Skip to content

Culture war games: the sword and shield of surveillance

Surveillance Blowback
By Alfred W. McCoy

The American surveillance state is now an omnipresent reality, but its deep history is little known and its future little grasped. Edward Snowden’s leaked documents reveal that, in a post-9/11 state of war, the National Security Agency (NSA) was able to create a surveillance system that could secretly monitor the private communications of almost every American in the name of fighting foreign terrorists. The technology used is state of the art; the impulse, it turns out, is nothing new. For well over a century, what might be called “surveillance blowback” from America’s wars has ensured the creation of an ever more massive and omnipresent internal security and surveillance apparatus. Its future (though not ours) looks bright indeed.

In 1898, Washington occupied the Philippines and in the years that followed pacified its rebellious people, in part by fashioning the world’s first full-scale “surveillance state” in a colonial land.

In early 1901, Captain Ralph Van Deman, later dubbed “the father of U.S. Military Intelligence,” assumed command of this still embryonic division, the Army’s first field intelligence unit in its 100-year history. With a voracious appetite for raw data, Van Deman’s division compiled phenomenally detailed information on thousands of Filipino leaders, including their physical appearance, personal finances, landed property, political loyalties, and kinship networks.

Starting in 1901, the first U.S. governor-general (and future president) William Howard Taft drafted draconian sedition legislation for the islands and established a 5,000-man strong Philippines Constabulary. In the process, he created a colonial surveillance state that ruled, in part, thanks to the agile control of information, releasing damning data about enemies while suppressing scandals about allies.

When the Associated Press’s Manila bureau chief reported critically on these policies, Taft’s allies dug up dirt on this would-be critic and dished it out to the New York press. On the other hand, the Division of Military Information compiled a scandalous report about the rising Filipino politician Manuel Quezon, alleging a premarital abortion by his future first lady. Quezon, however, served the Constabulary as a spy, so this document remained buried in U.S. files, assuring his unchecked ascent to become the first president of the Philippines in 1935.

During the U.S. conquest of the Philippines, Mark Twain wrote an imagined history of twentieth-century America. In it, he predicted that a “lust for conquest” had already destroyed “the Great [American] Republic,” because “trampling upon the helpless abroad had taught her, by a natural process, to endure with apathy the like at home.” Indeed, just a decade after Twain wrote those prophetic words, colonial police methods came home to serve as a template for the creation of an American internal security apparatus in wartime.

After the U.S. entered World War I in 1917 without an intelligence service of any sort, Colonel Van Deman brought his Philippine experience to bear, creating the U.S. Army’s Military Intelligence Division (MID) and so laying the institutional foundations for a future internal security state.

In collaboration with the FBI, he also expanded the MID’s reach through a civilian auxiliary organization, the American Protective League, whose 350,000 citizen-operatives amassed more than a million pages of surveillance reports on German-Americans in just 14 months, arguably the world’s most intensive feat of domestic surveillance ever.

Epitomizing the nation’s retreat from surveillance, Secretary of War Henry Stimson closed the Military Intelligence cipher section in 1929, saying famously, “Gentlemen do not read each other’s mail.”

After retiring at the rank of major general that same year, Van Deman and his wife continued from their home in San Diego to coordinate an informal intelligence exchange system, compiling files on 250,000 suspected “subversives.” They also took reports from classified government files and slipped them to citizen anti-communist groups for blacklisting. In the 1950 elections, for instance, Representative Richard Nixon reportedly used Van Deman’s files to circulate “pink sheets” at rallies denouncing California Congresswoman Helen Gahagan Douglas, his opponent in a campaign for a Senate seat, launching a victorious Nixon on the path to the presidency.

From retirement, Van Deman, in league with FBI Director J. Edgar Hoover, also proved crucial at a 1940 closed-door conference that awarded the FBI control over domestic counterintelligence.

Working for J. Edgar Hoover, I Saw His Worst Excesses and Best Intentions
By Paul Letersky

The Hoover whose whims I catered to every day—most, admittedly clerical; some highly personal and quirky—could often seem larger than life. To a certain extent, Hoover had earned the fierce allegiance that Bureau agents paid him. He was a sworn enemy of the “bad guy.” And most of the time his sense of who the bad guy was proved spot on. He also could be morally courageous, such as when he’d initially counseled the Roosevelt Administration not to intern Japanese during WWII. But sometimes his zeal and hidebound view of “the real” America as locked in a life-and-death struggle against a range of “subversives” prompted him to cast his investigative net too wide.

On Hoover’s desk sat a notebook containing all the outstanding wiretaps the Bureau then had running. Occasionally, I’d furtively steal a glance at the notebook’s cryptically worded notations. And just down the hall, only yards away, were locked cabinets containing the voluminous “secret files” that made everyone in official Washington weak-kneed as they pondered what might be hiding there. I’m quite sure that the Director never thought he was doing anything less than God’s work.

But, yes, the files clearly overstepped the FBI’s charge to go after the bad guys, containing tidbits on many who’d earned the Bureau’s attention simply because their ideology was then thought of as “liberal” or because these individuals were prominent enough to impede the Director’s aims. When in 2005 there was much fanfare because the National Archives finally brought into its domain Hoover’s privately secreted files for examination by scholars, I couldn’t help remember that the most sensitive files had been destroyed by Mr. Hoover’s executive assistant Miss Helen Gandy days after his death.

Hoover wasn’t a perfect human being. He had his share of faults and had suffered his share of failures. He was honored and condemned, respected and despised—yet, for all the vilification, he was a patriot who for better or worse, built the FBI into a professional crime-fighting organization unmatched anywhere in the world. The tragedy is that there was no one powerful enough to ride herd on the man’s worst impulses.

Berkeley: What We Didn’t Know
By Adam Hochschild

I thought I knew all that was going on, but it turns out there was much that none of us knew, from the fact that the FBI secretly jammed the walkie-talkies of monitors directing a huge 1965 anti-war march I covered to the agency’s decade-long vendetta against Clark Kerr, the man who was first chancellor at Berkeley and then president of the University of California system.

The heresy that Hoover feared most was not communism; it was threats to the power of the FBI. And so what pushed him over the line from hostility to absolute rage at Kerr was an exam question. University of California applicants had to take an English aptitude test, which included a choice of one of twelve topics for a five-hundred-word essay. In 1959, one topic was: “What are the dangers to a democracy of a national police organization, like the FBI, which operates secretly and is unresponsive to criticism?”

In response, a furious Hoover issued a blizzard of orders: one FBI official drafted a letter of protest for the national commander of the American Legion to sign; other agents mobilized statements of outrage from the Hearst newspapers, the Catholic Archdiocese of Los Angeles, and the International Association of Chiefs of Police. An FBI man went to see California Governor Edmund G. Brown and stood by while Brown dictated a letter ordering an inquiry into who wrote the essay question.

Hoover himself wrote to members of the university’s board of regents, who swiftly apologized. But his ire did not subside; he ordered an FBI investigation of the university as a whole, assigning an astounding thirty employees to the task. The result was a sixty-page report, covering professorial transgressions that ranged from giving birth to an illegitimate child to writing a play that “defamed Chiang Kai-shek.” The report also noted that seventy-two university faculty, students, and employees were on the bureau’s “Security Index.” This was the list Hoover kept of people who, in case of emergency, were to be arrested and placed in preventive detention, as in the good old days of the Palmer Raids. Like Hoover’s forebear Van Deman, the FBI maintained the index on file cards, but now these were machine-sorted IBM cards.

One of Rosenfeld’s finds is that when the FBI didn’t have another weapon handy, it sent poison-pen letters. The man initially suspected of writing the offending essay question, for instance, was a quiet UCLA English professor and Antioch College graduate, Everett L. Jones. When intensive sleuthing couldn’t find anything to tie Jones to the Communist Party—the usual FBI means of tarring an enemy—someone in the bureau wrote an anonymous letter on plain stationery to UCLA’s chancellor, signed merely “Antioch—Class of ’38,” saying that the writer had known Jones and his wife in college, where “they expressed views which shocked many of their friends,” and later became “fanatical adherents to communism.”

Hoover’s anger at Clark Kerr was reignited in 1960, when thirty-one Berkeley students were among those arrested in a large demonstration against a hearing by the House Un-American Activities Committee in San Francisco’s City Hall—an early landmark in what would be a tumultuous era of American student protest. Hoover was outraged when Kerr refused to discipline the students taking part. Kerr said, reasonably enough, that any student demonstrators were acting as private individuals and “were not in any way representing the university.”

The upheavals of the Free Speech Movement, which had Berkeley in turmoil during the 1964–1965 school year, and of the protests against the Vietnam War that began shaking the campus soon after, brought renewed scrutiny by the FBI. As always, Hoover’s anticommunism had little to do with the Soviets: although the FBI’s responsibilities include counterespionage, only twenty-five of the three hundred agents in Northern California were assigned to this, while forty-three were at work monitoring “subversives,” which meant people like student activists at Berkeley—and, it turns out, even some of those they thought were their enemies, like the university’s regents.

Hoover gathered information about several liberal pro-Kerr regents and funneled it and other ammunition to a major enemy of Kerr, regent Edwin Pauley, a wealthy Los Angeles oilman. An FBI official then reported back to Hoover that an appreciative Pauley could be a useful informant and could “use his influence to curtail, harass and…eliminate communists and ultra-liberal members on the faculty.”

The balance on the board of regents changed following Ronald Reagan’s election as California governor in 1966 (the governor and several other state officials are ex officio regents), and at Reagan’s first meeting, Kerr was fired. Even though Hoover can’t be blamed for Kerr losing his job, he had already made sure that there was another one the educator didn’t get. Some months earlier, President Johnson had decided he wanted Kerr to be the next secretary of health, education, and welfare. “I’ve looked from the Pacific to the Atlantic and from Mexico to Canada,” LBJ told Kerr in his famous arm-twisting mode, “and you’re the man I want.” Kerr said he would think it over. Meanwhile, Johnson ordered the usual FBI background check. Among the documents Rosenfeld wrested from the agency in his legal battle is the twelve-page report Hoover sent the president. Included in it were allegations from a California state legislative Red-hunter who claimed that someone named Louis Hicks had worked with Kerr in the 1940s and declared that Kerr was “pro-Communist.”

“Hoover’s report failed to note, however,” Rosenfeld writes, “that when FBI agents interviewed Hicks he denied making the charge.” The report made a string of similar misrepresentations, among them another such charge—with no mention of the FBI investigation that found it untrue. Before Kerr could tell LBJ that he had decided to turn down the post, the president withdrew the offer.

What an Uncensored Letter to M.L.K. Reveals
By Beverly Gage

The note is just a single sheet gone yellow with age, typewritten and tightly spaced. It’s rife with typos and misspellings and sprinkled with attempts at emending them. Clearly, some effort went into perfecting the tone, that of a disappointed admirer, appalled by the discovery of “hidious [sic] abnormalities” in someone he once viewed as “a man of character.”

The word “evil” makes six appearances in the text, beginning with an accusation: “You are a colossal fraud and an evil, vicious one at that.” In the paragraphs that follow, the recipient’s alleged lovers get the worst of it. They are described as “filthy dirty evil companions” and “evil playmates,” all engaged in “dirt, filth, evil and moronic talk.” The effect is at once grotesque and hypnotic, an obsessive’s account of carnal rage and personal betrayal. “What incredible evilness,” the letter proclaims, listing off “sexual orgies,” “adulterous acts” and “immoral conduct.” Near the end, it circles back to its initial target, denouncing him as an “evil, abnormal beast.”

The unnamed author suggests intimate knowledge of his correspondent’s sex life, identifying one possible lover by name and claiming to have specific evidence about others. Another passage hints of an audiotape accompanying the letter, apparently a recording of “immoral conduct” in action. “Lend your sexually psychotic ear to the enclosure,” the letter demands. It concludes with a deadline of 34 days “before your filthy, abnormal fraudulent self is bared to the nation.”

“There is only one thing left for you to do,” the author warns vaguely in the final paragraph. “You know what it is.”

The F.B.I.’s entanglement with King began not as an inquiry into his sex life but as a “national security” matter, one step removed from King himself. In 1961, the bureau learned that a former Communist Party insider named Stanley Levison had become King’s closest white adviser, serving him as a ghostwriter and fund-raiser. The following year, Attorney General Robert Kennedy approved wiretaps on Levison’s home and office, and the White House advised King to drop his Communist friend. But thanks to their surveillance, the bureau quickly learned that King was still speaking with Levison. Around the same time, King began to criticize bureau practices in the South, accusing Hoover of failing to enforce civil rights law and of indulging the racist practices of Southern policemen.

This combination of events set Hoover and King on a collision course. In the fall of 1963, just after the March on Washington, the F.B.I. extended its surveillance from Levison and other associates to King himself, planting wiretaps in King’s home and offices and bugs in his hotel rooms. Hoover found out very little about any Communist subterfuge, but he did begin to learn about King’s extramarital sex life, already an open secret within the civil rights movement’s leadership.

Hoover and the Feds seem to have been genuinely shocked by King’s behavior. Here was a minister, the leader of a moral movement, acting like “a tom cat with obsessive degenerate sexual urges,” Hoover wrote on one memo. In response, F.B.I. officials began to peddle information about King’s hotel-room activities to friendly members of the press, hoping to discredit the civil rights leader. To their astonishment, the story went nowhere. If anything, as the F.B.I. learned more about his sexual adventures, King only seemed to be gaining in public stature. In 1964, the Civil Rights Act passed Congress, and just a few months later King became the youngest man ever to be awarded the Nobel Peace Prize.

One oddity of Hoover’s campaign against King is that it mostly flopped, and the F.B.I. never succeeded in seriously damaging King’s public image. Half a century later, we look upon King as a model of moral courage and human dignity. Hoover, by contrast, has become almost universally reviled.

Surveillance and Scandal
By Alfred McCoy

What made Hoover a Washington powerhouse was the telephone. With 20% of the country and the entire political elite by now owning phones, FBI wiretaps at local switchboards could readily monitor conversations by both suspected subversives and the president’s domestic enemies, particularly leaders of the isolationist movement such as aviator Charles Lindbergh and Senator Burton Wheeler.

Even with these centralized communications, however, the Bureau still needed massive manpower for its wartime counterintelligence. Its staff soared from just 650 in 1924 to 13,000 by 1943. Upon taking office on Roosevelt’s death in early 1945, Harry Truman soon learned the extraordinary extent of FBI surveillance. “We want no Gestapo or Secret Police,” Truman wrote in his diary that May. “FBI is tending in that direction. They are dabbling in sex-life scandals and plain blackmail.”

After a quarter of a century of warrantless wiretaps, Hoover built up a veritable archive of sexual preferences among America’s powerful and used it to shape the direction of U.S. politics. He distributed a dossier on Democratic presidential candidate Adlai Stevenson’s alleged homosexuality to assure his defeat in the 1952 presidential elections, circulated audio tapes of Martin Luther King, Jr.’s philandering, and monitored President Kennedy’s affair with mafia mistress Judith Exner. And these are just a small sampling of Hoover’s uses of scandal to keep the Washington power elite under his influence.

“The moment [Hoover] would get something on a senator,” recalled William Sullivan, the FBI’s chief of domestic intelligence during the 1960s, “he’d send one of the errand boys up and advise the senator that ‘we’re in the course of an investigation, and we by chance happened to come up with this data on your daughter…’ From that time on, the senator’s right in his pocket.” After his death, an official tally found Hoover had 883 such files on senators and 722 more on congressmen.

Athan Theoharis Revealed J. Edgar Hoover’s Secrets
By Betty Medsger

Unlocking Hoover’s files was a difficult task. He intended for all of his files to remain secret forever and went to great lengths to shield them beneath layers of secrecy. He especially feared, for good reason, that the revelation of certain files would be extremely damaging to his reputation and went to even greater extremes to guarantee that these files would be secret forever. The file system he created consisted of mazes within mazes. He used tricky nomenclature and lies to hide his files. The names of some parts of the system were especially strange. For instance, Theoharis discovered that one large segment of files carried the label “Do Not File.” It contained files about particularly cruel operations, all of them illegal. Buried under that title Theoharis found Hoover’s Obscene File and Sex Deviates File, records of the intimate lives of members of Congress and other prominent people that he maintained for use as blackmail when a perceived need arose.

One of Theoharis’s most alarming discoveries was the existence of the American Legion Contact Program. This program, like Hoover’s national Black surveillance program that was revealed in the Media files, resembled the massive surveillance conducted by the Stasi, East Germany’s secret police. Through a secret formal agreement with the American Legion, 100,880 members of the organization’s 16,700 posts regularly reported information from 1940 to 1966 to regional FBI officials about their fellow citizens. At first, the emphasis was on spying on people who worked in industrial plants. Later, it expanded into general political spying.

Athan Theoharis, historian who exposed FBI misconduct, dies at 84
By Harrison Smith

Dr. Theoharis obtained tens of thousands of documents related to illegal wiretaps, mail openings and break-ins. Some showed that the FBI had gathered embarrassing material about top officials, including President Dwight D. Eisenhower, and broke into the office of left-wing organizations such as the American Youth Congress, where it photocopied correspondence with first lady Eleanor Roosevelt.

Other files revealed an investigation into communist infiltration in Hollywood, where Ronald Reagan — then president of the Screen Actors Guild — was recruited as an FBI informer in the 1940s and instructed to report on actors who followed “the Communist party line.”

As he reviewed the files, Dr. Theoharis began to argue that the bureau’s reputation for catching gangsters, spies and terrorists was grossly exaggerated, and that its surveillance programs threatened civil liberties. While he noted that presidents such as Franklin D. Roosevelt had wielded the FBI as a political tool, ordering the bureau to investigate opponents, he assigned much of the blame for its improprieties to Hoover, who ruled the FBI for 48 years until his death in 1972.

“Hoover was an insubordinate bureaucrat in charge of a lawless organization,” he told the Milwaukee Journal in a 1993 interview. “He was also a genius who could set up a system of illegal activities and a way to keep all documentation secret for many years.”

The FBI break-in that exposed J. Edgar Hoover’s misdeeds to be honored with historical marker
By Tom Jackman

“The most amazing and shocking thing about the Media burglary,” said Sanford J. Ungar, author of the book “FBI: An Uncensored Look Behind the Walls,” “was that the files stolen that day and distributed in the weeks and months to come proved that the worst accusations and conspiracy theories about the FBI’s behavior at the time were utterly true. In many respects, the agency never regained its reputation, sometimes actually deserved, as one of the greatest law enforcement agencies in the world.”

“One word defines the burglars — determination,” said former NBC reporter Carl Stern. “They were determined to find something, they didn’t know what, that would confirm that the FBI was going over the line to harass and ‘neutralize’ organizations and individuals whose political activities it detested.”

Stern would play a crucial role in the FBI’s unraveling when he seized on one word in one stolen document that neither the media nor the burglars had examined: “COINTELPRO.” He began asking what that word meant. No one would tell him. Eventually, he and NBC sued to find out what it meant, and won. And after he began receiving COINTELPRO documents in 1973, he helped unearth some of the FBI’s worst crimes:

— The surveillance and harassment of the Rev. Martin Luther King Jr., sending him letters urging him to commit suicide, sending a recording of him having sex with other women to King’s wife (and offering it to journalists) and attempting to blackmail King.

— The murder of Black Panther Fred Hampton by Chicago police, set up by an FBI informant.

— The suicide of actress Jean Seberg, after the FBI planted a story with a news columnist that she was pregnant by a Black Panther.

The surveillance and harassment operations ruined countless lives, Stern said. In Los Angeles, Black Panther Party leader Geronimo Pratt was falsely convicted of murder in part through the perjured testimony of an FBI informer, even though the FBI knew from wiretaps that Pratt was 350 miles away when the crime happened. Pratt spent 27 years in prison. In New York, the bureau wrote a false letter identifying one of the leaders of the Communist Party, William Albertson, as an FBI informer. Albertson was promptly booted out of the party.

“Numerous Black people were falsely accused,” Medsger said, “on perjured testimony by FBI agents. People around the country went to prison for decades. The most important thing about the files were what they revealed about the depths of Hoover’s racist practices, and their Stasi-like collection of files on people, particularly Black people.”

In January 1975, the Church Committee was formed in the Senate, headed by Sen. Frank Church (D-Idaho), to investigate reported abuses committed by the FBI, the CIA and the National Security Agency.

Meanwhile, the eight burglars had promised never to reveal themselves and went their separate ways. But in 1988, John Raines casually divulged the plot to Medsger over a family dinner. Medsger persuaded the Raineses to connect her with the other burglars, beginning a 26-year journey that would lead to a documentary film, “1971,” by Johanna Hamilton, which premiered soon after Medsger’s book revealed the entirety of the case in 2014.

“Our friends here in Philadelphia were just utterly shocked,” Bonnie Raines said. Her husband died in 2017. “Now there’ll be this big historical marker, which I think is just a hoot. Fifty years ago, we were criminals, and now we’re heroes.”

Forsyth said his Midwestern upbringing made him reluctant to take credit for his role in such a historic event. “But if it brings these political issues to others’ attention,” Forsyth said, “like, ‘When is it right to break the law? What is right for a government to do in a democracy? What should be secret or not secret?’ If it provokes discussions of that, then I’m all for it.”

High court to hear secrets case over Muslim surveillance
By Jessica Gresko

The case before the high court Monday involves a group of Muslim men from Southern California. They filed a class-action lawsuit claiming that the FBI spied on them and hundreds of others in a surveillance operation following 9/11. The group, represented by lawyers from the American Civil Liberties Union and others, claimed religious discrimination and violations of other rights, saying they were spied on solely because of their faith.

The case involves a confidential informant, Craig Monteilh, the FBI used from 2006 to 2007. Monteilh pretended to be a new convert to Islam as a way to become part of Southern California’s Muslim community.

Monteilh told people he was a fitness consultant, but he was really working as part of a surveillance program known as Operation Flex. Monteilh regularly attended the Islamic Center of Irvine in Orange County and has said that he was told to collect as much information on as many people as possible. He gathered names and phone numbers and secretly recorded thousands of hours of conversations and hundreds of hours of video using a camera concealed in a shirt button.

Ultimately Monteilh’s handlers told him to ask about jihad and express a willingness to engage in violence. Those questions caused members of the community to report him to the FBI and other authorities and seek a restraining order against him.

The FBI has acknowledged Monteilh was an informant, and the story was covered in the news media including on the National Public Radio show “This American Life.”

‘I Helped Destroy People’
By Janet Reitman

… on April 17, 2018, Terry Albury appeared in a federal court in Minneapolis, where he pleaded guilty to charges of leaking classified information to the press. The allegations — that Albury downloaded, printed and photographed internal F.B.I. documents on his office computer, sending some of them electronically to a journalist and saving others on external devices found in his home — resulted from a 17-month-long internal investigation by the F.B.I., prompted by two Freedom of Information Act requests by a news organization (unnamed in the charging document) in March 2016. Nine months after these FOIA requests were made, a trove of internal F.B.I. documents shedding new light on the vast and largely unrestricted power of the post-9/11 F.B.I. was posted on the investigative-journalism site The Intercept. The cache included hundreds of pages of unredacted policy manuals, including the F.B.I.’s byzantine rule book, the Domestic Investigations and Operations Guide, exposing the hidden loopholes that allowed agents to violate the bureau’s own rules against racial and religious profiling and domestic spying as they pursued the domestic war on terror. The Justice Department, under the Trump administration’s Attorney General Jeff Sessions, charged Albury with two counts of “knowingly and willfully” retaining and transmitting “national defense information” to a journalist. In October 2018, he was sentenced to four years in prison.

Albury is the first F.B.I. special agent since Robert Hanssen to be convicted under the Espionage Act, the 1917 statute that has traditionally been used to punish spies: Hanssen was arrested in 2001 and sentenced to life in prison without the possibility of parole for selling secrets to the Russians. Increasingly, however, the Espionage Act has been used by the Justice Department as a cudgel against people who have leaked sensitive or classified information to the press. The Obama administration prosecuted more government officials for leaking secrets to the press than all previous administrations combined, bringing Espionage Act charges against eight people in eight years and referring 316 cases for investigation. Among those charged were Chelsea Manning, who was tried and convicted in a military court-martial in 2013 for sending hundreds of thousands of classified military and diplomatic documents to WikiLeaks, and Edward Snowden, whose 2013 leak of classified N.S.A. documents to The Guardian and The Washington Post alerted the public to the scope of the N.S.A.’s mass-surveillance activities.

The F.B.I.’s director, Robert Mueller, was sworn in just a week before the Sept. 11 attacks. By his own admission, Mueller, previously the United States attorney for the Northern District of California, had little familiarity with Al Qaeda and Osama bin Laden, though Mueller’s predecessor, Louis Freeh, pushed to make counterterrorism more of a priority after the 1993 World Trade Center bombing and the 1998 U.S. Embassy bombings in Kenya and Tanzania. Attorney General John Ashcroft made counterterrorism such a low priority that as late as August 2001, when the Justice Department drafted its key strategic goals and objectives for the next four years, combating “terrorist activities” was mentioned only once, as a lesser-priority objective under the general enforcement of criminal laws.

Now what commenced within the government was a sort of panic. The Bush administration had failed to heed myriad warnings that an attack was imminent; convinced that a second wave of Al Qaeda attacks was coming, the Justice Department initiated a relentless search for what Ashcroft, during an October 2001 speech he made at the U.S. Conference of Mayors, called the “terrorists among us.”

By the end of September 2001, Mueller told President Bush that Al Qaeda had 331 potential “sleeper” operatives inside the United States. By the following October, intelligence officials were estimating that anywhere from 2,000 to 5,000 Al Qaeda terrorists might be hiding within various Muslim communities across the United States. Virtually all of these supposed terrorists turned out to be nonentities — “ghost leads,” as they were called.

The U.S. response to terrorism would eventually take on the contours of a major domestic surveillance operation. It was a radical shift from the F.B.I.’s historical investigative blueprint, and the impact was immediate. “What Mueller did, with the support of President Bush and Attorney General Ashcroft, was leverage the fear of another Al Qaeda attack to transform the bureau from a law-enforcement agency into a domestic intelligence agency,” says Michael German, a former F.B.I. agent and author of “Disrupt, Discredit, and Divide,” a 2019 critical analysis of the post-9/11 F.B.I. This new mandate exposed a vast number of people who were not suspected of breaking the law to some of the same intrusive techniques the bureau had long used against people it suspected were criminals. “All of this was done without a clear public discussion of what this development might mean for American freedom and democracy or whether it would actually result in greater security,” he says. “As it turned out, spying on innocent people doesn’t help catch guilty people, so it was a flawed approach.”

The government had used the shock of Sept. 11 to invert the rule of law, and now the law kept becoming more and more inverted.

In reality, there was no evidence of rogue Al Qaeda sleeper cells hiding in suburbia, as was acknowledged in a 2005 internal F.B.I. report. The United States had not faced imminent attack, as Mueller warned repeatedly during the early years after Sept. 11. Paradoxically, genuine terrorist incidents like the Fort Hood massacre or the Boston Marathon bombing were committed by individuals who had been on the F.B.I.’s radar and had fallen off. There was no existential threat from Islam, as Albury was taught as a surveillance trainee, just an endless list of people who were being targeted because they were Muslim. It had taken him a decade to reach this conclusion, and now that he had, he was firmly on the path toward what he called “my awakening.”

The former F.B.I. special agent David Gomez told me he was surprised that Albury received a four-year sentence. (The judge had limited discretion within sentencing guidelines.) “My sentiment is the F.B.I. went after him not only for releasing the documents but to send a message. There is no greater sin in the F.B.I. than to embarrass the bureau. That’s a credo that goes all the way back to Hoover, and it’s taken very seriously. You can do a lot of things in the F.B.I., but if you do something that casts the bureau in a negative light, it’s going to be hard for you.”

Albury left prison on Nov. 18, 2020, and returned to his family and the house they had moved into in Berkeley, with an ankle monitor. Two days later, he reached out to me on Signal. “I am officially back in the ‘free world,’” he said. He sounded defiant. His experience at Englewood had hardened his belief that he was a prisoner of conscience, but he refused to call himself a whistle-blower. “I didn’t ‘blow the whistle,’” he told me over the phone. “I tried to expose a whole system.”

It was “really crushing,” he says, that his disclosures didn’t cause more of a sensation. “I assumed the stuff would come out and there would be some radical change, like the Church Committee hearings. I guess was naïve.” Could Albury’s revelations have had more of an impact if they had been released before the Trump era? “I think part of what happened here was timing,” says Mike German, now a fellow at the Brennan Center for Justice at the New York University School of Law. Following Trump’s election, even many on the progressive left became champions of the F.B.I. because of the Russia investigation and Trump’s attacks on the independence of the bureau. “What that meant was that the people who would have been criticizing the types of programs that were exposed in those documents instead found themselves as strong defenders of the F.B.I. as an institution,” German says.

Welcome Home, War!
By Alfred W. McCoy

Amid the pressures of a generational global war, Congress proved all too ready to offer up civil liberties as a bipartisan burnt offering on the altar of national security. In April 2007, for instance, in a bid to legalize the Bush administration’s warrantless wiretaps, Congressional representative Jane Harman (Dem., California) offered a particularly extreme example of this urge. She introduced the Violent Radicalization and Homegrown Terrorism Prevention Act, proposing a powerful national commission, functionally a standing “star chamber,” to “combat the threat posed by homegrown terrorists based and operating within the United States.” The bill passed the House by an overwhelming 404 to 6 vote before stalling, and then dying, in a Senate somewhat more mindful of civil liberties.

Only weeks after Barack Obama entered the Oval Office, Harman’s life itself became a cautionary tale about expanding electronic surveillance. According to information leaked to the Congressional Quarterly, in early 2005 an NSA wiretap caught Harman offering to press the Bush Justice Department for reduced charges against two pro-Israel lobbyists accused of espionage. In exchange, an Israeli agent offered to help Harman gain the chairmanship of the House Intelligence Committee by threatening House Democratic majority leader Nancy Pelosi with the loss of a major campaign donor. As Harman put down the phone, she said, “This conversation doesn’t exist.”

How wrong she was. An NSA transcript of Harman’s every word soon crossed the desk of CIA Director Porter Goss, prompting an FBI investigation that, in turn, was blocked by then-White House Counsel Alberto Gonzales. As it happened, the White House knew that the New York Times was about to publish its sensational revelation of the NSA’s warrantless wiretaps, and felt it desperately needed Harman for damage control among her fellow Democrats. In this commingling of intrigue and irony, an influential legislator’s defense of the NSA’s illegal wiretapping exempted her from prosecution for a security breach discovered by an NSA wiretap.

N.S.A. Gathers Data on Social Connections of U.S. Citizens
By James Risen and Laura Poitras

A series of agency PowerPoint presentations and memos describe how the N.S.A. has been able to develop software and other tools — one document cited a new generation of programs that “revolutionize” data collection and analysis — to unlock as many secrets about individuals as possible.

