforce an export ban on hardware-based forensic tools that require no internet connection to operate — and whether Cellebrite's stated human rights commitments hold up under scrutiny.
How Russian Authorities Used Cellebrite After the Ban
The most documented post-ban case involves Dmitry Ivanov, a Russian anti-war activist. According to reporting by Mediazona, as cited by Meduza in October 2025, the FSB used Cellebrite's equipment to extract data from Ivanov's phone after Russia's full-scale invasion of Ukraine — well after Cellebrite's 2021 prohibition on Russian sales had taken effect.
The details emerged in part from Ivanov's own criminal trial. According to openDemocracy's account of the proceedings, the prosecutor stated that a specialist from the FSB had accessed the contents of Ivanov's phone using Cellebrite software after Ivanov refused to provide the password. On March 7, 2023, a Moscow court sentenced Ivanov to 8.5 years in prison on charges of "spreading false information" about the Russian Armed Forces, with evidence extracted from his phone playing a role in the prosecution.
The Ivanov case was not an isolated incident. According to the Citizen Lab at the University of Toronto, Russian authorities publicly boasted that they continued to use Cellebrite's products to extract data from the phones of detainees a full year after Cellebrite had halted sales. Haaretz reported in October 2022 that Russia's main investigative body — the Investigative Committee, which has prosecuted figures including Alexey Navalny and members of Pussy Riot — was still actively using Cellebrite tools to break into phones of arrested individuals. According to documents cited by DIMSE and Wikipedia, the Investigative Committee bragged about deploying Cellebrite's technology more than 26,000 times.
Why the Ban Failed: The Offline Problem
The technical reason Russia was able to continue using Cellebrite's tools after the sales ban is straightforward, and the Citizen Lab has explained it plainly: because core features of Cellebrite's products can be operated without an internet connection, they continue to be functional in jurisdictions where sales have been stopped. There is no remote kill switch. Once the hardware and software are in a customer's hands, Cellebrite has no reliable mechanism to disable them.
This structural limitation is central to the broader debate about Cellebrite's human rights policies. The company has chosen not to do business in Bangladesh, Belarus, China, Hong Kong, Macau, Russia, and Venezuela — citing concerns about human rights and data security, according to its own facts page. But the Russia case illustrates the gap between a sales restriction and an actual cessation of use.
Cellebrite's flagship product, the UFED (Universal Forensic Extraction Device), is widely deployed by law enforcement agencies globally. The company claims more than 7,000 law enforcement customers around the world and is headquartered in Petah Tikva, Israel. It is listed on Nasdaq under the ticker symbol CLBT and was valued at approximately $2.4 billion in 2021.
A Pattern of Documented Misuse — and Inconsistent Responses
Russia is not the only country where Cellebrite's tools have been documented in use against civil society actors following stated policy restrictions or amid serious human rights concerns.
In January 2026, the Citizen Lab published a report finding that Jordanian authorities used Cellebrite to extract data from the phones of political activists and civilians between late 2023 and mid-2025, in connection with protests in support of Palestinians in Gaza. In February 2026, the Citizen Lab found that Cellebrite's forensic extraction tools were used on the Samsung phone of Kenyan pro-democracy activist Boniface Mwangi while it was in police custody following his arrest in July 2025.
In Serbia, Cellebrite did take action. According to TechCrunch's February 2026 reporting, Cellebrite suspended Serbian police as customers in 2025 after Amnesty International's technical report documented state agencies using its tools to hack a journalist's and activist's phones and plant spyware. It was described as a rare example of Cellebrite publicly cutting off a customer for documented abuse.
The contrast between the Serbia response and the company's handling of findings in Jordan, Kenya, and Russia has drawn criticism. In the Serbia case, an Amnesty International report appears to have prompted action. In other cases, including those documented by the Citizen Lab, Cellebrite's public posture has been more defensive.
Cellebrite spokesperson Victor Cooper, responding to questions from TechCrunch, said: "We do not respond to speculation and encourage any organization with specific, evidence-based concerns to share them with us directly so we can act on them." Cooper also noted that "high confidence is not direct evidence" — a phrase that reflects the company's position that findings from external researchers do not automatically trigger enforcement action.
In response to the Citizen Lab's Jordan report, Cellebrite issued a company statement saying: "any substantiated use of our tools in violation of human rights or local law will result in immediate disablement."
Researchers and Advocates Push for Accountability
Researchers at the Citizen Lab have called for greater transparency from Cellebrite about its vetting and enforcement practices. John Scott-Railton, a researcher at the Citizen Lab, stated: "We urge Cellebrite to release the specific criteria they used to approve sales to Kenyan authorities, and disclose how many licenses have been revoked in the past."
Human rights organizations have also raised concerns about prospective sales. Donncha Ó Cearbhaill, head of Amnesty International's Security Lab, commented in connection with Georgia's reported plans to acquire Cellebrite technology: "Given the Georgian authorities' escalating clampdown on dissent, the sale of powerful mobile data extraction tools like Cellebrite's raises grave human rights concerns." According to OCCRP, Georgia's Ministry of Internal Affairs planned to renew existing Cellebrite licenses and purchase new ones in a package worth $2.4 million.
The concerns are not limited to authoritarian or semi-authoritarian contexts. In Latvia, the State Revenue Service acquired Cellebrite software in 2024 for €427,270 to combat tax evasion and the shadow economy, according to Latvian government procurement data cited by Wikipedia. And in the United States, FBI agents used Cellebrite technology to access the phone of Thomas Matthew Crooks — the man who opened fire on Donald Trump at a Pennsylvania rally in 2024 — in just 40 minutes, according to Meduza.
What Comes Next
The Russia case, now more clearly documented than ever, puts renewed pressure on Cellebrite to explain how it intends to enforce its own export restrictions when its technology is hardware-based and offline-capable. The Citizen Lab's findings across multiple countries in 2025 and 2026 suggest the problem is not confined to one rogue jurisdiction — it reflects a systemic challenge for any company selling powerful forensic tools with limited post-sale control.
Cellebrite has demonstrated it is willing to act when faced with specific, technically documented reports — as the Serbia case shows. Whether that standard will be applied consistently to Russia, Jordan, Kenya, and elsewhere remains an open question. Advocacy groups and researchers have made clear they intend to keep pressing for answers.
For more tech news, visit our news section.