Ron Deibert
@rondeibert.bsky.social
Director of The Citizen Lab at the University of Toronto's Munk School of Global Affairs & Public Policy
Author of Chasing Shadows https://chasingshadowsbook.ca/
Author of Chasing Shadows https://chasingshadowsbook.ca/
Pinned
“It’s [Citizen Lab] one of the few institutions that investigate cyberthreats exclusively in the public interest, and in doing so, it has exposed some of the most egregious digital abuses of the past two decades.”
Meet the man hunting the spies in your smartphone
Ronald Deibert and his research group, the Citizen Lab, have rigorously worked to unveil alarming digital threats for the past two decades. Now, he warns, this kind of work is under threat.
www.technologyreview.com
Thanks to @technologyreview.com and Finian Hazen (who was a student in my special seminar @buffett.northwestern.edu) for this profile of our work @citizenlab.ca
With recent attention on GrokAI's publication of illegal CSAM and other harmful content, it's a good time to re-up this piece I wrote for @theglobeandmail.com a couple of months ago on Canada's 🇨🇦 Minister of AI.
www.theglobeandmail.com/opinion/arti...
www.theglobeandmail.com/opinion/arti...
Opinion: Canada’s new Minister of AI must not be naive to its harms
AI is not just being deployed to expand human understanding, but to systematically subvert it as well
www.theglobeandmail.com
January 6, 2026 at 9:07 PM
With recent attention on GrokAI's publication of illegal CSAM and other harmful content, it's a good time to re-up this piece I wrote for @theglobeandmail.com a couple of months ago on Canada's 🇨🇦 Minister of AI.
www.theglobeandmail.com/opinion/arti...
www.theglobeandmail.com/opinion/arti...
Grok AI is spewing highly abusive,
Illegal content on demand
Such important investigative journalism by @ajvicens.bsky.social & @raphae.li
Illegal content on demand
Such important investigative journalism by @ajvicens.bsky.social & @raphae.li
New: @ajvicens.bsky.social spoke to one of the women — a Brazilian musician — digitally stripped of her clothing by xAI’s Grok. When she saw the chatbot being asked to virtually strip her down to a bikini, she thought there was no way it would comply. She was wrong.
www.reuters.com/legal/litiga...
www.reuters.com/legal/litiga...
Elon Musk's Grok AI floods X with sexualized photos of women and minors
When contacted by Reuters for comment by email, xAI replied with the message "Legacy Media Lies."
www.reuters.com
January 3, 2026 at 3:41 AM
Grok AI is spewing highly abusive,
Illegal content on demand
Such important investigative journalism by @ajvicens.bsky.social & @raphae.li
Illegal content on demand
Such important investigative journalism by @ajvicens.bsky.social & @raphae.li
Canada 🇨🇦 has courted billions from autocratic regimes and has a Minister of AI who enthusiastically cheerleads tech that produces CSAM, counsels teens on how to commit suicide, and services up harmful health advice to cancer patients www.theguardian.com/technology/2...
Google AI Overviews put people at risk of harm with misleading health advice
Exclusive: Inaccurate information presented in summaries, Guardian investigation finds
www.theguardian.com
January 2, 2026 at 6:23 PM
Canada 🇨🇦 has courted billions from autocratic regimes and has a Minister of AI who enthusiastically cheerleads tech that produces CSAM, counsels teens on how to commit suicide, and services up harmful health advice to cancer patients www.theguardian.com/technology/2...
The tide is slowly changing in the US 🇺🇸 around mercenary spyware restrictions
Which would be bad news for human rights, but (and here's the irony) bad news for US 🇺🇸 national security too.
Huge counterintelligence risks....
(which is of little concern to kleptocrats)
Which would be bad news for human rights, but (and here's the irony) bad news for US 🇺🇸 national security too.
Huge counterintelligence risks....
(which is of little concern to kleptocrats)
The chief executive of the Israeli #spyware maker NSO Group, Yaron Shohat, said on Thursday he was stepping down, according to a letter sent to employees and obtained by Haaretz.
www.haaretz.com/israel-news/...
www.haaretz.com/israel-news/...