The spy agency, led by Gen. Keith B. Alexander, an unabashed advocate for more weapons in the hunt for information about the nation’s adversaries, clearly views its collections of metadata as one of its most powerful resources. N.S.A. analysts can exploit that information to develop a portrait of an individual, one that is perhaps more complete and predictive of behavior than could be obtained by listening to phone conversations or reading e-mails, experts say.

Phone and e-mail logs, for example, allow analysts to identify people’s friends and associates, detect where they were at a certain time, acquire clues to religious or political affiliations, and pick up sensitive information like regular calls to a psychiatrist’s office, late-night messages to an extramarital partner or exchanges with a fellow plotter.

“Metadata can be very revealing,” said Orin S. Kerr, a law professor at George Washington University. “Knowing things like the number someone just dialed or the location of the person’s cellphone is going to allow them to assemble a picture of what someone is up to. It’s the digital equivalent of tailing a suspect.”

Capillaries of Empire
By Alfred McCoy

Beyond U.S. borders, the World Wide Web’s centralization of most communications into a global network of fiber-optic cables, routed through relatively few data hubs that are all accessible to the NSA, has allowed the U.S. a capacity for global surveillance far beyond the British Empire’s yield from that era’s transoceanic telegraph cables. The NSA’s 2012 schematic for its Worldwide SIGINT/Defense Cryptologic Platform indicates that the agency inserted malware on 50,000 computers worldwide, capable of capturing every keystroke, through just 20 “covert, clandestine, or cooperative” cable access points, supplemented by 170 secondary and tertiary entries—an extraordinary economy of force for worldwide surveillance and cyberwarfare … .

Under Obama as well, the NSA cooperated with its long-time British ally, the Government Communications Headquarters (GCHQ), to tap the dense cluster of Trans-Atlantic Telecommunication (TAT) fiber-optic cables that pass through the United Kingdom. Two years after turning its gaze from the skies above to the cables below at its Cornwall station, GCHQ’s Operation Tempora achieved the ‘biggest Internet access’ of any partner in the Five Eyes signals intercept coalition that includes the UK, the U.S., Australia, Canada, and New Zealand. When the operation went online in 2011, GCHQ sank probes into 200 Internet cables and was soon collecting 600 million telephone messages daily, accessible to 850,000 NSA employees and U.S. private contractors … . Apart from these close allies, the NSA also cooperated with agencies in another 21 ‘Tier B’ nations such as Germany, Japan, and Spain, greatly amplifying its global coverage … . Despite such close collaboration, the NSA has also conducted extensive surveillance of allied nations to more efficiently control the nexus of so-called ‘subordinate elites’ that has been the fulcrum for the U.S. exercise of global power since the mid-1950s … . Just as imperial police such as the Philippines Constabulary once surveilled thousands of local influentials who collaborated with colonial rule, so the CIA and NSA have monitored the several hundred national leaders who now play an analogous role in America’s global imperium.

What is the aim of such sensitive surveillance, which runs the risk of serious political repercussion if exposed? Here, situating U.S. colonial policing in historical perspective provides a precedent that explains the strategy underlying the NSA’s seemingly contradictory global surveillance.

In a parallel with U.S. colonial policing in the Philippines, such worldwide surveillance provides Washington with the information needed to maintain its global hegemony: first, operational intelligence on dissidents to be countered with covert action or military intervention; second, basic political and economic intelligence to advantage American diplomats in bi- or multilateral negotiations; third, scurrilous information about derelictions of national leaders useful in encouraging their compliance; and, finally, the empowerment of a neo-imperial gaze. Through the clandestine accumulation of knowledge about national leaders worldwide, Washington’s empowered rulers gain not only actual information, whether strategic or scandalous, but a deeper sense of omniscience for the exercise of dominion over inherently independent national leaders.

Such secret intelligence about its allies gives the U.S. a significant diplomatic advantage. According to NSA expert James Bamford, “it’s the equivalent of going to a poker game and wanting to know what everyone’s hand is before you place your bet” … . Indeed, during the diplomatic wrangling at the UN over the Iraq invasion in 2002-3, the NSA intercepted Secretary-General Kofi Annan’s conversations and monitored the Middle Six of Third World nations on the Security Council—”listening in as the delegates communicated back to their home countries … to discover which way they might vote,” and offering “a highway, a dam, or a favorable trade deal … in a subtle form of bribery” … . More recently, the NSA helped Ambassador Susan Rice “develop a strategy” for a UN Security Council vote on Iran sanctions in 2010 by monitoring members “Gabon, Uganda, Nigeria and Bosnia”; and President Obama by gaining “access to U.N. Secretary General talking points prior to meeting” in 2013 … .

Offering a striking parallel with colonial reliance on scandal to control native elites, in October 2012, a NSA official identified as DIRNSA, or Director General Keith Alexander, proposed that in countering Muslim radicals their “vulnerabilities, if exposed, would likely call into question a radicalizer’s devotions to the jihadist cause, leading to the degradation or loss of his authority.” Citing the two timeless sources of political scandal, sex and money, the agency suggested such vulnerabilities would likely include “viewing sexually explicit material online” or “using a portion of the donations they are receiving … to defray personal expenses.” The NSA document identified one potential target as a “respected academic” whose “vulnerabilities” are “online promiscuity.” At a 2012 signals conference, the NSA’s British partner GCHQ explained disinformation tactics used to “discredit a target,” including “change their photos on social networking sites,” “writing a blog purporting to be one of their victims,” and “set up a honey trap,” that is, “get someone to go somewhere on the internet” for a sexually compromising encounter. According to author Bamford: “The NSA’s operation is eerily similar to the FBI’s operations under J. Edgar Hoover in the 1960s where the bureau used wiretapping to discover vulnerabilities, such as sexual activity, to ‘neutralize’ their targets” … .

‘The intelligence coup of the century’
By Greg Miller

For more than half a century, governments all over the world trusted a single company to keep the communications of their spies, soldiers and diplomats secret.

The company, Crypto AG, got its first break with a contract to build code-making machines for U.S. troops during World War II. Flush with cash, it became a dominant maker of encryption devices for decades, navigating waves of technology from mechanical gears to electronic circuits and, finally, silicon chips and software.

The Swiss firm made millions of dollars selling equipment to more than 120 countries well into the 21st century. Its clients included Iran, military juntas in Latin America, nuclear rivals India and Pakistan, and even the Vatican.

But what none of its customers ever knew was that Crypto AG was secretly owned by the CIA in a highly classified partnership with West German intelligence. These spy agencies rigged the company’s devices so they could easily break the codes that countries used to send encrypted messages.

The decades-long arrangement, among the most closely guarded secrets of the Cold War, is laid bare in a classified, comprehensive CIA history of the operation obtained by The Washington Post and ZDF, a German public broadcaster, in a joint reporting project.

The operation, known first by the code name “Thesaurus” and later “Rubicon,” ranks among the most audacious in CIA history.

“It was the intelligence coup of the century,” the CIA report concludes. “Foreign governments were paying good money to the U.S. and West Germany for the privilege of having their most secret communications read by at least two (and possibly as many as five or six) foreign countries.”

From 1970 on, the CIA and its code-breaking sibling, the National Security Agency, controlled nearly every aspect of Crypto’s operations — presiding with their German partners over hiring decisions, designing its technology, sabotaging its algorithms and directing its sales targets.

Then, the U.S. and West German spies sat back and listened.

They monitored Iran’s mullahs during the 1979 hostage crisis, fed intelligence about Argentina’s military to Britain during the Falklands War, tracked the assassination campaigns of South American dictators and caught Libyan officials congratulating themselves on the 1986 bombing of a Berlin disco.

The German spy agency, the BND, came to believe the risk of exposure was too great and left the operation in the early 1990s. But the CIA bought the Germans’ stake and simply kept going, wringing Crypto for all its espionage worth until 2018, when the agency sold off the company’s assets, according to current and former officials.

Its reach and duration help to explain how the United States developed an insatiable appetite for global surveillance that was exposed in 2013 by Edward Snowden. There are also echoes of Crypto in the suspicions swirling around modern companies with alleged links to foreign governments, including the Russian anti-virus firm Kaspersky, a texting app tied to the United Arab Emirates and the Chinese telecommunications giant Huawei.

At times, including in the 1980s, Crypto accounted for roughly 40 percent of the diplomatic cables and other transmissions by foreign governments that cryptanalysts at the NSA decoded and mined for intelligence, according to the documents.

The papers largely avoid more unsettling questions, including what the United States knew — and what it did or didn’t do — about countries that used Crypto machines while engaged in assassination plots, ethnic cleansing campaigns and human rights abuses.

The revelations in the documents may provide reason to revisit whether the United States was in position to intervene in, or at least expose, international atrocities, and whether it opted against doing so at times to preserve its access to valuable streams of intelligence.

Nor do the files deal with obvious ethical issues at the core of the operation: the deception and exploitation of adversaries, allies and hundreds of unwitting Crypto employees. Many traveled the world selling or servicing rigged systems with no clue that they were doing so at risk to their own safety.

In recent interviews, deceived employees — even ones who came to suspect during their time at Crypto that the company was cooperating with Western intelligence — said the revelations in the documents have deepened a sense of betrayal, of themselves and customers.

“You think you do good work and you make something secure,” said Juerg Spoerndli, an electrical engineer who spent 16 years at Crypto. “And then you realize that you cheated these clients.”

Those who ran the clandestine program remain unapologetic.

“Do I have any qualms? Zero,” said Bobby Ray Inman, who served as director of the NSA and deputy director of the CIA in the late 1970s and early 1980s. “It was a very valuable source of communications on significantly large parts of the world important to U.S. policymakers.”

In 1978, as the leaders of Egypt, Israel and the United States gathered at Camp David for negotiations on a peace accord, the NSA was secretly monitoring the communications of Egyptian President Anwar Sadat with Cairo.

A year later, after Iranian militants stormed the U.S. Embassy and took 52 American hostages, the Carter administration sought their release in back-channel communications through Algeria. Inman, who served as NSA director at the time, said he routinely got calls from President Jimmy Carter asking how the Ayatollah Khomeini regime was reacting to the latest messages.

“We were able to respond to his questions about 85 percent of the time,” Inman said. That was because the Iranians and Algerians were using Crypto devices.

Inman said the operation also put him in one of the trickiest binds he’d encountered in government service. At one point, the NSA intercepted Libyan communications indicating that the president’s brother, Billy Carter, was advancing Libya’s interests in Washington and was on leader Moammar Gaddafi’s payroll.

Inman referred the matter to the Justice Department. The FBI launched an investigation of Carter, who falsely denied taking payments. In the end, he was not prosecuted but agreed to register as a foreign agent.

For years, BND officials had recoiled at their American counterpart’s refusal to distinguish adversaries from allies. The two partners often fought over which countries deserved to receive the secure versions of Crypto’s products, with U.S. officials frequently insisting that the rigged equipment be sent to almost anyone — ally or not — who could be deceived into buying it.

In the German history, Wolbert Smidt, the former director of the BND, complained that the United States “wanted to deal with the allies just like they dealt with the countries of the Third World.” Another BND official echoed that comment, saying that to Americans, “in the world of intelligence there were no friends.”

In 1993, Konrad Porzner, the chief of the BND, made clear to CIA Director James Woolsey that support in the upper ranks of the German government was waning and that the Germans might want out of the Crypto partnership. On Sept. 9, the CIA station chief in Germany, Milton Bearden, reached an agreement with BND officials for the CIA to purchase Germany’s shares for $17 million, according to the CIA history.

With their departure, the Germans were soon cut off from the intelligence that the United States continued to gather. Burmeister is quoted in the German history wondering whether Germany still belonged “to this small number of nations who are not read by the Americans.”

The Snowden documents provided what must have been an unsettling answer, showing that U.S. intelligence agencies not only regarded Germany as a target but monitored German Chancellor Angela Merkel’s cellphone.

Merkel compared NSA to Stasi in heated encounter with Obama
By Ian Traynor and Paul Lewis

Livid after learning from Der Spiegel magazine that the Americans were listening in to her personal mobile phone, Merkel confronted Obama with the accusation: “This is like the Stasi.”

The newspaper also reported that Merkel was particularly angry that, based on the disclosures, “the NSA clearly couldn’t be trusted with private information, because they let Snowden clean them out.”

The NYT reported that Susan Rice, Obama’s national security adviser, had told Berlin that there would be not be a no-espionage agreement, although the Americans had pledged to desist from monitoring Merkel personally.

The politics of Germany’s Stasi archives
By Katja Hoyer

Founded in 1950 as the Socialist party’s ‘sword and shield’, the Ministry for State Security, better known as the Stasi, spent its 40-year existence gathering information about real and imagined political opponents. It created one of the most comprehensive police states in the world, dwarfing even the Nazi’s infamous Gestapo. Where the latter operated at around one officer to 10,000 citizens, at its peak the Stasi had one officer to every 180 East Germans.

The scale of the GDR’s surveillance took on such proportions that the Stasi began to recruit hundreds of thousands of ‘unofficial’ employees, casual informants who could provide information about individuals or entire communities. Such collaborators could be work colleagues, neighbours or friends and their motivations ranged from monetary incentives to personal vendetta. Many felt safe in the knowledge that their Stasi activities would remain forever concealed.

The Minds Solving the Giant Puzzle the Stasi Left Behind
By Sukhada Tatke

The furtive Stasi infiltrated not only physical spaces but also terrorized people’s interior lives. The organization tapped telephones, opened mail, and bugged homes. Family members told on each other, friends turned into moles, and spies were spied on. The Stasi even captured people’s body odor in bottles and devised ingenious listening and viewing gadgets; they hid cameras in the unlikeliest of places, like in ziplocks and ties. The inevitable recalcitrance from citizens that followed had severe consequences: Thousands of dissenters of the GDR regime were jailed, persecuted, and killed.

Despite their technical prowess, the Stasi’s modus operandi of dealing with its constant influx of information was simple and tedious: Everything was meticulously recorded on paper, filed, and stored away in cupboards.

When the Stasi was dissolved in 1990, protesters surrounded the Stasi offices and demanded access to its archives. Hemmed in, the Stasi staff started destroying its vast network of documentation; they burned paper, pulped it, and shredded it until their shredders became ineffective. With little time left to completely obliterate evidence of their panopticon methods, employees started tearing pages by hand and putting them in bags to be burned later. The plan was never realized: In Frankfurt, Erfut, and Berlin, citizen activists occupied local and regional Stasi offices to prevent the destruction of files.

Piecing Together the History of Stasi Spying
By Annalisa Quinn

Since 1992, the researchers have been offering former citizens of East Germany the opportunity to view their personal Stasi file, a complicated rite of passage that often reveals that family members, friends or neighbors had reported their activities to the Stasi.

In the 1990s, revealing someone had been an informant ruined so many careers and marriages that the German newsmagazine Der Spiegel, which regularly outed prominent people thanks to the archives, nicknamed them the “horror files.”

In recent years, the gush of revelations has slowed, but their consequences can still be life-altering. “You have to rewrite your own life, in some cases,” said Ms. Hovestädt.

Petra Riemann first heard about her father’s double life through a newspaper report. Lutz Riemann was an East German actor known for playing a TV policeman. But, according to files seen by the Welt am Sonntag newspaper in 2013, he had also been an informant, keeping tabs on family and friends. Ms. Riemann had known he sometimes worked with the foreign intelligence arm of the Stasi, but imagined him as a kind of James Bond figure, she said in an interview — not someone using intimate dinners and birthday parties to gather intelligence on close ones.

“He used our family to obtain the trust of his victims,” she said.

Still, questions remain unanswered. When she found out later he had a secret second family, she didn’t know if they were the result of a simple affair, or if, as he claimed, a part of his Stasi work. She said that she and her parents no longer speak.

Ms. Riemann, who wrote a book about the experience with her husband, the journalist Torsten Sasse, said that the knowledge gained from the files was worth the pain. “You could read something in these files that will disturb you forever,” she said, “but the question of course is: Could you live with a lie?”

Mr. Riemann could not be reached for comment. But in 2013, he acknowledged to the Welt am Sonntag that he had worked as an informant and said that, as a committed communist, he had done so out of ideological conviction.

As a British journalist working in East Germany in the 1980s, Mr. Garton Ash was suspected by the Stasi of being a foreign-intelligence operative. They gathered intelligence on him from a range of people, as he described in his book “The File.”

One informer was an elderly East German woman he had befriended after meeting by chance at an exhibition. She spied on him in exchange for being allowed to visit her son who had fled to the West. “She was much more a victim than I was,” he said.

“We who grew up in Washington D.C. or London should all at least ask ourselves, how would I have behaved if I lived in a dictatorship?” said Mr. Garton Ash. “I’d like to think I would have been an heroic dissident, but maybe I wouldn’t have been. So that’s a question we should really all have in our minds before sitting in easy judgment on people who, like this wonderful, lovely old lady, informed for the most compelling human reason: She wanted to see her son again.”

Declassified tapes give new insight into inner workings of East German Stasi
By Joe Evans

Among the most disturbing recordings is the 1984 interrogation of a young woman branded a traitor for seeking permission to visit her sick mother in West Germany.

The woman has already been stripped of her socialist party membership card – “her passport to security and status,” the paper explains – and lost her job as a teacher, and is working as a cleaner in order to feed her son.

In a striking example of “the silken glove that sometimes concealed the iron fist”, she finally agrees to serve as a Stasi informant in return for being allowed to go the West to care for her mother.

As Germany’s secret-police archive shutters, reckoning for its victims continue
By Emily Schultheis

When Siegfried Wittenburg first sat down to read the file compiled on him by the Stasi, East Germany’s secret police, he wasn’t sure what to expect. It was 1999, a decade after the fall of the Berlin Wall and the reunification of Germany. Wittenburg, 68, a photographer and former East German citizen, had spent a decade chronicling the regime. Among the images he captured were scenes of poverty, scarcity, and protest—things the East German government didn’t want seen at the time, leading them to censor some of Wittenburg’s photos at his exhibitions in the 1980s. Understandably, he was curious—and apprehensive—about the information his file might contain.

“I read it like a crime novel,” he says.

For Wittenberg, after years of not knowing who had informed on him or how closely he was being watched, many of the answers were suddenly right in front of him. The six hours he spent with his file that day were filled with mixed emotions. At times, he couldn’t help laughing at the innocuous details in the file, such as the comments of his that were recorded completely out of context, or the time they reported on his English-language correspondence but wrote they were unable to evaluate it due to the language.

Reading other entries, “my hair stood on end,” he says. Understanding the sheer scope of the surveillance Wittenburg faced was hard to process: Those reporting on him included a union colleague, his boss, acquaintances at cultural organisations, and, most surprisingly, the partner of his wife’s best friend. Seeing the amount of information collected and the way it was gathered—he found proof the Stasi had searched his apartment—he began to understand how tenuous his situation had been and consider the impact on his family: “Just one more false move, and I would have been in prison.”

Stasiland now
By Anna Funder

In 1996 I was told none of the ex-Stasi would speak to me; that they had all gone to ground. And it was true that they were hiding, lying low fearing public shaming, or Romanian-style lynchings. When I found them they insisted on anonymity and met me in clandestine places. One even disguised himself as a Westerner, in leather elbow-patched tweed. Another gave me a copy of The Communist Manifesto with a signed dedication, telling me he hoped I might take it back to Australia to sow the seeds of socialism in a corner of the world as yet untainted by prejudice against them.

Previously, these men had accepted the politics of the GDR as a reality that could not, or should not, be changed. They worked within it: wanting careers, education for their children, a nice life. So they paid a price that did not look like a mistake at the time; it looked like a career move. If sometimes the justification of doing something “for the cause” only just papered over their misgivings, they quickly got rid of those. I met men who spied on their families and friends; opened boots of cars in transit to West Berlin and sent would-be escapees off to prison; recruited informers in churches, schools, pubs and factories; bribed West German journalists and spread “disinformation” in West Germany in order to bring down politicians there. One man I visited, “Herr Bock”, was a teacher of Spezialdisziplin or, as he explained to me, “the art of the handler”. I sat in his gloomy house as he gave me a lecture on how to recruit informers. He told me that the regime had needed more and more informers and more and more Stasi men because more and more enemies kept emerging. When I asked him who these enemies were he told me, painstakingly and as if I were dim, that by definition, anyone put under surveillance was an enemy. There were professors of law, he said, who spent their careers, in fact whose promotions depended on, expanding the paragraphs of the law so as to be able to include more “enemies” in them. But, he added, in his view this was actually taken too far. When I asked what he meant by “too far”, he said, “too far to be able to be implemented with the available resources. We didn’t have enough agents and informers to keep up with the ever increasing numbers of enemies.” This expressed perfectly the closed system of enmity and “full employment” that was the GDR: you can create a lot of full-time jobs in an apparatus of fear if everyone is your enemy.

Current estimates have the number of Stasi agents and informers as 1 for every 6.5 people in the country. Under Hitler, it is estimated there was one Gestapo agent for every 2000 citizens, and in Stalin’s USSR one KGB agent for every 5830 people. In the 1990s the West German media called the GDR “the most perfected surveillance state of all time”. Now this must be qualified, because of what has come after: the GDR was possibly the most thoroughly surveilled state of the pre-­internet age.

Beware the digital Stasi in your pocket
By Adam LeBor

Run by Erich Mielke, a veteran communist, the Stasi was one of the most effective secret police forces in history. It recorded conversations, opinions, medical histories and, especially, any contact with foreigners, in millions of carefully numbered, classified files. It even archived the smells of dissidents. The Stasi left behind 160km of files, dossiers and tapes on about 6m people. Hannah Arendt, the writer and philosopher, coined the phrase the “banality of evil” to describe Nazi totalitarianism, but it could just as well be applied to the Stasi.

Today, the Normannenstrasse complex is a fine, if thoroughly chilling, museum. So it was with relief that I stepped outside and walked towards the U-Bahn station in the bright late summer sunshine. How wonderful that the era of mass, intrusive surveillance is over, I thought as I took out my iPhone to check Google Maps.

And then it hit me. That era wasn’t over at all. Rather, it had escalated to a new level of data volume, speed, efficiency and, most surprising of all, wilful mass compliance. Now I — and everyone with a smartphone — was carrying a digital Stasi in my pocket. Not only was I willingly feeding more personal data than Mielke could have dreamt of, and to who knows where, I had paid several hundred pounds for the privilege.

Banal Smartphone Apps Are the New Surveillance State
By Jacob Silverman

In 2012, Factual, a Los Angeles–based technology company, had world-conquering ambitions. Intoxicated by the utopian rhetoric surrounding the growing field of big data, it planned to collect unprecedented amounts of information, enabling it “to identify every fact in the world,” as a New York Times profile put it. Whether cataloging types of cigars or tracking the specialties of America’s doctors, Factual was creating a Borgesian library of all the bits and bytes describing our world, promising to tease out novel connections and market-ready insights. From there, it would be a quick journey to immense profits.

Eight years later, Factual is a success, but it looks nothing like the animating vision that founder Gilad Elbaz described in the Times. Instead, armed with more than $100 million in investment funding, Factual has largely pivoted to location data—that is, tracking the locations of users’ smartphones to target ads and to collect and analyze information about consumer behavior. Factual is now a quintessential surveillance capitalist concern. Its job is to understand not the world but how people move through it and what they do—and then monetize it.

Where does that data and analysis go? To whom is your information sold? It’s often a mystery because this vast, growing industry is largely unregulated. But we do know that some of it is bought by various tentacles of the military-industrial complex.

One of Factual’s partners is a company called X-Mode. In an investigation published on Monday, Vice’s Joseph Cox revealed that X-Mode collects data from numerous apps and sells some of it to U.S. military contractors. “Many of the users of apps involved in the data supply chain are Muslim,” Cox noted. Among those apps is Muslim Pro, a prayer reminder that has been downloaded almost 150 million times across various platforms, as well as a step-counter app and an app for following extreme weather. (In an email, Foursquare clarified that they receive data from X-Mode but do not send them data.)* Another significant data broker with military ties is a company called Babel Street, which makes Locate X, a smartphone location-tracking product that has been used by U.S. Special Operations Command.

This is the new iteration of the surveillance state: a public-private partnership between tech companies and the government to track people en masse and without their consent.

On a mass scale, this data can offer insights about whole populations, but on an individual level, it can reveal sensitive personal information: doctor’s visits, Alcoholics Anonymous meetings, even the movements of Secret Service agents. These kinds of data streams hold great interest for law enforcement and government agencies, both in the U.S. and abroad.

German police secretly bought NSO Pegasus spyware
By Deutsche Welle

The German Federal Criminal Police Office (BKA) bought notorious Pegasus spyware from the Israeli firm NSO in 2019, it was revealed Tuesday.

The German government has been asked specifically about the use of NSO spyware three times in recent years and has largely refused to account for its use or subject itself to scrutiny for it.

The BKA began its negotiations with NSO in 2017. For years, the BKA had made use of its own in-house surveillance software, but it became cumbersome and outdated, which is why authorities turned to NSO.

Private Israeli spyware used to hack cellphones of journalists, activists worldwide
By Dana Priest, Craig Timberg and Souad Mekhennet

Pegasus is engineered to evade defenses on iPhones and Android devices and to leave few traces of its attack. Familiar privacy measures like strong passwords and encryption offer little help against Pegasus, which can attack phones without any warning to users. It can read anything on a device that a user can, while also stealing photos, recordings, location records, communications, passwords, call logs and social media posts. Spyware also can activate cameras and microphones for real-time surveillance.

The attack can begin in different ways. It can come from a malicious link in an SMS text message or an iMessage. In some cases, a user must click on the link to start the infection. In recent years, spyware companies have developed what they call “zero-click” attacks, which deliver spyware simply by sending a message to a user’s phone that produces no notification. Users do not even need to touch their phones for infections to begin.

I Was Hacked. The Spyware Used Against Me Makes Us All Vulnerable.
By Ben Hubbard

In 2018, I had been targeted with a suspicious text message that Citizen Lab determined had likely been sent by Saudi Arabia using software called Pegasus. The software’s developer, the Israel-based NSO Group, denied its software had been used.

This year, a member of The Times’s tech security team found another hacking attempt from 2018 on my phone. The attack came via an Arabic-language WhatsApp message that invited me by name to a protest at the Saudi Embassy in Washington.

Bill Marczak, a senior fellow at Citizen Lab, said there was no sign that either attempt had succeeded since I had not clicked on the links in those messages.

But he also found that I had been hacked twice, in 2020 and 2021, with so-called “zero-click” exploits, which allowed the hacker to get inside my phone without my clicking on any links. It’s like being robbed by a ghost.

In the second case, Mr. Marczak said, once inside my phone, the attacker apparently deleted traces of the first hack. Picture a thief breaking back into a jewelry store he had robbed to erase fingerprints.

Tech security experts told me it was nearly impossible to definitively identify the culprits.

But based on code found in my phone that resembled what he had seen in other cases, Mr. Marczak said he had “high confidence” that Pegasus had been used all four times.

In the two attempts in 2018, he said, it appeared that Saudi Arabia had launched the attacks because they came from servers run by an operator who had previously targeted a number of Saudi activists.

It was not clear which country was responsible for the 2020 and 2021 hacks, but he noted that the second one came from an account that had been used to hack a Saudi activist.

I have been writing about Saudi Arabia for years and published a book last year about Crown Prince Mohammed bin Salman, the kingdom’s de facto ruler, so Saudi Arabia might have reasons for wanting to peek inside my phone.

NSO denied its products had been involved in the hacks, writing in an email that I “was not a target of Pegasus by any of NSO’s customers” and dismissing Mr. Marczak’s findings as “speculation.”

The company said it had not had the technology described in the 2018 attempts, and that I could not have been a target in 2020 or 2021 because of “technical and contractual reasons and restrictions” that it did not explain.

The Saudi Embassy in Washington did not respond to a request for comment.

NSO declined to say more on the record, but The Times reported that the company had canceled its contracts with Saudi Arabia in 2018 after Saudi agents killed the dissident writer Jamal Khashoggi, only to resume doing business with the kingdom the following year, adding contractual restrictions on the use of the software.

NSO shut down the Saudi system again this year after Citizen Lab found that the government had used Pegasus to hack the phones of 36 employees of the Arabic satellite network Al Jazeera.

Revealed: murdered journalist’s number selected by Mexican NSO client
By Nina Lakhani

The hitmen came for Cecilio Pineda Birto as he swung in a hammock at a carwash, waiting for his pickup to be cleaned.

The 38-year-old freelance reporter was shot dead on 2 March 2017 in Ciudad Altamirano, a town in the southern Mexican region of Tierra Caliente – a battleground for rival organised crime factions.

A few hours earlier, Pineda had in a broadcast on Facebook Live accused state police and local politicians of colluding with a violent local capo known as El Tequilero.

In previous weeks, Pineda had received a string of anonymous death threats. At about the same time, his mobile phone number was selected as a possible target for surveillance by a Mexican client of the spyware company NSO Group.

The gunmen who murdered him could have learned of his location at a public carwash through means not related to NSO’s technologies, or its clients. But his attackers knew exactly where to find him, even though the hammock where he lay was not visible from the street.

Like most local crime reporters, Pineda frequently received death threats. But while other journalists often tried to avoid trouble through self-censorship, Pineda played down the risks, said Agustín Hernández, a close friend and former colleague. “Cecilio would get into problems because he was so direct. We would tell him to take it easy but he always said everything would be fine,” he said.

Still, Pineda had panic attacks and insomnia, and in 2015 he contacted the federal protection mechanism for human rights workers and journalists, a quasi-independent agency within the home affairs ministry.

The Guardian obtained a recording of Pineda’s final meeting with the mechanism in October 2016, when he voiced fears about a threat from the town of San Miguel Totolapan. The officials acknowledged the gravity of the situation but closed Pineda’s case because he refused to relocate to another state.

In the recording, he says he is managing the risks: “The people who could do me harm could hire killers, but they wouldn’t know my whereabouts.”

A few weeks later he was selected as a possible target for surveillance by an NSO client.

Mexico makes first arrest in Pegasus spying scandal
By Mary Beth Sheridan

Mexican authorities have made their first arrest in the global spy scandal surrounding the malware Pegasus, jailing a technician who worked for a private firm on allegations he was involved in illegally tapping the phone of a broadcast journalist.

Authorities did not identify the journalist who was surveilled. But Carmen Aristegui, a well-known investigative reporter, disclosed Tuesday that the case involved the tapping of her phone in 2015 and 2016.

Phone-tapping in Mexico exploded in recent years, with new technology permitting the expansion of decades-old practices rooted in the country’s authoritarian past, according to analysts and former officials.

Mexico’s government has acknowledged spending millions of dollars to acquire Pegasus for its Justice Ministry and domestic spy agency, the CISEN, but says it ended such contracts in 2017. Nongovernmental groups identified signs of the NSO spyware in the phones of 26 Mexican journalists, activists and politicians between 2015 and 2017, triggering outrage.

