Toppling Netanyahu, strengthening the right

With elections approaching, Arab parties are once again needed for the numbers but kept at arm’s length, with Mansour Abbas navigating between the two camps.

A Cradle Correspondent

Everyone in Israel wants to get rid of Benjamin Netanyahu, each for their own reasons. What appears to be a unifying objective, however, may prove to be the opposition’s greatest vulnerability.

The anti-Netanyahu camp is neither politically nor ideologically cohesive. Its only real point of convergence is the desire to end his rule. With elections approaching in September, that convergence risks becoming a trap – one that could reshape alliances in ways that outlast the vote itself. 

Knesset member Mansour Abbas, head of the United Arab List (Ra’am), increasingly sits at the center of that dynamic.

After Al-Aqsa Flood: Shrinking political space

Since Operation Al-Aqsa Flood, Israeli society has shifted further toward the right. In this environment, cooperation between Jewish parties and Arab parties is no longer treated as a tactical option but as a political liability.

Despite this, both Netanyahu and his opponents continue to rely on Arab votes. The contradiction is now more exposed than ever, with Arab parties needed numerically, yet rejected politically.

Far-right Finance Minister Bezalel Smotrich captured this mood when he argued that including Arab parties in government would be worse than the failure to prevent the Hamas-led operation on 7 October 2023. His position reflects a wider consensus that cuts across both coalition and opposition lines.

Former prime minister Naftali Bennett has repeatedly ruled out any partnership with Arab parties, calling instead for a purely Zionist government. By contrast, Yair Golan of the left-leaning Democrats has suggested reaching an understanding with Abbas as a way to remove Netanyahu. The gap between these positions illustrates the limits of opposition coordination.

The limits of Arab unity

Faced with this reality, Arab political leaders have sought to rebuild a joint electoral front. Ahmad Tibi (Ta’al), Yousef Jabareen (Hadash), and Sami Abu Shehadeh (Balad) have all pushed for a unified list that could consolidate votes and counter rising extremism.

Yet the challenge runs deeper than organization. There is no stable or effective framework for Arab political action within Israel.

Even the prospect of a joint list – potentially capable of winning around 15 seats – generates unease among Israeli parties. Writing in Ynet, Nebo Cohen argued that such a result would leave both major blocs increasingly dependent on Arab parties to assemble a governing majority.

Numbers and their consequences

A recent Maariv poll places Netanyahu’s bloc at around 50 seats, with the opposition at 60 and Arab parties holding the remainder. Neither camp can reach a governing majority on its own, leaving Arab votes unavoidable even as both sides try to keep them at arm’s length.

A unified Arab list reshapes that balance. Higher Arab turnout would come at the expense of left-leaning Jewish parties, while at the same time driving right-wing voters to consolidate in response. The result is a tightening of the political field rather than a clear shift in either direction.

Kingmaker

In this setting, Mansour Abbas has adopted a distinctly pragmatic approach. His initial condition for joining a joint list was that it remain technical – an electoral arrangement without binding political commitments. He later shifted, calling for a clearer agenda and guarantees that any government his party joins would not be brought down by its partners.

The shift reflects a careful reading of the system. Abbas’s party, rooted in the southern branch of Israel's Islamic Movement, a movement often associated with the Muslim Brotherhood tradition, is positioning itself along the lines of the ultra-Orthodox parties. Not as a fixed ideological ally, but as a flexible actor trading support for concessions.

Those concessions are usually limited to budget allocations for Arab communities. The leverage behind them, however, is not. In a fragmented Knesset, even a small bloc can decide whether a government survives.

That approach is shaped by recent experience. In 2021, Abbas helped bring down Netanyahu by backing the Bennett–Lapid coalition, becoming the first Arab party leader to support a governing alliance in Israel. The move earned him the label of “kingmaker,” while also accelerating the breakup of the Joint List.

Since then, he has kept all options open. Participation in government is not treated as a red line, but as a tool used when it delivers results.