Spyware firm NSO's chief steps down as U.S. lifts sanctions on Intellexa executives
After First-term Trump Ambassador Friedman Was Appointed Chair of Pegasus-maker NSO as Part of a Takeover by a Hollywood Producer, the CEO Steps Down Amid a Possible Shift in U.S. Spyware Policy Under...
www.haaretz.com
January 1, 2026 at 6:31 PM
The tide is slowly changing in the US 🇺🇸 around mercenary spyware restrictions
Which would be bad news for human rights, but (and here's the irony) bad news for US 🇺🇸 national security too.
Huge counterintelligence risks....
(which is of little concern to kleptocrats)
Which would be bad news for human rights, but (and here's the irony) bad news for US 🇺🇸 national security too.
Huge counterintelligence risks....
(which is of little concern to kleptocrats)
Treasury removes sanctions for three executives tied to spyware maker Intellexa therecord.media/treasury-san...
Treasury removes sanctions for three executives tied to spyware maker Intellexa
The Treasury Department on Tuesday took three people closely affiliated with the holding company behind Predator spyware off of a sanctions list, reversing their designation in 2024 by the Biden admin...
therecord.media
December 30, 2025 at 9:37 PM
Treasury removes sanctions for three executives tied to spyware maker Intellexa therecord.media/treasury-san...
Received a notification from Apple, Google or WhatsApp that you've been targeted or hacked with government spyware?
Take it seriously!
Here's a very useful guide from @lorenzofb.bsky.social @techcrunch.com about what steps you should take next 👇
Take it seriously!
Here's a very useful guide from @lorenzofb.bsky.social @techcrunch.com about what steps you should take next 👇
NEW: Apple, Google, and WhatsApp now regularly notify their users if they suspect they have been targeted or hacked with government spyware, such as that made by NSO Group or Paragon.
We spoke to experts and wrote a guide on what to do, and where to go, if you receive one of those notifications.
We spoke to experts and wrote a guide on what to do, and where to go, if you receive one of those notifications.
You've been targeted by government spyware. Now what? | TechCrunch
Tech companies are increasingly warning their customers that they have been targeted by governments with advanced government spyware, such as NSO's Pegasus or Paragon's Graphite. What happens after re...
techcrunch.com
December 29, 2025 at 4:33 PM
Received a notification from Apple, Google or WhatsApp that you've been targeted or hacked with government spyware?
Take it seriously!
Here's a very useful guide from @lorenzofb.bsky.social @techcrunch.com about what steps you should take next 👇
Take it seriously!
Here's a very useful guide from @lorenzofb.bsky.social @techcrunch.com about what steps you should take next 👇
Some well-deserved attention to @accessnow.org's Digital Security Helpline -- a critical player in the digital security for civil society landscape and a cherished partner to us @citizenlab.ca 👇
NEW: Meet the folks at AccessNow's Digital Security Helpline, who have been investigating government spyware for more than a decade, helping journalists and dissidents all over the world.
I spoke to Hassen Selmi, who heads the incident response team, to learn how his team fights spyware abuses.
I spoke to Hassen Selmi, who heads the incident response team, to learn how his team fights spyware abuses.
Meet the team that hunts government spyware
For years, Access Now’s Digital Security Helpline has been aiding journalists and dissidents who have been targeted with government spyware. This is how they operate.
techcrunch.com
December 27, 2025 at 6:54 PM
Some well-deserved attention to @accessnow.org's Digital Security Helpline -- a critical player in the digital security for civil society landscape and a cherished partner to us @citizenlab.ca 👇
Thanks to @technologyreview.com and Finian Hazen (who was a student in my special seminar @buffett.northwestern.edu) for this profile of our work @citizenlab.ca
“It’s [Citizen Lab] one of the few institutions that investigate cyberthreats exclusively in the public interest, and in doing so, it has exposed some of the most egregious digital abuses of the past two decades.”
