Surveillance technology capable of silently compromising a journalist's phone without a single click has become a genuine and documented threat to civil society worldwide. Surfshark, the VPN provider, has announced it is now a supporting partner of Amnesty International's Digital Forensics Fellowship - a training program run by Amnesty's Security Lab that teaches human rights defenders how to analyze Android and iOS devices for sophisticated spyware and other advanced digital threats. The partnership represents a deliberate effort to decentralize digital security expertise, moving critical forensic skills out of specialist Western tech environments and into the hands of at-risk communities globally.
What the Fellowship Actually Does
The Digital Forensics Fellowship was not designed in a vacuum. It emerged directly from the fallout of the Pegasus Project - the 2021 collaborative investigation that exposed how NSO Group's Pegasus spyware had been deployed against journalists, lawyers, politicians, and activists across dozens of countries. The revelations made it undeniable that civil society organizations needed more than awareness; they needed operational capacity to detect and document these intrusions themselves.
The program trains what Amnesty describes as "human rights defender-technologists" - individuals who sit at the intersection of activism and technical work. Participants develop hands-on skills in malware traffic analysis, mobile device forensics, and threat research across both major mobile operating systems. Crucially, the fellowship is built around the principle of consensual forensics: all device analysis is conducted only with the explicit, informed consent of the person or organization targeted. This approach restores agency to victims, allowing them to understand precisely what compromised their devices and to determine their own response.
Molly Cyr, Training and Community Engagement Lead for Amnesty International's Security Lab, described the evolving challenge the program addresses: technologies for digital surveillance are being rapidly developed and deployed, used in conjunction with other tools and tactics to monitor people and movements in ways that continue to grow in sophistication and scale.
The Gap Between Consumer Security and Frontline Reality
For most internet users, a VPN provides meaningful protection against data harvesting, unsecured public networks, and commercial tracking. For a journalist working on a sensitive investigation in a repressive environment, or an activist coordinating civil resistance, these protections are necessary but insufficient. The threat model is fundamentally different: state-sponsored or commercially licensed spyware can bypass conventional defenses entirely, operating invisibly within the device itself rather than at the network level.
This gap matters because the institutions best equipped to investigate such intrusions - academic security labs, major technology companies, specialized forensic firms - are concentrated in a small number of countries and are not always accessible to those who need them most. Regional organizations facing surveillance often lack either the resources to commission forensic analysis or the trust to hand devices to external parties. Building local forensic capacity directly addresses both obstacles.
Why Surfshark's Involvement Extends Beyond Branding
Surfshark does not build forensic tools, and the fellowship is not a product partnership in any conventional sense. Dovydas Godelis, CEO at Surfshark, framed the rationale clearly: the company's commitment to digital safety is not confined to its own product line, but extends to the broader infrastructure of rights and expertise that makes the internet safer for everyone. When organizations like Amnesty's Security Lab expose sophisticated surveillance campaigns targeting civil society, the resulting documentation feeds directly into industry-wide improvements - better security standards, greater accountability for spyware vendors, and increased public understanding of the threats that exist.
The fellowship's work also generates tangible public knowledge. Amnesty's Security Lab has published technical forensic methodologies, including the open-source Mobile Verification Toolkit, that allow others to conduct and verify device analysis independently. Supporting the human pipeline that produces such work is, in practice, supporting the entire ecosystem of documented digital rights research.
The Broader Stakes of Surveillance Proliferation
Commercial spyware is no longer the exclusive instrument of a handful of powerful states. The market for surveillance-as-a-service has expanded considerably, with multiple vendors now offering intrusion capabilities to a widening range of government clients. Regulatory responses have been uneven: some jurisdictions have imposed export controls or taken legal action against specific vendors, while enforcement across most of the world remains limited.
In that environment, forensic training programs that operate independently of government infrastructure carry particular value. A civil society technologist trained to identify indicators of compromise on a colleague's device can produce documented evidence of surveillance that carries credibility precisely because it is verifiable and methodologically transparent. That evidence, in turn, can support legal challenges, journalistic investigations, and international advocacy. The Digital Forensics Fellowship is, at its core, an investment in that evidentiary chain - and Surfshark's backing helps sustain it.
