NSO's Transparency Claims Under Fire: Inside the Spyware Maker's US Market Push [2025]

Introduction: The Illusion of Accountability

When a company known for selling surveillance tools that have tracked journalists, activists, and dissidents around the world suddenly claims to care about human rights, it's natural to be skeptical. That's exactly where NSO Group finds itself in early 2025 as it attempts one of the most ambitious rehabilitations in tech industry history.

NSO Group has released a new transparency report positioning itself as a reformed actor in the global spyware market. The document promises human rights commitments, customer accountability, and responsible governance. On the surface, it's exactly what critics have been demanding for years. But dig deeper, and what emerges is a masterclass in strategic opacity, where vague promises replace concrete numbers and commitments lack verifiable evidence.

The timing isn't accidental. NSO has been aggressively lobbying the U.S. government to remove it from the Entity List, a blocklist that effectively prevents the company from doing business in America. With new ownership and new leadership installed over the past year, the company is staging what experts call a "rebranding campaign" designed to convince Washington that the old NSO is gone and a responsible new version has taken its place.

Here's what you need to understand: transparency reports are only meaningful if they actually reveal something. NSO's latest document does the opposite. It obscures, minimizes, and omits the very metrics that would allow independent verification of the company's claims. For a company trying to convince the world it's changed, the report reads more like an exercise in strategic vagueness than genuine accountability.

This article examines what NSO is really claiming, why those claims fall apart under scrutiny, and what it all means for the future of surveillance technology in America and beyond. We'll look at how transparency becomes propaganda when numbers disappear, why leadership changes don't automatically signal reform, and what the Biden and Trump administrations' different approaches to spyware governance reveal about the future of these tools in the hands of authoritarian governments.

TL; DR

• NSO's New Opacity: The 2025 transparency report contains fewer verifiable details than previous years, removing customer rejection statistics that once numbered in the millions of dollars.
• Leadership Theater: Installing former Trump official David Friedman as chairman and removing the last founding members signals PR strategy rather than fundamental operational change.
• Missing Evidence: The report makes human rights promises without providing any concrete data on customer investigations, suspensions, or enforcement actions.
• Strategic Timing: The transparency push coincides with intensified lobbying to get removed from the U.S. Entity List and access American markets.
• Activist Pushback: Digital rights organizations and researchers say NSO is repeating a familiar pattern: cosmetic changes followed by continued abuses.

The chart illustrates NSO Group's transparency actions from 2021 to 2024, showing a trend of increasing investigations and customer terminations, with significant revenue loss reported in 2023. Estimated data.

The Transparency Report That Reveals Nothing

NSO Group released its 2025 transparency report on a Wednesday in January with the declaration that the company was entering "a new phase of accountability." The document arrived with considerable fanfare, positioned as evidence of systemic reform and renewed commitment to human rights.

But here's where the rot sets in: the report lacks the very data points that would make it meaningful. In previous years, NSO reported specific numbers about how many customers it rejected, investigated, or terminated. These figures were brutal and honest. The company would cite millions of dollars in rejected revenue. It would name investigations and describe remediation measures. Readers could actually verify something, even if details were sparse.

The 2025 report? It's written as a collection of aspirational statements about what NSO believes and wants to do. It contains promises. It contains principles. What it doesn't contain is data.

This matters because transparency without numbers is just marketing. When a company says it takes human rights seriously but doesn't explain how many customers it has investigated, suspended, or kicked off the platform, you have no way to assess whether the claim is real. Is the company investigating every tenth customer? One per year? Hundreds? The absence of numbers makes it impossible to judge performance.

Comparisons to previous years make this strategy painfully obvious. In 2024, NSO reported opening three investigations into potential misuse. The company said it terminated one customer relationship and imposed "alternative remediation measures" on another, including mandatory human rights training and enhanced monitoring. In 2023 and 2022, NSO reported suspending or terminating six government customers and claimed this resulted in a $57 million revenue loss.

Go back further to 2021, and the company disclosed "disconnecting" five customers' systems since 2016, citing a claimed revenue loss exceeding $100 million. These numbers proved the company was actually taking enforcement actions, even if the details remained vague.