What’s unusual about García’s arrest is that he worked not for the government but for a private firm that licensed the spyware on behalf of NSO Group, according to prosecutors. “We tentatively believe that he’s the person who operated the system [in Mexico] and could be of great importance to the investigation,” said Ricardo Sánchez Pérez del Pozo, a prosecutor, speaking on Aristegui’s daily radio program.

The allegation raises the possibility that business executives were involved in a parallel spy network “for their own gain, but in coordination with senior Mexican officials,” said Leopoldo Maldonado, the Mexico director for Article 19, a press freedom group that has supported Aristegui.

Aristegui says her phone was infected by Pegasus in 2015, after she and a team of reporters broke a story about a suspicious real estate deal involving the wife of then-President Enrique Peña Nieto. Aristegui’s son, then 16, and one of her colleagues were also targeted, according to an investigation by Citizen Lab, a technology research center at the University of Toronto, and several Mexican nongovernmental groups.

FT editor among 180 journalists identified by clients of spyware firm
By David Pegg, Paul Lewis, Michael Safi and Nina Lakhani

Khadija Ismayilova, an award-winning Azerbaijani investigative journalist, was also confirmed by technical analysis to have been hacked with Pegasus in 2019. She has spent years reporting on the network of corruption and self-enrichment that surrounds the autocratic president, Ilham Aliyev, who has ruled his country since seizing power in 2003.

She has faced a sustained campaign of harassment and intimidation in retaliation for her work. In 2012 intimate videos of her, filmed using a camera installed in her apartment without her knowledge, were published online shortly after she received a letter warning her to “behave or be defamed”.

In 2014 she was arrested on charges of alleged tax evasion, “illegal business” offences, and the “incitement to suicide” of a still-living colleague. She was released from a jail sentence of seven and a half years following an appeal, though remained subject to a travel ban as well as an asset freeze preventing her from accessing her own bank account until recently.

Her phone was almost certainly hacked by agents of the Aliyev regime, according to analysis of the leaked data. The same NSO customer also selected as surveillance candidates more than 1,000 other Azerbaijani phones, many belonging to Azerbaijani dissidents, as well two of Ismayilova’s lawyers.

“I feel guilty for the sources who sent me [information], thinking that some encrypted messaging ways are secure. They did it and they didn’t know my phone was infected,” Ismayilova said.

“My family members are also victimised, people I’ve been working with. People who told me their private secrets are victimised. It’s not just me.”

She said she was angry with those who “produce all of these tools and sell them to the bad guys like the Aliyev regime. It’s despicable, it’s heinous … When the video was exposed, it was just me. Now I don’t know who else has been exposed because of me, who else is in danger because of me.”

Pegasus spyware found on journalists’ phones, French intelligence confirms
By Kim Willsher

French intelligence investigators have confirmed that Pegasus spyware has been found on the phones of three journalists, including a senior member of staff at the country’s international television station France 24.

It is the first time an independent and official authority has corroborated the findings of an international investigation by the Pegasus project – a consortium of 17 media outlets, including the Guardian.

A source at France 24 said the broadcaster had been “extremely shocked” to discover one of its staff had potentially been monitored.

“We are stupefied and angry that journalists could be the object of spying. We will not be taking this lying down. There will be legal action,” the source said.

Le Monde reported that the France 24 journalist, based in Paris, had been selected for “eventually putting under surveillance”. Police experts discovered the spyware had been used to target the journalist’s phone three times: in May 2019, September 2020 and January 2021, the paper said.

Bredoux told the Guardian that investigators had found traces of Pegasus spyware on both her and Plenel’s mobile phones. She said the confirmation of long-held suspicions that they had been targeted contradicted the repeated denials of those who were believed to be behind the attempt to spy on them.

“It puts an end to the idea that this is all lies and fake news. It’s the proof we need,” Bredoux said.

Bredoux added: “It takes a bit of time to realise it, but it’s extremely unpleasant to think that one is being spied on, that photos of your husband and children, your friends – who are all collateral victims – are being looked at; that there is no space in which you can escape. It’s very disturbing.”

But Bredoux, who in 2015 wrote a series of articles on Abdellatif Hammouchi, the director general of Moroccan internal intelligence, said her main concern was for the journalists’ contacts.

“As journalists, what is even more worrying is that sources and contacts may have been compromised, that these are violations not just of your privacy and private life, but of the freedom of the press.

“We are not in the same situation as the journalists in Morocco but are being used like Trojan horses to get at them, so my thoughts are with our colleagues in Morocco.

“That my telephone could be used to help attack these journalists who fight every day makes me very angry.”

Pegasus: French President Macron identified as spyware target
By BBC News

French President Emmanuel Macron is one of several world leaders believed to have been targeted for phone hacking using spyware, media reports say.

French newspaper Le Monde reports that Moroccan intelligence services identified a phone that Mr Macron had been using since 2017.

Morocco has denied being a client of Israeli manufacturer of Pegasus.

Being on the list does not mean that the software was used but it does mean that the person was a potential target.

It is not clear if the software was ever installed on the French president’s phone.

Numbers on the leaked list are also said to include those of President Baram Salih of Iraq and South Africa’s Cyril Ramaphosa, as well as the current prime ministers of Pakistan, Egypt and Morocco, and the King of Morocco.

More than 600 government officials and politicians from 34 countries are on the list.

NSO clients spying disclosures prompt political rows across world
By Nina Lakhani, Michael Safi, Dan Sabbagh, Shaun Walker, Stephanie Kirchgaessner and Hannah Ellis-Petersen

Apple’s stock price fell 2.4% by lunchtime amid concerns that NSO’s Pegasus software can infiltrate and take over the latest versions of iPhones without a single click from their owner. The spyware software, which can also infect Android devices, can secretly extract and monitor the contents of a device, potentially turning on its microphone for surveillance purposes.

Apple insists it leads the industry in security innovation and that iPhones are “the safest, most secure consumer mobile device on the market”.

Amazon said it had stopped providing network services for NSO once it had learned of potential abuses of its technology, confirming it “acted quickly to shut down the relevant infrastructure and accounts”.

Apple Sues Israeli Spyware Maker, Seeking to Block Its Access to iPhones
By Nicole Perlroth

Apple sued the NSO Group, the Israeli surveillance company, in federal court on Tuesday, another setback for the beleaguered firm and the unregulated spyware industry.

The lawsuit is the second of its kind — Facebook sued the NSO Group in 2019 for targeting its WhatsApp users — and represents another consequential move by a private company to curb invasive spyware by governments and the companies that provide their spy tools.

Apple, for the first time, seeks to hold NSO accountable for what it says was the surveillance and targeting of Apple users. Apple also wants to permanently prevent NSO from using any Apple software, services or devices, a move that could render the company’s Pegasus spyware product worthless, given that its core business is to give NSO’s government clients full access to a target’s iPhone or Android smartphone.

Apple is also asking for unspecified damages for the time and cost to deal with what the company argues is NSO’s abuse of its products. Apple said it would donate the proceeds from those damages to organizations that expose spyware.

Apple executives described the lawsuit as a warning shot to NSO and other spyware makers. “This is Apple saying: If you do this, if you weaponize our software against innocent users, researchers, dissidents, activists or journalists, Apple will give you no quarter,” Ivan Krstic, head of Apple security engineering and architecture, said in an interview on Monday.

After filing its lawsuit Tuesday, Apple said it would offer free technical, threat intelligence and engineering assistance to Citizen Lab and other organizations engaged in rooting out digital surveillance. Apple also said it would donate $10 million, and any damages, to those organizations.

Digital rights experts said Apple’s suit threatened NSO’s survival. “NSO is now poison,” said Ron Deibert, director of Citizen Lab. “No one in their right mind will want to touch that company. But it’s not just one company, this is an industrywide problem.”

He added that the suit could be a step toward more oversight of the unregulated spyware industry.

“Steps like this are useful, but incomplete,” Mr. Deibert said. “We need more action by governments.”

Israeli firm NSO pushed its government to ask U.S. counterparts about lifting sanctions, letter shows
By Barak Ravid

Israeli cyber intelligence company NSO asked the Israeli government for assistance in trying to lift sanctions imposed by the U.S. Department of Commerce, according to a letter obtained by Axios.

Why it matters: The department’s decision last week to black list NSO for engaging in activities contrary to the national security or foreign policy interests of the United States was the first time the U.S. government has targeted Israeli cyber companies, which receive their export licenses from the Israeli Ministry of Defense.

Driving the news: NSO’s CEO Shalev Hulio last Tuesday sent a letter to Prime Minister Naftali Bennett with copies to Foreign Minister Yair Lapid, Defense Minister Benny Gantz and Finance Minister Avigdor Lieberman. Hulio classified the letter as “Secret.”

  1. He wrote that NSO was surprised by the U.S. decision and claimed it was a result of an orchestrated campaign by anti-Israeli organizations who want to harm Israeli companies for political reasons.
  2. Hulio added that the move could cause hundreds of the company’s Israeli employees to lose their jobs and stressed that formal backing by the Israeli government “is a basic condition” for the efforts to lift the U.S. sanctions.

They got hacked with NSO spyware. Now Israel wants Palestinian activists’ funding cut
By Daniel Estrin

An ongoing dispute over six Palestinian activist groups that Israel accuses of terrorism took a turn this week into the cloak-and-dagger world of Israeli spyware.

The week has seen several developments: On Sunday, the Israeli military outlawed five Palestinian civil society organizations in the Israeli-occupied West Bank, meaning it could close them down and arrest their leaders. (A sixth had already been banned previously). The move came after Israel designated them as terrorist groups last month.

On Monday, cyber researchers said Israeli-made spyware from NSO Group targeted three of those groups’ activists.

The most prominent of the newly outlawed civil society groups is Al-Haq, founded in 1979, which documents abuses against Palestinian civilians allegedly committed by both Israel and Palestinian officials.

The others are Addameer, a Palestinian prisoner rights group, Defense for Children International – Palestine, which promotes children’s rights, the Bisan Center for Research and Development, promoting socioeconomic development, the Union of Palestinian Women’s Committees and the Union of Agricultural Work Committees.

The United Nations, major European countries and aid groups have partnered with many of these groups and provided them direct government funding.

All the groups deny Israel’s claims they are linked to terrorism, and Israeli human rights groups have come to their defense.

“If you have evidence, come and present it,” says Tahseen Elayyan of Al-Haq. He alleges that Israel is pursuing Al-Haq because of its work preparing Palestinian claims against Israel in the International Criminal Court.

Israel alleges the groups’ directors constitute the secret leadership of the Popular Front for the Liberation of Palestine in the West Bank, a Marxist political movement founded in the 1960s that opposed the Oslo peace accords between Israel and the Palestinians. Its military wing has carried out deadly attacks against Israelis. The U.S. and European Union classify the PFLP as a terrorist organization.

“In order to break the spine of the PFLP, we need to deal with these six organizations,” the Israeli official says.

He believes the six groups diverted more than half of their international funding to the PFLP. He did not provide NPR evidence to back his claims, saying it was classified.

Last month, a researcher from the Palestinian rights group Al-Haq noticed something suspicious on his iPhone, and international hacking experts determined it was infected with Pegasus. They determined the same for five other Palestinian activists’ phones.

It marks the first documented use of NSO spyware against Palestinians. Israel’s Shin Bet would not confirm the spyware was used in its campaign against the Palestinian organizations.

Despite Abuses of NSO Spyware, Israel Will Lobby U.S. to Defend It
By Ronen Bergman and Patrick Kingsley

According to Israeli government policy, Pegasus cannot be used by a foreign government against Israeli numbers, such as those belonging to the Palestinians in the outlawed groups. An Israeli government agency, however, would have the authority to use the software against an Israeli number.

This policy, coupled with the accusations in the new analysis, raised questions about whether the Israeli government had used the spyware against the Palestinian rights advocates.

Inside Israel’s lucrative — and secretive — cybersurveillance industry
By Amos Barshad

Behind NSO Group, there are many more. Cellebrite offers services to reconstruct data deleted from devices. The company gained renown after it was suggested that they cracked the iPhone of the 2015 San Bernardino shooters for the FBI. NSO’s sister company Circles sells the ability to locate a person’s physical location using only their phone number. Candiru goes after servers; it’s named after the Amazonian fish famed for “parasitizing the human urethra.”

Many of these companies are marketed globally on the prestige of their former Israeli intelligence founders and employees. Some observers of the industry argue that these companies exaggerate the scope of their dark arts. Subsequent reporting indicated Cellebrite did not actually crack the iPhone in the San Bernardino case. More recently, Cellebrite had to walk back claims that it can hack the encrypted messaging app Signal. Said Signal of Cellebrite, in a dismissive statement, “They don’t do live surveillance of any kind.”

When we speak in late 2020, Eitay Mack has just filed a petition to stop the shipment of Israeli-made Negev machine guns to São Paulo’s military police. For years, the activist attorney fought the international export of traditional Israeli weapons. But the last few years, he explains, have brought “a change in my perspective.”

These days an oppressive regime “doesn’t have to shoot protestors,” he says. “With Israeli technologies, they manage to prevent protests before they happen. The Israeli surveillance system is the new Uzi.”

All Israeli weapons exports have to be approved by Israel’s Ministry of Defense. But the details of the sales are classified. In an annual briefing, the Ministry reports only the total monetary amount of sales and the total number of countries sold to.

Israel has strict military censorship. That means it’s actually illegal for Mack, as an Israeli citizen, to obtain classified Israeli military information. Mack, then, does all his work based on information acquired from activists and open sources. “A lot of information is already online,” he explains, bemusedly. “These kinds of regimes are proud of gaining Israeli technology.”

In 2015, he discovered a sale to the Myanmar military after the head of the military posted photos of Myanmar soldiers with Israeli weapons on Facebook. (As of a February coup, Myanmar is again under military control.) He found a Ukrainian neo-Nazi group, the Azov Battalion, was using Israeli Tavor rifles via the group’s Instagram account. He learned Cellebrite was selling to the Venezeulan government by reading the internal magazine of an elite Venezeulean investigation unit.

Mack has also found evidence that Cellebrite has sold its technology to Indonesia, where LGBTQI communities have suffered arrests, and to Belarus, where free-election activists have endured crackdowns. In Hong Kong, Cellebrite tech was allegedly used to crack phones confiscated from pro-democracy activists, including Joshua Wong, who is serving a year-long jail sentence for his involvement in the protests. In Russia, Cellebrite has been used at least 26,000 times by Putin’s pet spy unit, the Investigative Committee, which has targeted opposition leader Alexey Navalny and hundreds of human-rights groups. Cellebrite is also selling briskly in the U.S. According to Gizmodo, eight school districts, including the 600,000-student-strong Los Angeles Unified School District, have bought Cellebrite tech to unlock student cell phones.

In Mack’s view, the sale of cyberweapons is, first, a continuation of Israel’s decades of exports of traditional weapons: in the 1960s, to the military dictatorship in Brazil; in the 1990s, to the conflicts in Rwanda and the Balkans; in recent years, to the civil war in South Sudan.

It’s not just Israeli weaponry that moves around the world — it’s Israeli people too. DarkMatter is a private Abu Dhabi intelligence firm that, according to Reuters reporting, is widely believed to be a contractor for the UAE government.

After years of sending software and talent to the small but influential Gulf state, it’s no coincidence, says Mack, that the UAE and Israel reached a Trump-brokered normalization agreement in the summer of 2020.

In the Israeli cyberweapon sector, he argues, “the companies are implementing government policy.” Mack says Israeli companies are not truly private, like their European or American counterparts. “Israel has so much military sensitivity” that, in effect, many of these cyberweapon sales are “military agreements between governments.”

Primarily, Mack sees cyber sales as tied to “the other problem of Israeli security”: the cold war with Iran and its proxies across the Middle East. From this point of view, Israel’s export sales are either about shoring up relationships or about destabilizing its enemies — or about anything else that can be seen as a net good for Israel’s place in the global order. Israeli tech reporter Amitai Ziv has argued that “when Israel sells weapons to Morocco or to Saudi Arabia, it obtains diplomatic quiet and weakens international criticism of the occupation. Thus, one crime justifies another.”

One month after Jamal Khashoggi’s murder in 2018, during an appearance at a Tel Aviv tech conference, Edward Snowden publicly accused NSO Group of helping the Saudis monitor Khashoggi before his death. That same week, a popular Israeli late talk show, “Good Evening with Guy Pines,” ran a short, peculiar segment about the spyware firm.

By piecing together a few social media posts, the talk show had figured out that NSO Group had recently flown hundreds of its employees out for a secret company retreat at a luxury resort in Thailand. There were massages, poolside parties, NDAs, and exclusive performances from the singer Netta (she won Eurovision Song Contest 2018) and the mentalist Lior Suchard (he performed at Kanye West’s 41st birthday).

In the segment, Pines and his co-host, Shalmor Shtruzman, talk about NSO Group with a smirking remove. At one point, Shtruzman says that NSO could “invade the privacy of every human being in the world.” Adds Pines, sarcastically, “but on a beach in Thailand, who has the energy to deal with privacy?”

The Surveillance Apparatus That Surrounded Britney Spears
By Liz Day and Samantha Stark

Britney Spears’s father and the security firm he hired to protect her ran an intense surveillance apparatus that monitored her communications and secretly captured audio recordings from her bedroom, including her interactions and conversations with her boyfriend and children, according to a former employee of the security firm.

Alex Vlasov, the employee, supported his claims with emails, text messages and audio recordings he was privy to in his nine years as an executive assistant and operations and cybersecurity manager for Black Box, the security firm. He came forward for a new documentary by The New York Times, “Controlling Britney Spears,” which was released on Friday.

Mr. Vlasov said that Ms. Spears’s phone had been monitored using a clever tech setup: The iCloud account on her phone was mirrored on an iPad and later on an iPod. Mr. Yemini would have Mr. Vlasov encrypt Ms. Spears’s digital communications captured on the iPad and the iPod to send to Mr. Spears and Robin Greenhill, an employee of Tri Star Sports & Entertainment Group, the former business manager for the singer’s estate.

This arrangement allowed them to monitor all text messages, FaceTime calls, notes, browser history and photographs.

“Her own phone and her own private conversations were used so often to control her,” Mr. Vlasov said.

Mr. Vlasov said Mr. Yemini and another Black Box employee had once given him a portable USB drive and asked him to delete the audio recordings on it.

“I had them tell me what was on it,” Mr. Vlasov said. “They seemed very nervous and said that it was extremely sensitive, that nobody can ever know about this and that’s why I need to delete everything on it, so there’s no record of it. That raised so many red flags with me and I did not want to be complicit in whatever they were involved in, so I kept a copy, because I don’t want to delete evidence.”

The drive, he discovered, contained audio recordings from a device that was secretly placed in Ms. Spears’s bedroom — more than 180 hours of recordings. Mr. Vlasov said he had thought the timing was curious because some of the recordings were made around the time that a court investigator visited Ms. Spears to perform a periodic review in September 2016.

Mr. Spears was particularly interested in Ms. Spears’s boyfriends, Mr. Vlasov said. The security team tailed her boyfriends in a continuing effort to look for incriminating behavior or other evidence that they might be a bad influence on Ms. Spears, he said.

“There was an obsession with the men in Britney’s life,” Mr. Vlasov said.

Her boyfriends were required to sign strict nondisclosure agreements, Mr. Vlasov said. An agreement signed in 2020 by her boyfriend at the time, Sam Asghari, who is now her fiancé, technically forbade him to post on social media about Ms. Spears without Mr. Spears’s prior written approval.

In a confidential report by a court investigator that was obtained by The Times, the investigator wrote in 2016 that Ms. Spears had told her that she could not befriend people, especially men, without her father’s approval and that the men she wanted to date were “followed by private investigators to make sure their behaviors are acceptable to her father.”

Another object of intense interest among those controlling Ms. Spears’s life, Mr. Vlasov said, was the so-called Free Britney movement, a growing cohort of fans that in recent years has brought heightened attention to the conservatorship case. Black Box Security sent investigators to infiltrate the group at a rally in April 2019 and to develop dossiers on some of the more active participants.

“Undercover investigators were placed within the crowds to talk to fans to ID them, to document who they were,” Mr. Vlasov said. “It was all under the umbrella of ‘this is for Britney’s protection.’” He shared surveillance photographs with The Times that corresponded to photos posted by Free Britney participants that day.

Black Box prepared a “threat assessment report” dated July 2020 that included background information on several fans within the movement, including people who had popular podcasts and social media accounts like “Britney’s Gram,” “Eat, Pray, Britney,” “Lawyers for Britney” and Diet Prada. One activist, described as a young mother in Oklahoma, Megan Radford, was classified as “a high risk due to her creation and sharing of information.”

An email from August 2020 sent by Mr. Yemini discussed the possibility of surveilling Kevin Wu, a fan who runs the prominent Twitter account Free Britney L.A.

“They were extremely nervous, because they had zero control over the Free Britney movement and what’s going to come out of it,” Mr. Vlasov said.

The fees for surveilling Ms. Spears’s boyfriend and the Free Britney participants, Mr. Vlasov said, were billed to Ms. Spears’s estate.

Black Cube: The Bumbling Spies of the ‘Private Mossad’
By Bradley Hope and Jacquie McNish

In 2017, a private investigator masquerading as an adviser to a wealthy Indian businessman blundered trying to dig up dirt on an outspoken Russia critic. An undercover operative unsuccessfully tried to prod a former Canadian judge to disparage Jews in the same year. Last year, agents were exposed engineering a smear effort against financier George Soros.

The would-be secret agents all worked for Black Cube, a private Israeli investigative firm often referred to in press reports as a “private Mossad.”

The firm has helped clients by covertly eliciting damaging information about competitors or legal opponents, among other things. But a number of its cases in recent years have been marred when flimsy cover stories were exposed by bumbling agents and risky tactics, according to a review of past cases and Black Cube internal documents, along with former employees, rivals, targets and clients.

Black Cube has grown to roughly 120 employees and catapulted into the public eye through scandals involving fake identities and subterfuge. In one case, a Black Cube agent posed as a “women’s rights activist” to secretly record an actress on behalf of Hollywood producer Harvey Weinstein as part of his efforts to quash sexual-assault allegations.

Other Black Cube efforts have been lower profile. Consider the firm’s push to gather dirt in August 2017 on a prominent critic of Russia President Vladimir Putin.

Vladimir Ashurkov, executive director of Russia’s Anti-Corruption Foundation, who lives in the U.K. after gaining political asylum in 2015, said he got an enticing pitch: A wealthy Indian businessman wanted to hire the small event-planning business Mr. Ashurkov ran with his wife to help him throw a huge party in London with dancers and musicians from Moscow. The unprompted email came from “Nile Bridge Capital.”

After dinner with one of the ostensible Nile Bridge executives in the Bvlgari Hotel, however, Mr. Ashurkov said he began to have doubts. He said the executive, “Patrik Dayan,” turned the conversation to Mr. Ashurkov’s work with Russian anticorruption campaigner Alexei Navalny. “How do you get money to him?” Mr. Dayan said in a lowered voice, according to Mr. Ashurkov, who said he deflected numerous queries before ending the dinner because “they seemed unbelievable and suspicious.”

In fact, Mr. Dayan and colleague “Vanessa Collins” were dispatched by Black Cube to dig up dirt on Mr. Navalny, one of the Russian government’s most outspoken critics, according to people familiar with the case. In an interview, Mr. Navalny said he’s “a problem for Putin.”

Black Cube targeted at least three other associates of his in the U.S. and Russia with similar ruses in what employees called “Project Vortex,” the people familiar with the case said. Black Cube’s Mr. Halevy said the case related to a client’s business dispute, and had no political purpose.

Meantime, some Black Cube agents have had missions derailed after encounters with targets and high-risk tactics backfired in the U.S., Canada and Europe.

Two Black Cube agents were jailed in Romania in 2016 after police accused them of illegally using devices and software to intimidate the country’s chief of anticorruption. The men received suspended sentences after pleading guilty, according to Romanian media.

Last year, Black Cube’s cover was blown on a case targeting billionaire George Soros. Employees with European aid groups funded by Mr. Soros were separately invited in early 2018 to meet with individuals in Europe and the U.S., said Csaba Csontos, a Berlin-based spokesman for the Soros-backed Open Society Foundations.

Some of the meetings in various hotels were secretly recorded, heavily edited and replayed by Hungarian media, which wrongly suggested Mr. Soros favored mass refugee settlements in Hungary, Mr. Csontos said.

The recordings were so primitively edited, said Mr. Csontos, that background hotel music skipped erratically like a broken record, adding: “It was ridiculous.”

The project was exposed as a Black Cube ruse when two operatives made the mistake of inviting an official with a Hungarian refugee-aid group, unrelated to Mr. Soros, to Vienna for a meeting. The aid worker grew suspicious when questioned about Mr. Soros and he took photos of his hosts, Mr. Csontos said.

People familiar with the matter identified the man as one of the firm’s top agents, Dan Lieberman. Black Cube declined to comment on behalf of Mr. Lieberman.

Excerpts of the edited recording were published by Hungarian media and Mr. Soros was portrayed on billboards and in some media as the mastermind of a secret plan to flood the country with illegal immigrants. After the smear campaign, anti-immigrant and right-wing populist Viktor Orban was re-elected Prime Minister.

Black Cube’s Mr. Halevy said the case was initiated by a businessman, whom he declined to identify, embroiled in a private dispute with Mr. Soros.

The Murky World of Private Spies and the Damage They May Be Doing
By William D. Cohan

“Everywhere one looked,” Meier writes, “operatives-for-hire seemed to be running amok.”

Meier is at his best telling the tale of Glenn R. Simpson, a former and somewhat celebrated Wall Street Journal reporter. Following 9/11, Simpson wrote about how terrorists got the money they needed to operate; then, after becoming a foreign correspondent based in Brussels, he abandoned journalism because, according to Meier, he saw “a void in the corporate intelligence industry and an opportunity to fill it with a different type of firm — one that embraced the values and ethical standards of journalism while working for private clients.” This ambition led Simpson to start SNS Global, with Sue Schmidt, another Journal reporter. SNS Global’s intent was to take assignments only from “good guys” — nonprofits, public interest groups and companies with “legitimate legal gripes.” But SNS Global failed after a year; Meier reports that Simpson and Schmidt had different personalities, different political views and different ambitions.

Fusion GPS was Simpson’s second coming. He started it with Peter Fritsch, yet another Journal reporter. Like SNS Global, Fusion GPS would tap Simpson’s and Fritsch’s investigative reporting skills for nonjournalistic purposes: both to work on projects with more explicit political goals and to get consistently higher paydays. Disseminating Steele’s unsubstantiated tales of Trump’s questionable behavior while in Moscow was meant to thwart his presidential aspirations.

The stories Meier shares about Simpson’s increasingly desperate attempts to get someone — anyone — to publish the Steele dossier are both sad and a little pathetic. Over and over Simpson tries to interest journalists in the report, with little success. Yet, as Meier reveals, Simpson became angry at Ben Smith, then the editor of BuzzFeed, now at The Times, after Smith made the decision to publish the dossier, largely without commentary, just before Trump’s inauguration. “Smith decided he wasn’t going to get beat,” Meier reports. But within minutes of Simpson achieving his longtime goal — the publication of the dossier in enough time to possibly damage Trump’s presidency — he called up a BuzzFeed reporter and screamed at him to take the dossier down. “You are going to get people killed,” Simpson reportedly said.

We also learn how cynical Simpson had become as a private spy. According to Meier, Simpson reportedly told Steven Lee Myers, a Times reporter, that however the 2016 presidential election turned out, “I get paid.”

‘Spooked’ Review: Private Eyes and Public Quarrels
By Barton Swaim

Today’s private detectives—or private spies, as Mr. Meier calls them—make a lot more money than Holmes and Poirot ever did. That is because they are typically hired by multinational corporations and law firms whose wealthy clients have an interest in finding out what their enemies are up to. Also, the secrecy and ethical corner-cutting involved in spying means that the corporations and law firms don’t exactly know what they’re paying for. Mr. Meier records a remark supposedly made by Jules Kroll, founder of the first modern “corporate intelligence” firm in 1972. Asked by a subordinate how he should estimate the cost of a case, Mr. Kroll responded: “You should figure out what you want and then triple it.”

The job of a modern private investigator is often to discover unflattering biographical data—aka “dirt”—on the client’s foes. A trailblazer in this area, as you may not be surprised to learn, was the Clinton-Gore campaign of 1992. Faced with the history of Bill Clinton’s extramarital pursuits, the Democratic National Committee hired the San Francisco-based firm Palladino & Sutherland to find dirt on Mr. Clinton’s paramours and so prevent more “bimbo eruptions,” as Clinton spokeswoman Betsey Wright unforgettably called them.

Mr. Meier presents both Mr. Simpson and Mr. Fritsch as bumptious, unscrupulous and incapable of self-criticism. He recounts a nasty episode in which Mr. Fritsch, after the health-tech company Theranos hired Fusion to manage media relations, tried to bully this newspaper’s reporter John Carreyrou out of publishing a story on the company’s fraudulent claims. (The bullying failed.) One reporter remembers Mr. Simpson calling him late at night “possibly drunk or stoned” and agitatedly offering to fly to New York to show the reporter Fusion’s dossier on Mr. Trump. “If I show it to you,” Mr. Simpson reportedly said, “I need a commitment that you’ll do a piece on it.”

‘The Steele Dossier Was a Case Study in How Reporters Get Manipulated’
By T.A. Frank

It’s a really weird world, and it’s filled with strange, strange characters. I went to one of those people, and I showed him emails showing that the person who supposedly was working for him, one private operative, was actually working against him. He was sort of like, “Meh, he’s a nice guy.” And I thought, This is crazy. That’s your reaction to this? And then I realized, Well, that’s fair, because this guy has been playing both sides of the street also. So, for him, it’s probably not that surprising.

It’s just business.

It’s just business. It’s not about animus or revenge or anything like that. It’s like: Okay, I worked for this guy one time. I don’t work for him now. Now he’s a target.

In those cases, we are talking about, literally, spy versus spy, or rascal versus rascal. Once you get out of that private espionage world, are there innocent people getting hurt by it?

Clearly. In the case of Black Cube, for example, there were these women who were victims of Harvey Weinstein who then became victims again because they were targets of Black Cube. And the whole agenda here was to take people with credible allegations of assault against this horrible producer and smear them and force them to go through public humiliation in order to achieve some measure of justice. So, yes, when these people are battling among themselves, who really gives a shit what happens to them? But there are also people who become their prey and often their victims.

Even in the case of the Steele dossier, I think it’s fair to say that, whatever people think of Donald Trump, there were several bit players who got quite damaged by it — people no one had heard of, like Belarus-born businessman Sergei Millian or Trump-campaign adviser Carter Page.