Meet the man hunting the spies in your smartphone
Ronald Deibert and his research group, the Citizen Lab, have rigorously worked to unveil alarming digital threats for the past two decades. Now, he warns, this kind of work is under threat.
www.technologyreview.com
December 24, 2025 at 4:08 PM
Thanks to @technologyreview.com and Finian Hazen (who was a student in my special seminar @buffett.northwestern.edu) for this profile of our work @citizenlab.ca
Surveillance systems have always presented counter-intelligence and public safety risks -- from backdoors to poorly regulated wares of mercenary spyware firms
Here's another example thanks to @404media.co @jasonkoebler.bsky.social who discovered a Flock camera system exposed to the internet 👇
Here's another example thanks to @404media.co @jasonkoebler.bsky.social who discovered a Flock camera system exposed to the internet 👇
This is 404 Media's @jasonkoebler.bsky.social waving at himself through a Flock camera; one of 60 we learned was left exposed to the open internet. Not only could anyone with a link livestream it, but some admin portals were open with no login credentials required.
www.404media.co/flock-expose...
www.404media.co/flock-expose...
December 22, 2025 at 6:01 PM
Surveillance systems have always presented counter-intelligence and public safety risks -- from backdoors to poorly regulated wares of mercenary spyware firms
Here's another example thanks to @404media.co @jasonkoebler.bsky.social who discovered a Flock camera system exposed to the internet 👇
Here's another example thanks to @404media.co @jasonkoebler.bsky.social who discovered a Flock camera system exposed to the internet 👇
Get ready for more of this:
* the crossover of advertising data w/ state surveillance
* a way for law enforcement & intelligence to sidestep warrants and oversight b/c it's novel, a linked to data economies that are already intrusive and pervasive
* Govts (Germany 🇩🇪 here) evading accountability
* the crossover of advertising data w/ state surveillance
* a way for law enforcement & intelligence to sidestep warrants and oversight b/c it's novel, a linked to data economies that are already intrusive and pervasive
* Govts (Germany 🇩🇪 here) evading accountability
The German government completely refuses to tell parliament whether German federal police uses unlawfully processed mass behavioral/location data from digital advertising for surveillance purposes or not.
Highly problematic in terms of democratic accountability.
netzpolitik.org/2025/sicherh...
Highly problematic in terms of democratic accountability.
netzpolitik.org/2025/sicherh...
Sicherheitsbehörden und Databroker: Bundesregierung macht Datenkauf zum Staatsgeheimnis
Die Bundesregierung verweigert Transparenz darüber, ob deutsche Sicherheitsbehörden bei Datenhändlern einkaufen. Die Frage ist brisant, denn für den Kauf gäbe es keine sichere Rechtsgrundlage. Das zei...
netzpolitik.org
December 20, 2025 at 12:43 AM
Get ready for more of this:
* the crossover of advertising data w/ state surveillance
* a way for law enforcement & intelligence to sidestep warrants and oversight b/c it's novel, a linked to data economies that are already intrusive and pervasive
* Govts (Germany 🇩🇪 here) evading accountability
* the crossover of advertising data w/ state surveillance
* a way for law enforcement & intelligence to sidestep warrants and oversight b/c it's novel, a linked to data economies that are already intrusive and pervasive
* Govts (Germany 🇩🇪 here) evading accountability
In the "everyday more bad news" category:
Trump Administration Turning to Private Firms in Cyber Offensive 🧵
www.bloomberg.com/news/article...
Trump Administration Turning to Private Firms in Cyber Offensive 🧵
www.bloomberg.com/news/article...
Trump Administration Turning to Private Firms in Cyber Offensive
President Donald Trump’s administration is preparing to turn to private businesses to help mount offensive cyberattacks against foreign adversaries, according to people familiar with the matter, poten...
www.bloomberg.com
December 12, 2025 at 5:21 PM
In the "everyday more bad news" category:
Trump Administration Turning to Private Firms in Cyber Offensive 🧵
www.bloomberg.com/news/article...
Trump Administration Turning to Private Firms in Cyber Offensive 🧵
www.bloomberg.com/news/article...