The 2025 report? Silent on these metrics. No customer rejections disclosed. No investigation numbers. No terminations. The report doesn't even include the total number of NSO customers, a statistic that had appeared in every previous transparency disclosure.

When TechCrunch asked NSO's spokesperson for clarification on these missing statistics, no answer came. The silence is deafening.

Estimated data suggests a significant gap between NSO's promises and the enforcement mechanisms described in their 2025 transparency report.

Leadership Changes as Theater

Last year, NSO underwent a dramatic executive reshuffling. The company installed David Friedman, former Trump administration official and Middle East policy advisor, as executive chairman. CEO Yaron Shohat departed. Omri Lavie, the last remaining founder still involved in day-to-day operations, also left the company.

On paper, this looks like significant reform. New blood. Fresh perspectives. Commitment to change. In reality, it's textbook corporate reputation management.

Leadership changes are the easiest form of corporate theater. They're visible, they're dramatic, they generate headlines, and they cost relatively little compared to actually changing how a company operates. You remove the executives associated with the controversial past and install new ones with cleaner records. Investors and board members feel better. PR teams get better talking points. But the underlying business operations often remain identical.

Consider what Friedman wrote in the new transparency report: "When NSO's products are in the right hands within the right countries, the world is a far safer place. That will always be our overriding mission." This statement manages to be simultaneously vague and defensive. It doesn't actually commit NSO to anything beyond a circular logic: the company will succeed when its tools end up in good hands. But NSO itself makes the judgment about what hands are "right." The company evaluates its own customers.

The key insight here is that changing who sits at the executive table doesn't change who buys the company's products or how those products get used. NSO's spyware targets the same types of people it always has. Journalists, activists, opposition figures. The governments buying NSO tools are often the same ones that were buying them before.

Friedman's appointment is particularly strategic given the Trump administration's shifting stance on spyware governance. During the first Trump administration, Friedman held significant influence on Middle East policy. His presence at NSO signals that the company is now well-connected within Republican circles and has understanding of how to navigate Trump-era policy. This is fundamentally about access and influence, not about changing NSO's business model.

The Pattern: Cosmetic Reforms Followed by Continued Abuses

Critics and digital rights organizations have watched NSO play this game before. The pattern is consistent, familiar, and deeply frustrating: the company gets caught enabling human rights abuses, it launches a public relations offensive, it makes promises, it changes leadership or policy on paper, and then the same problems continue.

Natalia Krapiva, senior tech-legal counsel at Access Now, put it bluntly: "We have seen this before with NSO and other spyware companies over the years where they change names and leadership and publish empty transparency or ethics reports but the abuses continue."

This isn't speculation. It's rooted in documented history. NSO's Pegasus spyware has been linked to the surveillance and harassment of journalists in multiple countries, opposition leaders in authoritarian states, and human rights defenders fighting for basic freedoms. The revelations came out in the Pegasus Project, a collaborative investigation by journalists around the world that exposed how NSO's tools were being systematically abused.

What did NSO do? The company initially denied everything. When the evidence became undeniable, it pivoted to claiming that its customers had violated agreements and that NSO had systems in place to prevent misuse. But here's the critical question: if NSO had genuine systems in place, how did the misuse happen in the first place? Why weren't there early warning signs?

The answer is that NSO's vetting process, whatever it claims to be, has consistently failed to prevent abuse. The company either didn't look closely enough at how customers were using the tools, didn't care enough to enforce its agreements, or understood that governments buying spyware intended to spy on dissidents and was willing to profit from that anyway.

John Scott-Railton, a senior researcher at The Citizen Lab who has investigated spyware abuses for more than a decade, expressed frustration with the new transparency report: "I was expecting information, numbers. Nothing in this document allows outsiders to verify NSO's claims, which is business as usual from a company that has a decade long history of making claims that later turned out to be misrepresentation."

This history of misrepresentation is crucial. NSO hasn't just claimed to be responsible and then failed to live up to those claims. The company has actively misrepresented the facts. It's made false statements about how its tools were being used. It's claimed it didn't know about abuses when evidence suggests otherwise. This isn't just a company that tried and failed. It's a company that said things that weren't true.