Yes, people like Carter Page suffered some fallout from the Steele dossier. I think I see the public as a much bigger victim. I mean, I would not have devoted as much time to the dossier as I did unless I thought there was a larger social, public ramification to it. And to me, what the dossier came to represent was how the work of these private operatives is subsumed into a hyperpartisan media and becomes this narrative that half of the public believes and half of the public doesn’t believe.

You point to a lot of lapses of reporting on Christopher Steele and the dossier, such as the McClatchy story placing Michael Cohen’s cell-phone signal in Prague and the Guardian story about a meeting between Paul Manafort and Julian Assange. Have any fellow journalists responded?

Not specifically. People who got it wrong are not really raising their head over the parapet at this point and saying, “Yeah, I got it wrong and here’s why I got it wrong.” But my purpose in writing was not to point to specific journalists and say, “You! Stand up against the wall! It’s time to confess!” It was really to point out that we as journalists — and I still very much consider myself as a journalist — need to reassess how we engage with hired spies and private operatives. I mean, [the Steele-dossier reporting] was a travesty. It is our job and it’s always been our job as journalists to scrutinize information. And that didn’t happen here. People jumped onto this train for a variety of reasons, be it political, professional, emotional, or what have you, and it ran straight into a wall.

When it comes to journalistic sins, do you see a meaningful difference in feeding private-spy information into a narrative and feeding government-spy information into a narrative? There have been a lot of intelligence leaks that have not panned out but were headline stories. Are those any less of a risk?

I think we have to be very scrupulous about identifying to the public where information is coming from. There’s a lot going on behind the curtain that the public is unaware of. And as journalists, we kind of go, “Well, trust us, we’re good. You don’t need to know about how the sausage is made, because we’re presenting you with this lovely meal.” But why are we continuing to operate that way?

During the Trump years, the news was awash in a constant flow of leaked allegations from murky places. You didn’t know who the source was, and you didn’t know whether it was true, and you didn’t know why the source might be leaking.

You see this type of misdirection or obfuscation taking place across the entire media spectrum. And a real driving force for me in writing the book was taking on the Steele dossier as a case study in how reporters can get manipulated or allow themselves to be manipulated and the havoc that results from that. When I was reporting about the drug OxyContin and the Sackler family, and this is going back almost 20 years, Purdue Pharma, the producer of OxyContin, was pointing to three studies that it claimed showed that OxyContin could be used at extremely high doses for very long periods of time without any risk of addiction or ill effects. And these three studies were constantly being parroted in the media. And I just thought to myself: What are these studies saying? And they turned out to be three obscure studies that I had to go to the National Library of Medicine to dig out that had nothing to do with the long-term use or safety of opioids. It’s like the same thing happened with the Steele dossier. No one went back and scrutinized Christopher Steele. No one went back and scrutinized Fusion GPS.

And when we get a look behind the curtain, such as when intelligence sources and methods have been revealed to the public, what has usually been shocking is not how great they are but how shoddy they are.

It’s an eye-opener. This whole arena of intelligence and intelligence reporting is probably the most difficult one for a journalist to venture into. In a case like a story about a drug or medical device, there is tangible evidence that you can seek out, like adverse-reaction reports that the government gets. When you step into the world of intelligence, you’re walking into this gray, murky arena where none of that tangible evidence exists and your information really is only as good as your sources. And I think that’s why there have been innumerable screwups in the past, the most notable one being the WMD situation — people relying on people and people relying on people. I think when you go into this realm of private intelligence, there may not be a governmental agenda, but now you have corporate agendas, profit agendas, and a whole mix of other agendas where information is being pulled together often from very questionable sources and ginned up to make it look like it’s credible.

Secret Sharers: The Hidden Ties Between Private Spies and Journalists
By Barry Meier

While I was examining the private intelligence business, it became clear that I needed to look at another profession, the one where my career had been spent — journalism. Reporters and private investigators long have had a symbiotic relationship that is hidden from the public. Hired spies feed journalists story tips or documents and use reporters to plant stories benefiting a client without leaving their fingerprints behind.

Fusion GPS, like its competitors, belonged to a wider web of enablers — lawyers, public relations executives and “crisis management” consultants — who serve the wealthy, the powerful and the controversial. For their part, private intelligence firms take on jobs that others don’t know how to do or don’t want to get caught doing.

Information gathered by private investigators is often laundered through public relations firms, which then shop the material to journalists. Jules Kroll, who created the modern-day private intelligence industry in the 1970s, broke that mold by leaking information directly to reporters. Mr. Simpson took it a step further. He sold Fusion GPS to clients by emphasizing his connections at major media outlets and assured journalists that he was really still one of them.

Investigative journalists normally rely on court records, corporate documents and other tangible pieces of evidence. But the dossier took them down a very different path, one into the shadow lands of intelligence, a realm where documents don’t exist and where reporters often can’t independently confirm what their sources are saying.

To learn from the dossier episode, news organizations would have to examine their ties to private intelligence agents, including why they so often granted them anonymity. But as long as the media allows private spies to set the rules, journalists and the public will continue to lose.

The Panama Papers Double Cross
By Barry Meier

When a consortium of reporters released the Panama Papers in 2016, they wanted to block one group from plundering the database which contained records disclosing the owners of thousands of off-shore companies used to hide enormous sums of wealth: corporate intelligence operatives, or private spies. The private spying industry has boomed in recent years and operatives-for-hire are increasingly invading our privacy, profiting from deception, and manipulating the media. For hired spies, information is currency and within the industry there is a lucrative underground trade in documents, including ones that are hacked, stolen, or obtained under false pretense.

The International Consortium of Investigative Journalists knew that spies-for-hire wanted to exploit the Panama Papers for their own purposes and profit so it limited access to the database to media organizations collaborating in the project. But the group would discover years later that one operative found a way into the Panama Papers and soon began offering them to other spies-for-hire, including Christopher Steele, a former MI6 spy and the author of the infamous Donald Trump dossier.

The operative who beat the system was a hybrid journalist/spy-for-hire named Mark Hollingsworth. For more than a decade, Hollingsworth, who lived in London, freelanced for The Guardian, The Financial Times, and other British newspapers, and consulted with the BBC. At the same time, he worked as contractor for private intelligence firms including Orbis Business Intelligence, Steele’s company, and Fusion GPS, the firm run by two ex-Wall Street Journal reporters who hired Steele in 2016 to investigate Trump’s ties to Russia.

Hollingsworth also dealt in documents and in the early 2010s he gained access to hundreds of sensitive records belonging to a controversial mining company called Eurasian Natural Resources Corporation, or ENRC, which was under investigation by British regulators for suspected bribery. ENRC, which has denied the allegations, would claim years later in a lawsuit that those records had been stolen from it by a freelance computer expert it employed. Whatever the case, Hollingsworth was soon hawking the ENRC documents to other hired operatives including Glenn Simpson, a founder of Fusion GPS. “Our mutual friend Magic has obtained new documents,” he wrote in an email to Simpson, using his nickname for the computer expert.

When the Panama Papers emerged, Hollingsworth saw another opportunity for profit. And to get around the roadblocks barring private spies, he turned to a strategy he often used an operative — he put on his journalist’s hat. Hollingsworth contacted reporters with whom he had collaborated previously on ENRC-related articles and who had ties to the ICIJ, suggesting they work together on new stories about the company, which was still under investigation. The catch: They would need access to the Panama Papers. “You may recall that we did stories together on ENRC and so I thought we would revisit this one if you have the time,” he wrote a Guardian reporter in 2016. “One of the priorities is to obtain documents from the Panama Papers.” The reporter, Simon Goodley, remembered that earlier article but one thing he didn’t know was that Hollingsworth in 2013 had shared a pre-publication draft of it with Simpson, in case the Fusion GPS operative wanted to edit it. “Please check for accuracy but also feel free to insert details and material that we have missed,” Hollingsworth wrote Simpson. Goodley took a pass on Hollingsworth’s latest approach.

But Hollingsworth was soon in business because he found other British journalists who agreed to help him get into the Panama Papers, though they thought he wanted them for journalistic reasons. Hollingsworth told one private investigator in Washington, D.C., that he needed money up front to get the Panama Papers documents he wanted. “My source will not accept anything less than $2,000 for the documents and so please talk to your client,” Hollingsworth wrote. “I think that is quite reasonable.” He offered more liberal terms to a friend who was a spy-for-hire. “Please email me your hit list of individuals and companies and I will run searches for you on the Panama Papers database—happy to do some gratis but I would hope that we can get paid for some,” he wrote.

Recently, ENRC, for whom Hollingworth also worked as a spy-for-hire, sued him, claiming he had reneged on their deal. It also accused him of trafficking in the documents that were stolen from it years earlier by “Magic,” the computer expert. Someone also gained access to Hollingsworth’s emails and released them.

Fake FBI emails about a sophisticated attack are part of ‘ongoing situation,’ agency says
By Sean Lyngaas

The FBI on Saturday said it was aware of reports that unauthorized emails were coming from a legitimate FBI email address to thousands of organizations about a purported cyber threat.

The emails — which according to the agency are part of an “ongoing situation” — started coming from an FBI address early Saturday and have hit at least 100,000 inboxes, according to the Spamhaus Project, a Europe-based nonprofit that tracks digital threats.

One of the fake emails sent from the FBI address, which CNN reviewed, claimed to be a warning from the Department of Homeland Security that the recipient was the target of a “sophisticated” attack. But the actual DHS Cybersecurity and Infrastructure Security Agency (CISA) made no such warning.

The FBI said Sunday that someone had taken advantage of the software misconfiguration to send emails using an IT system the FBI uses to communicate with state and local law enforcement partners. They added it did not impact its main computer network.

But cybersecurity analysts were concerned that the fake alert could send organizations into a scramble to address a phantom threat. That might entail diverting resources from where they are needed against actual hacking threats.

FBI email system compromised by hackers who sent fake cyberattack alert
By Rachel Pannett

Although online scammers often create fake emails purporting to be from official sources, it is highly unusual for a hacker to penetrate a government server — and experts say the incident highlights the vulnerabilities of email communications.

Russian government hackers last year breached the Treasury and Commerce departments, along with other U.S. government agencies, as part of a global espionage campaign, and Chinese government hackers are believed to have compromised dozens of U.S. government agencies.

“It could have been a lot worse,” said Berglas. “When you have ownership of a trusted dot-gov account like that, it can be weaponized and used for pretty nefarious purposes. [The FBI] probably dodged a bullet.”

Iranian Hackers Broke Into Newspaper Publisher Lee Enterprises Ahead of 2020 Election
By Dustin Volz

Iranian hackers last year infiltrated the computer systems of Lee Enterprises Inc., a major American media company that publishes dozens of daily newspapers across the U.S., as part of a broader effort to spread disinformation about the 2020 presidential election, according to people familiar with the matter.

On Thursday, the Justice Department said the alleged hackers broke in to the digital systems of an unnamed media company in fall 2020 and tested how to create false news content. People familiar with the matter on Friday identified the company as Lee Enterprises, a publicly traded company headquartered in Davenport, Iowa, and one of the largest newspaper chains in the U.S.

The Federal Bureau of Investigation warned the unnamed company about the intrusion, prosecutors said. The day after the November presidential election, the hackers tried to get back into the media company’s system but failed, prosecutors said. The federal charging document in the case doesn’t indicate the hackers successfully published fake information under the unnamed media company’s news brands.

Another example of news organizations being targeted to spread disinformation occurred while votes were still being counted in last year’s presidential contest. A coordinated network of Twitter accounts posed as the Associated Press and CNN to prematurely declare election victories for Democrat Joe Biden, the Journal previously reported. Those tweets, which Twitter removed quickly, were nonetheless retweeted dozens of times and amplified by at least a handful of journalists and other verified Twitter users.

Twitter Says Direct Messages Breached in 36 of 130 Hack Victims
By Kartikay Mehrotra

Twitter Inc. completed its review of the 130 accounts that were hacked on its social network last week and discovered that the attackers accessed direct messages for as many as 36 of them, including one elected official in the Netherlands.

Twitter’s analysis offered no indication that “any other former or current elected official had their DMs accessed,” according to a post late Wednesday by the Twitter Support account. A Twitter spokesperson confirmed that neither former U.S. Vice President Joe Biden or President Barack Obama’s DMs were accessed. Both had their accounts compromised in the July 15 breach, along with high-profile users such as Jeff Bezos and Elon Musk.

In its prior update on the hack, the company said several of its employees were manipulated by hackers into providing credentials for internal systems. The hackers were able to reset passwords for 45 users, while eight had their data, including private messages, downloaded entirely, Twitter said in a blog post late Friday. The hackers may have also tried to sell the user names of some of the accounts, the San Francisco-based company said at the time.

Twitter Races to Unravel How Cyber-Attack Came From Inside
By Jamie Tarabay

In its investigation of the incident, Twitter will now likely focus on employee logs, email and phone records. At question will be any failures in authentication processes that might have allowed hackers to hijack verified accounts, and also what other information, such as direct messages, might have been compromised in the breach. The Bitcoin wallets promoted in the tweets collected around $120,000 in cryptocurrency.

A social engineering attack means “leveraging the human element of security,” and there are many different ways to do that, said Rachel Tobac, chief executive officer of San Francisco-based SocialProof Security.

“I can phish someone who has administrative access and try and gain access to their credentials and log into their account,” she said, or the less technical method would be to develop “a relationship with someone who works on those panels and convincing them to do your bidding for you.”

Security awareness at companies like Twitter would be mandatory, but ultimately it’s hard to track insider attacks when it’s the employees rather than the technology who fall under the microscope, Tobac said.

Identifying potential Twitter employees to target wouldn’t be difficult for the hackers, given the way most smartphone apps hungrily vacuum up location and other contextual data from users — data which is often then sold on to marketing companies. Anyone frequenting the same coffee shops and businesses or entering and leaving a workplace at particular hours can give away clues about themselves.

Twitter breach exposes one of tech’s biggest threats: Its own employees
By Kevin Collier and Jason Abbruzzese

“Humans and their behaviour continue to be the biggest threat for organizations,” said Mikko Hyppönen, the chief research officer at the Finnish cybersecurity company F-Secure.

“Security holes come and go. Sometimes there’s something urgent happening but once you patch and update, you’re good to go,” he said by text message. “The human weaknesses are there always. Every day. Forever.”

In November, the Justice Department charged two former Twitter employees with providing user data to Saudi Arabia. And in 2017, a Twitter employee briefly shut down President Donald Trump’s account.

Experts say Twitter breach troubling, undermines trust
By Zen Soo

Many celebrities, politicians and business leaders often use Twitter as a public platform to make statements. U.S. President Donald Trump, for example, regularly uses Twitter to post about national and geopolitical matters, and his account is closely followed by media, analysts and governments around the world.

Rachel Tobac, CEO of Socialproof Security, said that the breach appeared to be largely financially motivated. But such an attack could cause more serious consequences.

“Can you imagine if they had taken over a world leader’s account, and tweeted out a threat of violence to another country’s leader?” asked Tobac, a social engineering hacker who specializes in providing training for companies to protect themselves from such breaches.

When a Hacker Calls: How Robinhood Fell Victim to a Vishing Raid
By Annie Massa, William Turton, and Jack Gillum

The call was coming from inside the company.

Or so it seemed when the mobile phone of a customer-service representative for Robinhood Markets Inc. lit up on the evening of Nov. 3. More than an hour passed — on and on the conversation ran, as the caller reeled in the hapless employee.

By the time it was over, that one Robinhood rep had unwittingly handed over keys to the personal information of about 7 million customers, in what’s now believed to be one of the biggest retail brokerage cyber-breaches of all time, by number of accounts affected.

Robinhood didn’t learn of the lapse until the rep got home and told a relative about the strange call — and was promptly advised to escalate it, according to a person familiar with the matter. Only then did the employee inform the company, whose free trading app caught fire with young people buying meme stocks, options and crypto during the pandemic, at times with devastating results.

Robinhood declined to comment on the agent’s performance. It said separately that, to its knowledge, no Social Security numbers or data about debit cards or bank accounts were compromised. Nor did customers incur financial losses, according to the firm.

Why 310 of Robinhood’s 7 Million Cyber-Attack Victims Should Be Really Quite Worried
By Vlad Savov

Most of the 7 million affected accounts had only one piece of personal information exposed: either the user’s name or their email address. But in about 310 cases, more sensitive data such as date of birth and zip code was uncovered, as well as the user’s full name. About 10 of those people had “more extensive account details revealed,” Robinhood said, adding that the company is in the process of “making appropriate disclosures” to those users.

No social security, bank account or debit card numbers were compromised and no customer suffered financial loss as a result of the incident, Robinhood said. Not yet anyway.

The danger is that the exposed information could be used to facilitate further attacks of the sort that revealed the users’ data in the first place.

Attributes like birthdays and physical addresses are difficult to change and are commonly used as verification checks when logging in to various services.

Robinhood Data Breach Nightmare Hinged on Customer Service Slip
By Annie Massa

“Financial services firms are huge targets because there are always new customers coming: a refresh of identities, a refresh of credentials,” said Bob Rudis, chief data scientist at the cybersecurity firm Rapid7 Inc. “Everyone talks about ransomware, but credentials and identities are still things being sold on the dark web and criminal forums. It’s very valuable data.”

What Price Would You Put on Your Personal Data?
By Ben Schott

For all the talk of digital rights — and the Big Brotherly tentacles of Big Tech — a surprising number of Americans would sell even their most sensitive data, sometimes for a song.

In fact, according to research commissioned by Okta, which develops cloud software for authenticating users, only 24% of Americans would refuse to sell any of their online information, at any price.

Perhaps unsurprisingly, users were less willing to trade biometric data, offline conversations and identifying personal information than they were data on their purchasing, browsing and location. But 15% would still sell their passwords for $100 or less.

It’s hard to know exactly why users would part with even profoundly private information for such relatively small sums, though one might hazard a few guesses: They are strapped for cash; they are less fearful of corporate surveillance than people suppose; they assume that their personal data is already being secretly stolen as a matter of routine.

Americans have little trust in online security: AP-NORC poll
By Matt O’Brien

Most Americans don’t believe their personal information is secure online and aren’t satisfied with the federal government’s efforts to protect it, according to a poll.

The poll by The Associated Press-NORC Center for Public Affairs Research and MeriTalk shows that 64% of Americans say their social media activity is not very or not at all secure. About as many have the same security doubts about online information revealing their physical location. Half of Americans believe their private text conversations lack security.

And they’re not just concerned. They want something done about it. Nearly three-quarters of Americans say they support establishing national standards for how companies can collect, process and share personal data.

But after years of stalled efforts toward stricter data privacy laws that could hold big companies accountable for all the personal data they collect and share, the poll also indicates that Americans don’t have much trust in the government to fix it.

A majority, 56%, puts more faith in the private sector than the federal government to handle security and privacy improvements, despite years of highly publicized privacy scandals and hacks of U.S. corporations from Target to Equifax that exposed the personal information of millions of people around the world.

“I feel there is little to no security whatsoever,” said Sarah Blick, a professor of medieval art history at Kenyon College in Ohio. The college’s human resources department told Blick earlier this year that someone fraudulently applied for unemployment insurance benefits in her name.

Such fraud has spiked since the pandemic as perpetrators buy stolen personal identifying information on the dark web and use it to flood state unemployment systems with bogus claims.

“I believe my information was stolen when one of the credit bureaus was hacked, but it also could have been when Target was hacked or any other of the several successful hacks into major corporations,” Blick said.

What the Privacy Battle Upending the Internet Means for You
By Brian X. Chen and Kate Conger

For decades, advertisers relied on “cookies,” pieces of code planted in web browsers that can follow our personal web browsing to track us online and show us relevant ads. When smartphones came along, marketers also used trackers inside mobile apps to follow people across apps and websites.

These advertising technologies became incredibly potent and effective — if you shopped for shoes, shoe ads would follow you around the internet — but with major downsides. It enabled marketers to build hyper-realistic profiles of us that were hardly anonymous. It also opened doors for bad actors to steal people’s data and spread misinformation.

The Battle for Digital Privacy Is Reshaping the Internet
By Brian X. Chen

Now that system, which ballooned into a $350 billion digital ad industry, is being dismantled. Driven by online privacy fears, Apple and Google have started revamping the rules around online data collection. Apple, citing the mantra of privacy, has rolled out tools that block marketers from tracking people. Google, which depends on digital ads, is trying to have it both ways by reinventing the system so it can continue aiming ads at people without exploiting access to their personal data.

If personal information is no longer the currency that people give for online content and services, something else must take its place. Media publishers, app makers and e-commerce shops are now exploring different paths to surviving a privacy-conscious internet, in some cases overturning their business models. Many are choosing to make people pay for what they get online by levying subscription fees and other charges instead of using their personal data.

Businesses that do not keep up with the changes risk getting run over. Increasingly, media publishers and even apps that show the weather are charging subscription fees, in the same way that Netflix levies a monthly fee for video streaming. Some e-commerce sites are considering raising product prices to keep their revenues up.

Consider Seven Sisters Scones, a mail-order pastry shop in Johns Creek, Ga., which relies on Facebook ads to promote its items. Nate Martin, who leads the bakery’s digital marketing, said that after Apple blocked some ad tracking, its digital marketing campaigns on Facebook became less effective. Because Facebook could no longer get as much data on which customers like baked goods, it was harder for the store to find interested buyers online.

“Everything came to a screeching halt,” Mr. Martin said. In June, the bakery’s revenue dropped to $16,000 from $40,000 in May.

Since Apple released the pop-up window, more than 80 percent of iPhone users have opted out of tracking worldwide, according to ad tech firms. Last month, Peter Farago, an executive at Flurry, a mobile analytics firm owned by Verizon Media, published a post on LinkedIn calling the “time of death” for ad tracking on iPhones.

At Google, Sundar Pichai, the chief executive, and his lieutenants began discussing in 2019 how to provide more privacy without killing the company’s $135 billion online ad business. In studies, Google researchers found that the cookie eroded people’s trust. Google said its Chrome and ad teams concluded that the Chrome web browser should stop supporting cookies.

But Google also said it would not disable cookies until it had a different way for marketers to keep serving people targeted ads. In March, the company tried a method that uses its data troves to place people into groups based on their interests, so marketers can aim ads at those cohorts rather than at individuals. The approach is known as Federated Learning of Cohorts, or FLOC.

Plans remain in flux. Google will not block trackers in Chrome until 2023.

Even so, advertisers said they were alarmed.

Big Tech Privacy Moves Spur Companies to Amass Customer Data
By Suzanne Vranica

New privacy protections put in place by tech giants and governments are threatening the flow of user data that companies rely on to target consumers with online ads.

As a result, companies are taking matters into their own hands. Across nearly every sector, from brewers to fast-food chains to makers of consumer products, marketers are rushing to collect their own information on consumers, seeking to build millions of detailed customer profiles.

Companies aren’t after just a few personal details. Many aim to log most of the interactions they have with customers, to flesh out what is called a “golden record.”

Such a high-quality customer record might include dozens, even hundreds, of data points, including the store locations people visit, the items they typically buy, how much they spend and what they do on the company’s website.

This kind of information doesn’t just help with online-ad targeting but also lets brands personalize other parts of their marketing, from the offers they send people to which products are displayed to customers online.

Google location-tracking tactics troubled its own engineers
By Michael Liedtke

Google’s own engineers were troubled by the way the company secretly tracked the movements of people who didn’t want to be followed until a 2018 Associated Press investigation uncovered the shadowy surveillance, according to unsealed documents in a consumer fraud case.

The same day the AP story was published, the company held what one unidentified email correspondent called an “Oh S—-” meeting to discuss its location tracking tools, according to the unsealed records in Arizona’s Maricopa County Superior Court. Google also began monitoring public reaction to the AP story, including how it was trending across Facebook, Twitter and other influential online services, the documents show.

Some of Google’s own engineers scolded the company for misleading people about how its location tracking settings worked. “I agree with the article,” one engineer wrote in a particularly blunt assessment after the AP story was published. “Location off should mean location off, not except for this case or that case.”

Another Google engineer wrote, “Indeed we aren’t very good at explaining this to users.” Another concurred that what the company was doing was “definitely confusing from a user point of view.”

The release of the emails is embarrassing for a company that tries to build trust with billions of users of free services such as maps and online search, which in turn provide the personal information Google can use to target ads. Those ads generated more than $130 billion in revenue last year alone.

Google is still fighting to keep many of the exhibits and key passages in the lawsuit redacted on the grounds that the contents contain confidential information.

After the AP article on location tracking came out two years ago, Google made changes to its privacy settings to make it easier for users to conceal their movements.

Google’s Privacy Backpedal Shows Why It’s So Hard Not to Be Evil
By Greg Bensinger

… Google executives were dismayed over a most inconvenient discovery: When they made it simpler to halt digital location tracking, far too many customers did so. According to recently unredacted documents in a continuing lawsuit brought by the state of Arizona, Google executives then worked to develop technological workarounds to keep tracking users even after they had opted out. So much for the customer always being right.

Rather than abide by its users’ preferences, Google allegedly tried to make location-tracking settings more difficult to find and pressured smartphone manufacturers and wireless carriers to take similar measures. Even after users turned off location tracking on their devices, Google found ways to continue tracking them, according to a deposition from a company executive.

How then can we accept the company’s word when it says “privacy is at the heart of everything we do”?

According to the documents, one executive — a location product manager no less — couldn’t unpack all the ways Google tracks customers. Other employees complained that there was no clear way for consumers to provide their location to a non-Google app without it ultimately being shared with Google.

The lawsuit stems from a 2018 Associated Press investigation that demonstrated Google’s insatiable appetite for valuable location data and how it stores users’ histories even when users ask the company not to. Arizona alleges that by tracking without users’ consent, Google violated consumer protection laws that prohibit companies from mischaracterizing their business practices (Google has denied the allegations).

Only now, three years after the A.P. report, is Google rolling out an option to obscure precise location data for apps running on its Android mobile software. Really, does a chess app need to know a user is on the 300 block of Lexington Avenue?

It isn’t hard to find other ways that tech companies trample on consumers’ trust. Apple gave users the option to halt apps from tracking their activity across the mobile web, and some 93 percent of U.S. iPhone users have opted for less tracking. That prompted Facebook to tell customers that they don’t know what’s good for them and other app developers to search for workarounds, evidently against customers’ will.

Amazon engages in the practice as well. It is quietly rolling out a new wireless network known as Sidewalk that siphons bits of users’ Wi-Fi service off one another to ensure devices like Alexa speakers and Ring doorbells work continuously (and it will add third-party devices over time). The company is opting all of its customers in automatically, presumably because if given a real choice they wouldn’t wish to share free with Amazon the Wi-Fi they pay for.

After facing a backlash over humans listening in to its Alexa devices, Amazon once considered automatically opting customers out. But it rejected the notion in favor of one that served its own ends: making Alexa better.

Similar philosophies extend to nearly every corner of how Big Tech operates. The companies choose to opt customers in to data collection schemes, they draw up dense terms of service policies that give users little recourse but to accept and they seek to trick users through crafty design elements. And when they don’t like the laws that customers’ chosen elected representatives pass, they’ve shown they’re willing to spend hundreds of millions to overturn them.

California’s landmark consumer privacy policy came into effect last year, giving consumers the option to prohibit the sale of their data to third parties. Though users’ intent was crystal clear, the companies chose to disingenuously interpret the choice to apply only to selling data, not giving it away, and so they kept on distributing it free to feed their advertising businesses.

The idealism of Silicon Valley requires believing that technology companies can best solve the world’s problems, one line of code at a time. That line of thinking also glosses over an uncomfortable truth: To achieve cheap or even free services requires justifying a range of behavior that often isn’t in the best interests of consumers.

You Are the Object of a Secret Extraction Operation
By Shoshana Zuboff

When asked “What is Google?” the co-founder Larry Page laid it out in 2001, according to a detailed account by Douglas Edwards, Google’s first brand manager, in his book “I’m Feeling Lucky”: “Storage is cheap. Cameras are cheap. People will generate enormous amounts of data,” Mr. Page said. “Everything you’ve ever heard or seen or experienced will become searchable. Your whole life will be searchable.”

Instead of selling search to users, Google survived by turning its search engine into a sophisticated surveillance medium for seizing human data. Company executives worked to keep these economic operations secret, hidden from users, lawmakers, and competitors. Mr. Page opposed anything that might “stir the privacy pot and endanger our ability to gather data,” Mr. Edwards wrote.

Massive-scale extraction operations were the keystone to the new economic edifice and superseded other considerations, beginning with the quality of information, because in the logic of surveillance capitalism, information integrity is not correlated with revenue.

In March 2008, Mr. Zuckerberg hired Google’s head of global online advertising, Sheryl Sandberg, as his second in command. Ms. Sandberg had joined Google in 2001 and was a key player in the surveillance capitalism revolution. She led the build-out of Google’s advertising engine, AdWords, and its AdSense program, which together accounted for most of the company’s $16.6 billion in revenue in 2007.

A Google multimillionaire by the time she met Mr. Zuckerberg, Ms. Sandberg had a canny appreciation of Facebook’s immense opportunities for extraction of rich predictive data. “We have better information than anyone else. We know gender, age, location, and it’s real data as opposed to the stuff other people infer,” Ms. Sandberg explained, according to David Kirkpatrick in “The Facebook Effect.”

Google said it had successfully ‘slowed down’ European privacy rules, according to lawsuit.
By David McCabe

Google said in an internal document that it had successfully “slowed down” European privacy rules in collaboration with other tech companies, according to a legal filing released on Friday.

Ahead of a 2019 meeting with other major tech companies, Google said in a memo that it had “been successful in slowing down and delaying” the European Union’s ePrivacy Regulation process and had been “working behind the scenes hand in hand with the other companies,” according to the filing.

The new details appeared in an unredacted version of a lawsuit filed by Texas and 11 other states, which argued that Google had abused its dominance over the intricate technology that delivers ads to consumers online. News organizations, including The New York Times, had asked the judge in the case to remove the redactions from the complaint.

The details offer a rare look into how major tech companies have lobbied against a growing array of proposed regulations. In recent years, lawmakers around the world have proposed laws to limit the market power of the major tech companies, restrict their use of consumer data and set new rules for how they can moderate user-generated content.

The Amazon lobbyists who kill U.S. consumer privacy protections
By Jeffrey Dastin, Chris Kirkham and Aditya Kalra

In recent years, Inc has killed or undermined privacy protections in more than three dozen bills across 25 states, as the e-commerce giant amassed a lucrative trove of personal data on millions of American consumers.

In Virginia, the company boosted political donations tenfold over four years before persuading lawmakers this year to pass an industry-friendly privacy bill that Amazon itself drafted. In California, the company stifled proposed restrictions on the industry’s collection and sharing of consumer voice recordings gathered by tech devices. And in its home state of Washington, Amazon won so many exemptions and amendments to a bill regulating biometric data, such as voice recordings or facial scans, that the resulting 2017 law had “little, if any” impact on its practices, according to an internal Amazon document.

