Today I am providing my English translation of an article by Margherita Furlan, originally in Italian and published on AntiMafiaDuemila.com (link broken1) on Wednesday 29th April 2026. This is the third part of a series of articles - the first one was translated here and the second here. (All formatting original, footnotes mine).

None of what has been described so far – the arrival of [Elon] Musk with his satellites, of [Peter] Thiel with his surveillance software, of [Larry] Fink with his capital – would have been possible without a precedent. Someone, before them, had already broken new ground and established the principle that the national security of a G7 country could be entrusted to foreign entities without Parliament discussing it, without the public being informed, and without the head of national cybersecurity himself agreeing to it. That someone is the State of Israel. And the breach was opened in March 2023.

To understand what happened, we need to reconstruct the sequence with the precision of a report, because the facts speak for themselves.

On 6th March 2023, Roberto Baldoni resigned from his post as head of the [Italian] National Cybersecurity Agency. He is not just any official. Baldoni was deputy director-general of Italian intelligence, a lecturer in computer science at La Sapienza University, and since 2021 had built the first national cybersecurity structure from scratch, helping to draft the 2022–2026 National Strategy that was intended to provide Italy with an autonomous digital defence capability. He is the man who, more than anyone else in the Italian institutions, understands the vulnerabilities of the country’s IT system and the risks of entrusting its protection to external parties. His resignation is officially attributed to “deteriorating relations with the Undersecretary to the Prime Minister, Alfredo Mantovano”, who is responsible for the secret services. Baldoni is replaced by Prefect Bruno Frattasi, a more reassuring figure for Palazzo Chigi2, less technical and more institutional.

Two days later, on 8th March 2023, Israeli Prime Minister Benjamin Netanyahu lands in Rome. It is the first meeting between the heads of government of the two countries in nine years. Meloni and Netanyahu hold a joint press conference in which they announce their intention to take “a significant leap forward in cooperation between Italy and Israel”. Netanyahu says he is ready to “strengthen technological and economic relations”. The Minister for Economic Development Adolfo Urso states: “Israel is a technological superpower; Italy is a major industrial power. We are aware that our full cooperation can have a positive effect”. Among the key topics of the meeting: cybersecurity and artificial intelligence. The details of the agreements have not been made public. Meloni announced an intergovernmental summit, the first since 2013, to be held “as soon as possible” in Israel.

The coincidence between the resignation of the head of national cybersecurity and the signing, two days later, of strategic agreements with Israel in the same sector has not been the subject of any parliamentary inquiry. It was not discussed in the Defence Committee, nor at COPASIR3, nor in the Chamber [of Deputies]. The newspapers treated them as two separate news items. But the facts, when lined up, tell a different story: the man who had built the architecture of Italian cybersecurity leaves at the very moment the government decides to entrust parts of that architecture to a foreign partner.

There are no public documents confirming a comprehensive outsourcing of cybersecurity to Israel. But the legislative and operational trajectory of the following two years makes the sequence of events in March 2023 not a coincidence, but a turning point.

What happened after March 2023 is perhaps even more serious than the initial sequence of events, because it took place in the open, through legislative channels, with almost no one protesting.

The first step was the cybersecurity bill. In its initial version, the text restricted the scope of suppliers of sensitive technologies to European Union and NATO countries. It was a logical choice: if cybersecurity is a matter of sovereignty, the technologies that guarantee it must come from allies bound by the same treaties and subject to the same rules. But during the approval process, in June 2024, an amendment changed the scope to include Israeli companies as well. Israel is not a member of NATO and is not a member of the European Union. It is an ally, certainly, but a country whose security and intelligence apparatus operates under its own rules, not subject to the oversight of European institutions. The amendment was passed without a public debate commensurate with its scope.

The second step was the Prime Minister’s decree of 30th April 2025, published in the Official Gazette on 5th May [2025]. This decree regulates contracts for IT goods and services intended to safeguard strategic national interests and national security. It also introduces a bonus mechanism: companies that purchase cybersecurity technologies from Israel, alongside Australia, South Korea, Japan, New Zealand and Switzerland, receive eight extra points in public tenders. Eight points may seem like a technical detail, but in public tenders they are often the difference between winning and losing. In practice, the decree creates a structural incentive for Italian public administrations to choose Israeli suppliers over European or Italian competitors. Digital sovereignty, which Baldoni had sought to build, is being dismantled through regulation.

The result is widespread penetration. Several special units of the police, Italian public prosecutors’ offices and intelligence services now rely on Israeli platforms for functions that touch the very heart of democratic life: the management of investigative data, telephone and environmental interception, biometric recognition, and digital forensics. This is not a matter of buying an antivirus or a firewall, but of entrusting to a foreign supplier the tools with which the State investigates its own citizens, intercepts suspects’ communications and identifies faces on surveillance cameras. These are the most intimate and sensitive functions of the exercise of sovereignty. And they are in the hands of software written in Tel Aviv.

Thiel’s own Palantir has followed the same path, starting with healthcare and moving into defence. In 2023, Palantir signed a partnership with the Policlinico Gemelli in Rome, one of Italy’s leading hospitals. This is a model already seen in the UK, where Palantir entered the National Health Service during the Covid-19 emergency and then extended its presence to defence and the police. First, I offer a service in a non-controversial sector such as healthcare, where resistance is lower. Then, once inside the system, I propose extending it to sensitive sectors. The foot in the door.