Parallel tracks, incomplete agreements

Today, Hadash, Balad, and Ta’al are moving ahead with plans for a joint list, even without Abbas. At the same time, Abbas appears to be positioning himself closer to the opposition, potentially offering parliamentary support without formal participation in government. This allows him to retain maneuverability while negotiations remain unresolved.

For the opposition, the calculation is equally cautious. It seeks Abbas’s votes but avoids firm commitments that could alienate its base. The political cost of visible cooperation with Arab parties has risen sharply, particularly in the post-Al-Aqsa Flood climate.

Abbas’s choices are not shaped solely by domestic considerations. External factors – regional relationships and political signaling – also play a role.

He has previously acknowledged that foreign actors encouraged him to continue coalition talks with Netanyahu after the 2021 elections. 

Qatar’s indirect relationship with Netanyahu has long been debated in Israeli political circles, particularly over the transfer of Qatari funds into Gaza before Operation Al-Aqsa Flood. Abbas referred to this relationship in the same interview, attributing it to what he described as Netanyahu’s relatively accommodating approach toward Hamas. Against this backdrop, and amid debate over the so-called “Qatargate” affair, regional considerations could still shape Abbas’s decisions – both on cooperation with other Arab parties and Ra’am’s position in the next Knesset.

Netanyahu, for his part, has moved to complicate Abbas’s position. Recent efforts by his allies to challenge Ra’am’s eligibility to run in elections point to a strategy aimed at weakening or sidelining him altogether.

The experience of the Joint List in 2019 and 2020 continues to shape current debates. On both occasions, its representatives recommended that Benny Gantz form a government in an effort to remove Netanyahu. The outcome – a unity government between Gantz and Netanyahu – left many voters disillusioned.

That precedent has reinforced skepticism toward tactical alliances that promise change but deliver continuity.

Diverging strategies within Arab politics

The contrast between Abbas and other Arab leaders is increasingly pronounced. Abbas presents a clear, transactional approach, trading support for tangible gains, mainly budget allocations for Arab localities.

Other parties remain more hesitant, caught between the urge to see Netanyahu go and the risk of legitimizing another right-wing government. The result is a fragmented approach that reflects the same divisions shaping Israeli politics more broadly.

The most likely electoral scenario is that Arab parties will run in two separate lists: a tripartite alliance and Ra’am. Recent polling places Abbas at around four seats, while projections for a unified Hadash–Balad–Ta’al list hover around five to seven.

In this configuration, Netanyahu would still fall well short of a governing majority, as neither Arab list alone would provide the 11 seats he would need to reach 61. The opposition, by contrast, could potentially rely on Abbas’s four seats to secure a majority. That dynamic increases Abbas’s leverage. His smaller bloc becomes decisive not because of its size, but because of the margins involved. 

The cost of change

For many Palestinian citizens of Israel, Netanyahu’s legacy is defined by war, violence, and dispossession. The desire to see him removed cuts across political lines.

Yet the question remains unresolved: what comes after?

Removing Netanyahu does not automatically alter the structural direction of Israeli politics. The risk is that Arab parties could end up enabling a different right-wing government – one that continues similar policies with less intensity but greater political flexibility.

The dilemma, then, is not only about who governs, but about the terms on which that governance is formed. In a system where margins are narrow and alliances unstable, the price of change may extend beyond the moment of transition.

Digital kill chain: Starlink anonymity compromised

The same technology marketed as a lifeline during conflict may be exposing users to surveillance, profiling, and targeting.

Jamal Meselmani

The Cradle 

Users who turn to Starlink believing it grants anonymity may be stepping into a far more dangerous trap. An Israeli investigation suggests that satellite internet users can be detected, located, and linked to real identities within minutes. 

This is not necessarily by hacking Starlink or breaking its encryption, but by exploiting the commercial data economy that follows every phone, app, and advertising ID.

In West Asia, and especially in Lebanon, the danger is immediate. Starlink users may believe they are slipping past broken infrastructure, censorship, or wartime shutdowns. 

Instead, they may be handing Israeli and US intelligence-linked systems the very data needed to identify, map, and target them – from journalists and doctors to bank employees, refugees, fighters, aid workers, and civilians in border villages.