Amazon’s lobbying against privacy protections aims to preserve the company’s access to detailed consumer data that has fueled its explosive online-retailing growth and provided an advantage in emerging technologies, according to the Amazon documents and former employees. The data Amazon amasses includes Alexa voice recordings; videos from home-camera systems; personal health data from fitness trackers; and data on consumers’ web-searching and buying habits from its e-commerce business.

Some of this information is highly sensitive. Under a 2018 California law that passed despite Amazon’s opposition, consumers can access the personal data that technology companies keep on them. After losing that state battle, Amazon last year started allowing all U.S. consumers to access their data.

As a Virginia lawmaker, Ibraheem Samirah has studied internet privacy issues and debated how to regulate tech firms’ collection of personal data. Still, he was stunned to learn the full details of the information Inc has collected on him.

The e-commerce giant had more than 1,000 contacts from his phone. It had records of exactly which part of the Quran that Samirah, who was raised as a Muslim, had listened to on Dec. 17 of last year. The company knew every search he had made on its platform, including one for books on “progressive community organizing” and other sensitive health-related inquiries he thought were private.

Finding information about his listening to the Quran disclosed in his Amazon file, he said, made Samirah think about the history of U.S. police and intelligence agencies surveilling Muslims for suspected terrorist links after the attacks of Sept. 11, 2001.

At times, law-enforcement agencies seek data on customers from technology companies. Amazon discloses that it complies with search warrants and other lawful court orders seeking data the company keeps on an account, while objecting to “overbroad or otherwise inappropriate requests.”

Amazon data for the three years ending in June 2020, the latest available, show the company complied at least partially with 75% of subpoenas, search warrants and other court orders seeking data on U.S. customers. The company fully complied with 38% of those requests.

Amazon stopped disclosing how often it complies with such requests last year. Asked why, Amazon said it expanded the scope of the U.S. report to make it global, and “streamlined” the information from each country on law enforcement inquiries.

The company said it is obligated to comply with “valid and binding orders,” but that its goal is to release “the minimum” required by law.

Former FBI Officials Tapped for Amazon’s Growing Security Apparatus
By Lee Fang and Aída Chávez

Amazon, one of the largest corporations in the world, supplies state-of-the-art facial recognition software to law enforcement agencies, provides the military with a range of technology services, and is now building out its security operation with over a dozen former FBI agents.

The tech conglomerate, which began as an online bookseller, is rapidly hiring for its global security center in Arizona. As the firm expands and faces new challenges, including increased antitrust scrutiny, counterfeiting issues, and pressure from worker activism, the company is staffing up with former FBI agents, with a focus on security and intelligence-gathering ability. From 2017 to 2020, the $1.6 trillion technology behemoth hired 20 former FBI agents, at least two of whom appear to be responsible for monitoring the labor-organizing activity of its workers to keep unions out.

Cindy Wetzstein, a former FBI agent brought onto Amazon’s security operations facility in Arizona last October, notes in her LinkedIn biography that she is an expert in “both tactical and strategic intelligence production.” Brian Brooks, now a senior official at Amazon’s national security division, previously served as a deputy assistant director at the FBI, where he specialized in the “deployment of advanced electronic surveillance tools.”

A wide variety of jobs fall under the umbrella of security. The company, whose cloud computing service, Amazon Web Services, is one of the largest web hosts in the world, has to ward off potential cyberattacks on its servers and work to prevent the theft of its array of merchandise. Hiring in the security division also includes monitoring employees, according to several job descriptions, and, in the past, has included tracking union activism. And the company’s embrace of former law enforcement officials follows a familiar path among other industries that have faced labor and activist pressure.

Last year, after Amazon was caught trying to hire two “intelligence analysts” tasked with tracking “labor organizing threats” within and outside the company, it quietly filled those positions with two former FBI agents and hired four others.

The company had posted job listings seeking an “Intelligence Analyst” and “Sr Intelligence Analyst,” both based in Phoenix, to monitor and collect information on organized labor, activist groups, “hostile political leaders,” and other sensitive topics. Amazon deleted the job listings after fierce backlash from labor groups and the public.

Corporations seeking to monitor and disrupt perceived opponents have long drawn upon the expertise of former FBI agents. Major financial firms, casinos, and oil and gas companies have tapped a revolving door of retired FBI personnel, who offer ties to their former colleagues and services to track and undermine perceived corporate threats, including journalists and labor organizers.

In 2012, fearing a wave of labor activism, Walmart reportedly developed a centralized surveillance system headed by a former FBI officer named Ken Senser to track employees’ activities, sentiment, and political sympathies. When the company’s security analysts received word that Occupy Wall Street demonstrators were contemplating a protest of Walmart, it swiftly engaged the FBI Joint Terrorism Task Force and local police agencies.

The FBI’s early roots focused on suppressing labor activism on behalf of business interests. In 1919, the agency established its “General Intelligence Division” that mobilized “Red Squads” focused on disrupting labor organizing. The most famous of these is the Palmer Raids of 1919 and 1920, during which around 10,000 people were arrested over suspected ties to communist and labor radical groups. The raids, timed to coincide with the anniversary of the Bolshevik revolt in Russia, were targeted at the Industrial Workers of the World. At least 1,000 IWW members were later convicted under dubious charges under the Espionage Act that the union’s industrial organizing work was somehow part of a conspiracy to assist Germany during World War I.

Amazon has fended off unionization through a range of tactics, using common union-busting strategies while keeping its more aggressive investments under wraps. Leaked documents have revealed aspects of the company’s internal surveillance apparatus, showing how analysts keep close tabs on its own workforce, including by hiring operatives from Pinkerton, a spy agency known for being hostile to unions, to spy on workers in Europe, as Vice previously reported.

Amazon’s employee surveillance fuels unionization efforts: ‘It’s not prison, it’s work’
By Jay Greene

Amazon’s surveillance of its workers even played a role in the decision by a National Labor Relations Board official to call for a new union vote at its Bessemer, Ala., warehouse Monday, finding that the company improperly interfered in the first election. Workers earlier this year rejected unionization by more than 2-to-1 in one of the first major bids to organize at Amazon in years.

In her ruling, the NLRB’s Atlanta regional director, Lisa Y. Henderson, wrote that Amazon’s efforts to place an unmarked U.S. Postal Service mailbox in “plain view” of Amazon’s security cameras “essentially highjacked the process.” Employees “credibly” testified that they believed cameras were watching them everywhere — even in the parking lot, she wrote. Those cameras, along with Amazon encouraging workers to use the mailbox, “gave the impression that voters were expected and encouraged to vote under the watchful eye of the Employer,” Henderson wrote.

Amazon spokeswoman Kelly Nantel said employee monitoring, via data collected by scanning devices as well as cameras situated through its warehouses, are prudent business measures.

“Like any business, we use technology to maintain a level of security within our operations to help keep our employees, buildings, and inventory safe — it would be irresponsible if we didn’t do so,” Nantel said in an emailed statement. “It’s also important to note that while the technology helps keep our employees safe, it also allows them to be more efficient in their jobs.”

When workers scan items into warehouses, they trigger an algorithm-driven employee performance system, which tracks where products are located along with the speed that workers are doing their jobs. Managers have visibility into the software — dubbed the Associate Development and Performance Tracker, or Adapt — to review employee performance, Nantel said. Amazon also has systems that measure workers’ “time off task,” those moments when employees log off their devices — turning off their scanners or stepping away from their computers — to take a bathroom break or grab lunch.

Fewer than 1 percent of the workers who are terminated are fired for performance issues, Nantel said. And Amazon modified its time-off-task rules in June, extending the amount of time workers can be logged off from their devices before managers question them.

Tyler Hamilton, 24, started as one of the workers who scans items as they come into the warehouse and stows them on the shelves. Amazon not only tracked the items he stowed, but also tallied the rate at which he put away those goods with handheld scanners — then compared that to the rate at which its expects those workers to do their jobs.

Workers start with lower rates, which increase as they learn the job, Hamilton said. While he occasionally had trouble keeping up, he generally met Amazon’s targets. But Hamilton notes that he’s young. Older workers often have more difficultly.

“The system doesn’t recognize the human part of people, like, ‘I’m having a bad day,’ or ‘I’m having a tough time at home,’ ” said Hamilton, who has worked at Amazon’s Shakopee, Minn., warehouse for four years.

Critics have said that Amazon’s use of data it gleans from monitoring has led to an injury rate at Amazon facilities that’s higher than industry norms. A Post analysis of Occupational Safety and Health Administration data this spring showed Amazon’s serious injury rates are nearly double those at warehouses run by other companies.

In May, Washington state’s Department of Labor and Industries cited Amazon for the hazardous conditions at its warehouse in DuPont, Wash., calling out the company’s employee surveillance.

“There is a direct connection between Amazon’s employee monitoring and discipline systems and workplace MSDs [musculoskeletal disorders],” according to the citation.

The agency fined Amazon $7,000, though the company is appealing the citation, disputing its findings.

Tech workers recount the cost of speaking out, as tensions rise inside companies
By Bobby Allyn

Standoffs are intensifying between major tech companies and employees who challenge how those companies wield their power. Late last year, Google fired a prominent Black researcher who questioned the company’s treatment of employees of color and women. Around the same time, the National Labor Relations Board said Google illegally fired two employees involved in labor organizing.

Recently, Facebook reportedly locked down its internal message boards after a former employee leaked damaging company research to the media. Netflix last week fired a transgender employee who had rallied colleagues against a Dave Chappelle special containing jokes at transgender people’s expense. The company said the employee had leaked data; the employee denies it.

Tech companies have long prided themselves on encouraging dissent within their ranks. They have positioned themselves as bastions of free expression and debate. But now that more employees are emboldened to speak publicly, the companies are cracking down in attempts to protect their reputations.

Google Employees Are Free to Speak Up. Except on Antitrust.
By Daisuke Wakabayashi

Some employees said the caution around antitrust was a byproduct of Google’s spending most of the last decade fighting antitrust cases around the world. They said a two-year investigation by the Federal Trade Commission, which decided in 2013 to not bring a case against Google, was the turning point that made the company more aware of regulatory risk.

Google is now extremely careful about what it puts in emails and company documents, and considers the antitrust implications of its business deals and strategy. One former executive said that after the F.T.C. started its investigation, the company determined that acquisitions to bolster its dominant search business, such as its 2010 purchase of ITA Software, a flight information company, were now off the table.

All employees are required to take an annual online training course about how to communicate in a way to avoid legal issues with regulators. In the training, which was reported on earlier by The Markup, employees are told to assume that every document and email will end up in the hands of regulators, so they should refrain from using certain words or phrases.

“We are not out to ‘crush,’ ‘kill,’ ‘hurt,’ ‘block,’ or do anything else that might be perceived as evil or unfair,” according to a slide used in the training, which The New York Times reviewed.

The training seems to be paying off. One part of the compliance course instructs employees to avoid estimating the company’s market share. So in February when House lawmakers interviewed Google as part of an investigation into the power of tech giants, the company had an explanation for why it could not supply the market share data that would likely underscore its dominance. Google said it “doesn’t maintain information in the normal course of business” about the market share of its products, according to a report about the inquiry’s findings.

Employees said it was common to hear people in meetings declare that a sensitive subject was “not for notes,” referring to a written summary of the proceedings. This was especially the case when the conversation turned to how Google intended to compete with a rival or when participants discussed a competitor’s strategy.

Google’s methods for spying on employees revealed in report
By Nihal Krishan

Google keeps a close eye on its employees through a number of tracking mechanisms when they engage in certain online activities, according to a new report.

The tech giant zeroes in on employees who might be considering leaving out of fear they might access or leak sensitive material, according to reporting by The Information. Company security flags those workers by checking who has researched the cost of COBRA health insurance, drafted resignation letters, or searched for an internal checklist for those wanting to leave the company.

Most unusually, Google’s security staff has raised alarms when employees take screenshots on their work devices when running an encrypted messaging platform at the same time or use non-Google online storage services, according to the report.

Google has been sued in the past year by an employee who claimed the tech giant has secretly viewed his online communications and is using it against him, and earlier this year, it terminated employees who allegedly accessed highly confidential company information.

A Google spokesperson told the Washington Examiner the company has “zero interest” in employees’ personal data.

“However, we do have security policies that strictly protect user and customer data, as well as sensitive IP and trade secrets,” the spokesperson wrote in an email. “All employees are required to safeguard this data and, just as other companies do, our security team thoroughly investigates breaches. Every day, people put their trust in Google. We will continue to hold ourselves and our employees to the highest standards, to preserve this trust.”

Google also captures and exploits user data in hidden and complicated methods, according to the report.

Some of Google’s user data even makes it into the hands of law enforcement through a database called “SensorVault,” which stores detailed user location data indefinitely. The data is so precise that one deputy police chief told the Electronic Frontier Foundation that it “shows the whole pattern of life.”

Companies are hoarding personal data about you. Here’s how to get them to delete it.
By Tatum Hunter

In February, Whitney Merrill, a privacy attorney who lives in San Francisco, asked audio-chat company Clubhouse to disclose how many people had shared her name and phone number with the company as part of its contact-sharing feature, in hopes of getting that data deleted.

As she waited to hear from the company, she tweeted about the process and also reached out to multiple Clubhouse employees for help.

Only after that, and weeks after the California Consumer Privacy Act’s 45-day deadline for companies to respond to data deletion requests, Clubhouse responded and complied with her request to delete her information, said Merrill.

“They eventually corrected it after a lot of pressure because I was fortunate enough to be able to tweet about it,” she said.

The landmark California Consumer Privacy Act (CCPA), which went into effect in 2020, gave state residents the right to ask companies to not sell their data, to provide a copy of that data or to delete that data. Virginia and Colorado have also passed consumer privacy laws, which go into effect in 2023.

As more states adopt privacy legislation — Massachusetts, New York, Minnesota, North Carolina, Ohio and Pennsylvania may be next — more of us will get the right to ask for our data to be deleted. Some companies — including Spotify, Uber and Twitter — told us they already honor requests from people outside California when it comes to data deletion.

But that doesn’t mean it always goes smoothly. Data is valuable to companies, and some don’t make it easy to scrub, privacy advocates say. Data deletion request forms are often tucked away, processes are cumbersome, and barriers to verifying your identity slow things down. Sometimes personal data is tied up in confusing legal requirements, so companies can’t get rid of it. Other times, the technical and personnel burden of data requests is simply too much for companies to handle.

When we say “your data,” we mean information like your name, phone number, email and home address. Some companies collect far more, like your age, gender, interests, real-time location, friends and behavior on apps and sites — and inferences about you based on those things.

All this data-sharing may feel harmless, but it creates problems when a company is hacked and your information falls into the wrong hands, or when companies use it to influence your spending and other decisions without your consent, privacy advocates say.

Hackers are waging a guerrilla war on tech companies, revealing secrets and raising fears of collateral damage
By Drew Harwell

A chain of recent, devastating hacks is exposing some of the Internet’s most fiercely guarded secrets, stepping up a guerrilla struggle between tech firms and anonymous hackers and raising fears that everyday Internet users could get caught in the crossfire.

Hackers this week dumped a colossal haul of data stolen from Twitch, the Amazon-owned streaming site, revealing what they said was not just the million-dollar payouts for its most popular video game streamers but the site’s entire source code — the DNA, written over a decade, central to keeping the company alive.

That followed the hack by the group Anonymous that exposed the most crucial inner workings of Epik, an Internet services company popular with the far right, and triggered firings and other consequences for some of the company’s clients whose identities had previously been undisclosed.

The Epik hack also made way for breaches into the websites of the Texas GOP, one of America’s biggest state party affiliates, and the Oath Keepers, a far-right militia group that contributed to the storming of the U.S. Capitol on Jan. 6. A California sheriff faced calls for his resignation this week after the hack showed evidence that he had been a member of the group in 2014.

Allan Liska, a senior intelligence analyst with the cybersecurity firm Recorded Future, said the growing accessibility and sophistication of hacking tools and the ease with which social media can draw attention to a major hack has contributed to a dramatic upsurge in attacks by “hacktivists.”

“Hacking because you disagree with an organization and you want to expose them is starting to really gain traction again,” Liska said. And “generally the biggest victims of the attacks are not the target organization … but the people who work there” or use the service as part of their work or personal lives.

Spies Like Us
By Amy Zegart

After the January 6 siege of the U.S. Capitol, an anonymous Washington-area college student used imagery posted online and simple facial detection software to create Faces of the Riot, a website with 6,000 photographs of people believed to have been involved in the attack. “Everybody participating in this violence, [which] really amounts to an insurrection, should be held accountable,” said the student. But Faces of the Riot did not distinguish between people who broke into the Capitol complex and those who only attended protests outside it. Nor did the site’s image dump identify or remove mere bystanders, members of the press, or police officers.

Flawed open-source investigations can also lead intelligence officials and policymakers astray, sapping resources from other missions and priorities. In 2008, a former Pentagon strategist named Phillip Karber was teaching a class at Georgetown University when he decided to guide his students on an open-source intelligence investigation to uncover the purpose of a massive underground tunnel system in China. The existence of the tunnels had been known for years, but their use remained uncertain. Karber’s student sleuths produced a 363-page report that concluded that the tunnels were secretly hiding 3,000 nuclear weapons—which would have meant that China possessed a nuclear arsenal around ten times as large as what most experts and U.S. intelligence agencies believed, according to declassified estimates.

Experts judged that the report was flat wrong and found the analysis to be riddled with egregious errors. Among them, it relied heavily on an anonymous 1995 post to an Internet forum—a source that was “so wildly incompetent as to invite laughter,” wrote the nonproliferation expert Jeffrey Lewis. Nevertheless, the report was featured in a Washington Post article, was circulated among top Pentagon officials, and led to a congressional hearing.

Humans often place too much weight on information that confirms their views and too little weight on information that contradicts them. U.S. General Douglas MacArthur was blindsided by China’s entry into the Korean War mostly because he was convinced that the Chinese leader Mao Zedong wouldn’t dare join the fight; MacArthur put stock in intelligence that supported that belief and discounted anything that challenged it. Asking the wrong question can also produce information that is narrowly accurate yet highly misleading. Michael Hayden highlighted this danger during his 2006 confirmation hearing to serve as CIA director. “I have three great kids,” Hayden told the Senate Intelligence Committee, “but if you tell me to go out and find all the bad things they’ve done, . . . I can build you a pretty good dossier, and you’d think they were pretty bad people, because that was what I was looking for and that’s what I’d build up.” Truths can deceive even when nobody intends it.

Dumpster diving through people’s pasts isn’t justice, it’s punishment culture
By Anthony L. Fisher

For the better part of two days, 41-year-old comedy actress Ellie Kemper was slammed on social media and in several prominent news outlets for having been crowned what online commentators dubbed a “KKK Princess” when she was a 19-year-old college student.

The Root ran a headline declaring Kemper had been “Outed as Former ‘KKK Princess’ on Twitter.” The AV Club published a post originally titled, “Oh great, Ellie Kemper is yet another rich white celebrity with a racist past.” The Daily Dot bannered its post with “‘KKK beauty queen’: Twitter unearths Ellie Kemper’s history at controversial St. Louis debutante ball.”

And Twitter, which claims to be taking great strides toward combating divisive misinformation, allowed Kemper’s name and “KKK Princess” to trend in its sidebar, thus driving further engagement to the viral pile-on.

So, how in the world does Kemper become a “KKK princess?”

It appears the spark came from a Twitter user who shared some representatively over-the-top photos of the Veiled Prophet Ball, followed in the replies by another user calling it “A fancy event put on by our local KKK, of which Ellie Kemper was once the Queen of Love and Beauty.”

There’s no evidence to back up the KKK accusation, the Twitter hive mind extrapolated the least charitable interpretation possible, and the smear went viral.

Then some digital journalists, incentivized to fan the flames of online outrage rather than to soberly investigate the indictment against Kemper, blithely ran with a juicy narrative in search of an actual story.

After the initial furor subsided, The AV Club amended its headline to merely accuse Kemper of having “participated in a ball with racist skeletons in its closet.” An editor’s note was appended to the bottom of the post noting the headline’s change, but no apology for smearing a person as having “a racist past.”

Several other news outlets corrected the “KKK Princess” smear, but still insisted that because of the VP’s problematic past, Kemper has some explaining to do.

What exactly would be accomplished by the star of “The Unbreakable Kimmy Schmidt” prostrating herself over a debutante ball remains unclear.

The same could be said for baselessly accusing someone of some nefarious association — no justice is served, but the mob feels accomplished.

The Citizen App’s Gamification of Vigilantism
By Jacob Silverman

Citizen seems to aspire to nothing less than a vertically integrated, 24-hour news-and-reporting network for crime, which, by offering constant notifications, live media, and premium protection services, including in-person private security, hopes to monetize the fears of an uncertain public—the same public it’s supposed to be informing. If Citizen’s vision for itself succeeds, the next big social network will be one that turns people into surveillers—and potential suspects—in a constantly monetized livestream of supposedly crime-ridden urban life.

(Sources close to Citizen have called it “an anxiety sweatshop,” where employees are expected to produce frequent reports to drive users to pay for products that include a “digital bodyguard service” called Protect.)

The company’s CEO, Andrew Frame, personally directed—or produced, one might say—a manhunt and extended live broadcast for a man whom the company had falsely fingered as an arsonist in Los Angeles. Invoking the man’s name and image for hours, egging on users to submit information, bombarding local users with notifications, and offering an escalating reward that topped out at $30,000, Frame demanded that his team help hunt down its suspect, according to a cache of Slack chats and other documents leaked to Motherboard and The Verge. “FIND THIS FUCK,” Frame wrote to his team. “LETS GET THIS GUY BEFORE MIDNIGHT HES GOING DOWN.”

Fortunately, the manhunt didn’t end in violence, but it was—or should have been—a major embarrassment for Citizen. Instead, as Motherboard reported, the app remains on the Apple and Google app stores, despite violating store policies with its ersatz bounty hunt.

Citizen’s desire to integrate its digital platform with real-world security efforts is well into its testing phase. Recently, a Citizen-branded security vehicle was seen tooling around Los Angeles. Further reporting confirmed the company had contracts with at least two private security companies to provide on-demand security to consumers worried about their safety.

As Frame told his employees in the aftermath of the disastrous failed manhunt, things are going well: “The investors have never been more excited.”

The Rise of Private Spies
By Charlie Savage

Celebrating Bellingcat’s work as a series of triumphs for the truth in a world replete with disinformation, Higgins portrays his network’s efforts as a “hive mind of amateur sleuths on Twitter, all converging around the next big question, whether geolocating a fresh photo or parsing the validity of a social-media video.” As citizen journalists, he also writes, “We tended to be detail-oriented obsessives, many of whom had spent our formative years at computers, enthralled by the power of the internet. We were not missionaries out to fix the world, but we had enough of a moral compass to repudiate the other routes to an outsized impact online, such as trolling and hacking. Most of us grew up assuming we would remain peripheral to the issues of the day, that the powers that be could just ignore small people like us. Suddenly, this was not so. It was intoxicating.”

In any field, one can start off with ideals and perform work that is genuinely beneficial or at least respectable, only to find oneself making compromises toward expedient ends that gradually start to chip away at one’s moral foundation. And there seems to be something particularly high-risk about intelligence-style work, attracting both deep-pocketed interests with secrets to cover up and nation-state spy agencies looking for ways to engage in clandestine information warfare.

To be straightforward, if I were a CIA or MI6 operative and wanted, as part of my Spy vs. Spy games with Russian intelligence, to expose something about Moscow’s misdeeds without leaving any fingerprints, it would be an obvious temptation to take an insight that is capable of parallel construction and whisper it into the ear of one of Bellingcat’s contributors.

The YouTubers who blew the whistle on an anti-vax plot
By Charlie Haynes and Flora Carmichael

“It started with an email” says Mirko Drotschmann, a German YouTuber and journalist.

Mirko normally ignores offers from brands asking him to advertise their products to his more than 1.5 million subscribers. But the sponsorship offer he received in May this year was unlike any other.

An influencer marketing agency called Fazze offered to pay him to promote what it said was leaked information that suggested the death rate among people who had the Pfizer vaccine was almost three times that of the AstraZeneca jab.

The information provided wasn’t true.

It quickly became apparent to Mirko that he was being asked to spread disinformation to undermine public confidence in vaccines in the middle of a pandemic.

“I was shocked,” says Mirko “then I was curious, what’s behind all that?”

In France, science YouTuber Léo Grasset received a similar offer. The agency offered him 2000 euros if he would take part. Fazze said it was acting for a client who wished to remain anonymous.

“That’s a huge red flag” says Léo.

Both Léo and Mirko were appalled by the false claims.

They pretended to be interested in order to try to find out more and were provided with detailed instructions about what they should say in their videos.

In stilted English, the brief instructed them to “Act like you have the passion and interest in this topic.”

It told them not to mention the video had a sponsor – and instead pretend they were spontaneously giving advice out of concern for their viewers.

Social media platforms have rules that ban not disclosing that content is sponsored. In France and Germany it’s also illegal.

Fazze’s brief told influencers to share a story in French newspaper Le Monde about a data leak from the European Medicines Agency.

The story was genuine, but didn’t include anything about vaccine deaths. But in this context it would give the false impression that the death rate statistics had come from the leak.

The data the influencers were asked to share had actually been cobbled together from different sources and taken out of context.

The promise of open-source intelligence
By The Economist

After the Boston Marathon bombing in 2013 internet users scrutinised the crime scene and identified several suspects. All were innocent bystanders.

The greatest worry is that the explosion of data behind open-source investigations also threatens individual privacy. The data generated by phones and sold by brokers let Bellingcat identify the Russian spies who last year poisoned Alexei Navalny, an opposition leader. Similar data were exploited to pick out a senior Catholic priest in America, who resigned last month after his location was linked to his use of Grindr, a gay dating app.

Top U.S. Catholic Church official resigns after cellphone data used to track him on Grindr and to gay bars
By Michelle Boorstein, Marisa Iati and Annys Shin

The resignation stemmed from reporting in the Pillar, an online newsletter that reports on the Catholic Church. Tuesday afternoon, after Burrill’s resignation became public, the Pillar reported that it had obtained information based on the data Grindr collects from its users, and hired an independent firm to authenticate it.

“A mobile device correlated to Burrill emitted app data signals from the location-based hookup app Grindr on a near-daily basis during parts of 2018, 2019, and 2020 — at both his USCCB office and his USCCB-owned residence, as well as during USCCB meetings and events in other cities,” the Pillar reported.

“The data obtained and analyzed by The Pillar conveys mobile app date signals during two 26-week periods, the first in 2018 and the second in 2019 and 2020. The data was obtained from a data vendor and authenticated by an independent data consulting firm contracted by The Pillar,” the site reported. It did not identify who the vendor was or if the site bought the information or got it from a third party.

Privacy experts have long raised concerns about “anonymized” data collected by apps and sold to or shared with aggregators and marketing companies. While the information is typically stripped of obviously identifying fields, like a user’s name or phone number, it can contain everything from age and gender to a device ID. It’s possible for experts to de-anonymize some of this data and connect it to real people.

No federal laws prohibit buying this data, said Jennifer King, a privacy and data policy fellow at the Stanford University Institute for Human-Centered Artificial Intelligence. While some state laws may regulate the use of this kind of information, she said those tend to focus on stalking scenarios. King said the publication of location data from Burrill’s phone serves as a reminder that anyone with a cellphone whose location data is turned on is not truly anonymous.

Norway ends virus tracing app over privacy concerns
By The Associated Press

European governments have been rolling out smartphone tracing apps to help beat back any fresh coronavirus outbreaks. Norway was one of the first out of the blocks but its “Smittestopp” raised concerns because it used GPS tracking and uploaded data to central servers every hour.

The app was suspended ahead of an Amnesty International report analyzing contact tracing apps from Europe, the Middle East and North Africa, which found that the Norwegian app was one of the most alarming for privacy because of its “live or near-live tracking of users’ locations.” The rights group said it shared its findings with authorities earlier this month and urged them to change course.

“This episode should act as a warning to all governments rushing ahead with apps that are invasive and designed in a way that puts human rights at risk,” said Claudio Guarnieri, head of Amnesty’s Security Lab.

Other countries such as Germany, Italy, Switzerland and Latvia are adopting a “decentralized” approach using a Google-Apple software interface that experts say is better for privacy because keeps data about contacts on iPhones and Android devices.

Colleges are turning students’ phones into surveillance machines, tracking the locations of hundreds of thousands
By Drew Harwell

Short-range phone sensors and campuswide WiFi networks are empowering colleges across the United States to track hundreds of thousands of students more precisely than ever before. Dozens of schools now use such technology to monitor students’ academic performance, analyze their conduct or assess their mental health.

But some professors and education advocates argue that the systems represent a new low in intrusive technology, breaching students’ privacy on a massive scale. The tracking systems, they worry, will infantilize students in the very place where they’re expected to grow into adults, further training them to see surveillance as a normal part of living, whether they like it or not.

“We’re adults. Do we really need to be tracked?” said Robby Pfeifer, a sophomore at Virginia Commonwealth University in Richmond, which recently began logging the attendance of students connected to the campus’ WiFi network. “Why is this necessary? How does this benefit us? … And is it just going to keep progressing until we’re micromanaged every second of the day?”

This style of surveillance has become just another fact of life for many Americans. A flood of cameras, sensors and microphones, wired to an online backbone, now can measure people’s activity and whereabouts with striking precision, reducing the mess of everyday living into trend lines that companies promise to help optimize.

SpotterEDU chief Rick Carter, a former college basketball coach, said he founded the app in 2015 as a way to watch over student athletes: Many schools already pay “class checkers” to make sure athletes remain eligible to play.

The company now works with nearly 40 schools, he said, including such universities as Auburn, Central Florida, Columbia, Indiana and Missouri, as well as several smaller colleges and a public high school. More than 1.5 million student check-ins have been logged this year nationwide, including in graduate seminars and chapel services.

SpotterEDU uses Bluetooth beacons roughly the size of a deck of cards to signal to a student’s smartphone once a student steps within range. Installers stick them on walls and ceilings — the less visible, Carter said, the better. He declined to allow The Washington Post to photograph beacons in classrooms, saying “currently students do not know what they look like.”

The Chicago-based company has experimented with ways to make the surveillance fun, gamifying students’ schedules with colorful Bitmoji or digital multiday streaks. But the real value may be for school officials, who Carter said can split students into groups, such as “students of color” or “out-of-state students,” for further review. When asked why an official would want to segregate out data on students of color, Carter said many colleges already do so, looking for patterns in academic retention and performance, adding that it “can provide important data for retention. Even the first few months of recorded data on class attendance and performance can help predict how likely a group of students is to” stay enrolled.

