TL;DR:
- Greece convicts 4 Intellexa executives in Predatorgate. 126-year sentences for wiretapping journalist and opposition leader. First real accountability for commercial spyware abuse.
- DHS oversight hearing Monday. Secretary Noem faces Senate Judiciary on March 3. PenLink surveillance briefing deadline March 5.
- Kochava settles with FTC. Location data broker must block tracking near abortion clinics, schools, and shelters for two years. No more selling raw location data.
- Colorado surveillance bills advance. ALPR warrant requirement heads to Appropriations. $2 million price tag may be the last hurdle.
- FISA 702: 50 days until sunset. SAFE Act reintroduction expected as countdown intensifies.
Greek Court Hands Down Landmark Spyware Sentences
An Athens court sentenced four people connected to spyware maker Intellexa to 126 years in prison each on February 26. The charges: illegally wiretapping a journalist and opposition party leader using Predator spyware.
The convicted include Tal Dilian, a former Israeli intelligence officer who founded Intellexa; Sara Hamou, his business partner; Felix Bitzios, a former Intellexa deputy administrator; and Yiannis Lavranos, owner of Kriel, the company that allegedly procured Predator for Greek intelligence [1].
The "Predatorgate" scandal broke in March 2022 when journalist Thanasis Koukakis discovered his phone had been infected with Predator. Four months later, opposition leader Nikos Androulakis found the same spyware on his device while he was serving as a Member of European Parliament [2].
The sentences are suspended pending appeal, but the verdict matters anyway. This is the first time anyone has faced real legal consequences for commercial spyware abuse. Not executives at NSO Group. Not Pegasus operators. Not the governments that buy these tools.
A prosecutor is now requesting further investigation into espionage and possible collaboration with foreign intelligence services. The Greek government has consistently denied any involvement [3].
Why it matters: Spyware vendors have operated with near-total impunity. They sell surveillance tools to governments that use them against journalists, activists, and political opponents. The Predatorgate verdict proves these cases can be prosecuted. Whether other countries follow remains to be seen.
Sources: [1] Amnesty International, [2] Al Jazeera, [3] Balkan Insight
Related: Treasury Lifts Predator Spyware Sanctions, Intellexa Predator Leaks
DHS Oversight Hearing Set for Monday
Secretary Kristi Noem will testify before the Senate Judiciary Committee on March 3 at 9:00 AM. Expect questions about ICE surveillance spending, Mobile Fortify facial recognition, and the department's expanding data collection [4].
Meanwhile, House Democrats set a March 5 deadline for DHS to provide a briefing on PenLink surveillance tools. The letter, led by Rep. Shontel Brown, demands answers about ICE's acquisition of location-tracking technology that can monitor phones across entire neighborhoods [5].
Brown's letter asks four pointed questions: What's the legal justification for warrantless mass surveillance? How will the data be stored and disposed? Who gets access? And what monitoring exists for abuse?
Whether DHS responds by the deadline could determine how quickly this escalates. The department hasn't commented publicly on the PenLink contract.
Sources: [4] Senate Judiciary Committee, [5] Rep. Shontel Brown
Kochava FTC Settlement Limits Location Tracking
Data broker Kochava reached a settlement with the FTC after a three-year legal battle, according to filings in Idaho federal court from February 27 [6].
The FTC sued Kochava in August 2022 for selling geolocation data that could track people to abortion clinics, places of worship, domestic violence shelters, and addiction treatment facilities. The agency argued this data could identify individuals and expose sensitive health decisions [7].
Under the settlement, Kochava must implement a "privacy block" for at least two years preventing the sharing of raw location data tied to healthcare facilities, schools, jails, and other sensitive venues. The company also can't directly profit from selling raw location data anymore [8].
It's a meaningful restriction, but Kochava isn't alone in this business. Dozens of data brokers sell similar location information. The settlement creates precedent, but enforcement across the industry remains spotty.
Sources: [6] MLex, [7] FTC Press Release, [8] The Record
Full coverage: Kochava FTC Settlement Details
Colorado Surveillance Bills Head to Appropriations
Colorado's bipartisan ALPR warrant bill cleared the Senate Judiciary Committee 5-2 on February 24. Now it faces the Appropriations Committee, where its $2 million price tag could be the final obstacle [9].
Senate Bill 26-070 requires police to get a warrant before searching Flock Safety camera databases for license plate data older than 72 hours. The companion bill, SB 26-071, would require warrants for facial recognition searches and set statewide standards for drone footage retention [10].
Flock currently operates in 75 Colorado communities, recording millions of license plates daily. The bill's sponsors argue that warrantless searches through this data violate Fourth Amendment protections against unreasonable search and seizure.
The $2 million cost estimate comes primarily from courts handling additional warrant requests. Law enforcement groups have pushed back hard, arguing the restrictions will hamper criminal investigations.
Sources: [9] Denverite, [10] Colorado Newsline
Full coverage: Colorado Takes Aim at License Plate Surveillance
FISA 702: 50 Days Until Sunset
Section 702 of FISA expires April 20. Fifty days. The administration wants a clean extension with no reforms. Civil liberties groups and some lawmakers want warrant requirements before the government can search Americans' communications [11].
Senators Durbin and Lee reintroduced the SAFE Act, which would require warrants for content searches but not for running queries. The compromise reflects months of negotiation between privacy hawks and national security advocates [12].
But the White House has shown little interest in compromise. A closed-door meeting last week reportedly "erupted in frustration" when administration officials pushed back against any warrant requirement [13].
The debate has taken on new urgency with ICE using Section 702-derived intelligence for immigration enforcement. What was pitched as a foreign surveillance program now touches domestic policy.
Sources: [11] Brookings, [12] Senate Judiciary, [13] EPIC
Quick Hits
- HIPAA deadline today. Healthcare providers must report all data breaches from 2025 affecting fewer than 500 people to HHS by March 1 [14]. HIPAA Journal
- EFF book tour kicks off. Cindy Cohn's "Privacy's Defender" hits shelves March 10. Her memoir covers 30 years fighting NSA surveillance, FBI gag orders, and the Crypto Wars [15]. EFF
- Conduent lawsuits pile up. 10+ federal class actions filed over the 26 million person breach. Credit monitoring enrollment deadline: March 31 [16]. TechCrunch
What to Watch
Monday, March 3: DHS Secretary Noem testifies before Senate Judiciary. Watch for questions about Mobile Fortify, PenLink, and ICE surveillance spending.
Wednesday, March 5: House deadline for DHS briefing on PenLink surveillance tools. Silence could trigger escalation.
Coming up: SAFE Act markup expected. Colorado ALPR bill heads to Appropriations. Conduent class action consolidation proceedings.
Last updated: March 1, 2026