On 12 May 2026, Haaretz revealed that two Israeli-linked companies had developed systems capable of locating Starlink terminals worldwide and linking many of them to identifiable users without intercepting communications or breaking Starlink's encryption.

The first company, TargetTeam, is based in Cyprus and managed by engineers with Israeli intelligence backgrounds. It developed a system called Stargetz, which, according to marketing material reviewed by the newspaper, can monitor nearly one million Starlink terminals worldwide and identify about 200,000 of them by linking the terminals to specific individuals.

The second company, Rayzone, was founded in Israel, and its sales are subject to oversight by the Israeli Ministry of Defense. It offers similar capabilities as part of a wider intelligence package.

The Haaretz investigation makes clear that the intelligence trade no longer needs to crack open a communication channel when it can map everything surrounding it. Interception has given way to inference: who connected, from where, through which device, at what time, and alongside which other digital traces. 

For states like Lebanon, that shift tears through the old assumptions on which digital sovereignty was supposed to rest.

Governments should no longer ask only what adversaries can steal from their networks. The more urgent question is what those adversaries can infer about citizens from digital infrastructures that present themselves as commercial, neutral, and detached from war.

From interception to inference

For decades, signals intelligence (SIGINT) in satellite communications rested on the single structural assumption that every satellite eventually connects to the ground through a gateway, and every gateway sits inside a national jurisdiction.

On that basis, intelligence agencies installed interception equipment at the terrestrial points where satellite beams met national telecommunications infrastructure. Starsky, the system sold by the Israeli company Verint to India in 2016, represented the peak of that doctrine: an interception platform physically installed at the ground gateways of traditional satellite communications operators.

Starlink effectively ended that doctrine. With SpaceX deploying more than 8,000 satellites in low Earth orbit, and with ground gateways distributed in locations selected by the company outside the states being targeted, physical interception has become, as the investigation describes it, “physically impossible” from a signal-engineering perspective.

A state that wants to spy on Starlink users on its own territory has no physical-layer interception option. This applies to China, Russia, and Iran as much as it does to smaller states.

But the death of interception did not create an intelligence vacuum. It produced a qualitative shift toward what can be called multi-source inference – a model that does not try to access the content of communications, but instead maps the full context around them.

In addition to the message, the target is now the user: where he is, what device he uses, which app he opens, when he connects, and how he relates to other users. This changes the definition of an intelligence target and reshapes the economy of the intelligence industry itself.

The ad auction where coordinates are sold

The operational model exposed by Stargetz deserves technical unpacking because it reflects a new logic that will likely be reproduced in other tools. The system operates across three layers.

The first layer is the digital advertising exchange, the hidden infrastructure where real-time auctions take place whenever a user opens an app or website. This market is worth tens of billions of dollars annually and runs on bidstream data – a constant stream of offers containing user identifiers, geographic coordinates, and device characteristics.

According to the Israeli financial outlet Globes, Rayzone established two Israeli subsidiaries – Impulse Programmatic and Oxylon – that connect advertisers with ad exchanges, giving the company a commercial foothold inside the same advertising markets from which Advertising Intelligence (ADINT) systems draw their data.

The second layer is the unified advertising identifiers assigned by Apple and Google to every smartphone: IDFA and AAID. These identifiers were originally created to serve advertisers by linking user activity across different apps to one stable ID.

When these identifiers are combined with geolocation data collected by apps in the background, every movement of a user becomes readable inside a continuous timeline.

The third and most important layer is data fusion.

A system such as Stargetz does not invent a new way to access a Starlink terminal. It links the internet terminal – known through its connection address and network signatures – to the phones that connect through it, which are known through their advertising identifiers and locations.

The time–space correlation between the two is enough to attribute identity. When the same advertising ID appears on other networks outside Starlink, the full user profile begins to take shape: movements, relationships, and patterns of use.

