Ireland is considering new legislation to give law enforcement agencies more surveillance powers, including a license to use spyware.
The Irish government announced this week the introduction of the Communications (Wiretapping and Lawful Access) Bill, which will regulate the use of “lawful wiretapping”, the industry term for surveillance technology, including spyware made by companies such as Intellexa, NSO Group and Paragon Solutions.
“There is an urgent need for a new legal framework for lawful wiretapping that can be used to tackle serious crime and security threats,” said Jim O’Callaghan, Ireland’s Minister for Justice, Home Affairs and Immigration.
“The new legislation will also include strong legal safeguards to provide continued assurance that the use of such powers is necessary and proportionate,” O’Callaghan said.
The main driver of this new law is that Ireland’s existing 1993 law governing the use of legal surveillance tools predates more modern means of communication, such as messages and calls made with end-to-end encrypted applications. Communications encrypted in this way are generally only accessible if authorities breach a target’s devices, either remotely using government-grade spyware or locally using forensic technology such as Cellebrite devices.
The announcement specifically states that the new law will cover “all forms of communications, encrypted or not,” and can be used to obtain both the content of communications and the associated metadata.
Contact us
Do you have more information about government spyware? From a non-working device, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382 or via Telegram and Keybase @lorenzofb or via email. You can also contact TechCrunch via SecureDrop.
The Irish government also promised that these surveillance powers would be accompanied by “the necessary privacy, encryption and digital security safeguards”, including judicial authorization and a requirement for use “in specific cases and only where the circumstances meet the test of necessity and proportionality to deal with matters relating to serious crime or threats to the security of the state”.
Techcrunch event
San Francisco
|
13-15 October 2026
The announcement did not detail how these new powers will work in practice, as the law has yet to be written. But there is a specific section that mentions the need for “a new legal basis for the use of covert surveillance software as an alternative means of legal wiretapping to access electronic devices” — a clear reference to computer and mobile eavesdropping software — to investigate serious crimes.
The state of spyware in Europe
Ireland’s move to allow law enforcement to use spyware comes as government spyware continues to proliferate, including in Europe, despite recent abuses that have highlighted how spyware has been used to violate human rights.
While a decade ago most spyware scandals were largely confined to countries in the Middle East and South America, where human rights standards vary widely, there have been several cases of spyware abuse in Europe in recent years, including Greece, HungaryItaly and Poland.
However, spyware has been used in Europe for more than two decades.
In 2004, in what may be the first documented government sale of spyware, Italy’s Polizia Postale cybercrime unit signed its first contract with Hacking Team, at the time a small cybersecurity startup in Milan whose name would become synonymous with a data breach that resulted in the company’s shutdown.
Later in 2007, Jörg Ziercke, the head of Germany’s federal criminal police office, the Bundeskriminalamt (or BKA), he told a local magazine that his agency was using computer eavesdropping software. Then, in 2008, WikiLeaks was revealed the existence of DigiTask, a company that sold spyware to German authorities to record Skype calls.
Until 2011, hacker at the German Chaos Computer Club found a spyware sample on the computer of a businessman passing through customs at Munich airport, which was handed over to the German police. The hackers named the malware Bundestrojaner, which is German for “federal trojan.”
At the time, these were stories that received little public attention. A few years later, as security researchers began documenting the misuse of European spyware in countries such as Egypt, Ethiopia, Mexico, Morocco, the United Arab Emirates, and many others, spyware became mainstream and is now a relatively normalized technology.
While some countries such as Italy have legislation regulating the use of spyware, the European Union has since tried to set common standards for using this type of technology in response to scandals on the continent.
