Negg Group S.r.l. is an Italian private sector offensive actor (PSOA), a commercial Android surveillance vendor based in Rome, Italy, operationally significant primarily for its development of the Skygofree Android surveillance platform. The platform was canonically disclosed by Kaspersky in January 2018 and subsequently attributed to Negg Group operations through Italian investigative journalism. The cluster operates within the broader Italian commercial surveillance vendor ecosystem.

Skygofree's operational distinctiveness in the commercial Android surveillance vendor market is the geofence-triggered audio recording capability, Skygofree could be configured to activate microphone recording automatically when the target device entered specific geographic locations, operationally distinguishing the platform from continuous- activation surveillance approaches and providing operational advantages for targeted intelligence collection at specific locations (target home addresses, target workplace locations, target travel itinerary venues). The geofence-triggered capability is one of the operationally-distinctive technical features documented in commercial Android surveillance products and was operationally innovative at the time of Kaspersky's January 2018 disclosure. Negg Group operates within the broader Italian commercial surveillance vendor ecosystem alongside RCS Lab (the former Hacking Team successor entity, curated at hacking_team_memento_labs.yaml), Cy4Gate (curated at cy4gate.yaml), and the operationally dissolved eSurv (curated at esurv.yaml).

The Italian PSOA market is operationally distinctive in the broader European commercial surveillance vendor ecosystem for having multiple competitive vendors operating concurrently. Negg Group operates as one of the smaller market participants and is less publicly documented than RCS Lab or Cy4Gate. The PSOA governance significance of Negg Group, like all commercial surveillance vendors in this curated corpus, is that government clients nominally purchasing Skygofree for lawful interception of criminal suspects have, in the broader PSOA ecosystem pattern, been documented to direct surveillance tools against journalists, human rights defenders, opposition politicians, and civil society members in contexts inconsistent with stated lawful-interception justifications.

No publicly-available technical report has definitively attributed specific Skygofree deployments against named civil society victims with the same evidentiary density as Citizen Lab's Pegasus forensic reports, Negg Group's public attribution footprint is thinner than NSO Group's but analytically significant in the Italian PSOA market context. Negg Group is curated as a thin-documentation entry relative to flagship PSOA entries in this corpus alongside Wintego Systems (wintego_systems.yaml), Mollitiam Industries / Tykelab (mollitiam_tykelab.yaml), and other smaller PSOA market participants. The entry is structurally significant for PSOA ecosystem completeness (providing coverage of the Italian Android surveillance vendor sub-ecosystem distinct from the more public-record-dense Cy4Gate and RCS Lab / Hacking Team / Memento Labs entries) rather than for deep technical tradecraft analysis.