Predator spyware was used to target a journalist and press freedom advocate in Angola in 2024. Similarly, in July 2025, a prominent dissenting voice, activist, and politician in Kenya had his phone searched in custody, exposing his entire network.
This is what surveillance looks like now.
Surveillance is not new, but the way it is happening is changing, and AI is contributing to that shift.
What is actually changing?
Most conversations about agentic AI focus on productivity, particularly tools that can write, plan, schedule, and execute tasks with minimal input. However, these same capabilities can be redirected to collect information and act on it.
A system pointed at a civil society organisation could map relationships by pulling from social media, email metadata, and contact lists. It could identify the most connected individuals and tailor attacks to them without a human guiding each step. The underlying capabilities already exist; what is changing is how easily they can be combined and deployed.
Recent data from the Stanford AI Index shows how quickly these systems are evolving.
It already feels closer than it should
For many working in civil society, surveillance has always been part of the landscape. What feels different now is the consistency and scale at which it operates.
Phone extractions, social media monitoring, facial recognition, and spyware are increasingly used together, often in automated ways. Investigations by Amnesty International’s Security Lab continue to show how commercial spyware is deployed against journalists and activists, frequently without any visible trace.
In some environments, people already assume they are being watched. This assumption affects behaviour, influencing what is said, what is withheld, and, in some cases, whether people choose to speak at all. As systems become less dependent on active human monitoring, this pressure becomes easier to sustain and harder to detect.
Where the real risk sits
Most organisations have adopted tools that make their work easier, including cloud platforms, AI assistants, and remote collaboration software. While this shift is necessary, it also means that sensitive work now moves through systems that many teams have not fully examined.
An interview may be uploaded for transcription, a report drafted using an AI assistant, and documents shared across multiple platforms and jurisdictions. Everything functions as expected, yet that is precisely where the risk lies. Questions around data processing, storage, retention, and access are often overlooked. Who processes this data? Where is it stored? What happens after the session ends? These are practical questions that need clear answers.
In practice, this risk often concentrates in a single place.
For many people, the phone serves as the central repository of their work and relationships, holding contacts, conversations, strategy, and institutional memory.
When a device is compromised, entire networks can be exposed within minutes, including sources, partners, and funders. What previously required time and manual effort can now unfold much faster. With agentic systems, a single compromised device can trigger automated mapping, profiling, and targeting across a network, often before any indication that something is wrong.
Organisations need to begin with a clear understanding of their exposure. This means identifying who may be interested in their work, the type of data they hold, and the tools they rely on daily.
Mobile security should be treated as a priority before any incident occurs. This includes the use of encrypted messaging, regular software updates, and having the capability to remotely wipe devices if necessary. Security practices should also be considered collectively, as vulnerabilities in one part of a network can affect others.
It is equally important to assess the tools being used. Popularity does not necessarily equate to suitability for high-risk environments. The EFF’s Surveillance Self Defense guide provides practical steps that organisations can adopt immediately.
The question most teams are not asking
For many organisations, the risk is already embedded in their operating environment. AI does not create this risk from scratch, but it significantly alters the speed, scale, and subtlety with which it can manifest. The more pressing issue is whether organisations are operating with this reality in mind.
Clarity is often the most difficult step, particularly for teams that are already stretched. As a result, digital security is frequently deprioritised.
However, security needs to be integrated into daily operations rather than treated as a one-time intervention. Building this capacity requires both awareness and ongoing support.
To help organisations take that first step, we have developed a free AI Use Checklist for Civil Society Organisations, a practical resource designed to support the responsible adoption and governance of AI tools. The checklist covers key considerations including organisational policy, data governance, security risks, human oversight, and common red flags to watch for. Whether your organisation is just beginning to explore AI or is already using AI-powered tools, this checklist provides a useful starting point for assessing and managing risk. Download the checklist here.
At Resilience Technologies, we work with civil society organisations to understand their exposure and embed practical, sustainable security measures into their operations. If your organisation is currently navigating digital security or surveillance risks, we’re available to continue the conversation at info@rtafrica.org.