In 2019, we @citizenlab.ca published an investigation into a disinfo / influence operation we called "Endless Mayfly", and which we attributed at the time to an "Iran-aligned entity"
citizenlab.ca/2019/05/burn...
Now, Meta's latest adversarial threat report showing we were spot on 👇
citizenlab.ca/2019/05/burn...
Now, Meta's latest adversarial threat report showing we were spot on 👇
December 11, 2025 at 10:38 PM
In 2019, we @citizenlab.ca published an investigation into a disinfo / influence operation we called "Endless Mayfly", and which we attributed at the time to an "Iran-aligned entity"
citizenlab.ca/2019/05/burn...
Now, Meta's latest adversarial threat report showing we were spot on 👇
citizenlab.ca/2019/05/burn...
Now, Meta's latest adversarial threat report showing we were spot on 👇
There you have it
A straight line from Trump's hateful, bigoted and ignorant remarks...
to a daylight snatch, assault, and kidnapping of a Somali American citizen
So despicable
A straight line from Trump's hateful, bigoted and ignorant remarks...
to a daylight snatch, assault, and kidnapping of a Somali American citizen
So despicable
MINNEAPOLIS: “All I did was step outside as a Somali American citizen, and I got chased by a masked person, assaulted, kidnapped. It was inhumane. If this is what’s happening to a 🇺🇸 citizen on camera, imagine what could happen to your loved ones.”
December 11, 2025 at 4:19 AM
There you have it
A straight line from Trump's hateful, bigoted and ignorant remarks...
to a daylight snatch, assault, and kidnapping of a Somali American citizen
So despicable
A straight line from Trump's hateful, bigoted and ignorant remarks...
to a daylight snatch, assault, and kidnapping of a Somali American citizen
So despicable
An excellent & very disturbing overview of the scope & scale of domestic surveillance systems deployed in the US 🇺🇸 by @peter.andringa.me @financialtimes.com 👇
Ostensibly for deportation, these can (& likely are) being fine-tuned for deployment on critics of the Trump regime -- a chilling prospect
Ostensibly for deportation, these can (& likely are) being fine-tuned for deployment on critics of the Trump regime -- a chilling prospect
NEW: We took a deep dive into ICE's data dragnet: the data brokers, biometrics tools, and license plate readers powering Trump's deportation effort. Some of the contracts are for tools previous administrations deemed too intrusive.
Trump’s immigration data dragnet
The US is pulling in vast amounts of personal information in its drive to deport 1mn people this year
ig.ft.com
December 10, 2025 at 9:35 PM
An excellent & very disturbing overview of the scope & scale of domestic surveillance systems deployed in the US 🇺🇸 by @peter.andringa.me @financialtimes.com 👇
Ostensibly for deportation, these can (& likely are) being fine-tuned for deployment on critics of the Trump regime -- a chilling prospect
Ostensibly for deportation, these can (& likely are) being fine-tuned for deployment on critics of the Trump regime -- a chilling prospect
Reposted by Ron Deibert
Eye scans, licence plate readers, spyware: technology used to catch criminals and terrorists is being repurposed to fulfil Trump's pledge to deport 1mn undocumented migrants this year. Critics fear it’s the thin end of the authoritarian wedge.
An #FTEdit thread on America’s new surveillance state 👇
An #FTEdit thread on America’s new surveillance state 👇
December 10, 2025 at 2:53 PM
Eye scans, licence plate readers, spyware: technology used to catch criminals and terrorists is being repurposed to fulfil Trump's pledge to deport 1mn undocumented migrants this year. Critics fear it’s the thin end of the authoritarian wedge.
An #FTEdit thread on America’s new surveillance state 👇
An #FTEdit thread on America’s new surveillance state 👇
Add this one to the many other reasons why I've been declining invitations to attend anything in the United States.
U.S. 🇺🇸 Plans to Scrutinize Foreign Tourists’ Social Media History www.nytimes.com/2025/12/09/t...
U.S. 🇺🇸 Plans to Scrutinize Foreign Tourists’ Social Media History www.nytimes.com/2025/12/09/t...
