Kenya Digital Forensics Row Deepens After Citizen Lab Flags Possible Phone Data Extraction
Fresh questions about privacy and state surveillance are swirling again — and this time, they’re harder to brush off.
A new report published on Tuesday, February 17, claims authorities may have used advanced digital forensic tools to unlock and copy data from seized mobile phones. The findings come from Citizen Lab, a research centre known globally for investigating digital threats targeting civil society.
And according to the researchers, they have “high confidence” the technology was deployed.
What the Report Says Happened
At the centre of the claims is forensic technology developed by Cellebrite — an Israeli firm whose products are widely used by law enforcement agencies across the world.
These tools, the report explains, are designed to bypass phone security systems. Once inside a device, investigators can potentially extract messages, emails, call logs, photos, saved passwords, financial records — almost everything stored on it.
Depending on the phone model and its condition, the access can be extensive.
That’s what has privacy advocates uneasy. Because once a device is out of its owner’s hands, who ensures boundaries aren’t crossed?
The Boniface Mwangi Case Raises Eyebrows
Among those cited in the report is activist and 2027 presidential hopeful Boniface Mwangi.
Mwangi was apprehended in July last year, and during that process, his phones were confiscated. When they were eventually returned, he says something didn’t sit right. One of his personal devices was no longer password-protected.
That detail alone triggered concern.
Citizen Lab researchers say the circumstances surrounding Mwangi’s device are consistent with the use of Cellebrite’s forensic extraction tools. However, the government has not publicly confirmed whether such technology was used in his case.
The report states:
“Our analysis of the Samsung Android phone confiscated by the Kenyan police, belonging to Mwangi, shows signs that Cellebrite was used on the phone on or around July 20, 2025, and July 21, 2025. The device was in the custody of the Kenyan police during this timeframe,” read part of the report.
Adding that, “We observed traces of an application named com.client.appA on the Android phone. The Citizen Lab associates this application name with high confidence with Cellebrite’s forensic extraction technology. Other sources have also linked this indicator with Cellebrite’s forensic extraction technology.”
Those are strong words.
Not the First Digital Surveillance Concern
This isn’t happening in isolation.
In 2024, Citizen Lab revealed that spyware had allegedly been planted on the phones of Kenyan filmmakers while the devices were in police custody. The investigation was tied to a documentary probing protest-related killings.
That revelation alone sparked debate about how confiscated electronics are handled — and whether adequate safeguards exist to prevent unauthorized access.
Now, this latest report suggests that beyond spyware, full-scale forensic extraction tools may also have been deployed in cases involving activists and government critics.
It raises a simple but uncomfortable question: where does lawful investigation end and overreach begin?
Government Response and Global Context
According to The Guardian, when the government was asked to respond to the revelations, it declined.
Cellebrite, for its part, has previously said in similar cases in other countries that its technology is intended strictly for lawful investigations carried out under due process. The company has also maintained that it reviews credible allegations of misuse.
But here’s the thing — public reassurance and public trust don’t always move at the same speed.
And in Kenya, where digital activism continues to grow, the stakes are high. Phones aren’t just devices anymore. They hold identities, movements, private conversations — entire lives, really.
As debate builds, one reality is clear: this conversation about digital rights and state power isn’t going away anytime soon.
Also Read: KRA Urges Salaried Kenyans to Secure P9 Forms Before June 30 Tax Deadline
Kenya Digital Forensics Row Deepens After Citizen Lab Flags Possible Phone Data Extraction