EU MPs travel to Rome: clarification demanded in the espionage scandal!

EU MPs travel to Rome: clarification demanded in the espionage scandal!

On Friday 27 May 2025, a delegation of MEPs from the LIBE Committee will travel to Rome to follow developments in the Paragon espionage scandal. The case sparked outrage across Italy after it emerged that Israeli surveillance program Graphite was used by Paragon to monitor investigative journalists and NGO activists. This is considered an alleged breach of contract, which led to the termination of the contract between the Italian government and Paragon. However, the Italian government refuses to publicly disclose further details. Instead, clarifications should be made to COPASIR, the parliamentary committee overseeing intelligence services.

The delegation will be led by Sandro Ruotolo, an Italian social democrat, and plans to meet with those affected by spyware, representatives of the Italian press and members of the COPASIR committee. The Committee for Civil Liberties is also meeting today in the European Parliament, in which the EU Digital Commissioner Virkkunen will also take part.

Details of the espionage attacks

According to reports from the Guardian and other information, at least seven journalists and activists with an Italian area code (+39) were spied on. Those affected have critically addressed Italy's migration policy and include Francesco Cancellato, editor-in-chief of Fanpage, and Luca Casarini, an activist with the NGO Mediterranea. Further reports suggest that two other Mediterranea activists are also affected.

An alarming discovery came from Citizen Lab, which found that at least 90 WhatsApp users in two dozen countries, including 13 EU countries, were attacked with the Graphite Trojan. The infiltration originated in a WhatsApp chat and an infected PDF file. WhatsApp informed those affected about the attacks, which are not limited to Italy. There are also worrying reports of such attacks internationally.

Reactions and investigations

The Italian government has commissioned the National Cybersecurity Agency to investigate the case. Nevertheless, she refuses to provide further information and makes it clear that all statements are made exclusively in the parliamentary control committee. Meanwhile, Paragon, which was founded in 2019 and sold to US private equity firm AE in 2024, has withdrawn access to its software from Italy. The company also plans to take legal action against WhatsApp due to end-to-end encryption.

The situation is also viewed in the context of the Pegasus scandal of 2021, which already raised questions about surveillance and the rights of journalists. Citizen Lab's John Scott Railton expects further revelations in this sensitive case.

In summary, the EU, and Italy in particular, faces the challenge of creating transparency in surveillance policy while protecting the rights of civil society. Luca Casarini and Francesco Cancellato announced a press conference in the EU Parliament to draw attention to the critical situation.

For more details, read the full reports Euractiv and Network politics.