Skip to main content
Geopolitics & DefenseNational Security

ICE Taps Graphite Spyware for Operations

Laptop screen on a desk with scattered documents and a notebook in a nondescript room with natural light.

ICE has admitted that it uses spyware from the Israeli company Graphite.

ICE’s admission: a single, direct fact

The source presents one clear assertion: the U.S. Immigration and Customs Enforcement agency has acknowledged using spyware supplied by Graphite. The claim is concise and unqualified in the reporting — it does not elaborate on scope, duration, contract terms, targets, or technical details. What remains unmistakable in the record provided is the pairing of actor (ICE) and product supplier (Graphite).

Graphite, named and identified as Israeli

The only vendor named in the source is Graphite, identified as an Israeli company. The source does not supply further corporate background, product names, versions, stated capabilities, or public comments from Graphite. The report confines itself to the single point that ICE uses spyware from that company.

Questions the admission raises for oversight and public accountability

An explicit admission of use between a federal agency and an identified vendor naturally prompts further questions about procurement, oversight, and the legal authorities that governed the relationship. The source does not supply those answers; it limits the public record to the admitted fact. The admission itself, however, is the factual hinge on which additional oversight or inquiry could be built, since it establishes both an agency actor and a named supplier in a technology category described as spyware.

How ICE, Graphite, and the public are implicated

  • ICE: The agency’s acknowledgement places it at the center of any follow-up about why the software was acquired, how it was authorized, and how use was overseen. The source confirms only that ICE uses Graphite’s spyware; it does not include ICE’s explanation or contextual statements.
  • Graphite: As the named supplier and an Israeli company, Graphite becomes the focal point for external questions about contracts, export controls, or corporate disclosures. The source identifies the company but does not include any response or clarification from Graphite itself.
  • The public: For members of the public and civil-society actors, the single admission furnishes a factual basis for seeking documents, briefings, or oversight hearings. The report supplies the core fact but not the ancillary records that would answer who was affected, in what contexts, or under what legal authorizations.

Conclusion

The record provided is compact and unambiguous: ICE has admitted to using spyware from the Israeli company Graphite. Beyond that single line, the source offers no further corroboration, technical detail, timeline, or comment from either ICE or Graphite. The admission itself creates a clear factual starting point for any subsequent reporting, oversight inquiry, or public discussion — but those next steps would require evidence and documents not present in the report cited here.

https://www.schneier.com/blog/archives/2026/04/ice-uses-graphite-spyware.html