Students’ attendance and tardiness are scored into a point system that some professors use for grading, Carter said, and schools can use the data to “take action” against truant students, such as grabbing back scholarship funds.

The system’s national rollout could be made more complicated by Carter’s history. He agreed earlier this year to stay more than 2,500 feet from the athletic offices of DePaul University, where he was the associate head basketball coach from 2015 to 2017, following an order of protection filed against him and allegations that he had threatened the school’s athletic director and head basketball coach. The order, Carter said, is related to NCAA violations at the program during his time there and has nothing to do with SpotterEDU.

Some administrators love the avalanche of data these kinds of WiFi-based systems bring. “Forget that old ominous line, ‘We know where you live.’ These days, it’s, ‘We know where you are,’ ” Purdue University president Mitch Daniels wrote last year about his school’s location-tracking software. “Isn’t technology wonderful?”

Tech Firms Are Spying on You. In a Pandemic, Governments Say That’s OK.
By Sam Schechner, Kirsten Grind and Patience Haggin

While an undergraduate at the University of Virginia, Joshua Anton created an app to prevent users from drunk dialing, which he called Drunk Mode. He later began harvesting huge amounts of user data from smartphones to resell to advertisers.

Now Mr. Anton’s company, called X-Mode Social Inc., is one of a number of little-known location-tracking companies that are being deployed in the effort to reopen the country. State and local authorities wielding the power to decide when and how to reopen are leaning on these vendors for the data to underpin those critical judgment calls.

X-Mode says it now collects detailed location information from more than 300 apps, such as weather and navigation apps, many of which need users’ location to function well. X-Mode pays the developers of those apps to integrate its tracking software into their designs.

Mr. Anton says X-Mode has been pushing apps that include its software to insert pop-ups that more prominently notify users that their location data may be used for tailored ads and research.

The company doesn’t disclose the apps’ names, citing mainly the risk of tipping off competitors.

Some apps disclose in their privacy policies, however, that X-Mode is built into them. One such app is What The Forecast?!!, a weather tracker that delivers local conditions using curse words.

X-Mode then licenses access to its data sets to other businesses, typically ad-tech companies selling targeted ads, investors looking to analyze business trends or app developers interested in knowing what places their users frequent.

During the pandemic, X-Mode has emerged as among the more prolific location-data providers. The company’s data fed a partnership with Tectonix, a Maryland-based data-visualization company, to produce graphics showing the impact of social distancing—or the lack of it.

One of the visualizations, which Tectonix posted on Twitter, shows its dashboard zooming down into a cloud of orange dots crowding a beach in Fort Lauderdale, Fla., during spring break. The posting then shows the results of what it calls a “spider query” to show how devices on that beach later traveled across the country—with their owners potentially spreading the new coronavirus.

The charts went viral on Twitter.

“The phone started ringing that Saturday across the board, and it hasn’t stopped really ringing, which has been great,” X-Mode’s Mr. Anton said.

Like some other data providers, X-Mode is offering free one-month subscriptions to its Covid-19 data to researchers and nonprofits on a data exchange operated by Amazon. The company has also advertised a commercial 12-month subscription to its “COVID-19 Daily Geolocation Data” in the U.S. for $600,000, according to a posting on the exchange.

In New York City and other cities and states, officials have considered a “Pandemic Management Platform” from the Covid Alliance, which integrates X-Mode data to display aggregated information about population movements in the city, a Covid Alliance spokesman said. A spokesman for New York City confirmed the talks but said no commitment has been made.

Officials could, for instance, use the system to visualize which residential communities are home to many people who work in nursing homes, which it would determine by looking at the nighttime locations of phones that visited the facility every day, a Covid Alliance representative said.

“Everything is a little bit of a privacy trade-off. But in general we do privacy trade-offs every single day in the course of our normal business of life,” said Stephen Levin, a New York City councilman in Brooklyn. “Nothing I’ve seen so far is any more of a trade-off than taking an Uber.”

X-Mode also has a deal to provide location data to San Francisco-based OmniSci, which is pitching analysis and mapping services using that information, as well as data from other providers, such as SafeGraph, to federal and state authorities. OmniSci says its analyses could help officials identify potential virus outbreaks as the country reopens.

Todd Mostak, OmniSci’s chief executive, recently let a Journal reporter watch as he used his system to filter X-Mode data from five million devices to focus only on those that had spent at least 24 hours in a Florida hospital over the last two weeks of March. Mr. Mostak then drilled down to show which points of interest those phones had visited earlier in the month, including major attractions like Walt Disney World and minor ones, like a large supermarket in Fort Myers, which the data indicated had been visited by 12 of the devices.

“You can kind of determine what the transmission vectors are for the disease and potentially shut down hot spots you might not otherwise be able to see,” Mr. Mostak said.

He added that his company is working on a way to automate such analyses so that they spit out only lists of establishments and their risk scores, making it harder to identify individuals.

A map of Dallas County, Texas, on the Covid Alliance dashboard for local governments to observe activity at businesses and other points of interest based on data collected through apps on users’ smartphones.

X-Mode says it contractually bars its partners from using its data to identify individuals.

Law Enforcement’s Use of Commercial Phone Data Stirs Surveillance Fight
By Byron Tau

Few consumers realize how much information their phones, cars and other connected devices broadcast to commercial brokers and how widely it is used in finance, real-estate planning and advertising. While such data has been quietly used for years in intelligence, espionage and military operations, its increasing use in criminal law raises a host of potential constitutional questions.

Data brokers sprung up to help marketers and advertisers better communicate with consumers. But over the past few decades, they have created products that cater to the law-enforcement, homeland-security and national-security markets. Their troves of data on consumer addresses, purchases, and online and offline behavior have increasingly been used to screen airline passengers, find and track criminal suspects, and enforce immigration and counterterrorism laws.

U.S. Government Contractor Embedded Software in Apps to Track Phones
By Byron Tau

Numerous agencies of the U.S. government have concluded that mobile data acquired by federal agencies from advertising is lawful. Several law-enforcement agencies are using such data for criminal-law enforcement, the Journal has reported, while numerous U.S. military and intelligence agencies also acquire this kind of data.

Many private-sector companies in the advertising and marketing world buy and sell geolocation data, sometimes reselling it to government agencies or contractors. But the direct collection of such data by a business closely linked to U.S. national security agencies is unusual.

In the data drawn from apps, each cellphone is typically represented by an alphanumeric identifier that isn’t linked to the name of the cellphone’s owner. But the movement patterns of a phone over time can allow analysts to deduce its ownership—for example, where the phone is located during the evenings and overnight is likely where the phone-owner lives.

The information, gathered into what’s known as a “pattern of life” analysis, can provide a richer understanding of the habits and behaviors of potential intelligence targets, and to possibly predict their future behavior.

NSA Warns Cellphone Location Data Could Pose National-Security Threat
By Byron Tau and Dustin Volz

“Location data can be extremely valuable and must be protected. It can reveal details about the number of users in a location, user and supply movements, daily routines (user and organizational), and can expose otherwise unknown associations between users and locations,” the NSA bulletin warned.

Among its recommendations, the NSA advises disabling location-sharing services on mobile devices, granting apps as few permissions as possible and turning off advertising permissions. The NSA also recommends limiting mobile web browsing, adjusting browser options to not allow the use of location data, and switching off settings that help track a misplaced or stolen phone.

Apps often collect and share anonymized location data with third-party location data brokers who in turn sell their commercial products to government and corporate customers, The Wall Street Journal has reported. The sale of the data, especially to the government, is generally done without consumer awareness.

Other services can estimate a phone’s location based on its proximity to other Bluetooth devices or Wi-Fi networks. More invasive technologies used by law-enforcement and intelligence services—such as “Stingray” cell-tower simulators often used by police to collect location information, as well as Wi-Fi “sniffers” that can extract information about a phone based on network information—can collect a phone’s location without user permission.

The agency’s warning extended beyond phones, noting that fitness trackers, smartwatches, internet-connected medical devices, other smart-home devices and modern automobiles all contain location-tracking potential.

That data is used by commercial entities for targeted advertising, marketing research and investment decisions. But governments world-wide, including the U.S. government, are increasingly interested in collecting commercial information harvested from cellphones to do surveillance and track criminal suspects.

The Defense Department previously raised concerns about how its personnel might be inadvertently revealing sensitive information via location trackers. The fitness app Strava publicly released a map in 2017 of three trillion individual GPS data points from users who logged their running or cycling routes. But within that data, researchers at nongovernmental organizations and journalists gleaned a trove of valuable national-security information—like the location of U.S. forward-operating bases in Afghanistan, the routes of military supply convoys and the location of secret CIA facilities.

Google tracked his bike ride past a burglarized home. That made him a suspect.
By Jon Schuppe

The email arrived on a Tuesday afternoon in January, startling Zachary McCoy as he prepared to leave for his job at a restaurant in Gainesville, Florida.

It was from Google’s legal investigations support team, writing to let him know that local police had demanded information related to his Google account. The company said it would release the data unless he went to court and tried to block it. He had just seven days.

“I was hit with a really deep fear,” McCoy, 30, recalled, even though he couldn’t think of anything he’d done wrong. He had an Android phone, which was linked to his Google account, and, like millions of other Americans, he used an assortment of Google products, including Gmail and YouTube. Now police seemingly wanted access to all of it.

“I didn’t know what it was about, but I knew the police wanted to get something from me,” McCoy said in a recent interview. “I was afraid I was going to get charged with something, I don’t know what.”

There was one clue.

In the notice from Google was a case number. McCoy searched for it on the Gainesville Police Department’s website, and found a one-page investigation report on the burglary of an elderly woman’s home 10 months earlier. The crime had occurred less than a mile from the home that McCoy, who had recently earned an associate degree in computer programming, shared with two others.

Now McCoy was even more panicked and confused. He knew he had nothing to do with the break-in ─ he’d never even been to the victim’s house ─ and didn’t know anyone who might have. And he didn’t have much time to prove it.

McCoy worried that going straight to police would lead to his arrest. So he went to his parents’ home in St. Augustine, where, over dinner, he told them what was happening. They agreed to dip into their savings to pay for a lawyer.

The lawyer, Caleb Kenyon, dug around and learned that the notice had been prompted by a “geofence warrant,” a police surveillance tool that casts a virtual dragnet over crime scenes, sweeping up Google location data — drawn from users’ GPS, Bluetooth, Wi-Fi and cellular connections — from everyone nearby.

The warrants, which have increased dramatically in the past two years, can help police find potential suspects when they have no leads. They also scoop up data from people who have nothing to do with the crime, often without their knowing ─ which Google itself has described as “a significant incursion on privacy.”

Still confused ─ and very worried ─ McCoy examined his phone. An avid biker, he used an exercise-tracking app, RunKeeper, to record his rides. The app relied on his phone’s location services, which fed his movements to Google. He looked up his route on the day of the March 29, 2019, burglary and saw that he had passed the victim’s house three times within an hour, part of his frequent loops through his neighborhood, he said.

“It was a nightmare scenario,” McCoy recalled. “I was using an app to see how many miles I rode my bike and now it was putting me at the scene of the crime. And I was the lead suspect.”

While privacy and civil liberties advocates have been concerned that geofence warrants violate constitutional protections from unreasonable searches, law enforcement authorities say those worries are overblown. They say police don’t obtain any identifying information about a Google user until they find a device that draws their suspicion. And the information alone is not enough to justify charging someone with a crime, they say.

Google geofence warrants have been used by police agencies around the country, including the FBI. Google said in a court filing last year that the requests from state and federal law enforcement authorities were increasing rapidly: by more than 1,500 percent from 2017 to 2018, and by 500 percent from 2018 to 2019.

Milwaukee police have used Google geofence warrants to solve an array of crimes, including homicides, shootings, a string of robberies and kidnappings and a sexual assault involving an abduction, he said. “I would think the majority of citizens in the world would love the fact that we are putting violent offenders in jail,” Armbruster said.

For most of his life, McCoy said, he had tried to live online anonymously, a habit that dated to the early days of the internet when there was less expectation that people would use their real names. He used pseudonyms on his social media accounts and the email account that Google used to notify him about the police investigation.

But until then, he hadn’t thought much about Google collecting information about him.

“I didn’t realize that by having location services on that Google was also keeping a log of where I was going,” McCoy said. “I’m sure it’s in their terms of service but I never read through those walls of text, and I don’t think most people do either.”

“If you’re innocent, that doesn’t mean you can’t be in the wrong place at the wrong time, like going on a bike ride in which your GPS puts you in a position where police suspect you of a crime you didn’t commit,” McCoy said.

Kenyon argued that the warrant was unconstitutional because it allowed police to conduct sweeping searches of phone data from untold numbers of people in order to find a single suspect.

That approach, Kenyon said, flipped on its head the traditional method of seeking a search warrant, in which police target a person they already suspect.

“This geofence warrant effectively blindly casts a net backwards in time hoping to ensnare a burglar,” Kenyon wrote. “This concept is akin to the plotline in many a science fiction film featuring a dystopian, fascist government.”

The case ended well for McCoy, Kenyon said, but “the larger privacy fight will go unanswered.”

Even then, Kenyon wanted to make sure police didn’t have lingering doubts about McCoy, whom they still knew only as “John Doe.” So he met with the detective again and showed him screenshots of his client’s Google location history, including data recorded by RunKeeper. The maps showed months of bike rides past the burglarized home.

In the end, the same location data that raised police suspicions of McCoy also helped to vindicate him, Kenyon said. “But there was no knowing what law enforcement was going to do with that data when they got it behind closed doors. Not that I distrust them, but I wouldn’t trust them not to arrest someone.”

He pointed to an Arizona case in which a man was mistakenly arrested and jailed for murder largely based on Google data received from a geofence warrant.

McCoy said he may have ended up in a similar spot if his parents hadn’t given him several thousand dollars to hire Kenyon.

He regrets having to spend that money. He also thinks about the elderly burglary victim. Police said they have not made any arrests.

“I’m definitely sorry that happened to her, and I’m glad police were trying to solve it,” McCoy said. “But it just seems like a really broad net for them to cast. What’s the cost-benefit? How many innocent people do we have to harass?”

FBI Expands Ability to Monitor Social Media, Location Data
By Lee Fang

On June 9, after demonstrations around the country erupted over the police killing of George Floyd, the FBI signed an expedited agreement to extend its relationship with Dataminr, a company that monitors social media.

About a week prior, the agency modified an agreement it signed in February with Venntel, Inc., a Virginia technology firm that maps and sells the movements of millions of Americans. The company purchases bulk location data and sells it largely to government agencies.

The Intercept has reported that since the recent wave of street demonstrations, FBI agents have questioned at least one individual for simply tweeting in jest that they are members of “antifa,” a reference to a style of violent activism popular among some on the activist far-left. Members of the Joint Terrorism Task Force have also questioned protest organizers at their homes — sometimes within hours of posting an event on social media.

The FBI has tapped other notable surveillance firms in recent years, including Palantir, which builds tools to visualize relationships using an array of information, from social media to license plate numbers.

How America’s surveillance networks helped the FBI catch the Capitol mob
By Drew Harwell and Craig Timberg

More than 300 suspects have been charged in the melee that shook the nation’s capital and left five people dead.

The federal documents provide a rare view of the ways investigators exploit the digital fingerprints nearly everyone leaves behind in an era of pervasive surveillance and constant online connection. They illustrate the power law enforcement now has to hunt down suspects by studying the contours of faces, the movements of vehicles and even conversations with friends and spouses.

But civil liberties groups warn that some of these technologies threaten Americans’ privacy rights. More than a dozen U.S. cities have banned local police or government officials from using facial recognition technology, and license plate readers have sparked lawsuits arguing that it is unconstitutional to constantly log people’s locations for government review, with scant public oversight.

“Whenever you see this technology used on someone you don’t like, remember it’s also being used on a social movement you support,” said Evan Greer, director of the digital rights advocacy group Fight for the Future. “Once in a while, this technology gets used on really bad people doing really bad stuff. But the rest of the time it’s being used on all of us, in ways that are profoundly chilling for freedom of expression.”

The cache of federal documents lays out a sprawling mix of FBI techniques: license plate readers that captured suspects’ cars on the way to Washington; cell-tower location records that chronicled their movements through the Capitol complex; facial recognition searches that matched images to suspects’ driver’s licenses or social media profiles; and a remarkably deep catalogue of video from surveillance systems, live streams, news reports and cameras worn by the police who swarmed the Capitol that day.

The federal documents cite evidence gleaned from virtually every major social media service: Parler is mentioned in more than 20 cases, Twitter in more than 60 and Facebook in more than 125. On Snapchat, a woman posted videos “bragging about the attack,” according to one criminal complaint. In another, a man was said to have posted video to TikTok of himself fighting with National Guard members and getting pepper-sprayed.

Investigators also sent “geofence” search warrants to Google, asking for the account information of any smartphone Google had detected on Jan. 6 inside the Capitol via GPS satellites, Bluetooth beacons and WiFi access points. Investigators then compiled an “exclusion list” of phones owned by people who were authorized to be in the Capitol on Jan. 6, including members of Congress and first responders. Everyone else was fair game.

Federal officials filed similarly broad search warrants to Facebook, demanding the account information associated with every live stream that day from inside the vast complex.

License plate readers and facial recognition software together played a documented role in helping identify suspects in nearly a dozen cases, the federal records show. In many cases, agents used existing government contracts to access privately maintained databases that required no court approval. In several cases, including for facial recognition searches, it’s unclear what software the government used to build the cases for arrests.

Many cases also hinge on imperfect technology and fallible digital evidence that could undermine prosecutors’ claims. Blurry license plate reader images, imprecise location tracking systems, misunderstood social media posts and misidentified facial recognition matches all could muddy an investigation or falsely implicate an innocent person.

Many of the Trump supporters who marauded through the Capitol that day showed little interest in concealing their presence, posting selfies, gloating on Twitter and sharing video of chaotic violence and ransacked hallways.

Others, however, attempted to hide their identities and throw off investigators afterward, according to FBI agents’ claims. Suspects covered their faces, switched hats during the day and threatened family members and witnesses to keep quiet afterward, the criminal complaints allege. They deleted social media accounts, hid out in hotels or ditched potentially incriminating phones, according to the documents. One suspect stopped using a car he feared might be on authorities’ radar, the federal documents show, while another said he “fried” his electronics in a microwave. The FBI’s surveillance efforts found them anyway.

Increasingly pervasive use of facial recognition by local police forces also helped fuel the FBI’s nationwide manhunt. After the FBI began asking for help by circulating bulletins with suspects’ images, 12 detectives and crime analysts with the Miami Police Department began running the photos through Clearview AI, a facial recognition tool built on billions of social media and public images from around the Web.

Officers signed a contract with the tool’s creators last year, hoping for a potential breakthrough: Their other facial recognition search only looks through official photos, such as jail mug shots. But Clearview has faced lawsuits from advocacy groups arguing its technology violates privacy rights, and Google and Facebook have demanded the company stop copying their photos into its searchable database.

The Miami police team has run 129 facial recognition searches through Clearview and sent 13 possible matches to FBI agents for further investigation, said Armando R. Aguilar, assistant chief of the department’s Criminal Investigations Division, adding, “We were happy to help however we could.”

Clearview AI’s chief executive, Hoan Ton-That, declined to provide specifics but said in a statement to The Post that “it is gratifying that Clearview AI has been used to identify the Capitol rioters who attacked our great symbol of democracy.”

The FBI also has been aided by the online army of self-proclaimed “sedition hunters,” like the one who helped identify Caldwell. They scoured the Web for clues to track down rioters and often tweeted their findings publicly in what amounted to a crowdsourced investigation of the Capitol attack.

Biden team may partner with private firms to monitor extremist chatter online
By Zachary Cohen and Katie Bo Williams

DHS officials are exploring ways to enhance the department’s information gathering within the bounds of its current authorities, multiple sources told CNN. The department is coordinating with the National Security Council and FBI as part of the effort, sources added.

Researchers who already monitor such activity online could act as middlemen to obtain the information. DHS officials maintain the materials provided would only consist of broad summaries or analysis of narratives that are emerging on these sites and would not be used to target specific individuals.

But some of the research firms and non-profit groups under consideration by the DHS periodically use covert identities to access private social media groups like Telegram, and others used by domestic extremist groups. That thrusts DHS into a potential legal gray area even as it plugs an intelligence gap that critics say contributed to the failure to predict the assault on the Capitol.

Outsourcing some information gathering to outside firms would give DHS the benefit of tactics that it isn’t legally able to do in-house, such as using false personas to gain access to private groups used by suspected extremists, sources say.

The department is also working to expand its ability to collect information from public-facing social media sites where users’ posts offered clear warning signs about potential violence ahead of the January 6 attack, but were either ignored or underestimated by security officials prior to that date.

But any effort by the intelligence community to wade into the murky area of domestic spying is fraught with political risks, current and former officials say.

Gathering information on US citizens — no matter how abhorrent their beliefs — raises instant constitutional and legal challenges.

Exclusive: LAPD partnered with tech firm that enables secretive online spying
By Sam Levin and Johana Bhuiyan

Like many companies in this industry, Voyager Labs’ software allows law enforcement to collect and analyze large troves of social media data to investigate crimes or monitor potential threats.

But documents reveal the company takes this surveillance a step further. In its sales pitch to LAPD about a potential long-term contract, Voyager said its software could collect data on a suspect’s online network and surveil the accounts of thousands of the suspect’s “friends”. It said its artificial intelligence could discern people’s motives and beliefs and identify social media users who are most “engaged in their hearts” about their ideologies. And it suggested its tools could allow agencies to conduct undercover monitoring using fake social media profiles.

The documents don’t make clear what suite of tools the LAPD had access to during the trial or whether the department used some of the company’s more controversial features. But a report the company produced for the LAPD during this period says the department used the company’s software to investigate more than 500 social media profiles and to analyze thousands of messages. The redacted report said the LAPD had used the software for “real-time tactical intelligence”; “protective intelligence” for “VIPs” in local government and in the LAPD; and cases related to gangs, homicides and hate groups. An unnamed the LAPD investigator was quoted in the report as saying Voyager helped the department “identify a few new targets”.

Voyager showed LAPD how its software could have been used to investigate an alleged terrorist attack, analyzing the case of Adam Alsahli – a man killed after he opened fire at the Corpus Christi naval base in May 2020. Pointing to the man’s social media activity, Voyager claimed its AI could ascertain people’s “affinity for Islamic fundamentalism or extremism”. The company cited the shooter’s “pictures with Islamic themes” and said his Instagram accounts showed “his pride in and identification with his Arab heritage”. The company said its AI was so effective that its results, produced in minutes, did not “require any intervention or assessments by an analyst or investigator”.

In an October 2020 proposal document, Voyager also said its software could conduct a “sentiment analysis” to discern who was most emotionally invested and had the “passion needed to act on their beliefs”.

The documents show Voyager and LAPD officers also discussed some of the company’s most controversial proposals. In an October 2020 letter to the LAPD outlining details of a potential contract, Voyager claimed its social media monitoring was “traceless”, saying that the social media companies themselves would not be able to tell that LAPD was behind the surveillance.

In an earlier report to LAPD in 2019, Voyager said it was developing software to spy on WhatsApp groups using an “active persona mechanism”, or “avatar”, suggesting that police would create a fake account to collect information from a group.

Police Are Buying Access to Hacked Website Data
By Joseph Cox

Some companies are selling government agencies access to data stolen from websites in the hope that it can generate investigative leads, with the data including passwords, email addresses, IP addresses, and more.

Motherboard obtained webinar slides by a company called SpyCloud presented to prospective customers. In that webinar, the company claimed to “empower investigators from law enforcement agencies and enterprises around the world to more quickly and efficiently bring malicious actors to justice.” The slides were shared by a source who was concerned about law enforcement agencies buying access to hacked data. SpyCloud confirmed the slides were authentic to Motherboard.

“We’re turning the criminals’ data against them, or at least we’re empowering law enforcement to do that,” Dave Endler, co-founder and chief product officer of SpyCloud, told Motherboard in a phone call.

By buying products from SpyCloud, law enforcement would also be obtaining access to hacked data on people who are not associated with any crimes—the vast majority of people affected by data breaches are not criminals—and would not need to follow the usual mechanisms of sending a legal request to a company to obtain user data.

Censorship, Surveillance and Profits: A Hard Bargain for Apple in China
By Jack Nicas, Raymond Zhong and Daisuke Wakabayashi

Two decades ago, as Apple’s operations chief, Mr. Cook spearheaded the company’s entrance into China, a move that helped make Apple the most valuable company in the world and made him the heir apparent to Steve Jobs. Apple now assembles nearly all of its products and earns a fifth of its revenue in the China region. But just as Mr. Cook figured out how to make China work for Apple, China is making Apple work for the Chinese government.

Behind the scenes, Apple has constructed a bureaucracy that has become a powerful tool in China’s vast censorship operation. It proactively censors its Chinese App Store, relying on software and employees to flag and block apps that Apple managers worry could run afoul of Chinese officials, according to interviews and court documents.

A Times analysis found that tens of thousands of apps have disappeared from Apple’s Chinese App Store over the past several years, more than previously known, including foreign news outlets, gay dating services and encrypted messaging apps. It also blocked tools for organizing pro-democracy protests and skirting internet restrictions, as well as apps about the Dalai Lama.

At a summit for its new Chinese engineers and designers, Apple showed a video that ended with a phrase that Apple had been inscribing on the backs of iPhones for years: “Designed by Apple in California.”

The Chinese employees were angered, according to Mr. Guthrie and another person in the room. If the products were designed in California, they shouted, then what were they doing in China?

“The statement was deeply offensive to them,” said Mr. Guthrie, who left Apple in 2019 to return to his home in Michigan. “They were just furious.”

The next iPhone didn’t include the phrase.

In November 2016, China approved a law requiring that all “personal information and important data” that is collected in China be kept in China.

Apple’s iCloud service allows customers to store some of their most sensitive data — things like personal contacts, photos and emails — in the company’s data centers. The service can back up everything stored on an iPhone or Mac computer, and can reveal the current location of a user’s Apple devices. Most of that data for Chinese customers was stored on servers outside China.

Apple’s China team warned Mr. Cook that China could shut down iCloud in the country if it did not comply with the new cybersecurity law. So Mr. Cook agreed to move the personal data of his Chinese customers to the servers of a Chinese state-owned company. That led to a project known inside Apple as “Golden Gate.”

Apple encrypts customers’ private data in its iCloud service. But for most of that information, Apple also has the digital keys to unlock that encryption.

The location of the keys to the data of Chinese customers was a sticking point in talks between Apple and Chinese officials, two people close to the deliberations said. Apple wanted to keep them in the United States; the Chinese officials wanted them in China.

With the keys in China, the government has two avenues to the data, security experts said: demand it — or take it without asking.

The Chinese government regularly demands data from Chinese companies, often for law-enforcement investigations. Chinese law requires the companies to comply.

U.S. law has long prohibited American companies from turning over data to Chinese law enforcement. But Apple and the Chinese government have made an unusual arrangement to get around American laws.

In China, Apple has ceded legal ownership of its customers’ data to Guizhou-Cloud Big Data, or GCBD, a company owned by the government of Guizhou Province, whose capital is Guiyang. Apple recently required its Chinese customers to accept new iCloud terms and conditions that list GCBD as the service provider and Apple as “an additional party.” Apple told customers the change was to “improve iCloud services in China mainland and comply with Chinese regulations.

The terms and conditions included a new provision that does not appear in other countries: “Apple and GCBD will have access to all data that you store on this service” and can share that data “between each other under applicable law.”

Under the new setup, Chinese authorities ask GCBD — not Apple — for Apple customers’ data, Apple said. Apple believes that gives it a legal shield from American law, according to a person who helped create the arrangement. GCBD declined to answer questions about its Apple partnership.

In the three years before China’s cybersecurity law went into effect, Apple never provided the contents of a user’s iCloud account to the Chinese authorities and challenged 42 Chinese government requests for such data, according to statistics released by the company. Apple said it challenged those requests because they were illegal under U.S. law.

In the three years after the law kicked in, Apple said it provided the contents of an undisclosed number of iCloud accounts to the government in nine cases and challenged just three government requests.

Apple still appears to provide far more data to U.S. law enforcement. Over that same period, from 2013 through June 2020, Apple said it turned over the contents of iCloud accounts to U.S. authorities in 10,781 separate cases.

China’s Growing Censorship Is Training the Public to Be Online Snitches
By Tracy Wen Liu

Chinese official life runs on quotas—for censors, that means a certain amount of posts have to be deleted or a certain number of accounts deleted. With people too afraid to post meaningfully threatening or dissident content, the censors thus have to brand milder content as unacceptable to meet their own quotas.

But it’s also driven from below. The constant loss of freedom of speech makes some people anxious—but drives others to take advantage. A group of aggressive and assertive nationalists are able to become internet influencers by attacking people who they consider not patriotic enough. Some of the nationalists have made a successful career by doing so, including the Weibo user Gu Yan Mu Chan, who was named as an “ambassador to promote internet civilization” for Guangdong province.

Psychologically, instead of questioning the Chinese central government’s policies, people can resolve with themselves better by accepting those as in line with China’s unique conditions. A good amount of people who once tried so hard to use virtual private networks to break through the Great Firewall have now begun to believe that building a firewall is actually protecting Chinese people from “hostile foreign forces,” aka foreign media outlets. As Human Rights Watch has pointed out, as the control of speech in China gets savvier and more aggressive, a whole generation of people have also grown more nationalistic. Imagine the witch-hunting of the worst parts of Twitter—but backed by a totalitarian state.

Kodak Deletes Post by Photographer Who Called Xinjiang an ‘Orwellian Dystopia’
By Mike Ives

The American company Eastman Kodak has deleted an Instagram post featuring images of Xinjiang, a western Chinese region where the government is accused of grave human rights violations, after an online backlash from Beijing’s supporters.

The post was promoting the work of the French photographer Patrick Wack, who made several trips to Xinjiang in recent years and has collected his images into a book. The project received a lift last week when Kodak shared 10 of his images — all shot on Kodak film — with its 839,000 Instagram followers.

In the Kodak post and on his own Instagram account, Mr. Wack described his images as a visual narrative of Xinjiang’s “abrupt descent into an Orwellian dystopia” over the past five years. That did not sit well with Chinese social media users, who often object vociferously to Western criticism of Chinese government policies. In addition to deleting the post, Kodak apologized for “any misunderstanding or offense” that it might have caused.

Corporate records show that Kodak China has five companies registered in mainland China, all of them linked to a holding company in Hong Kong.

On the Twitter-like Chinese platform Sina Weibo, some users asked this week why such an “ancient” American brand was posting about China. Others said that Mr. Wack’s criticism of the Chinese government’s mass-incarceration policies in Xinjiang was at odds with his benign-looking landscape photography.

“Xinjiang is so beautiful, but Kodak tries to stealthily slip in its own bias to get attention” read the headline of an article on, a nationalistic news site, that was shared on Weibo by the Central Committee of the Communist Youth League.