Given this track record, why should anyone believe that new leadership and a vague transparency report represent genuine change? The burden of proof should be on NSO to demonstrate that things are actually different. The company hasn't met that burden.

Estimated data shows that journalists and activists are the primary targets of NSO's Pegasus spyware, followed closely by opposition politicians and human rights defenders.

The Entity List: Why NSO Wants Off

The U.S. Entity List is what keeps NSO out of the American market. It's a blocklist maintained by the Commerce Department that effectively prevents companies on the list from doing business in the United States or with U.S. companies. For NSO, getting off this list isn't just about ideology or reputation. It's about money.

The U.S. is the world's largest technology market. American companies, investors, and capital flow through virtually every significant tech business on the planet. Being blocked from the U.S. market is a massive financial constraint. NSO has new American ownership and new American leadership, presumably because those investors see an opportunity if the company can access American markets.

Getting off the Entity List requires convincing the U.S. government that NSO has fundamentally changed. Under the Biden administration, this seemed unlikely. The administration took a hard line on spyware, adding NSO to the list in the first place and taking other actions to restrict spyware proliferation.

But the Trump administration's approach appears different. The late-December lifting of sanctions against Intellexa executives signaled that the new administration might be more permissive toward spyware makers. If those executives can get sanctions relief, why not NSO?

This context explains the timing and strategy of NSO's transparency report. The company needs to show the Trump administration that it's reformed enough to deserve another chance. The transparency report, whatever its actual content, serves that purpose. It's a signal to policymakers that NSO is trying.

Whether the Trump administration will actually remove NSO from the Entity List remains unclear as of 2025. But the company's aggressive lobbying efforts, combined with shifts in the administration's stance on spyware, suggest this is a real possibility.

Vague Promises, Absent Enforcement

The 2025 transparency report contains numerous promises about human rights commitments. NSO says it respects human rights. NSO says it has controls to ensure customers respect human rights. NSO says it cares about accountability.

But promises without enforcement mechanisms are just words. And NSO's report contains no information about how these promises are actually enforced.

For instance, the report mentions that NSO has human rights training requirements for customers. But how many customers have actually undergone this training? How is compliance monitored? What happens if a customer fails to complete it? The report doesn't say.

The report claims NSO rejects business opportunities due to human rights concerns. That's good. But how does NSO identify these concerns? What's the process? How many opportunities were rejected in 2025? The report mentions that in 2024 the company rejected more than $20 million in new business, but for 2025 there's nothing. Did the company reject more? Less? Zero? We don't know.

This gap between promise and enforcement is crucial. Any company can claim to care about human rights. Actual commitment requires mechanisms to identify violations, investigate them, and take action. NSO's report talks about commitment without describing mechanism.

Consider how a company might describe genuine enforcement: it would say something like, "We have a dedicated human rights review team that evaluates every customer before they gain access to our platform. We maintain real-time monitoring of customer behavior. We have a process for investigating potential misuse within 30 days of receiving a complaint. When we identify violations, we immediately revoke access and cooperate with law enforcement investigations."

NSO's report doesn't make claims like these. It makes broader, vaguer assertions.

Estimated data shows a significant gap between perceived and actual change in NSO's practices, highlighting the illusion of reform.

The Missing Data That Matters Most

Think about what a genuine transparency report would include. It would describe specific metrics. Customers investigated. Customers terminated. Revenue rejected. Investigations launched. Partnerships ended.

NSO's previous reports included some of these numbers, however incomplete. The company disclosed that it had terminated customers, suspended others, and rejected business. These numbers gave stakeholders at least some basis for evaluating whether the company was actually taking enforcement action.

The 2025 report's silence on these metrics is telling. Either the company conducted far fewer enforcement actions in 2025 than in previous years, or it simply doesn't want to disclose the data.

Neither option is reassuring. If enforcement actions dropped significantly, it suggests NSO is less committed to accountability. If the company just doesn't want to disclose the data, it proves that the transparency report is performative, not substantive.

John Scott-Railton's criticism zeroed in on exactly this problem: without numbers, there's no way to verify anything NSO claims. The company has a decade-long history of making claims that turned out to be false or misleading. Given that history, it's reasonable to require concrete data before accepting assurances.

