Ireland is considering new legislation that would give law enforcement more surveillance powers, including allowing the use of spyware.
The Irish Government this week announced the introduction of the Communications (Interception and Lawful Access) Bill. The bill would regulate the use of so-called lawful interception, an industry term for surveillance technology that includes spyware made by companies such as Intellexa, NSO Group and Paragon Solutions.
Jim O'Callaghan, Ireland's Minister for Justice, Home Affairs and Immigration, said: “There is an urgent need for a new legal framework for lawful interception that can be used to combat serious crime and security threats.”
“The new legislation also includes strong legal safeguards to ensure that the exercise of such powers continues to be necessary and appropriate,” Mr O'Callaghan said.
A key driver for this new law is that Ireland's current 1993 law governing the use of lawful interception tools is older than modern means of communication such as messages and calls made on end-to-end encrypted apps. Communications encrypted in this way can generally only be accessed by authorities if they hack into the target device, either remotely using government-grade spyware or locally using forensic technology such as Cellebrite devices.
The announcement specifically notes that the new law covers “any form of communication, whether encrypted or not,” and can be used to capture both the content of the communication and associated metadata.
Contact Us Want more information about government spyware? You can contact Lorenzo Franceschi-Bicchierai securely from your non-work device on Signal (+1 917 257 1382) or on Telegram and Keybase @lorenzofb or by email. You can also contact TechCrunch via SecureDrop.
The Irish government also promised that these surveillance powers would come with “necessary privacy, encryption and digital security safeguards”, including a requirement that they be used only in specified cases and in circumstances that meet the test of whether they are necessary and appropriate to address matters relating to serious crime or threats to national security, including judicial authorization and a requirement to do so.
tech crunch event
San Francisco | October 13-15, 2026
The announcement lacked details on how these new powers would work in practice, given that the laws still need to be written. However, there is a specific section that refers to the need for “a new legal basis for the use of covert surveillance software as an alternative to lawful interception to access electronic devices” to investigate serious crimes, an obvious reference to computer and mobile spyware.
The current state of spyware in Europe
The Irish government is set to allow law enforcement to use spyware as its proliferation continues, including across Europe, despite recent exploits highlighting how it is being used to commit human rights abuses.
A decade ago, most spyware scandals were largely confined to countries in the Middle East and South America, where human rights standards differ widely, but in recent years there have been several cases of spyware abuse in Europe, including Greece, Hungary, Italy, and Poland.
However, spyware has been used in Europe for more than 20 years.
In 2004, in what is believed to be the first recorded sale of spyware by a government, Italian cybercrime squad Polizia Postale signed its first contract with Hacking Team, then a small cybersecurity startup in Milan. The team's name later became synonymous with a data breach that led to the company's closure.
In late 2007, Jörg Zierkete, head of Germany's Federal Criminal Police Office (BKA), told a local magazine that his department was using computer spyware. Then, in 2008, WikiLeaks revealed the existence of DigiTask, a company that sold spyware to German authorities to capture Skype calls.
By 2011, hackers from the German Chaos Computer Club found spyware samples on the computers of businessmen passing through airport customs in Munich and attributed them to German police. The hackers named the malware Bundestrojaner, which means “Federal Trojan” in German.
At the time, these were stories that received little public attention. A few years later, as security researchers began documenting the exploits of European spyware in countries such as Egypt, Ethiopia, Mexico, Morocco, and the United Arab Emirates, spyware became mainstream and is now a relatively standardized technology.
Some countries, such as Italy, have laws regulating the use of spyware, while the European Union is seeking to set common standards for the use of this type of technology following scandals on the continent.