Mr. Wack said on Wednesday that the landscapes were made partly for aesthetic reasons, but also practical ones: He was heavily surveilled by the authorities during his trips to Xinjiang and would not have been able to photograph arrests, internment camps or other obvious signs of repression.

China’s Surveillance State Sucks Up Data. U.S. Tech Is Key to Sorting It.
By Paul Mozur and Don Clark

At the end of a desolate road rimmed by prisons, deep within a complex bristling with cameras, American technology is powering one of the most invasive parts of China’s surveillance state.

The computers inside the complex, known as the Urumqi Cloud Computing Center, are among the world’s most powerful. They can watch more surveillance footage in a day than one person could in a year. They look for faces and patterns of human behavior. They track cars. They monitor phones.

The Chinese government uses these computers to watch untold numbers of people in Xinjiang, a western region of China where Beijing has unleashed a campaign of surveillance and suppression in the name of combating terrorism.

Companies often point out that they have little say over where their products end up. The chips in the Urumqi complex, for example, were sold by Intel and Nvidia to Sugon, the Chinese company backing the center. Sugon is an important supplier to Chinese military and security forces, but it also makes computers for ordinary companies.

“With the help of cloud computing, big data, deep learning and other technologies, the intelligent video analysis engine can integrate police data and applications from video footage, Wi-Fi hot spots, checkpoint information, and facial recognition analysis to support the operations of different departments” within the Chinese police, Sugon said in a 2018 article posted to an official social media account.

On the occasion of a visit by local Communist Party leaders to the complex that year, it wrote on its website that the computers had “upgraded the thinking from after-the-fact tracking to before-the-fact predictive policing.”

In Xinjiang, predictive policing often serves as shorthand for pre-emptive arrests aimed at behavior deemed disloyal or threatening to the party. That could include a show of Muslim piety, links to family living overseas or owning two phones or not owning a phone, according to official Uighur testimony and Chinese policy documents.

Technology helps sort vast amounts of data that humans cannot process, said Jack Poulson, a former Google engineer and founder of the advocacy group Tech Inquiry.

“When you have something approaching a surveillance state, your primary limitation is on your ability to identify events of interest within your feeds,” he said. “The way you scale up your surveillance is through machine learning and large scale A.I.”

Palantir’s Peter Thiel thinks people should be concerned about surveillance AI
By Sam Shead

Tech billionaire Peter Thiel believes that people should be more worried about “surveillance AI” rather than artificial general intelligences, which are hypothetical AI systems with superhuman abilities.

The venture capitalist, who co-founded big data firm Palantir, said at an event in Miami on Wednesday that on the path to AGI, you get surveillance AI, which he described as a “communist totalitarian technology.”

Those that are worried about AGI aren’t actually “paying attention to the thing that really matters,” Thiel said, adding that governments will use AI-powered facial recognition technology to control people.

His comments come three years after Bloomberg reported that “Palantir knows everything about you.” Thiel has also invested in facial recognition company Clearview AI and surveillance start-up Anduril.

Palantir, which has a market value of $48 billion, has developed data trawling technology that intelligence agencies and governments use for surveillance and to spot suspicious patterns in public and private databases. Customers reportedly include the CIA, FBI, and the U.S. Army.

Silicon Valley Investment Firm Profits From Surveillance States
By Ryan Gallagher

Don Bowman, co-founder of Sandvine Inc., was always aware of the risks his company’s products posed. Sandvine makes what’s called deep packet inspection equipment, tools useful for spam filtering and internet network management that can also be used for surveillance and censorship. During Bowman’s two-decade tenure, Sandvine periodically turned down potential clients, including a telecommunications company partially owned by the Turkish government that wanted Sandvine to help it spy on email correspondence. “What that could lead to—we’re talking about journalists vanishing, whistleblowers put in jail,” says Bowman, who has since founded a security company called Agilicus in Kitchener, Ont. “We didn’t want to be part of that.”

Such concerns didn’t appear to take priority after Francisco Partners Management LLC, a private equity firm in San Francisco that primarily invests in technology companies, bought Sandvine in 2017. Francisco Partners replaced Sandvine’s entire executive team, including Bowman, and Sandvine then began selling to governments with troubling records on human rights, according to interviews with more than a dozen people familiar with the matter and documents reviewed by Bloomberg News. Sandvine had previously dealt exclusively with the private sector, and its pursuit of government contracts, Bowman says, represented “a fundamental shift for the company.”

Sandvine doesn’t make its client list public and declined to comment for this story. But according to documents reviewed by Bloomberg, from 2018 to 2020 the company agreed to deals worth more than $100 million with governments in countries including Algeria, Belarus, Djibouti, Egypt, Eritrea, Iraq, Kenya, Kuwait, Pakistan, the Philippines, Qatar, Singapore, Turkey, the United Arab Emirates, and Uzbekistan. In its rankings of political freedom, the human-rights group Freedom House classified all these countries as either partially free or not free. Eritrea rated 206th out of 210 countries the group examined, worse even than North Korea.

Sandvine faced criticism after Bloomberg News disclosed how Belarusian President Alexander Lukashenko’s regime had used its technology last summer to partially shut down the internet during nationwide protests over a disputed election.

The market for government surveillance technology is about $12 billion annually, according to Moody’s, and the estimates for the deep packet inspection market peg it at about one-quarter that size.

Sandvine devised ways of detecting particular types of data, even if it was encrypted, so its technology could tell whether people were sending WhatsApp messages or viewing Facebook and YouTube videos, even if it couldn’t monitor the content. In an internal newsletter he sent to employees in August, Sandvine Chief Technical Officer Alexander Haväng cited the technology as a way to appeal to governments whose surveillance efforts were complicated by encryption. Sandvine’s equipment could “show who’s talking to who, for how long, and we can try to discover online anonymous identities who’ve uploaded incriminating content online,” he wrote.

… Belarus used Sandvine’s equipment to help shut down news websites, social media platforms, and messaging apps amid nationwide protests. Haväng initially told concerned employees that Sandvine didn’t want to play “world police,” before eventually reversing course.

Sandvine has said it requested that Belarus return the equipment it had purchased. But that country’s government has declined, and Sandvine can’t force it to do so, according to Francisco Partners. The gear has remained in use at two data centers in Minsk, where it’s filtering a large portion of the internet traffic that goes in and out of Belarus, according to documents reviewed by Bloomberg News. Activists in the country have reported that dozens of news and political websites remain blocked and say that during protests as recently as October, there were signs that the government used Sandvine’s equipment to disrupt usage of the encrypted chat app Telegram.

“We were satisfied when we heard the news that Sandvine had stopped cooperation with the government,” says Alexey Kozliuk, a co-founder of Human Constanta, a human-rights organization in Belarus. “But the damage has already been done.”

Singapore’s tech-utopia dream is turning into a surveillance state nightmare
By Peter Guest

Singapore has built a global brand out of its schoolmasterly for-your-own-good discipline, with disproportionately severe punishments — including the death penalty for drug smuggling — acting as a deterrent against disruptions to good social order. For those who stay inside the lines, it offers comfort, prosperity, and a textureless sort of freedom; the average citizen is expected to trust the government to deliver safety, in exchange for a certain loss of control over their individual liberties.

That safety requires constant vigilance. The city must be watched. The smart cameras that are being trialled in Changi are just a part of a nationwide thrust towards treating surveillance as part of everyday life. Ninety-thousand police cameras watch the streets, and by the end of the decade, there will be 200,000. Sensors, including facial recognition cameras and crowd analytics systems, are being positioned across the city.

The technology alone isn’t unique — it’s used in many countries. But Singapore’s ruling party sees dangers everywhere, and seems increasingly willing to peer individually and en masse into people’s lives.

More than 100,000 “smart lamp posts” will monitor traffic and environmental conditions (and people). In a rapidly ageing population, robots will help the elderly stay fit, healthy and upright. A nationwide biometric database will speed up processing at the already snappy border points, and improve security at banks and public services.

Delivering in the name of efficiency has worked for many Singaporeans. Trust in the system is high, and a majority of people’s experiences with it are benign — occasionally frustrating, but benign. There’s a widespread belief that social change is incremental, and delivered by the system; calling for a dramatic break just gets in the way of progress.

That can mean that technology gets built to solve problems for the government, rather than for citizens.

Singapore society at large had a reminder of system creep in January this year. In June 2020, as the government tried to get more of the population to sign up to TraceTogether, it had reassured people that their data was safe, and that it would only ever be used for contact tracing. Seven months later, it admitted that wasn’t true: that the police could access the data, and had already used it in an investigation.

This reversal came as little surprise to privacy experts and activists, who said that the state is rarely open about its use of residents’ personal data. “We have zero transparency as to what the government does,” Indulekshmi Rajeswari, a Singaporean privacy lawyer and LGBTQI activist, told Rest of World. “Some of these things only come out if there is a breach.”

And data breaches have occurred. In January 2019, the government admitted that the names and addresses of 14,000 Singaporean citizens and residents with HIV had been leaked online. In a state where it’s technically illegal for men to have sex with men, it was felt as an extraordinary breach of trust. In another lapse, private correspondence between 13 death row inmates and their lawyers was passed onto the attorney general’s office. (The high court has said the government can’t be held accountable over the breach.)

Sometimes the data is released deliberately. In December 2019, the Central Provident Fund Board, which administers the state pension system, revealed the name of a woman whose claim that she’d been driven to attempt suicide due to financial distress went viral.

These incidents are seen either as aberrations, or as necessary collateral damage in the government’s drive for efficiency. The government has been able to justify the collection and use of data on the grounds that this gives them the tools to improve governance. But it hasn’t put in place any checks and balances on itself.

Israel escalates surveillance of Palestinians with facial recognition program in West Bank
By Elizabeth Dwoskin

The Israeli military has been conducting a broad surveillance effort in the occupied West Bank to monitor Palestinians by integrating facial recognition with a growing network of cameras and smartphones, according to descriptions of the program by recent Israeli soldiers.

The surveillance initiative, rolled out over the past two years, involves in part a smartphone technology called Blue Wolf that captures photos of Palestinians’ faces and matches them to a database of images so extensive that one former soldier described it as the army’s secret “Facebook for Palestinians.” The phone app flashes in different colors to alert soldiers if a person is to be detained, arrested or left alone.

To build the database used by Blue Wolf, soldiers competed last year in photographing Palestinians, including children and the elderly, with prizes for the most pictures collected by each unit. The total number of people photographed is unclear but, at a minimum, ran well into the thousands.

In addition to Blue Wolf, the Israeli military has installed face-scanning cameras in the divided city of Hebron to help soldiers at checkpoints identify Palestinians even before they present their I.D. cards. A wider network of closed-circuit television cameras, dubbed “Hebron Smart City,” provides real-time monitoring of the city’s population and, one former soldier said, can sometimes see into private homes.

“I wouldn’t feel comfortable if they used it in the mall in [my hometown], let’s put it that way,” said a recently discharged Israeli soldier who served in an intelligence unit. “People worry about fingerprinting, but this is that several times over.” She told The Post that she was motivated to speak out because the surveillance system in Hebron was a “total violation of privacy of an entire people.”

Israel’s use of surveillance and facial-recognition appear to be among the most elaborate deployments of such technology by a country seeking to control a subject population, according to experts with the digital civil rights organization AccessNow.

Official use of facial recognition technology has been banned by at least a dozen U.S. cities, including Boston and San Francisco, according to the advocacy group the Surveillance Technology Oversight Project. And this month the European Parliament called for a ban on police use of facial recognition in public places.

But a study this summer by the U.S. Government Accountability Office found that 20 federal agencies said they use facial recognition systems, with six law enforcement agencies reporting that the technology helped identify people suspected of lawbreaking during civil unrest. And the Information Technology and Innovation Foundation, a trade group that represents technology companies, took issue with the proposed European ban, saying it would undermine efforts by law enforcement to “effectively respond to crime and terrorism.”

How the Police Use Facial Recognition, and Where It Falls Short
By Jennifer Valentino-DeVries

Facial recognition has set off controversy in recent years, even as it has become an everyday tool for unlocking cellphones and tagging photos on social media. The industry has drawn in new players like Amazon, which has courted police departments, and the technology is used by law enforcement in New York, Los Angeles, Chicago and elsewhere, as well as by the F.B.I. and other federal agencies. Data on such systems is scarce, but a 2016 study found that half of American adults were in a law enforcement facial recognition database.

The gains in quality of the best facial recognition technology in recent years have been astounding. In government tests, facial recognition algorithms compared photos with a database of 1.6 million mug shots. In 2010, the error rate was just under 8 percent in ideal conditions — good lighting and high-resolution, front-facing photos. In 2018, it was 0.3 percent. But in surveillance situations, law enforcement hasn’t been able to count on that level of reliability.

Perhaps the biggest controversy in facial recognition has been its uneven performance with people of different races. The findings of government tests released in December show that the type of facial recognition used in police investigations tends to produce more false positive results when evaluating images of black women. Law enforcement officials in Florida said the technology’s performance was not a sign that it somehow harbored racial prejudice.

Officials in Pinellas and elsewhere also stressed the role of human review. But tests using passport images have shown that human reviewers also have trouble identifying the correct person on a list of similar-looking facial recognition results. In those experiments, passport-system employees chose wrong about half the time.

Poorer-quality images are known to contribute to mismatches, and dim lighting, faces turned at an angle, or minimal disguises such as baseball caps or sunglasses can hamper accuracy.

In China, law enforcement tries to get around this problem by installing intrusive high-definition cameras with bright lights at face level, and by tying facial recognition systems to other technology that scans cellphones in an area. If a face and a phone are detected in the same place, the system becomes more confident in a match, a Times investigation found.

In countries with stronger civil liberties laws, the shortcomings of facial recognition have proved problematic, particularly for systems intended to spot criminals in a crowd. A study of one such program in London, which has an extensive network of CCTV cameras, found that of the 42 matches the tool suggested during tests, only eight were verifiably correct.

Facial recognition is for-profit policing
By Matthew Walther

On a Thursday evening five months ago, one day before his 42nd birthday, Robert Julian-Borchak Williams was arrested in front of his wife and children at his home in Farmington Hills, Michigan. Asked what crime he was accused of committing, police refused to say. In response to questions about where her husband was being taken, one officer told Williams’s wife that she ought to “Google it.”

According to The New York Times, Williams was then brought to a police detention center. His mugshot was taken, as were samples of his fingerprints and DNA. He spent the night in jail. It was not until the middle of the next day that he would learn why he was there: because of a computer.

That, at any rate, is the excuse officers made when it became clear that Williams was not the man identified by an employee of a private security corporation, who passed on surveillance footage from Shinola, the Detroit-based luxury goods manufacturer, to the police department, who in turn ran the low-quality image through a database of some 49 million pictures, and on this basis arrested him for allegedly stealing $3,800 of merchandise from a store he had not visited in six years.

I say “excuse” because at no point in the course of the investigation — if that is the right word for what took place here — did officers attempt to verify or even question the identification yielded by the computer system. No one seems to have questioned whether the large Black man in the St. Louis Cardinals hat who appeared in the Shinola footage even slightly resembled Williams; no one bothered to ask in advance of his arrest whether he owned such a hat, whether he had been to Shinola recently, or indeed to ask him questions of any kind, including whether he had an alibi. (He did: it would in fact have taken all of 30 seconds for Williams to prove his innocence beyond any doubt, reasonable or otherwise, via his Instagram feed.)

The facial recognition technology that landed Williams in jail for a crime he could not possibly have committed is one of the greatest dangers to peace and justice in this country. It has the potential to be weaponized against the entire population. In the billions of hours of security footage taken in nearly every public location, to say nothing of the virtually limitless number of images of ourselves we have all made available online, it has an infinite amount of material to work with. The only thing standing between you and a jail cell is your ability to prove that you are not the person in a grainy video taken five months or a year ago.

EXPLAINER: Rittenhouse plane part of widespread surveillance
By Todd Richmond

According to an August 2020 Air Force inspector general report, the National Guard used surveillance planes to watch over demonstrations in Washington, D.C., Minnesota, Arizona and California after George Floyd’s death in Minneapolis that May.

The FBI used aircraft to monitor protests in Ferguson, Missouri, following the 2014 police shooting of Michael Brown and in Baltimore to track protests following Freddie Gray’s death in police custody in 2015. Democrat Barack Obama was president during both of those events. Law enforcement also used aerial surveillance to monitor a white nationalist rally in Charlottesville, Virginia, in 2017 that turned deadly. Republican Donald Trump was president at that time.

An Associated Press investigation in 2015 found that the FBI had built a fleet of at least 50 surveillance planes that flew more than 100 flights over 11 states during a one-month span in the spring of that year under the Obama administration. The AP traced the planes to at least 13 fake companies designed to obscure the identity of the aircraft and the pilots.

The AP review also found that the Drug Enforcement Administration had at least 92 surveillance aircraft as of 2011 under Obama. The U.S. Marshals Service also has operated its own aerial surveillance program.

Pilots can shoot video of the scenes below them using standard cameras, infrared sensors that pick up body heat and light sensors with enough resolution to show building features, basic vehicle features and movements such as people walking or riding bicycles. The planes also can carry technology that mimics cellphone towers, enabling agencies to track people’s cellphones even if they’re not making a call or in public. Much of the technology was developed for use by the U.S. military in Iraq as part of a project dubbed Gorgon Stare after the mythical Greek monster that could turn men to stone with a glance.

Even if the video images are blurry, agencies can still use them in combination with other data to discover people’s identities.

Aerial surveillance of people in public places is legal and is no different than a video camera mounted on a light pole, said William McGeveren, a University of Minnesota law professor who specializes in data privacy and free speech. Government agencies do not need a warrant to conduct such surveillance, he said.

However, the U.S. Supreme Court ruled in 2018 that extended surveillance of an individual over a large area is illegal. And the 4th U.S. Circuit Court of Appeals ruled in June that the Baltimore Police Department’s six-month trial aerial surveillance program was unconstitutional because the planes’ wide-angle cameras put virtually all city residents under surveillance for 12 hours a day. The ruling came after Black activists sued the city.

Government agencies can impose limitations on their own programs as well. The Air Force report found that the National Guard never got the required authorization from the secretary of defense or the secretary of the Army to launch aerial surveillance of the Floyd protests.

Such surveillance can help police respond in real time to demonstrations that turn violent and identify and arrest bad actors after the fact, protecting public safety.

But civil rights advocates fear that such surveillance leads to government agencies tracking people’s every move, making people afraid to leave their homes or be seen associating with others at political functions and amounting to violations of constitutional freedom of speech and association guarantees. The mere presence of government aircraft can intimidate those on the ground; two military helicopters buzzed protesters at a Floyd protest in Washington last summer, blasting protesters with high-speed wind from their rotors.

And the programs’ very existence can erode trust in the government, especially among Black leaders. One of the Black plaintiffs in the Baltimore case, for example, argued that she routinely visits murder scenes and was afraid that the surveillance program would result in police gathering specific information about her.

Amazon’s Ring is the largest civilian surveillance network the US has ever seen
By Lauren Bridges

Ring is effectively building the largest corporate-owned, civilian-installed surveillance network that the US has ever seen. An estimated 400,000 Ring devices were sold in December 2019 alone, and that was before the across-the-board boom in online retail sales during the pandemic. Amazon is cagey about how many Ring cameras are active at any one point in time, but estimates drawn from Amazon’s sales data place yearly sales in the hundreds of millions. The always-on video surveillance network extends even further when you consider the millions of users on Ring’s affiliated crime reporting app, Neighbors, which allows people to upload content from Ring and non-Ring devices.

Then there’s this: since Amazon bought Ring in 2018, it has brokered more than 1,800 partnerships with local law enforcement agencies, who can request recorded video content from Ring users without a warrant. That is, in as little as three years, Ring connected around one in 10 police departments across the US with the ability to access recorded content from millions of privately owned home security cameras. These partnerships are growing at an alarming rate.

Data I’ve collected from Ring’s quarterly reported numbers shows that in the past year through the end of April 2021, law enforcement have placed more than 22,000 individual requests to access content captured and recorded on Ring cameras. Ring’s cloud-based infrastructure (supported by Amazon Web Services) makes it convenient for law enforcement agencies to place mass requests for access to recordings without a warrant. Because Ring cameras are owned by civilians, law enforcement are given a backdoor entry into private video recordings of people in residential and public space that would otherwise be protected under the fourth amendment. By partnering with Amazon, law enforcement circumvents these constitutional and statutory protections, as noted by the attorney Yesenia Flores. In doing so, Ring blurs the line between police work and civilian surveillance and turns your neighbor’s home security system into an informant. Except, unlike an informant, it’s always watching.

Although Ring doesn’t currently use facial recognition in its cameras, Amazon has sold this technology to police in the past. Following pressure from AI researchers and civil rights groups, Amazon placed a one-year pause on police use of its controversial facial recognition technology, but this moratorium will expire in June.

While pressure from civil rights groups and lawmakers to end Ring’s partnerships with police has been building, we need to demand more transparency and accountability from Amazon and law enforcement about what data is being collected, with whom it’s being shared, and how it’s being used.

Massive camera hack exposes the growing reach and intimacy of American surveillance
By Drew Harwell

In one video, a woman in a hospital room watches over someone sleeping in an intensive-care-unit bed. In another, a man and three young children celebrate one Sunday afternoon over a completed puzzle in a carpeted playroom.

The private moments would have, in some other time, been constrained to memory. But something else had been watching: An Internet-connected camera managed by the security start-up Verkada, which sells cameras and software that customers can use to watch live video from anywhere across the Web.

With a single breach, those scenes — and glimpses from more than 149,000 security cameras — were suddenly revealed to hackers, who had used high-level log-in credentials to access and plunder Verkada’s vast camera network.

A hacker shared some of the materials with The Washington Post to spotlight the security threat of widespread surveillance technologies that subject the public to near-constant watch.

The cache includes real-world images and videos as well as the company’s voluminous client list, which names more than 24,000 organizations across a vast cross-section of American life, including schools, offices, gyms, banks, health clinics and county jails.

The breach, which was first reported by Bloomberg News, highlighted a central vulnerability undermining the modern Web: As more companies race to amass vast stores of sensitive data, they are also becoming more fruitful targets for attack and making it that much easier for thousands of unaware people to be suddenly exposed.

But it also revealed a sweeping change to the way America now watches itself, through the increasingly ubiquitous eyes of cheap, Internet-connected cameras that capture our lives in ways many people may not realize — and etch them onto a Web that never forgets.

“This breach should be a wake-up call to the dangers of self-surveillance,” said Andrew G. Ferguson, a law professor at American University Washington College of Law. “We are building networks of surveillance we cannot escape from without really thinking about the consequences. Our desire for some fake sense of security is its own security threat.”

Facial-Recognition Company That Works With Law Enforcement Says Entire Client List Was Stolen
By Betsy Swan

A facial-recognition company that contracts with powerful law-enforcement agencies just reported that an intruder stole its entire client list, according to a notification the company sent to its customers.

In the notification, which The Daily Beast reviewed, the startup Clearview AI disclosed to its customers that an intruder “gained unauthorized access” to its list of customers, to the number of user accounts those customers had set up, and to the number of searches its customers have conducted. The notification said the company’s servers were not breached and that there was “no compromise of Clearview’s systems or network.” The company also said it fixed the vulnerability and that the intruder did not obtain any law-enforcement agencies’ search histories.

Tor Ekeland, an attorney for the company, said Clearview prioritizes security.

“Security is Clearview’s top priority,” he said in a statement provided to The Daily Beast. “Unfortunately, data breaches are part of life in the 21st century. Our servers were never accessed. We patched the flaw, and continue to work to strengthen our security.”

The notification did not describe the breach as a hack. David Forscey, the managing director of the no-profit Aspen Cybersecurity Group, said the breach is concerning.

“If you’re a law-enforcement agency, it’s a big deal, because you depend on Clearview as a service provider to have good security, and it seems like they don’t,” Forscey said.

‘Smart’ Cities Are Surveilled Cities
By Robert Muggah and Greg Walton

Throughout the 1990s and 2000s, law enforcement agencies and private companies deployed surveillance tools, ostensibly to improve public and private safety and security. The 9/11 attacks and subsequent U.S. Patriot Act dramatically accelerated their spread. Yet support for facial recognition systems appears to be ebbing. San Francisco was the country’s first major city to ban its agencies from using them in 2019. San Francisco was among the top five most surveilled cities in the United States when eight of the nine members of its Board of Supervisors endorsed the Stop Secret Surveillance Ordinance. Rolling back surveillance has proved difficult—digital rights advocates recently detected over 2,700 cameras still in use for police surveillance, property security, and transportation monitoring. In 2000, campaigners sued the city for tapping into private cameras to surveil mass protests, in defiance of the new ordinance.

Across North America and Western Europe, the tensions over smart cities can be distilled to concerns over how surveillance technology enables pervasive collection, retention, and misuse of personal data by everything from law enforcement agencies to private companies. Debates frequently center on the extent to which these tools undermine transparency, accountability, and trust. There are also concerns (and mounting evidence) about how facial recognition technologies are racially biased and inaccurate when it comes to people of color, discriminating particularly against Asian and African Americans. This helps explain why in the two years since San Francisco banned facial recognition technologies, 13 other U.S. cities have followed suit, including Boston; Berkeley and Oakland in California; and Portland, Oregon. By contrast, in China, racial bias seems to be a feature, not a bug—patented, marketed, and baked into national policing standards for facial recognition databases. What’s more, Chinese companies are bringing their technologies to global markets.

But a narrow preoccupation with surveillance technologies, as disconcerting as they are, underestimates the threats on the near horizon. Smart cities are themselves a potential liability—for entirely different reasons. This is because many of them are approaching the precipice of a hyperconnected “internet of everything,” which comes with unprecedented levels of risk tied to billions of unsecured devices. These don’t just include real-time surveillance devices, such as satellites, drones, and closed-circuit cameras. By 2025, there could be over 75 billion connected devices around the world, many of them lacking even the most rudimentary security features. As cities become ever more connected, the risks of digital harm by malign actors grow exponentially. Cities are therefore entirely unprepared for the coming digital revolution.

One of the paradoxes of a hyperconnected world is that the smarter a city gets, the more exposed it becomes to a widening array of digital threats. Already, large, medium, and small cities are being targeted for data theft, system breaches, and cyberattacks, all of which can undermine their operation and provision of essential services, and pose an existential threat. Hundreds of cities around the world have reported major digital disruptions to municipal websites, emergency call centers, health systems, and utilities delivering power or water. When city security is compromised and data privacy jeopardized, it undermines the faith of residents in digitally connected services and systems. As people feel more insecure, they may feel less inclined to participate in online health care, digitized utilities, remote learning opportunities, electronic banking services, or green initiatives—key tenets of the smart city. While not all digital threats can be countered, cities need to mount a robust capability to deter, respond to, and recover from attacks while preserving, as best they can, data protection and privacy.

Biometrics, Smartphones, Surveillance Cameras Pose New Obstacles for U.S. Spies
By Warren P. Strobel

In a 2018 speech, Dawn Meyerriecks, who was then deputy CIA director for Science & Technology, said that in about 30 countries, foreign intelligence services no longer bother to physically follow agency officers “when we leave our place of employ,” an apparent reference to U.S. embassies. “The coverage is good enough that they don’t need to. Between CCTVs and wireless infrastructure.”

A recent top secret cable from counterintelligence officials at CIA’s headquarters to stations and bases world-wide warned that a large number of agency informants in foreign countries were being captured, according to officials familiar with its contents. The cable suggested a more difficult operating environment for U.S. spies abroad, in part as a result of pervasive digital surveillance. It was first reported by the New York Times.

Ms. Meyerriecks in her 2018 speech described how, as a test, a CIA team compiled a map of surveillance cameras in the capital of a U.S. adversary she didn’t name, along with the type of camera and the direction each was pointed. Using artificial intelligence, the team plotted a surveillance-free route that a CIA officer could travel.

While headquarters colleagues monitor over a computer dashboard, the CIA officer on the street might wear a smartwatch telling her if she is “green”—free of digital surveillance—yellow, or red.

There are also endless digital tricks to play in what Mr. Evanina called “the technological version of cat and mouse.” For example, it is possible to “spoof” a cellphone’s location, misleading foreign spycatchers to think their quarry is in one place, when he is safely in another, current and former CIA officials said.

Waiting for the Cyber-Apocalypse
By John Feffer

This country has a long history of making weapons that have later been used against it. When allies suddenly turn into adversaries like the Iranian government after the Shah was ousted in the 1979 revolution or the mujahideen in Afghanistan after their war against the Red Army ended in 1989, the weapons switch sides, too. In other cases, like the atomic bomb or unmanned aerial vehicles, the know-how behind the latest technological advances inevitably leaks out, triggering an arms race.

In all these years, however, none of those weapons has been used with such devastating effect against the U.S. homeland as the technology of cyberwarfare.

In 2009, the centrifuges capable of refining Iranian uranium to weapons-grade level began to malfunction. At first, the engineers there didn’t pay much attention to the problem. Notoriously finicky, such high-speed centrifuges were subject to frequent breakdowns. The Iranians regularly had to replace as many as one of every 10 of them. This time, however, the number of malfunctions began to multiply and then multiply again, while the computers that controlled the centrifuges started to behave strangely, too.

It was deep into 2010, however, before computer security specialists from Belarus examined the Iranian computers and discovered the explanation for all the malfunctioning. The culprit responsible was a virus, a worm that had managed to burrow deep into the innards of those computers through an astonishing series of zero-day exploits.

That worm, nicknamed Stuxnet, was the first of its kind. Admittedly, computer viruses had been creating havoc almost since the dawn of the information age, but this was something different. Stuxnet could damage not only computers but the machines that they controlled, in this case destroying about 1,000 centrifuges. Developed by U.S. intelligence agencies in cooperation with their Israeli counterparts, Stuxnet would prove to be but the first salvo in a cyberwar that continues to this day.

It didn’t take long before other countries developed their own versions of Stuxnet to exploit the same kind of zero-day vulnerabilities. In her book This Is How They Tell Me the World Ends, New York Times reporter Nicole Perlroth describes in horrifying detail how the new cyber arms race has escalated. It took Iran only three years to retaliate for Stuxnet by introducing malware into Aramco, the Saudi oil company, destroying 30,000 of its computers. In 2014, North Korea executed a similar attack against Sony Pictures in response to a film that imagined the assassination of that country’s leader, Kim Jong-un. Meanwhile, Pelroth reports, Chinese hackers have targeted U.S. firms to harvest intellectual property, ranging from laser technology and high-efficiency gas turbines to the plans for “the next F-35 fighter” and “the formulas for Coca-Cola and Benjamin Moore paint.”

