NSO Group’s New Transparency Report Draws Criticism as Spyware Firm Pushes for U.S. Market Reentry

NSO Group, one of the most well-known and controversial makers of government spyware, released a new transparency report on Wednesday, as the company enters what it described as "a new phase of accountability."
However, unlike NSO's previous annual disclosures, the report lacks details on how many customers the company rejected, investigated, suspended, or terminated for human rights abuses involving its surveillance tools. While the report contains commitments to respect human rights and to implement controls requiring its customers to do the same, it provides no concrete evidence to support either.

Experts and critics who have followed NSO and the spyware market for years believe the report is part of an effort and campaign by the company to get the U.S. government to remove the company from a blocklist — technically called the Entity List — as it hopes to enter the U.S. market with new financial backers and executives at the helm.
Last year, a group of U.S. investors acquired the company, and since then, NSO has been undergoing a transition that included high-profile personnel changes: former Trump official David Friedman was appointed the new executive chairman; CEO Yaron Shohat stepped down; and Omri Lavie, the last remaining founder who was still involved in the company, also left, as Israeli newspaper Haaretz reported.

"When NSO's products are in the right hands within the right countries, the world is a far safer place. That will always be our overriding mission," Friedman wrote in the report, which does not mention any country where NSO operates.

Natalia Krapiva, the senior tech-legal counsel at Access Now, a digital rights organisation that investigates spyware abuses, told TechCrunch: "NSO is clearly on a campaign to get removed from the U.S. Entity List and one of the key things they need to show is that they have dramatically changed as a company since they were listed."
"Changing the leadership is one part and this transparency report is another," said Krapiva.
"However, we have seen this before with NSO and other spyware companies over the years where they change names and leadership and publish empty transparency or ethics reports but the abuses continue."

"This is nothing but another attempt at window dressing and the U.S. government should not be taken for a fool," said Krapiva.

Ever since the Biden administration added NSO to the Entity List, the company has lobbied to have its restrictions lifted. After President Donald Trump retook office last year, NSO intensified these efforts. But, as of May last year, NSO had failed to sway the new administration.

In late December, the Trump administration lifted sanctions against three executives linked to the Intellexa spyware consortium, which some interpreted as a sign of a shift in the administration's attitude toward spyware makers.

A lack of details
This year's transparency report, covering 2025, contains fewer details than those from previous years.

In an earlier transparency report covering 2024, for example, NSO reported that it opened three investigations into potential misuse. Without naming the customers, the company said it cut ties with one and imposed "alternative remediation measures" on another, including mandating human rights training, monitoring the customer's activities, and requesting more information about how the customer uses the system. NSO did not provide any information about the third investigation.

NSO also said that during 2024, the company rejected more than $20 million "in new business opportunities due to human rights concerns."

In the transparency report published the prior year, covering 2022 and 2023, NSO reported that it suspended or terminated six government customers, without naming them, and claimed these actions resulted in a revenue loss of $57 million.

In 2021, NSO said it had "disconnected" the systems of five customers since 2016 following an investigation of misuse, resulting in more than $100 million in "estimated loss of revenue," and it also said that it "discontinued engagements" with five customers due to "concerns regarding human rights."

NSO's latest transparency report does not include the total number of customers, a statistic that has been consistently reported in previous reports.

John Scott-Railton, a senior researcher at The Citizen Lab, a human rights organisation that has investigated spyware abuses for more than a decade, criticised NSO.
"I was expecting information, numbers," Scott-Railton told TechCrunch. "Nothing in this document allows outsiders to verify NSO's claims, which is business as usual from a company that has a decade-long history of making claims that later turned out to be misrepresentation."

Contact Us
Do you know more information about NSO Group? Or other spyware makers? From a non-work device, you can contact Lorenzo Franceschi-Bicchierai securely via Signal at +1 917 257 1382, Telegram, Keybase, or Wire (@lorenzofb), or by email.