The absence of data also creates what researchers call a "credibility problem." When a company makes promises without providing evidence those promises are being enforced, the company is essentially asking stakeholders to trust it. But NSO has repeatedly shown it doesn't deserve that trust. It's made false statements. Its tools have been systematically abused. Leadership changes don't erase this history.

How Spyware Makers Choose Their Customers

One of the most opaque aspects of the spyware business is how companies decide who to sell to. NSO claims it carefully vets customers to ensure they'll use the tools responsibly. But what does that vetting actually look like?

Public information on this is scarce because NSO keeps its customer list confidential. But we can infer some things from what we know about spyware sales patterns. Countries that have purchased NSO tools include several with poor human rights records. The company has sold to governments in the Middle East, North Africa, and other regions where surveillance has been used to suppress dissent.

If NSO's vetting process is as rigorous as it claims, why would it approve sales to governments with documented patterns of human rights abuse? The company would presumably have known about these patterns. They're not secret. International organizations, news outlets, and human rights groups all document them.

The most likely explanation is that NSO either doesn't investigate customers as thoroughly as it claims, or it accepts the risk of misuse because the financial incentive is strong enough. Either way, the vetting process clearly isn't preventing sales to problematic customers.

The transparency report doesn't address this fundamental question. It doesn't describe NSO's customer vetting process, the criteria used to approve or reject customers, or how NSO evaluates geopolitical and human rights risk factors. Without this information, the report can't possibly demonstrate that NSO is being selective about its customers.

Ideal transparency reports feature specific numbers, named examples, and clear processes, unlike typical corporate reports that often rely on aggregate statistics. Estimated data.

The Role of Activism and International Pressure

It's important to acknowledge that NSO hasn't been entirely unaffected by criticism. The company has made changes, though the question is whether those changes are meaningful.

International pressure, particularly from digital rights organizations, has forced NSO to make at least some concessions. The company has acknowledged having human rights policies. It's established processes for investigating misuse. It's provided some data about customer terminations in previous years.

But this pressure clearly hasn't been sufficient to force fundamental change. The company continues to sell spyware to governments with poor human rights records. The tools continue to be abused. And now, with new leadership and new ownership, the company is trying to move beyond those constraints by getting back into the American market.

The activism has achieved something, but it's a limited something. It's prevented NSO from completely ignoring accountability. But it hasn't forced the company to genuinely change how it operates or who it sells to.

Transparency Reports as Corporate Propaganda

There's a broader lesson here about how corporations use "transparency" as a tool. A transparency report should reveal information that allows independent verification of claims. But many corporate transparency reports are actually strategic documents designed to make a company look better without actually revealing much.

NSO's report is a masterclass in this approach. It makes ethical claims while providing no data to verify those claims. It promises accountability while removing the metrics that would allow outsiders to assess accountability. It signals reform while operating the same business model.

This is a pattern that repeats across industries. Tech companies claim to be transparent about AI while disclosing minimal information about how their algorithms work. Social media platforms claim to be transparent about content moderation while releasing only aggregate statistics that obscure nuance. Financial institutions claim to be transparent about risks while using accounting practices that hide risk.

The key insight is that true transparency requires specificity, granularity, and verifiability. It requires allowing outsiders to assess claims independently. NSO's report has none of these properties.

The 2025 NSO transparency report shows a significant reduction in verifiable details and the removal of customer rejection statistics, indicating a shift towards less transparency. Estimated data.

What Would Genuine Accountability Look Like?

If NSO actually wanted to demonstrate that it had changed and become a responsible company, what would it need to do?

First, it would disclose its customer list, at least to independent auditors under confidentiality agreements. Without knowing who NSO is selling to, there's no way to assess whether the company is being selective about customers or willing to work with anyone who can pay.

Second, it would establish independent oversight of its human rights practices. This could involve appointing an independent board member focused on human rights issues, or engaging a third-party organization to conduct annual audits of NSO's customer vetting and enforcement processes. The auditors would have access to NSO's internal data and would publish detailed findings.

Third, it would provide detailed metrics about customer investigations and enforcement actions. NSO would disclose how many customers were investigated, how investigations were initiated, what the findings were, and what actions were taken. This information should be provided annually and would allow observers to track whether NSO's enforcement actually improves over time.