According to the investigation, TargetTeam presented a live demonstration in Vienna showing an interactive map updated every six minutes. The map displayed Starlink terminals from West Asia to the Arabian Peninsula, the Persian Gulf, the Arabian Sea, and the Bay of Bengal.

Among the examples presented was a Starlink account opened with a Mexican phone number, operated from Pakistan, whose owner traveled regularly to Iran. The “target” was identified in less than a single demonstration session.

One salesperson quoted in the investigation said: “The ship may hide itself, but its crew still needs porn and TikTok.”

ADINT and the Israeli intelligence market

The importance of this investigation extends well beyond Starlink. It exposes the maturity of an entire industry known as ADINT.

This industry was examined in a 2023 investigation by Globes, which identified several Israeli firms active in the field, most prominently Rayzone, founded by Yohai Bar Zakay Hassidof, a former deputy commander in Israeli military intelligence Unit 8200. Other companies include Bsightful in Herzliya, in which Cognyte – the former defense arm of Verint – has invested.

The main US competitor is Virginia-based Venntel, which was investigated by a US congressional committee at the initiative of Senator Elizabeth Warren over contracts with the Department of Homeland Security and the FBI.

From an export-control perspective, the Haaretz investigation reveals that the Israeli Ministry of Defense, through the Defense Export Controls Agency (DECA), supervises Rayzone sales in the same way it supervises weapons sales.

That places the product inside the Israeli regulatory category of a dual-use weapon. Any sale requires sovereign approval.

In other words, these are not merely commercial firms selling a controversial civilian product. They are part of a regulated export system that serves Tel Aviv’s foreign policy objectives.

When this is read alongside the 3 May Haaretz report that Israeli companies, including Rayzone, exploited Swiss telecommunications networks and the old SS7 protocol to track users worldwide by impersonating telecom operators, it becomes clear that this is not an isolated product, but an integrated operational doctrine marketed as a service to states.

The geopolitical implications of this industry must be read through the framework of the “gray zone,” the term developed by US strategists to describe operations that sit below the threshold of conventional war but above ordinary competition.

ADINT technologies produce operational intelligence effects equal to, and sometimes greater than, costly traditional espionage operations. They do so with almost no political cost and without leaving a legal attribution trail.

This explains why these tools have become preferred instruments in asymmetric conflicts between technologically advanced states and institutionally weak states.

The digital kill chain

The danger becomes clearer when ADINT technologies are read as one link in a longer chain.

The Business and Human Rights Centre has collected reports alleging that US firm Palantir Technologies provides data analytics tools used by Israel in AI-assisted targeting operations in Gaza, placing the company inside what military doctrine calls the digital kill chain – the process through which raw data is converted into a targeting decision.

Subsequent press investigations revealed that Microsoft and OpenAI provided AI tools and cloud services used in automated targeting operations in Gaza and Lebanon.

Inside this wider structure, Stargetz and similar systems occupy a foundational position – target identification.

The next layer is analysis and aggregation, handled by platforms such as Palantir. Then comes verification through other intelligence sources, followed by the targeting decision.

In traditional operations, this sequence could take hours or days. In the current Israeli model, it has been reduced to minutes.

A 2024 investigation by +972 Magazine and Local Call revealed that Israeli military intelligence used an AI system known as Lavender to generate vast lists of Palestinians marked for assassination in Gaza, accelerating target production to a scale unthinkable in earlier wars.

All these systems rest on the same assumption. The targeted society has been turned into a data structure that can be read in real time.

Lebanon’s loss of digital sovereignty

Seen in this light, Lebanon’s decisions on Starlink carry implications very different from how they were presented domestically. 

On 11 September 2025, the Lebanese cabinet issued Decision No. 5, granting Starlink Lebanon a license to operate in the country after years of documented security objections from the parliamentary Media and Telecommunications Committee, as well as security and digital-rights experts.

The decision theoretically required the creation of a “security control center” in Qatar, giving Lebanese security agencies a level of access to the monitoring architecture of the service.

On 5 March 2026, Decision No. 11 amended the earlier decision and introduced a shift that deserves close scrutiny. 

