European surveillance technology firms are under fire for allegedly exporting spyware and intrusion tools to nations with questionable human rights records, according to a recent report by **Human Rights Watch**. The advocacy group claims the **European Commission** has not adequately enforced updated export regulations implemented in 2021. These rules were designed to curb the practice of selling surveillance technology to countries known for human rights violations. **European Union** Based Vendors According to the report, companies in Bulgaria, Poland, Finland, Denmark, Estonia, and the Czech Republic have collectively sold surveillance technology to over two dozen nations with a history of human rights violations. **Human Rights Watch** based its findings on trade documents obtained through freedom of information requests. France, Greece, Spain, Germany, and Italy, all known exporters of surveillance tech, reportedly refused to share relevant trade records or ignored the organization's requests. The spyware and surveillance tech market is booming in the **European Union**, with a majority of member states hosting at least one vendor. A 2024 **Google Threat Analysis Group** report highlighted that all but two of the companies named in their analysis of the commercial surveillance industry are based in the **EU**. Regulatory Shortcomings "Despite a regulatory framework designed in part to prevent abuses, the **EU** currently is doing too little to prevent sales and transfers from its member states to governments with a track record of using such technologies for crackdowns on dissent and other serious rights violations,” the report stated. The **EU**'s 2021 update to export rules expanded the definition of surveillance technology, mandated human rights considerations for customer countries, and created a reporting regime for export tracking. The **European Commission** is scheduled to evaluate these rules in September and must strengthen due diligence and transparency requirements. Commission's Response A spokesperson for the **European Commission** stated that it "attaches great importance to cyber-surveillance items, which is why the **EU** has significantly strengthened export controls for such items, stipulating that they cannot leave the **EU** territory without an export authorisation (or license) issued by the competent authority of the member states.” The statement emphasized that member states are ultimately responsible for deciding which surveillance tech to export. Specific Cases The **Human Rights Watch** report did not name the firms exporting tech to human rights-abusing countries. However, Bulgaria was identified as a top exporter, with companies selling to over twenty countries, including the United Arab Emirates and Azerbaijan. Poland was found to have permitted the sale of phone call interception systems to Rwanda. "Increasing government use of commercial spyware and other types of surveillance technology poses a significant threat to human rights worldwide," the report concludes. "The **European Union**, whose member states are home to many of the companies that develop and export such technologies worldwide, is part of the problem." [](https://www.recordedfuture.com/?utm_source=therecord&utm_medium=ad)