Fourth, it would commit to not selling to countries with systematic patterns of human rights abuse. NSO could use established metrics from organizations like Human Rights Watch or Amnesty International to identify countries where surveillance is likely to be used for political repression. The company would commit to avoiding sales to those countries and would submit to independent verification of that commitment.

Fifth, it would cooperate with independent investigations into past abuses. When journalists or researchers investigate how NSO tools were used, the company would provide information and would not sue or threaten legal action against investigators.

None of these commitments appear in NSO's 2025 transparency report. The report makes vague promises without committing to any of the substantive measures that would demonstrate genuine change.

The Trump Administration's Spyware Calculus

The Trump administration's shifting stance on spyware presents a complex policy question. On one hand, there's a legitimate case that some forms of surveillance, when targeted appropriately, can serve national security purposes. On the other hand, spyware tools like Pegasus have been demonstrated to be abused systematically.

The administration's late-December decision to lift sanctions against Intellexa executives suggests it's leaning toward a more permissive stance on spyware. If that trend continues, it could result in NSO being removed from the Entity List.

But this decision would carry significant consequences. It would signal to governments around the world that the United States is comfortable with advanced surveillance tools in the hands of authoritarian or semi-authoritarian regimes. It would undermine efforts by other countries to restrict spyware proliferation. And it would likely result in increased surveillance of journalists, activists, and opposition figures in countries that purchase NSO tools.

There's no sign that the Trump administration has deeply considered these implications. The decision to lift Intellexa sanctions appears driven more by general deregulation philosophy and desire to cultivate business relationships than by careful analysis of surveillance implications.

The International Dimension

It's worth noting that NSO's problems aren't purely American. The company's tools have been abused internationally, and international response to NSO has been mixed.

European countries have expressed concern about spyware, with some lawmakers calling for restrictions on surveillance tool exports. But enforcement remains weak. Countries continue to sell spyware to problematic customers, and international coordination on restricting these tools has been limited.

The lack of international coordination creates a collective action problem. If countries restrict spyware exports unilaterally, they simply cede the market to other countries willing to sell. This dynamic encourages permissiveness and discourages restriction.

NSO's global customer base reflects this dynamic. The company has been able to maintain sales to dozens of countries despite widespread documentation of abuse. The lack of coordinated international pressure has enabled this.

Looking Forward: What Happens Next

The trajectory ahead for NSO depends on several factors. The company's fate in the American market hinges on whether the Trump administration decides to remove it from the Entity List. A removal would dramatically change NSO's prospects, opening access to U.S. capital, talent, and potential customers (law enforcement agencies, federal contractors, etc.).

But even if NSO gains access to the American market, the underlying challenges facing the spyware industry remain. Tools that can remotely access all data on a smartphone are incredibly powerful and incredibly dangerous. They're almost impossible to use responsibly when deployed broadly, and they're essentially impossible to monitor to ensure misuse isn't occurring.

This creates a fundamental tension: NSO can make whatever promises it wants, and it can change whatever leadership or policies it wants, but the technology itself creates incentives for abuse. Governments that can spy on opposition figures will be tempted to do so. That temptation exists regardless of NSO's stated commitments.

The transparency report, in this context, is less about whether NSO has actually changed and more about whether the company can convince policymakers that it's changed enough to deserve another chance. Whether that gambit succeeds remains to be seen.

The Broader Context: Spyware and the Future of Surveillance

NSO's situation reflects larger trends in surveillance technology and policy. As governments recognize the power of advanced surveillance tools, more actors are seeking access to those tools. The proliferation of spyware, and the repeated documented abuse of these tools, creates a fundamental challenge for democratic societies.

Democracies have an interest in restricting spyware proliferation. These tools are powerful enough to undermine democratic processes, free speech, and privacy rights. Yet democracies also have security interests that create incentives to maintain or develop their own surveillance capabilities.

This dynamic has created a situation where countries simultaneously claim to support restrictions on spyware while maintaining or developing spyware of their own. The result is gridlock, with spyware continuing to proliferate and be abused while international efforts to restrict it remain ineffectual.

NSO's case is a microcosm of this larger problem. The company claims to be responsible while continuing to sell tools that have been systematically abused. The transparency report is a manifestation of the disconnect between claims and reality.