U.S. Plans to Scrutinize Foreign Tourists’ Social Media History
www.nytimes.com
December 10, 2025 at 4:18 AM
Add this one to the many other reasons why I've been declining invitations to attend anything in the United States.
U.S. 🇺🇸 Plans to Scrutinize Foreign Tourists’ Social Media History www.nytimes.com/2025/12/09/t...
U.S. 🇺🇸 Plans to Scrutinize Foreign Tourists’ Social Media History www.nytimes.com/2025/12/09/t...
Re Signalgate
As the IG report rightly flagged, one issue easily overlooked is the use of "a personal cell phone to conduct official business and send nonpublic DoD information" 🧵
As the IG report rightly flagged, one issue easily overlooked is the use of "a personal cell phone to conduct official business and send nonpublic DoD information" 🧵
December 9, 2025 at 4:44 PM
Re Signalgate
As the IG report rightly flagged, one issue easily overlooked is the use of "a personal cell phone to conduct official business and send nonpublic DoD information" 🧵
As the IG report rightly flagged, one issue easily overlooked is the use of "a personal cell phone to conduct official business and send nonpublic DoD information" 🧵
Garbage in, garbage out, back in again, and out, endlessly expanding in bubbling waves. The "public sphere" is fast becoming a grotesque toxic cesspool -- and there's little effort being made to contain and limit it.
In fact, it's as if the overwhelming public policy consensus is to accelerate it
In fact, it's as if the overwhelming public policy consensus is to accelerate it
Apps like OpenAI’s Sora are fooling millions of users into thinking A.I. videos are real, even when they include warning labels.
A.I. Videos Have Flooded Social Media. No One Was Ready.
Apps like OpenAI’s Sora are fooling millions of users into thinking A.I. videos are real, even when they include warning labels.
nyti.ms
December 9, 2025 at 5:32 AM
Garbage in, garbage out, back in again, and out, endlessly expanding in bubbling waves. The "public sphere" is fast becoming a grotesque toxic cesspool -- and there's little effort being made to contain and limit it.
In fact, it's as if the overwhelming public policy consensus is to accelerate it
In fact, it's as if the overwhelming public policy consensus is to accelerate it
Canada's 🇨🇦 independent oversight of its intel & security agencies is taking a hit b/c of federal budget cuts
That's troubling: the agency is relatively new, was building up experienced people & knowledge, & now will be set back
It was already overstretched & met resistance
Bad for rule of law
That's troubling: the agency is relatively new, was building up experienced people & knowledge, & now will be set back
It was already overstretched & met resistance
Bad for rule of law
One of the watchdogs meant to keep Canada's intelligence and security activities in check says its ability to scrutinize those powerful organizations will be hindered due to government spending cuts.
www.cbc.ca/news/politic...
www.cbc.ca/news/politic...
Intelligence watchdog facing cuts as Liberals seek new powers for national security agencies | CBC News
One of the watchdogs meant to keep Canada's intelligence and security activities in check is warning it will have to reduce the number of reviews it can take on due to the Liberal government’s spendin...
www.cbc.ca
December 7, 2025 at 4:24 AM
Canada's 🇨🇦 independent oversight of its intel & security agencies is taking a hit b/c of federal budget cuts
That's troubling: the agency is relatively new, was building up experienced people & knowledge, & now will be set back
It was already overstretched & met resistance
Bad for rule of law
That's troubling: the agency is relatively new, was building up experienced people & knowledge, & now will be set back
It was already overstretched & met resistance
Bad for rule of law
Putting aside whatever he's saying, which is incomprehensible to me at least, it made me wonder...
Do billionaires organize substance abuse interventions on each others' behalf? Maybe on a private island?
Do billionaires organize substance abuse interventions on each others' behalf? Maybe on a private island?
December 5, 2025 at 5:30 PM
Putting aside whatever he's saying, which is incomprehensible to me at least, it made me wonder...
Do billionaires organize substance abuse interventions on each others' behalf? Maybe on a private island?
Do billionaires organize substance abuse interventions on each others' behalf? Maybe on a private island?