According to documentation from SMEX, a digital-rights organization covering West Asia and North Africa, the amended decision allows Starlink to operate before the Qatar-based security oversight center is operational, shifts responsibility for security-agency approvals to the telecommunications minister, and strips away the earlier safeguard requiring Lebanese security access to the oversight infrastructure.

From a national security perspective, this creates three structural breaches.

First, there is no sovereignty over data. Lebanon has no national point from which it can see what happens in the deeper layers of the system, and no national management of encryption keys.

This means data generated by Starlink use in Lebanon is not subject to Lebanese jurisdiction. It is theoretically and legally exposed to the US CLOUD Act, which allows US authorities to request data from companies under US jurisdiction regardless of where that data is stored.

Second, exposure is asymmetric. In the current war with Israel, there is no symmetry between the Lebanese user’s understanding of the service and the adversary’s ability to exploit it.

The Haaretz investigation documents that at least one adversary possesses ready-made commercial tools to exploit the identity layer linked to the service, while Lebanon does not even possess a basic analytical structure to read the threat.

Third, the institutional handling of the risk is ethically indefensible.

When decisions to authorize such a service are taken without a public national debate and without public reports from security agencies, the end user – a bank employee, a hospital doctor, a village journalist, a refugee in a camp – is forced to carry risks he neither consented to nor was informed about.

A tool designed to bypass the failure of national infrastructure has become an infrastructure through which identities can be compromised. In Lebanon, the service becomes a point of compounded exposure because the host state lacks the sovereign tools needed to manage the risk.

What Lebanon must do

This case carries political consequences beyond Lebanon. It concerns every fragile state receiving offers of satellite communications services in the middle of a regional conflict. These consequences can be summarized across three levels.

At the legislative level, Lebanon and similar states need a modern data-protection framework that classifies sensitive information nationally and forces any foreign service provider to disclose the legal architecture governing its data.

The European General Data Protection Regulation (GDPR) cannot simply be copied into Arab contexts. But its core principles – informed consent, the right to know, and the right to deletion – must form a baseline.

At the operational level, the state needs to build a national technical capacity, even if modest, to monitor cyber threats and analyze digital fingerprints.

This does not mean building an Israeli-style electronic intelligence agency. It means establishing a minimum attribution capability, allowing the state to understand what is happening inside its own digital space.

Here, the experiences of states such as Estonia and Singapore, which built cyber capabilities on limited budgets through academic partnerships, offer useful models.

At the strategic level, Beirut needs a fundamental review of its licensing doctrine for foreign digital services during war.

Simply put, the general rule of national security is that technology developed by adversarial intelligence services, or emerging from their ecosystem, requires additional scrutiny.

This is not a call to reject Starlink or similar services outright. It is a call to subject licensing decisions to a comprehensive review that addresses the deeper layers of risk, not only the surface-level utility.

When intelligence speaks the language of advertising

US political scientist Ian Bremmer, president of Eurasia Group, describes the contemporary international system as “technopolar,” meaning that major technology companies possess computing power and research budgets that place them on a level comparable to entire states.

The Haaretz piece adds another layer to this framework. Major technology companies are not the only actors. Small, specialized firms operating in the gray zone between markets and intelligence can also reshape informational power between states.

These firms do not need the budget of a national intelligence agency. They need access to open advertising markets, engineers trained in intelligence units, and export approval from a sponsoring Defense Ministry.

The new intelligence trade no longer needs to break the signal when the advertising market already sells the trail.

The old intelligence model depended on interception. The new one thrives on inference. It does not need to seize the message when it can reconstruct the person around it.

That shift moves the battlefield from state networks to civilian behavior, with private firms supplying states the tools to read, rank, and expose individual lives.

Fragile states that license satellite communications services without sovereign oversight are opening digital spaces to adversaries and turning citizens into coordinates on maps drawn elsewhere.

Perhaps the biggest take from the Israeli investigation is that Tel Aviv may now know more about the digital terrain of Beirut, Damascus, and Baghdad than those capitals know themselves.

That is where any serious debate on digital sovereignty in the region must begin.