Predator spyware litigation exposes systemic governance failure in Greek intelligence oversight
Greek citizens are suing Intellexa, the vendor behind Predator spyware, following the 2022 discovery that the malware had infected dozens of phones. The scandal triggered resignations of Greece's intelligence chief and prime minister's chief of staff, indicating both operational misuse and institutional accountability failures.
Affected
The Predator spyware campaign represents a mature instance of commercial surveillance technology being deployed by a NATO member state against its own citizens without legal authorisation. Unlike typical malware incidents, this threat emerges from deliberate procurement and deployment decisions by state actors, making it a governance and policy failure rather than an operational security lapse. The 2022 detection of Predator on dozens of Greek phones followed a pattern of expanding misuse by the Greek intelligence service, ultimately prompting institutional resignations that suggest awareness of wrongdoing at senior levels.
Intellexa's Predator occupies a particular niche in the spyware ecosystem: it competes directly with NSO Group's Pegasus but maintains lower public visibility through restricted distribution. The malware's capabilities include call interception, message monitoring, and location tracking, making it comparable to nation-state tooling. The fact that multiple high-profile resignations occurred suggests either legal threshold violations or reputational damage that made continued tenure untenable. This differs from typical vendor accountability, where the manufacturer might claim client misuse as a legal shield.
The lawsuit by Greek victims represents a rare escalation in holding both the deploying state and the vendor accountable simultaneously. Most commercial spyware litigation targets either the vendor (as with NSO's US legal exposure) or the purchasing state (as with citizens' constitutional claims), but rarely both in coordinated action. This suggests emerging legal strategies that treat vendors as complicit in the surveillance operation rather than merely as tool providers with no visibility into deployment.
Defenders and policy makers should recognise that Predator's operational success stemmed not from technical sophistication but from institutional access and absence of domestic oversight. Greece possessed the signals intelligence and warrant authority to deploy such tools, yet deployed them without legal constraint. This pattern repeats across democracies purchasing commercial spyware: the technical barrier is low, but governance mechanisms remain absent. Organisations operating in Greece or targeting Greek nationals should assume systematic monitoring capability and treat communications accordingly.
The broader implication is that commercial spyware has become normalised as a state surveillance tool with minimal international regulation. Unlike export controls on weapons or encryption, spyware vendors operate in a grey zone where purchasing states claim national security exemptions and vendors claim plausible deniability. The Predator litigation may serve as precedent for treating vendors as knowing participants in unlawful surveillance rather than neutral technology providers.
Sources