Surveillance software "made in Germany" for Turkish authorities? Public Prosecutor’s Office charges FinFisher executives

Turkey – Surveillance – FinSpy

Turkish police can surveil cell phones with a few clicks, thanks to FinSpy software “made in Germany.” In March 2022, FinFisher, the manufacturer of the spyware, had to file for bankruptcy following a criminal complaint by the Gesellschaft für Freiheitsrechte (GFF), Reporters Without Borders (RSF Germany), the blog and ECCHR. In May 2023, the Munich Public Prosecutor’s Office brought charges against four managers of the corporate group.


Since July 2019, the Public Prosecutor’s Office has investigated the conglomerate FinFisher, to which FinFisher Labs and Elaman also belong. Already in October 2020, the Public Prosecutor’s Office authorized the search of FinFisher offices in Germany and Romania. The Public Prosecutor’s Office announced that it has seized the accounts of the companies. FinFisher subsequently had to cease its business activities and filed for insolvency in March 2022. In May 2023, the Public Prosecutor’s Office files charges against four managers of the FinFisher corporate group. It accuses them of intentionally violating licensing requirements for dual-use goods by selling surveillance software to non-EU countries as the managing directors of limited liability companies of the FinFisher Group at the time, and thus of having made themselves liable to criminal prosecution.

FinFisher allegedly sold FinSpy to the Turkish government without the authorization of the German federal government. The consequences of the use of surveillance software by repressive states are clearly visible in cases concerning Syria or Bahrain: digital surveillance is often followed by imprisonment and torture. Yet, software companies tend to deny any responsibility for their role in human rights violations.

When FinSpy malware infiltrates a cell phone, it assumes complete control of the device. The individuals whose cell phones are monitored using FinSpy can be located at any time, while their telephone conversations and chats can be recorded, and all data from their devices harvested. FinSpy first appeared in Turkey in the summer of 2017 on a fake version of a campaign website for the Turkish opposition. The software was disguised as a downloadable app recommended to participants in anti-government demonstrations. This likely facilitated the surveillance of a large number of political activists and journalists.

The alleged illegal export of surveillance software to the Turkish government is particularly concerning given the repression of journalists and oppositional voices in Turkey. After a failed coup attempt in June 2016 by factions within the Turkish military, more than 50,000 people were arrested, nearly 140,000 people were fired from their jobs, and hundreds of media organizations were shut down.


In order to prevent the sale of surveillance technology to repressive regimes in such countries as Turkey, Syria and Bahrain, Europe-wide licensing requirements were established in 2015 for exports to countries outside the EU. Nonetheless, updated versions of FinSpy Trojan software continue to surface in Turkey, Egypt and Myanmar.

The violation of these licensing requirements is a prosecutable crime. However, in reality, most companies are able to operate globally without interference, as the current legal situation in Germany and Europe has rendered effective criminal prosecution nearly impossible. Despite this success in the case of FinFisher, the law is still in need of urgent changes. A broad alliance of organizations working to protect human rights and freedom of the press has been campaigning for years for a moratorium on the sale, transfer and use of surveillance technology. The law will remain applicable until an appropriate legally valid global framework has been created.

ECCHR has been working on FinFisher since 2013. At that time, ECCHR, together with RSF, Privacy International, Bahrain Center for Human Rights (BCHR) and Bahrain Watch (BW), filed OECD complaints against Munich-based Trovicor GmbH and the British-German Gamma Group, to which FinFisher belonged.


FinSpy: Police use German spyware © FinFisher marketing video
FinSpy: Police use German spyware © FinFisher marketing video

Unfortunately, this media is unavailable due to your cookie settings. Please visit our Privacy Policy page to adjust your preferences.


Topics (2)


Shrinking spaces and authoritarianism

Whenever states and corporations stifle critical voices and crackdown on political dissent – whether in the streets, on social media, or in the courtroom – they shrink civic space necessary for a democratic society based on human rights to thrive.

Overly broad “counter-terrorism” frameworks, digital surveillance targeting journalists and activists, or the increasing criminalization of solidarity with refugees are only some examples of how civil society is targeted increasingly all over the world. Such authoritarian policies and practices occur in democracies and dictatorships alike.

In the last decade, worldwide intersectional emergencies such as the climate crisis, rising far-right populism and the pandemic have posed collective challenges that impact everyone, even if unequally, no matter where in the world we live. However, civil society is constantly resisting to (re)claim its space. 

ECCHR’s work is only possible through in collaboration and solidarity with civil society actors around the globe. Many of our partners – be it in Mexico, The Gambia or Italy – face varying degrees and types of pressure, restrictions and even physical attacks, intended to repress their activities, expression and ability to organize. The Shrinking spaces and authoritarianism project hopes to support them in efforts to cope, resist, and innovate new ways to strengthen progressive civic power. Through legal and discursive interventions, ECCHR will draw attention not only to how civil society space is under attack in different contexts, but also to how it is being defended and by whom.


Discover our Living Open Archive