The Credibility Question

Ultimately, the central issue with NSO's transparency report is credibility. Can you believe what NSO claims?

The company has a documented history of making false statements, of tools being abused despite promised controls, and of refusing to cooperate with independent investigations. Given this history, the burden of proof is on NSO to provide concrete evidence that things have changed.

The 2025 transparency report doesn't meet this burden. It makes promises without providing evidence those promises are being enforced. It removes previously disclosed metrics that would allow verification of claims. It presents leadership changes as if changing the executive team fundamentally alters a company's business model.

None of this suggests NSO has genuinely changed. It suggests NSO is trying to manage its image for the benefit of a new government administration.

FAQ

What is NSO Group and why is it controversial?

NSO Group is an Israeli spyware developer best known for creating Pegasus, a sophisticated mobile surveillance tool capable of remotely accessing and monitoring everything on a target smartphone. The company became deeply controversial after the Pegasus Project, a collaborative international journalism investigation, revealed that NSO's tools had been systematically abused to target journalists, activists, opposition politicians, and human rights defenders in dozens of countries. The company has been widely criticized for selling spyware to authoritarian and semi-authoritarian governments despite knowing the tools would likely be used for political surveillance and repression.

Why is NSO trying to enter the U.S. market?

NSO wants access to the U.S. market because the United States is the world's largest technology and capital market. Being blocked from the American market by the Entity List significantly limits the company's revenue potential and access to investor capital. New American ownership and leadership suggest that current investors see substantial profit potential if NSO can convince the U.S. government to remove it from the Entity List, opening doors to American law enforcement sales and other domestic opportunities.

What does the Entity List do and why was NSO placed on it?

The U.S. Entity List is a Commerce Department blocklist that prevents companies from accessing American technology exports, investments, and business relationships. NSO was added to the Entity List during the Biden administration due to documented evidence that the company's spyware tools were being abused to target American citizens and to facilitate human rights abuses globally. The Entity List effectively restricts NSO from doing business in the United States and significantly impacts its international operations.

What information is missing from NSO's 2025 transparency report?

The 2025 transparency report notably lacks specific metrics about customer enforcement actions that appeared in previous reports. Missing data includes the number of customers investigated, rejected, suspended, or terminated; the total number of active NSO customers; the revenue impact of enforcement actions; details about investigation processes and timelines; and specific cases of customer misuse. These metrics were previously disclosed and their absence makes it impossible for independent observers to verify NSO's accountability claims.

How has NSO's spyware been abused in the past?

Documented abuses of NSO's Pegasus spyware are extensive and varied. The tool has been used to target journalists investigating corruption, such as the murder of Saudi journalist Jamal Khashoggi; activists fighting for human rights in authoritarian countries; opposition politicians challenging sitting governments; and human rights defenders documenting government abuses. The Pegasus Project alone documented over 50,000 phone numbers that had been targeted by NSO's tools, and investigations have shown the spyware was used in dozens of countries by government agencies for political surveillance and repression.

Why do digital rights organizations distrust NSO's transparency promises?

Digital rights organizations distrust NSO's transparency promises because the company has repeatedly demonstrated a pattern of making claims that proved to be false or misleading. The organization has claimed it didn't know about misuse when evidence suggests awareness, made assurances about customer vetting that didn't prevent sales to problematic governments, and in some cases actively misrepresented how its tools were being used. Additionally, the company has a financial incentive to sell spyware regardless of misuse risk, and has shown willingness to work with authoritarian governments despite knowledge that surveillance would target dissidents.

What would genuine accountability from NSO look like?

Genuine accountability would require NSO to disclose its customer list to independent auditors; establish independent oversight of human rights practices; provide detailed annual metrics about customer investigations and enforcement actions; commit to refusing sales to countries with systematic human rights abuse patterns; and cooperate with independent investigations into past misuse. Additionally, the company would need to submit to third-party audits of its vetting processes, demonstrate that enforcement mechanisms actually prevent misuse, and show a track record of improving accountability metrics over time. None of these measures appear in NSO's current transparency report.

How does the Trump administration's stance on spyware differ from the Biden administration?

