US removes spyware-linked executives from sanctions list, stoking debate on cybersecurity oversight

US removes spyware-linked executives from sanctions list, stoking debate on cybersecurity oversight is profiled by BTW Media because published evidence links it to internet infrastructure, governance, operational dependencies, or market visibility.

• The US Treasury has delisted three executives formerly sanctioned over alleged ties to the Intellexa spyware consortium after they petitioned for reconsideration
• The move partially unwinds sanctions imposed under the previous administration, raising questions about accountability and the effectiveness of spyware controls

What happened: Sanctions lifted after petitions

The United States Treasury Department has removed three individuals from its sanctions list who were previously targeted for alleged links to the controversial Intellexa spyware consortium. The decision, announced on 30 December 2025, affects Sara Hamou, Andrea Gambazzi and Merom Harpaz, all once sanctioned under the Biden administration for their roles connected to Intellexa.

The sanctions were initially imposed after concerns that Intellexa’s flagship tool, the Predator spyware, had been used in politically sensitive operations. These included alleged surveillance of journalists and opposition figures in Greece, as well as reported attempts by the Vietnamese government to target US lawmakers in 2023.

In its notice, the Treasury said the removal was “part of the normal administrative process in response to a petition request for reconsideration”, noting that the individuals had shown they had separated themselves from the Intellexa consortium. Intellexa itself, and its founder Tal Dilian, remain under sanctions, and Dilian has denied wrongdoing in the Greek case.

None of the three delisted executives immediately responded to requests for comment. The Treasury’s reversal does not affect other sanctions linked to Intellexa, but it does signal a shift from the prior administration’s broader stance against entities associated with commercial spyware proliferation.

Also Read: Meta widens Llama AI access to US allies
Also Read: Singapore issues first digital enforcement directive to Meta amid surge in impersonation scams

Why it’s important

The removal of these sanctions touches on major debates about how governments regulate emerging spyware technologies and hold individuals accountable. Commercial spyware like Predator has drawn global concern for being sold to regimes with poor human rights records and used for invasive surveillance. Efforts to curb such tools have been a key part of digital rights advocacy and national security strategies.

Critics might argue that delisting individuals on administrative grounds, even after they demonstrate separation from controversial groups, could weaken deterrence. If sanctions can be reversed through petitions without clear public criteria, this may reduce the leverage such measures are intended to exert over questionable actors. Transparency advocates stress that sanctions should not only punish but also deter future misuse of potent surveillance tools.

Moreover, spyware and surveillance technology regulation remains a thorny global issue. There is growing scrutiny of how commercial spyware firms operate across borders, who they sell to, and the real-world consequences of their software. The shift in US policy may prompt discussions among allies and human rights organisations about aligning standards for accountability and ensuring that cybersecurity measures do not inadvertently protect those previously linked to harmful activities.

As governments grapple with the rapid evolution of cyber tools, balancing national security, individual rights, and due administrative process will remain a challenging policy issue. The decision to lift sanctions in this case could set precedents affecting future actions against cybersecurity threats and those who develop or distribute intrusive technologies.