But the most serious case, the one that should have triggered a government crisis in any functioning democracy, is the Paragon Solutions scandal.

Paragon is an Israeli company founded by former Prime Minister Ehud Barak and veterans of Unit 8200, the electronic intelligence unit of the Israeli armed forces, the very same breeding ground that produced NSO Group (maker of the Pegasus spyware), Cellebrite and Cognyte. Paragon has developed a surveillance system called Graphite. This is no ordinary software. It is a military-grade tool that infiltrates smartphones via the WhatsApp messaging app without the victim having to click anything, open an attachment or take any action whatsoever. The phone is infected silently and invisibly.

Once Graphite is inside the device, the operator controlling the tool has total access: they can read all messages, including those on encrypted apps such as Signal and Telegram, which millions of people use precisely because they believe their conversations are protected. They can access photos, videos, the contact list and real-time location data. They can activate the phone’s microphone and turn it into a room bug, listening in on conversations taking place in the room. They can activate the camera and see whatever the phone is seeing. In short: whoever controls Graphite controls the life of the person being monitored.

The Italian government purchased this tool. And it used it not to investigate terrorists or criminals, as stipulated in the contract terms, but to monitor Italian journalists and activists. When the news emerged, Paragon itself immediately terminated the contract with the Italian government, accusing it of having breached the terms of service and the agreed ethical framework. Paragon states that it sells its products exclusively to democratic governments and only for investigations into terrorism and serious crime. Spying on journalists and activists was not among the permitted activities. The Parliamentary Committee for the Security of the Republic, COPASIR, confirmed the use of Israeli technologies by the Italian intelligence services. The contract with Paragon was definitively terminated in June 2025, following months of media pressure.

A government that describes itself as sovereigntist purchased a military espionage tool from a foreign country and used it against its own journalists and activists. The foreign company that sold it deemed the use so improper that it terminated the contract on its own initiative. Parliament was not informed in advance. The public found out about it from the press. But the Paragon case is merely the tip of the iceberg of a much more extensive and structural system of dependence on Israeli surveillance technologies.

What remains, after all this? What remains is a principle, which is the true legacy of March 2023, and which explains everything that has come since. The principle is this: Italian national security can be outsourced to a foreign partner without Parliament discussing it in depth, without there being a public debate commensurate with what is at stake, and without the technical lead who built the security system having to agree.

Once this principle has been established with Israel, the entry of Silicon Valley is no longer a break with the past: it is an extension. If it has been accepted that the wiretaps of Italian prosecutors run on Israeli platforms, on what legal or moral basis can one refuse to allow the encrypted communications of embassies to pass through American satellites? If an Israeli company has been allowed to install its surveillance tools on the phones of Italian citizens, on what principle can Palantir be prevented from analysing DIGOS4 data? The breach opened by Israel is the breach through which Musk, Thiel and Fink have entered. Not in the sense of a coordinated conspiracy, but in the simplest and most serious sense: once a country has relinquished a piece of its digital sovereignty, every subsequent relinquishment becomes easier, more natural, harder to challenge.

As [Italian newspaper] La Fionda5 wrote in an analysis that deserves to be read in full: “Israel exports not only products, but an operational culture: the idea that security, surveillance, innovation and the market are parts of the same architecture of power. Italy has imported that model in its entirety, without the ability to control it from within”. And the Israeli model did not spring from nowhere: it is the product of an early fusion between the State apparatus, research, venture capital, the military-industrial complex and intelligence that has transformed cybersecurity into a tool for strategic projection. For latecomers, such as Italy, the Israeli ecosystem appeared not merely as a technology market, but as a shortcut to make up for a lag that they had lacked the political courage to bridge with a coherent national strategy. It is a shortcut to dependency.

The connection between the Israeli ecosystem and Thiel’s world is not mere speculation: it is documented and traceable. The former Austrian chancellor Sebastian Kurz provides an illuminating case study. As head of government, Kurz negotiated with Palantir to purchase its products. Following his resignation, he was hired by Thiel Capital, Peter Thiel’s personal investment firm. Today, Kurz co-founds companies with the former CEO of NSO Group, the Israeli firm that produced the Pegasus spyware system – the very same system used to surveil journalists, activists and heads of State around the world, from [French] President [Emmanuel] Macron to the editor of the Washington Post. Thiel himself hired the son of the CEO of Axel Springer (the German publishing giant that owns Bild, Welt and Politico Europe) as his chief of staff.

The European Parliament, in its inquiry into cyber espionage, described this chain of relationships as “an indirect but alarming connection between the cyber espionage industry, Thiel and his company Palantir”. This is not a criminal charge: it is a political observation. The Israeli surveillance industry and the American data analytics industry are not separate worlds. They are two sides of the same coin: the first collects data by hacking into devices, the second analyses it and turns it into operational decisions. Whoever owns both sides owns the complete cycle of control. And the Italian government, with its classified defence contracts, with Israeli platforms in the public prosecutor’s offices, with the Paragon scandal and with Palantir’s proposal to the police, is handing both over to external parties.

When the Swiss army refused to use Palantir for fear that data of national importance might fall into the hands of American intelligence, Switzerland made a choice. Italy has made another. The difference does not lie in technological expertise. It lies in the awareness of what is being handed over. Or perhaps, more simply, in the will to know.

End of part three – to be continued [see here]

Copyrighted images have been used for non-commercial purposes and fall within the scope of fair use.

Share GeoPolitiQ