The Biden administration took a restrictive approach to spyware, adding NSO to the Entity List and supporting international efforts to limit spyware proliferation. The Trump administration has signaled a more permissive stance, as evidenced by lifting sanctions against Intellexa executives in late December 2024. This shift suggests the current administration may be more willing to grant NSO access to U.S. markets if the company can make credible claims about reform, though no official decision on removing NSO from the Entity List has been announced.

Can companies become genuinely reformed or is spyware inherently problematic?

This is a complex question. Some argue that any spyware tool is inherently problematic because the capability is too powerful and the incentives for abuse are too strong. Others contend that legitimate surveillance needs exist and that regulation rather than prohibition is the appropriate response. The core challenge is that spyware that can remotely access all data on a smartphone creates what security researchers call a "surveillance singularity"—once government has the capability, the temptation to abuse it for political purposes becomes almost irresistible, regardless of official policy.

Conclusion: The Illusion of Change

NSO's 2025 transparency report represents something familiar in modern corporate reputation management: the illusion of accountability without actual accountability. The company has changed its leadership, updated its rhetoric, and released a document that sounds promising. But beneath the surface, little has fundamentally changed.

The company still sells spyware to governments with poor human rights records. Its tools are still being used to surveil journalists, activists, and opposition figures. And now the company is trying to convince the Trump administration that it's reformed enough to deserve access to American markets.

What makes this situation frustrating for digital rights advocates is that NSO hasn't made a compelling case that anything is different. The transparency report actually contains less verifiable information than previous years. The promised human rights commitments lack enforcement mechanisms. The leadership changes, while dramatic, don't address the fundamental business model that incentivizes selling to questionable customers.

The real question ahead is whether policymakers will recognize the limits of NSO's transparency performance. Will they require actual, verifiable evidence of reform before granting market access? Or will they accept the company's promises at face value?

Given the Trump administration's willingness to lift sanctions on Intellexa executives, there's reason to worry that policymakers may opt for the latter. They may accept NSO's reform narrative without insisting on the hard evidence that would make that narrative credible.

If that happens, it will signal something important: that in Washington's current political climate, corporations can rehabilitate their image through leadership changes and strategic rhetoric without fundamentally changing their business practices. It will mean that NSO's sophisticated surveillance tools will become available to American law enforcement and possibly to international customers with access to U.S. capital. And it will mean that the documented pattern of spyware abuse will likely continue, now with the implicit approval of the U.S. government.

The stakes are significant not just for NSO, but for digital rights globally. A decision to grant NSO access to American markets would represent a failure of accountability and would signal that spyware proliferation is acceptable as long as it's profitable. For journalists, activists, and ordinary people living under surveillance in countries where NSO tools are deployed, that decision would have real consequences.

NSO's transparency report, whatever its rhetorical flourishes, doesn't change these fundamental facts. It's a document designed to make a problematic company look better, not a document that demonstrates the company has actually become better. Digital rights organizations, security researchers, and concerned policymakers are right to be skeptical.

The company that made false claims in the past now makes promises about the future. Without concrete evidence, those promises should be treated with the skepticism they deserve.

Key Takeaways

• NSO's 2025 transparency report contains fewer verifiable metrics than previous years, removing customer rejection and enforcement data that would allow independent verification
• Leadership changes and new rhetoric serve as corporate reputation management theater rather than evidence of genuine operational change
• The company's documented history of misrepresentation creates a credibility problem that vague promises cannot overcome without concrete evidence
• NSO's transparency push coincides with intensified lobbying to get removed from the U.S. Entity List and gain access to American markets and capital
• Digital rights organizations argue NSO is repeating a familiar pattern: cosmetic changes followed by continued systematic abuses of surveillance tools

Related Articles

• WhatsApp Security Features: Complete Privacy Guide [2025]
• Iran's Internet Collapse: What Happened and Why It Matters [2025]
• US Withdraws From Internet Freedom Bodies: What It Means [2025]
• ESET Antivirus Holiday Discount 2025: Save Up to 33% [Complete Guide]
• Scattered Lapsus$ Hunters Caught in Honeypot: Inside the Bust [2025]
• Jaguar Land Rover's 43% Sales Collapse After Cyberattack [2025]