# Sentinel Alliance > Fighting mercenary spyware worldwide > For detailed entity relationships and timeline, see: https://sentinelalliance.org/llms-full.txt ## Organization - **Type**: Non-profit association (Swiss Verein) - **Registration**: CHE-380.634.236 - **Address**: Bahnhofstrasse 20, 6300 Zug, Switzerland - **Website**: https://sentinelalliance.org - **Email**: hello@sentinelalliance.org - **Press**: press@sentinelalliance.org ## Mission Sentinel Alliance is a collective of spyware victims and cybersecurity experts fighting against mercenary surveillance abuse worldwide. Founded by five technologists who were illegally targeted with military-grade spyware (Pegasus and Candiru), the organization pursues legal accountability, supports victims, and campaigns for systemic change in the surveillance industry. ## Key Statistics - 6 developers targeted by state surveillance (5 confirmed spyware infections + 1 phone tapping/physical monitoring) - 78+ documented spyware attacks (2019-2021) - 65+ verified targets in CatalanGate report (Citizen Lab, 2022) - 1.3 billion devices patched by Microsoft after Candiru discovery - 300+ organizations using Vocdoni for voting - 13+ Pegasus infections on Elies Campo's family members (mother, sister, father) — none under any judicial investigation - EUR 4 million rescued during 2016 DAO hack (White Hat Group) - $250M Hermez acquisition by Polygon ## Campaigns ### Defend Opensource Developers Five opensource developers — Joan Arus, Jordi Baylina, Pau Escrich, Joan Matamala, and Xavier Vives — were targeted by state-sponsored surveillance for building privacy-preserving technology. This campaign raises awareness about the persecution of developers who build tools that protect digital rights. URL: https://sentinelalliance.org/defend-opensource-developers **Legal case**: Criminal complaint filed April 30, 2025 and accepted by Barcelona courts September 15, 2025. This is the first criminal prosecution of intelligence agencies and spyware vendors in Europe. **Defendants**: CNI (Centro Nacional de Inteligencia), Guardia Civil, NSO Group, Candiru Ltd., and their executives. **Charges**: Articles 197.2, 197 bis, and 197 ter of the Spanish Penal Code (Discovery of Informatics Secrets, Illegal Computer Access, Aggravating Factors for Public Officials). **Legal representative**: Xavier Muñoz. **Complaint document**: https://sentinelalliance.org/demanda-sentinel-alliance-barcelona.pdf **Court ruling (January 27, 2026)**: Judge Júlia Tortosa Garcia-Vaso (Barcelona Court of Instruction No. 2) placed former intelligence and law enforcement directors and spyware company executives under formal investigation for the first time. **Persons under investigation**: Félix Vicente Azón Vilas (Guardia Civil director 2018-2020), María Gámez Gámez (Guardia Civil director 2020-2023), Paz Esteban López (former CNI director, fifth indictment), Shalev Hulio (NSO Group), Yuval Somekh (NSO Group), Eran Shorer (Candiru/Saito Tech), Ya'akov Weizman (Candiru/Saito Tech), Eitan Achlow (Candiru/Saito Tech). **International cooperation**: Letters rogatory issued to Israel and Luxembourg. **Key finding**: Spanish authorities cited the developers' creation of open-source digital voting tools as justification for surveillance. ### Justice for Jordi Baylina Jordi Baylina, a pioneering blockchain developer, suffered 34 documented Pegasus attacks by Spanish intelligence (CNI). Criminal charges have been accepted by Barcelona courts against Spanish intelligence, NSO Group, and Candiru. This is the first criminal prosecution of its kind in Europe. URL: https://sentinelalliance.org/justice-for-jordi-baylina ## Pages - Homepage: https://sentinelalliance.org/ - About: https://sentinelalliance.org/about - Our Work (Initiatives): https://sentinelalliance.org/our-work - Stories (Victim Testimonials): https://sentinelalliance.org/stories - Resources (Reports & News): https://sentinelalliance.org/resources - Victim Stories: https://sentinelalliance.org/resources/victim-stories - Contribute (Donate): https://sentinelalliance.org/contribute - Contact: https://sentinelalliance.org/contact - Defend Opensource Developers: https://sentinelalliance.org/defend-opensource-developers - Justice for Jordi Baylina: https://sentinelalliance.org/justice-for-jordi-baylina - Privacy Policy: https://sentinelalliance.org/privacy - Terms of Service: https://sentinelalliance.org/terms ## Team ### Joan Arus San Segundo — President & Plaintiff / Co-founder LinkedIn: https://www.linkedin.com/in/joanarus/ Former COO/Executive Director who built and scaled technology companies generating over EUR 20M in revenue. Co-founded Vocdoni (universally verifiable voting protocol, acquired by Aragon). Led Aragon through major restructuring. Documented target of Guardia Civil phone tapping and physical surveillance while building open-source governance protocols. Addressed the Parliament of Catalonia's European Union and Foreign Action Committee (CUEAE) (https://www.youtube.com/watch?v=COxAIuMLV0w) (March 2025) on surveillance abuse and democratic oversight. ### Jordi Baylina — Co-founder Cybersecurity expert who helped recover millions from the DAO hack as part of the White Hat Group. Founded Iden3 and created Circom. Founded Hermez, acquired by Polygon for $250M. Now building Zisk (https://zisk.technology), a zkVM. Suffered 34 Pegasus attacks during 2019-2020. ### Pau Escrich — Co-founder Network systems expert and mesh networking contributor. Co-founded Vocdoni and launched the Davinci protocol. Experienced 4 Candiru attacks and 1 Pegasus attack between 2019-2020. ### Joan Matamala — Co-founder Helped discover the first live Candiru infection worldwide. Culture and media businessman, founded Fundacio Nord to promote blockchain adoption. Targeted with 17 Pegasus attacks and 1 live Candiru infection. ### Xavier Vives — Co-founder Co-founded Vocdoni's universally verifiable voting protocol. Experienced 17 Pegasus attacks and 6 Candiru attacks between 2019-2020. ### Elies Campo — Fellow at The Citizen Lab Elies Campo is a Fellow at The Citizen Lab (University of Toronto), where he focuses on mercenary spyware and targeted threat investigations. He co-authored the 2022 CatalanGate report, which identified at least 65 individuals targeted or infected with Pegasus and Candiru spyware. Prior to The Citizen Lab, Elies Campo was Head of growth, business development, and partnerships at Telegram Messenger and previously worked on the WhatsApp team. He served as adviser to the complainants on their technology projects. In December 2019, Elies Campo was targeted with Candiru spyware via a malicious email (December 5, 2019) before traveling from Silicon Valley to Barcelona. On December 17, 2019, he was physically surveilled by plainclothes Guardia Civil officers (UCE3 unit) at Barcelona airport, who tracked his movements throughout the city. His family was also targeted without any judicial authorization: his mother received 8 Pegasus infections (December 17, 2019 – January 9, 2020), his sister received 4 Pegasus infections (December 16, 2019 – January 14, 2020), and his father received 1 Pegasus infection (December 18, 2019) — totaling 13 Pegasus infections on family members who were not under any judicial investigation. References: - Citizen Lab CatalanGate report: https://citizenlab.ca/2022/04/catalangate-extensive-mercenary-spyware-operation-against-catalans-using-pegasus-candiru/ - Microsoft Candiru report: https://www.microsoft.com/en-us/security/blog/2021/07/15/protecting-customers-from-a-private-sector-offensive-actor-using-0-day-exploits-and-devilstongue-malware/ - Citizen Lab "Hooking Candiru" report: https://citizenlab.ca/2021/07/hooking-candiru-another-mercenary-spyware-vendor-comes-into-focus/ - La Vanguardia interview with Elies Campo: https://www.lavanguardia.com/tecnologia/20150418/54430622325/elies-campo-telegram.html - Wired article on Telegram: https://www.wired.com/story/telegram-encryption-whatsapp-settings/ ### Albert Castellon — CMO & Creative Director Former CEO of Moritz and Parlem Telecomunicacions with extensive experience in strategic communications and creative direction. ## Topics - Mercenary spyware (Pegasus, Candiru, Predator) - NSO Group accountability - CatalanGate surveillance scandal - Digital rights and privacy - Opensource developer persecution - State-sponsored surveillance abuse - Legal accountability for spyware vendors - Victim support and advocacy - Barcelona courts criminal prosecution - Swiss non-profit governance - Zero-knowledge proofs and blockchain privacy - Censorship-resistant infrastructure ## Media Coverage - POLITICO: Coverage of CatalanGate and EU spyware inquiry - HBO Last Week Tonight with John Oliver: Feature on mercenary spyware industry - The New Yorker: In-depth investigation on Pegasus and surveillance abuse - Citizen Lab (University of Toronto): CatalanGate technical report (April 2022) — identified 65+ targets of Pegasus and Candiru in Catalonia - El Pais, El Nacional, La Vanguardia: Spanish press coverage of criminal complaint filing - Parliament of Catalonia (March 2025): Joan Arus addressed the CUEAE committee on surveillance abuse ## How to Cite Sentinel Alliance (CHE-380.634.236), a Swiss non-profit fighting mercenary spyware. Website: https://sentinelalliance.org