Thank you @michelawrong.bsky.social and @niaolainf.bsky.social for selecting Chasing Shadows as your 2025 book of year recce in @thespectator1828.bsky.social (www.spectator.co.uk/article/book...) and @justsecurity.org (www.justsecurity.org/126111/just-...) respectively.
I appreciate it very much!
I appreciate it very much!
Books of the Year II – further recommendations from our regular reviewers
Philip Hensher I have a theory that Mick Herron’s Slow Horses novels are an ingenious variation on Shakespeare’s Henry IV plays. If, in a future episode, River Cartwright ascends to his kingdom renoun...
www.spectator.co.uk
December 5, 2025 at 5:08 PM
Thank you @michelawrong.bsky.social and @niaolainf.bsky.social for selecting Chasing Shadows as your 2025 book of year recce in @thespectator1828.bsky.social (www.spectator.co.uk/article/book...) and @justsecurity.org (www.justsecurity.org/126111/just-...) respectively.
I appreciate it very much!
I appreciate it very much!
It is good to see enforcement of the EU Digital Services Act against X. We need more principled democratic governance of tech platforms, and penalties for non-compliance 1)
Elon Musk’s X Hit With $140 Million Fine in Europe www.nytimes.com/2025/12/05/t...
Elon Musk’s X Hit With $140 Million Fine in Europe www.nytimes.com/2025/12/05/t...
Elon Musk’s X Hit With $140 Million Fine in Europe
www.nytimes.com
December 5, 2025 at 1:24 PM
It is good to see enforcement of the EU Digital Services Act against X. We need more principled democratic governance of tech platforms, and penalties for non-compliance 1)
Elon Musk’s X Hit With $140 Million Fine in Europe www.nytimes.com/2025/12/05/t...
Elon Musk’s X Hit With $140 Million Fine in Europe www.nytimes.com/2025/12/05/t...
Great work showing yet more
mercenary spyware abuses, this time in Iraq and Pakistan involving shady Intellexa and its Predator spyware 👇
mercenary spyware abuses, this time in Iraq and Pakistan involving shady Intellexa and its Predator spyware 👇
1/ Today we release a new report exposing previously undisclosed entities connected to the wider #Intellexa ecosystem as well as newly identified activity clusters in Iraq and indications of activity in Pakistan: www.recordedfuture.com/research/int...
Intellexa’s Global Corporate Web
www.recordedfuture.com
December 4, 2025 at 5:00 AM
Great work showing yet more
mercenary spyware abuses, this time in Iraq and Pakistan involving shady Intellexa and its Predator spyware 👇
mercenary spyware abuses, this time in Iraq and Pakistan involving shady Intellexa and its Predator spyware 👇
Reposted by Ron Deibert
8/ A public service reminder:
This entire exercise is an absurd, imaginary world for legal experts.
That's because the truth is:
It's not an armed conflict.
The laws of war thus don't apply.
The more restrictive rules of human rights apply.
It's extrajudicial killing under that law.
This entire exercise is an absurd, imaginary world for legal experts.
That's because the truth is:
It's not an armed conflict.
The laws of war thus don't apply.
The more restrictive rules of human rights apply.
It's extrajudicial killing under that law.
December 4, 2025 at 2:34 AM
8/ A public service reminder:
This entire exercise is an absurd, imaginary world for legal experts.
That's because the truth is:
It's not an armed conflict.
The laws of war thus don't apply.
The more restrictive rules of human rights apply.
It's extrajudicial killing under that law.
This entire exercise is an absurd, imaginary world for legal experts.
That's because the truth is:
It's not an armed conflict.
The laws of war thus don't apply.
The more restrictive rules of human rights apply.
It's extrajudicial killing under that law.
Just another day of unfiltered white nationalist racist garbage from the White House
Trump, continued: "What the Somalian people have done to Minnesota is not even believable. It’s not even believable. And a lot of it starts with the governor. A lot of it starts with Barack HUSSEIN Obama, because that’s when people started coming in... They want to kiss our country good night."
December 3, 2025 at 10:11 PM
Just another day of unfiltered white nationalist racist garbage from the White House