25/06/2026 22:15 - Internacionales
A forensic investigation by Citizen Lab at the University of Toronto has revealed that Russian authorities used tools from Israeli company Cellebrite to access the phone of political activist Andrey Pivovarov, director of the organization Open Russia, in June 2021. This finding is particularly alarming because it occurred three months after Cellebrite publicly announced the cancellation of all its contracts with Russian and Belarusian clients.
Pivovarov was detained on May 31, 2021 at St. Petersburg airport while attempting to board a flight. His devices, including an iPhone 12 and a MacBook, were confiscated by Russian security services. The activist never provided his passwords nor consented to the search of his devices, which remained in official custody until 2023.
Context for international readers: Open Russia was a civil society organization founded by exiled oligarch Mikhail Khodorkovsky, promoting democracy and human rights. The Russian government designated it as an "undesirable organization" in 2017, making any association with it a criminal offense.
According to forensic analysis and official Russian documents, authorities extracted:
Investigators searched for specific terms including names of opposition figures such as Mikhail Khodorkovsky and Anastasiya Burakova.
Cellebrite announced in March 2021 it would cancel its contracts with Russia and Belarus following media pressure. However:
Technical analysis found "with high confidence" traces of Cellebrite UFED (Universal Forensic Extraction Device) usage on Pivovarov's iPhone 12, specifically on June 17, 2021. Evidence includes:
| Evidence Type | Finding |
|---|---|
| Host ID | 9016926980658937761372207 - attributed to Cellebrite |
| Official Russian document | Forensic Report No. 1269-17 confirms use of UFED Physical Analyzer and UFED 4PC |
| USB connections | MobileLockdown records show connection to Cellebrite device |
Citizen Lab has documented cases of Cellebrite technology misuse in multiple countries:
| Country | Reported Use | Contract Status |
|---|---|---|
| Russia | Persecution of activists like Pivovarov and Lyubov Sobol | Cancelled in 2021 |
| Serbia | Access to devices of journalists and students | Cancelled |
| Kenya | Activist Boniface Mwangi after arbitrary arrest | Active |
| Jordan | Multiple activists and civil society members | Active |
| Myanmar | Reuters journalists detained for reporting on Rohingya | Cancelled |
| China | Extensive sales to authorities | Cancelled |
The forensic report reveals that authorities could not access the MacBook due to device encryption. The Russian document explicitly states that "encryption made accessing the file system impossible."
Important lesson: Full disk encryption can be an effective barrier against forensic extraction.
The Pivovarov case demonstrates that even when a company formally cancels a contract, previously sold tools can continue operating. Citizen Lab recommends:
March 2021: Cellebrite announces cancellation of all contracts with Russia and Belarus.
May 31, 2021: Pivovarov detained at St. Petersburg airport, devices confiscated.
June 17, 2021: Forensic analysis of iPhone 12 using Cellebrite UFED.
July 2022: Sentenced to 4 years in prison for "undesirable organization" activities.
August 1, 2024: Released in prisoner exchange that included journalist Evan Gershkovich.
Fall 2025: Contacts Citizen Lab in Berlin for forensic analysis.
June 25, 2026: Full report published.
Citizen Lab: Russia Breaks Into Human Rights Activist's Phone With Cellebrite
The Guardian: Russia used Israeli firm's tool to crack phone months after ties severed
Alfredo S. Quiroga
