Correct, and when traffic transits your servers you know where that traffic is coming from (i.e. the target). I found your last comment rude considering the podcast I citied is an interview with citizen lab researchers; the people who research Pegasus malware. The podcast website also contains sources that I also linked to above. It’s “basic stuff” to look into what someone posted before making a comment like yours.
How do you identify a target individual purely from source traffic metadata...? Sure, you can identify them if you've totally rooted a target's phone and uploads all the data such that NSO group can read it - my point is that NSO group could offer transit encryption so long as they haven't backdoored whatever client is being used.
The reason I bring that up is that it's precisely the service you might offer if you wanted more plausible deniability. I still don't consider this hugely complex stuff.