Over the years, Russia has become especially adept at the new technology. Kremlin-directed hackers interfered in Ukraine’s presidential election in 2014 in an effort to advance a far-right fringe candidate. The next year, they shut down Ukraine’s power grid for six hours. In the freezing cold of December 2016, they turned off the heat and power in Kyiv, that country’s capital. And it wasn’t just Ukraine either. Russian hackers paralyzed Estonia, interfered in England’s Brexit referendum, and nearly shut down the safety controls of a Saudi oil company.

Then Russia started to apply everything it learned from these efforts to the task of penetrating U.S. networks. In the lead-up to the 2016 elections, Russian hackers weaponized information stolen from Democratic Party operative John Podesta and wormed their way into state-level electoral systems. Later, they launched ransomware attacks against U.S. towns and cities, hacked into American hospitals, and even got inside the Wolf Creek nuclear power plant in Kansas. “The Russians,” Pelroth writes, “were mapping out the plant’s networks for a future attack.”

The United States did not sit idly by watching such incursions. The National Security Agency (NSA) broke into Chinese companies like Huawei, as well as their customers in countries like Cuba and Syria. With a plan nicknamed Nitro Zeus, the U.S. was prepared to take down key elements of Iran’s infrastructure if the negotiations around a nuclear deal failed. In response to the Sony hack, Washington orchestrated a 10-hour Internet outage in North Korea.

But then the NSA got hacked.

In 2017, an outfit called the Shadow Brokers leaked 20 of the agency’s most powerful zero-day exploits. That May, WannaCry ransomware attacks suddenly began to strike targets as varied as British hospitals, Indian airlines, Chinese gas stations, and electrical utilities around the United States. The perpetrators were likely North Korean, but the code, as it happened, originated with the NSA, and the bill for the damages came to $4 billion.

Not to be outdone, Russian hackers turned two of the NSA zero-day exploits into a virus called NotPetya, which caused even more damage. Initially intended to devastate Ukraine, that malware spread quickly around the world, causing at least $10 billion in damages by briefly shutting down companies like Merck, Maersk, FedEx, and in an example of second-order blowback, the Russian oil giant Rosneft as well.

Sadly enough, in 2021, as Kim Zetter has written in Countdown to Zero Day, “[C]yberweapons can be easily obtained on underground markets or, depending on the complexity of the system being targeted, custom-built from scratch by a skilled teenage coder.” Such weapons then ricochet around the world before, more often than not, they return to sender.

China Hijacked an NSA Hacking Tool—and Used It for Years
By Andy Greenberg

More than four years after a mysterious group of hackers known as the Shadow Brokers began wantonly leaking secret NSA hacking tools onto the internet, the question that debacle raised—whether any intelligence agency can prevent its “zero-day” stockpile from falling into the wrong hands—still haunts the security community. That wound has now been reopened, with evidence that Chinese hackers obtained and reused another NSA hacking tool years before the Shadow Brokers brought it to light.

On Monday, the security firm Check Point revealed that it had discovered evidence that a Chinese group known as APT31, also known as Zirconium or Judgment Panda, had somehow gained access to and used a Windows-hacking tool known as EpMe created by the Equation Group, a security industry name for the highly sophisticated hackers widely understood to be a part of the NSA. According to Check Point, the Chinese group in 2014 built their own hacking tool from EpMe code that dated back to 2013. The Chinese hackers then used that tool, which Check Point has named “Jian” or “double-edged sword,” from 2015 until March 2017, when Microsoft patched the vulnerability it attacked. That would mean APT31 had access to the tool, a “privilege escalation” exploit that would allow a hacker who already had a foothold in a victim network to gain deeper access, long before the late 2016 and early 2017 Shadow Brokers leaks.

Only in early 2017 did Lockheed Martin discover China’s use of the hacking technique. Because Lockheed has largely US customers, Check Point speculates that the hijacked hacking tool may have been used against Americans. “We found conclusive evidence that one of the exploits that the Shadow Brokers leaked had somehow already gotten into the hands of Chinese actors,” says Check Point’s head of cyber research Yaniv Balmas. “And it not only got into their hands, but they repurposed it and used it, likely against US targets.”

As Check Point’s “double-edged sword” name for the Chinese version of the repurposed NSA malware implies, the researchers argue their findings should raise again the question of whether intelligence agencies can safely hold and use zero-day hacking tools without risking that they lose control of them.

FireEye, a Top Cybersecurity Firm, Says It Was Hacked by a Nation-State
By David E. Sanger and Nicole Perlroth

FireEye revealed on Tuesday that its own systems were pierced by what it called “a nation with top-tier offensive capabilities.” The company said hackers used “novel techniques” to make off with its own tool kit, which could be useful in mounting new attacks around the world.

FireEye’s Red Team tools are essentially built from malware that the company has seen used in a wide range of attacks.

Still, the advantage of using stolen weapons is that nation-states can hide their own tracks when they launch attacks.

“Hackers could leverage FireEye’s tools to hack risky, high-profile targets with plausible deniability,” said Patrick Wardle, a former N.S.A. hacker who is now a principal security researcher at Jamf, a software company. “In risky environments, you don’t want to burn your best tools, so this gives advanced adversaries a way to use someone else’s tools without burning their best capabilities.”

Security firms have been a frequent target for nation-states and hackers, in part because their tools maintain a deep level of access to corporate and government clients all over the world. By hacking into those tools and stealing source code, spies and hackers can gain a foothold to victims’ systems.

McAfee, Symantec and Trend Micro were among the list of major security companies whose code a Russian-speaking hacker group claimed to have stolen last year. Kaspersky, the Russian security firm, was hacked by Israeli hackers in 2017. And in 2012, Symantec confirmed that a segment of its antivirus source code was stolen by hackers.

Inside the UAE’s secret hacking team of American mercenaries
By Christopher Bing and Joel Schectman

Two weeks after leaving her position as an intelligence analyst for the U.S. National Security Agency in 2014, Lori Stroud was in the Middle East working as a hacker for an Arab monarchy.

She had joined Project Raven, a clandestine team that included more than a dozen former U.S. intelligence operatives recruited to help the United Arab Emirates engage in surveillance of other governments, militants and human rights activists critical of the monarchy.

Stroud and her team, working from a converted mansion in Abu Dhabi known internally as “the Villa,” would use methods learned from a decade in the U.S intelligence community to help the UAE hack into the phones and computers of its enemies.

The UAE has said it faces a real threat from violent extremist groups and that it is cooperating with the United States on counterterrorism efforts. Former Raven operatives say the project helped the UAE’s National Electronic Security Authority, or NESA, break up an ISIS network within the Emirates. When an ISIS-inspired militant stabbed to death a teacher in Abu Dhabi in 2014, the operatives say, Raven spearheaded the UAE effort to assess if other attacks were imminent.

While this activity raises ethical dilemmas, U.S. national security lawyers say the laws guiding what American intelligence contractors can do abroad are murky. Though it’s illegal to share classified information, there is no specific law that bars contractors from sharing more general spycraft knowhow, such as how to bait a target with a virus-laden email.

The rules, however, are clear on hacking U.S. networks or stealing the communications of Americans. “It would be very illegal,” said Rhea Siers, former NSA deputy assistant director for policy.

Stroud is the only former Raven operative willing to be named in this story; eight others who described their experiences would do so only on condition of anonymity. She spent a decade at the NSA, first as a military service member from 2003 to 2009 and later as a contractor in the agency for the giant technology consultant Booz Allen Hamilton from 2009 to 2014. Her specialty was hunting for vulnerabilities in the computer systems of foreign governments, such as China, and analyzing what data should be stolen.

In 2013, her world changed. While stationed at NSA Hawaii, Stroud says, she made the fateful recommendation to bring a Dell technician already working in the building onto her team. That contractor was Edward Snowden.

“He’s former CIA, he’s local, he’s already cleared,” Stroud, 37, recalled. “He’s perfect!” Booz and the NSA would later approve Snowden’s transfer, providing him with even greater access to classified material.

Two months after joining Stroud’s group, Snowden fled the United States and passed on thousands of pages of top secret program files to journalists, detailing the agency’s massive data collection programs. In the maelstrom that followed, Stroud said her Booz team was vilified for unwittingly enabling the largest security breach in agency history.

“Our brand was ruined,” she said of her team.

Stroud said her background as an intelligence operative made her comfortable with human rights targets as long as they weren’t Americans. “We’re working on behalf of this country’s government, and they have specific intelligence objectives which differ from the U.S., and understandably so,” Stroud said. “You live with it.”

Prominent Emirati activist Ahmed Mansoor, given the code name Egret, was another target, former Raven operatives say. For years, Mansoor publicly criticized the country’s war in Yemen, treatment of migrant workers and detention of political opponents.

In September 2013, Raven presented senior NESA officials with material taken from Mansoor’s computer, boasting of the successful collection of evidence against him. It contained screenshots of emails in which Mansoor discussed an upcoming demonstration in front of the UAE’s Federal Supreme Court with family members of imprisoned dissidents.

Raven told UAE security forces Mansoor had photographed a prisoner he visited in jail, against prison policy, “and then attempted to destroy the evidence on his computer,” said a Powerpoint presentation reviewed by Reuters.

Citizen Lab published research in 2016 showing that Mansoor and Donaghy were targeted by hackers — with researchers speculating that the UAE government was the most likely culprit. Concrete evidence of who was responsible, details on the use of American operatives, and first-hand accounts from the hacking team are reported here for the first time.

Mansoor was convicted in a secret trial in 2017 of damaging the country’s unity and sentenced to 10 years in jail. He is now held in solitary confinement, his health declining, a person familiar with the matter said.

Mansoor’s wife, Nadia, has lived in social isolation in Abu Dhabi. Neighbors are avoiding her out of fear security forces are watching.

They are correct. By June 2017 Raven had tapped into her mobile device and given her the code name Purple Egret, program documents reviewed by Reuters show.

When Raven was created in 2009, Abu Dhabi had little cyber expertise. The original idea was for Americans to develop and run the program for five to 10 years until Emirati intelligence officers were skilled enough to take over, documents show. By 2013, the American contingent at Raven numbered between a dozen and 20 members at any time, accounting for the majority of the staff.

In late 2015, the power dynamic at the Villa shifted as the UAE grew more uncomfortable with a core national security program being controlled by foreigners, former staff said. Emirati defense officials told Gumtow they wanted Project Raven to be run through a domestic company, named DarkMatter.

Raven’s American creators were given two options: Join DarkMatter or go home.

Ex-U.S. Intelligence Officers Admit to Hacking Crimes in Work for Emiratis
By Mark Mazzetti and Adam Goldman

Three former American intelligence officers hired by the United Arab Emirates to carry out sophisticated cyberoperations admitted to hacking crimes and violating U.S. export laws that restrict the transfer of military technology to foreign governments, according to court documents made public on Tuesday.

The documents detail a conspiracy by the three men to furnish the Emirates with advanced technology and to assist Emirati intelligence operatives in breaches aimed at damaging the perceived enemies of the small but powerful Gulf nation.

The men helped the Emirates, a close American ally, gain unauthorized access to “acquire data from computers, electronic devices and servers around the world, including on computers and servers in the United States,” prosecutors said.

The three men worked for DarkMatter, a company that is effectively an arm of the Emirati government. They are part of a trend of former American intelligence officers accepting lucrative jobs from foreign governments hoping to bolster their abilities to mount cyberoperations.

DarkMatter had its origins in another company, an American firm called CyberPoint that originally won contracts from the Emirates to help protect the country from computer attacks.

CyberPoint obtained a license from the American government to work for the Emiratis, a necessary step intended to regulate the export of military and intelligence services. Many of the company’s employees had worked on highly classified projects for the N.S.A. and other American intelligence agencies.

But the Emiratis had larger ambitions and repeatedly pressed CyberPoint employees to exceed the boundaries of the company’s American license, according to former employees.

CyberPoint rebuffed requests by Emirati intelligence operatives to try to crack encryption codes and to hack websites housed on American servers — operations that would have run afoul of American law.

So in 2015 the Emiratis founded DarkMatter — forming a company not bound by United States law — and lured numerous American employees of CyberPoint to join.

DarkMatter employed several other former N.S.A. and C.I.A. officers, according to a roster of employees obtained by The New York Times, some making salaries of hundreds of thousands of dollars a year.

World Cup host Qatar used ex-CIA officer to spy on FIFA
By Alan Suderman

“This is a problem for U.S. national security,” John Scott-Railton, a senior researcher at Citizen Lab, a watchdog group that tracks cyber-surveillance companies. “It’s a really dangerous thing when people who handle the most sensitive secrets of our country are thinking in the back of their mind, ‘Man, I could really make a lot more money taking this technical knowledge that I’ve been trained in and putting it in the service of whoever will pay me.’”

Spies for Hire: China’s New Breed of Hackers Blends Espionage and Entrepreneurship
By Paul Mozur and Chris Buckley

Chinese hackers with links to state security demanded ransom in return for not releasing a company’s computer source code, according to an indictment released by the U.S. Department of Justice last year. Another group of hackers in southwest China mixed cyber raids on Hong Kong democracy activists with fraud on gaming websites, another indictment asserted. One member of the group boasted about having official protection, provided that they avoid targets in China.

“The upside is they can cover more targets, spur competition. The downside is the level of control,” said Robert Potter, the head of Internet 2.0, an Australian cybersecurity firm. “I’ve seen them do some really boneheaded things, like try and steal $70,000 during an espionage op.”

Investigators believe these groups have been responsible for some big recent data breaches, including hacks targeting the personal details of 500 million guests at the Marriott hotel chain, information on roughly 20 million U.S. government employees and, this year, a Microsoft email system used by many of the world’s largest companies and governments.

While the ministry projects an image of remorseless loyalty to the Communist Party in Beijing, its hacking operations can act like local franchises. Groups often act on their own agendas, sometimes including sidelines in commercial cybercrime, experts said.

The message: “We’re paying you to do work from 9 to 5 for the national security of China,” Mr. Alperovitch said. “What you do with the rest of your time, and with the tools and access you have, is really your business.”

Under this system, Chinese hackers have become increasingly aggressive. The rate of global attacks linked to the Chinese government has nearly tripled since last year compared with the four previous years, according to Recorded Future, a Somerville, Mass., company that studies the use of internet by state-linked actors. That number now averages more than 1,000 per three-month period, it said.

Though their numbers make them hard to stop, the hackers don’t always try hard to cover their tracks. They sometimes leave clues strewn online, including wedding photos of agents in state security uniforms, telltale job ads and boasts of their feats.

The methods and menace of the new bank robbers
By The Economist

TALK TO BANKERS and some will tell you that when it comes to cyber-crime, they are second only to the military in terms of the strength of their defences. And yet trawl the dark web, as Intel 471, an intelligence firm, did on behalf of The Economist in May, and it is obvious that attempts to breach those walls are commonplace. One criminal was detected trying to recruit insiders within America’s three biggest banks, JPMorgan Chase, Bank of America and Wells Fargo, offering a “seven-to-eight-figure” weekly payment to authorise fraudulent wire transfers. Another was auctioning the details of 30m accounts at Bank Mellat in Iran (a country of 83m).

Speaking to Congress in May, Jane Fraser, who runs Citigroup, a Wall Street giant, called hacks the biggest threat to America’s financial system. Jamie Dimon of JPMorgan Chase has said they could become “an act of war”. The result is that banks are under constant pressure to prepare for the worst. “It’s not a matter of ‘if’, it’s a matter of ‘when’,” says the head of cyber-security at a central bank.

G-7 Runs Cyber-Security Exercise as Financial Threats Climb
By Christopher Condon

Policy makers and regulators in the U.S. and other countries have pointed to cyber threats from criminal and state actors as an increasing threat to financial stability. The G-7 last year laid out a multi-year testing program to improve the ability of government and private-sector actors to respond to cyber attacks.

The testing included plans for “regularly rehearsed response and recovery procedures,” according to a program description.

In an April interview with CBS’s “60 Minutes” program, Federal Reserve Chair Jerome Powell said he worried about potential scenarios in which a large payments system or financial institution might be crippled by a cyber attack.

The Lazarus heist: How North Korea almost pulled off a billion-dollar hack
By BBC News

In the cyber-security industry the North Korean hackers are known as the Lazarus Group, a reference to a biblical figure who came back from the dead; experts who tackled the group’s computer viruses found they were equally resilient.

In January 2015, an innocuous-looking email had been sent to several Bangladesh Bank employees. It came from a job seeker calling himself Rasel Ahlam. His polite enquiry included an invitation to download his CV and cover letter from a website. In reality, Rasel did not exist – he was simply a cover name being used by the Lazarus Group, according to FBI investigators. At least one person inside the bank fell for the trick, downloaded the documents, and got infected with the viruses hidden inside.

As Bangladesh Bank discovered the missing money over the course of that weekend, they struggled to work out what had happened. The bank’s governor knew Rakesh Asthana and his company, World Informatix, and called him in for help. At this point, Asthana says, the governor still thought he could claw back the stolen money. As a result, he kept the hack secret – not just from the public, but even from his own government.

Meanwhile, Asthana was discovering just how deep the hack went. He found out the thieves had gained access to a key part of Bangladesh Bank’s systems, called Swift. It’s the system used by thousands of banks around the world to co-ordinate transfers of large sums between themselves. The hackers didn’t exploit a vulnerability in Swift – they didn’t need to – so as far as Swift’s software was concerned the hackers looked like genuine bank employees.

It soon became clear to Bangladesh Bank’s officials that the transactions couldn’t just be reversed. Some money had already arrived in the Philippines, where the authorities told them they would need a court order to start the process to reclaim it. Court orders are public documents, and so when Bangladesh Bank finally filed its case in late February, the story went public and exploded worldwide.

The consequences for the bank’s governor were almost instant. “He was asked to resign,” says Asthana. “I never saw him again.”

US Congresswoman Carolyn Maloney remembers clearly where she was when she first heard about the raid on Bangladesh Bank. “I was leaving Congress and going to the airport and reading about the heist, and it was fascinating, shocking – a terrifying incident, probably one of the most terrifying that I’ve ever seen for financial markets.”

As a member of the congressional Committee on Financial Services, Maloney saw the bigger picture: with Swift underpinning so many billions of dollars of global trade, a hack like this could fatally undermine confidence in the system.

The money was transferred between accounts, sent to a currency exchange firm, swapped into local currency and re-deposited at the bank. Some of it was withdrawn in cash. For experts in money laundering, this behaviour makes perfect sense.

“You have to make all of that criminally derived money look clean and look like it has been derived from legitimate sources in order to protect whatever you do with the money afterwards,” says Moyara Ruehsen, director of the Financial Crime Management Programme at the Middlebury Institute of International Studies in Monterey, California. “You want to make the money trail as muddy and obscure as possible.”

In May 2017, the WannaCry ransomware outbreak spread like wildfire, scrambling victims’ files and charging them a ransom of several hundred dollars to retrieve their data, paid using the virtual currency Bitcoin. In the UK, the National Health Service was particularly badly hit; accident and emergency departments were affected, and urgent cancer appointments had to be rescheduled.

As investigators from the UK’s National Crime Agency delved into the code, working with the FBI, they found striking similarities with the viruses used to hack into Bangladesh Bank and Sony Pictures Entertainment, and the FBI eventually added this attack to the charges against Park Jin-hyok. If the FBI’s allegations are correct, it shows North Korea’s cyber army had now embraced cryptocurrency – a vital leap forward because this high-tech new form of money largely bypasses the traditional banking system – and could therefore avoid costly overheads, such as pay-offs to middlemen.

WannaCry was just the start. In the ensuing years, tech security firms have attributed many more cryptocurrency attacks to North Korea. They claim the country’s hackers have targeted exchanges where cryptocurrencies like Bitcoin are swapped for traditional currencies. Added together, some estimates put the thefts from these exchanges at more than $2bn.

Computer hacking, global money laundering, cutting edge cryptocurrency thefts… If the allegations against North Korea are true, then it appears many people have underestimated the country’s technical skill and the danger it presents.

But this also paints a disturbing picture of the dynamics of power in our increasingly connected world, and our vulnerability to what security experts call “asymmetric threat” – the ability of a smaller adversary to exercise power in novel ways that make it a far bigger threat than its size would indicate.

Investigators have uncovered how a tiny, desperately poor nation can silently reach into the email inboxes and bank accounts of the rich and powerful thousands of miles away. They can exploit that access to wreak havoc on their victims’ economic and professional lives, and drag their reputations through the mud. This is the new front line in a global battleground: a murky nexus of crime, espionage and nation-state power-mongering.

North Korean hackers stole more than $300 million to pay for nuclear weapons, says confidential UN report
By Richard Roth and Joshua Berlinger

North Korea‘s army of hackers stole hundreds of millions of dollars throughout much of 2020 to fund the country’s nuclear and ballistic missile programs in violation of international law, according to a confidential United Nations report.

The document accused the regime of leader Kim Jong Un of conducting “operations against financial institutions and virtual currency exchange houses” to pay for weapons and keep North Korea’s struggling economy afloat. One unnamed country that is a member of the UN claimed the hackers stole virtual assets worth $316.4 million dollars between 2019 and November 2020, according to the document.

Ireland defies hackers’ bitcoin demand over health system
By Laura Noonan

Ireland has refused to pay a ransom in bitcoin to hackers who forced the shutdown of most of its healthcare IT systems, leaving doctors unable to access patient records and patients unsure of whether they should show up for appointments.

“Ransom has been sought and won’t be paid in line with state policy,” a spokeswoman for Ireland’s Health Service Executive told the Financial Times on Friday evening, confirming reports that the ransom had been sought in the cryptocurrency.

Paul Reid, chief executive of Ireland’s Health Service Executive, told a morning radio show that the decision to shut down the systems was a “precautionary” measure after a “very sophisticated” cyber attack that affected national and local systems and was “involved in all of our core services”.

“Opportunistic cyber attackers targeting flooded healthcare organisations has been a common theme throughout the course of the pandemic,” said Charlie Smith, consulting solutions engineer at Barracuda Networks. “These scammers are aware of the huge significance of health services’ IT systems at this time, and so will stop at nothing to disrupt said systems or steal valuable data in exchange for ransom.”

Ransomware Hackers Freeze Millions in Papua New Guinea
By Jamie Tarabay

Papua New Guinea’s finance department acknowledged late Thursday that its payment system, which manages access to hundreds of millions of dollars in foreign aid money, was hit with a ransomware attack.

The IFMS consolidated the Pacific nation’s budget and accounting for all tiers and departments of government onto a platform. It controls access to funds for the government, which is heavily reliant on foreign aid.

Papua New Guinea is located in the southwestern Pacific Ocean on the eastern half of New Guinea, the second largest island in the world. The government has been heavily reliant on its partners in the region for economic and technological assistance, with China and Australia competing for influence. The island nation has struggled to control Covid-19, with a little more than 1% of the population fully vaccinated. Robert Potter, co-chief executive officer of the cybersecurity firm Internet 2.0, has provided services for Papua New Guinea’s government as part of his work with the Australian foreign ministry. “This is pretty shameful, to exploit a developing economy’s critical infrastructure in the midst of a pandemic,” he said.

Papua New Guinea’s financial issues have prevented it from building a capable cybersecurity environment, said Jonathan Pryke, director of the Sydney-based Lowy Institute’s Pacific Islands Program.

The Colonial Pipeline Ransomware Hackers Had a Secret Weapon: Self-Promoting Cybersecurity Firms
By Renee Dudley and Daniel Golden

Ransomware has skyrocketed since 2012, when the advent of Bitcoin made it hard to track or block payments. The criminals’ tactics have evolved from indiscriminate “spray and pray” campaigns seeking a few hundred dollars apiece to targeting specific businesses, government agencies and nonprofit groups with multimillion-dollar demands.

Attacks on energy businesses in particular have increased during the pandemic — not just in the U.S. but in Canada, Latin America and Europe. As the companies allowed employees to work from home, they relaxed some security controls, McLeod said.

Since 2019, numerous gangs have ratcheted up pressure with a technique known as “double extortion.” Upon entering a system, they steal sensitive data before launching ransomware that encodes the files and makes it impossible for hospitals, universities and cities to do their daily work. If the loss of computer access is not sufficiently intimidating, they threaten to reveal confidential information, often posting samples as leverage. For instance, when the Washington, D.C., police department didn’t pay the $4 million ransom demanded by a gang called Babuk last month, Babuk published intelligence briefings, names of criminal suspects and witnesses, and personnel files, from medical information to polygraph test results, of officers and job candidates.

Ransomware highlights the challenges and subtleties of cybersecurity
By The Economist

In 2017 Russia launched a ransomware-like cyber-attack, NotPetya, against companies in Ukraine so as to damage the country’s economy. The attack spread well beyond Ukraine’s borders; it has been blamed for $10bn of damage worldwide. One of the companies affected was Mondelez International, an American snackmaker, which made a $100m insurance claim as a result. But Zurich American Insurance declined to pay out, pointing to an exception for “hostile or warlike attack” in the company’s policy. The case has gone to the courts in Illinois, where it is currently pending.

Retaliating against cyber-attacks in kind may become a norm—more assertive than turning the other cheek or lodging a diplomatic complaint, less risky than responding with physical violence. Such a stance may also provide a deterrent. America, which according to a forthcoming study by the International Institute for Strategic Studies, a think-tank, has “offensive cyber-capabilities…more developed than those of any other country”, is widely thought to have used them to fire a warning shot over North Korea’s bow: the dictatorship’s internet suffered an odd blackout shortly after the Sony hack. Mr Biden’s demand that some areas be exempt from criminal attack was paired with a threat to respond with what he described as America’s “very significant cyber-capabilities”.

It is possible that defence, deterrence and attack will blur. In recent years, Cyber Command has embraced a strategy of “Defend Forward”, which involves observing enemy hackers before they enter American networks—something that, given the absence of unowned buffer zones in computer networks, unavoidably requires intruding on the networks of others.

“Perhaps defending forward is necessary to frustrate particularly reckless and brazen campaigns,” argue Columbia University’s Jason Healey and Robert Jervis. “But in the long run it may someday spark a larger conflict.” Because Russia and China scarcely admit to conducting cyber-operations at all, it is impossible to say how far they have trodden the same path.

Private firms like Israel’s NSO Group and Italy’s Hacking Team sell powerful hacking tools which allow states to quickly bootstrap their own cyber-forces. It is hard to imagine all these capabilities being kept out of the hands of criminals who inhabit the same demi-monde. Extortionists demanding ransoms, spies pocketing data and states spreading disinformation will sit alongside one another—multiplexed on the same channels as never before. “Cyber as a domain of military and national-security operations co-exists with cyber as a domain of everyday life,” says Mr Martin. “It’s the same domain.”

America and its allies admonish, but do not punish, China for hacking
By The Economist

On July 19th the Biden administration identified China’s Ministry of State Security (MSS) as the perpetrator of an attack in March on Microsoft’s Exchange email server, giving China’s hackers access to tens of thousands of networks around the world. The administration also accused the MSS of contracting with criminal hackers who have conducted ransomware attacks seeking millions of dollars, including “a large ransom request made to an American company”.

The government issued an advisory calling China’s hacking a “major threat” to the security of America and its allies. And perhaps crucially, America recruited those allies to admonish China by name, something they have been typically loth to do. NATO joined America for the first time in condemning China for state-sponsored hacking; the European Union, Britain, Canada, Japan, Australia and New Zealand also issued statements calling on China to end such activity. (In one characteristic response, the Chinese embassy in Wellington, New Zealand, called the accusations a “malicious smear”.)

Administration officials offered few details about the recent hack and ransomware attack. Experts say it will take months to assess the damage done by the compromise of Microsoft Exchange. The administration in recent days publicised two unrelated federal prosecutions that show a particular interest by China in maritime military know-how, of potential use in the Taiwan Strait or the South China Sea. On July 19th the Justice Department released an indictment, filed under seal in May, that charged three Chinese state security agents and a computer hacker in absentia with conspiracy to commit economic espionage, documenting the hacking of American companies, universities and government institutions over seven years. Prosecutors allege the agents used a front company to disguise their connection to the Chinese government while stealing technology in fields ranging from Ebola research to submersibles. On July 14th a Chinese national was sentenced to three-and-a-half years in federal prison for his role in a conspiracy to illegally export “raiding craft” that can be launched from submarines and which use a special type of engine not manufactured in China.

Beware the Chinese Ransomware Attack With No Ransom
By Tim Culpan

A breach by Chinese hackers of almost a dozen targets in Taiwan looked, on the surface, like just another ransomware attack: infiltrate a network, encrypt a ton of files, lock the owners out of their own systems, and wait to be paid. But this one was different for what it didn’t contain, and portends a type of threat that could stymie attempts by corporate and government leaders to make their computer systems more secure.

Instead of just finding a way into their targets and planting the malicious ColdLock software, which would later encrypt files, the attackers first prioritized the installation of backdoor code that would give them continued access to the chosen computers. That sequence of events was among the clues researchers at CyCraft Technology Corp. in Taipei used to subsequently conclude that these weren’t your run-of-the-mill, profit-seeking hackers.

In a sign of patience and focus, the attackers appear to have waited months between successfully infiltrating their targets in Taiwan and deploying the code that would encrypt the victims’ files. By contrast, in the Colonial Pipeline Co. attack this year, there was a lag of about one week between the time a virtual private network was breached to the moment an employee saw a ransom note demanding payment in cryptocurrency. Crucially in the Taiwan campaign, there was no such note. The attackers didn’t leave payment or contact details, the CyCraft team noted.

For more than a decade, Chinese hackers have waged a persistent cyber offensive against Taiwanese government, non-government and corporate targets. Taiwan also happens to be home to some of the electronics, semiconductor and military technology that China desperately wants to get its hands on.

In some cases, the goal has been to steal sensitive security intelligence; in others, theft of intellectual property and commercial secrets. But hackers generally do it quietly, maintaining stealth so victims aren’t alerted.

Of particular relevance to computer systems globally is the use of ransomware as a tool of distraction. With security teams on high alert against such attacks, which can cripple critical infrastructure and hobble supply chains — a Brazilian meat processor was shut down earlier this year — focus can be drawn away from an altogether different motive.

The hackers knew that the ransomware would be found. They barely tried to cover it up — but that wasn’t the actual goal of the operation. Instead it was a smokescreen for the mission’s true purpose, to get persistent long-term access to the systems of some of Taiwan’s biggest institutions. The same tactic can be expected against other nations.

The Hacker Who Took Down a Country
By Kit Chellel

The attack against Liberia began in October 2016. More than a half-million security cameras around the world tried to connect to a handful of servers used by Lonestar Cell MTN, a local mobile phone operator, and Lonestar’s network was overwhelmed. Internet access for its 1.5 million customers slowed to a crawl, then stopped.

The technical term for this sort of assault is distributed denial of service, or DDoS. Crude but effective, a DDoS attack uses an army of commandeered machines, called a botnet, to simultaneously connect to a single point online. This botnet, though, was the biggest ever witnessed anywhere, let alone in Liberia, one of the poorest countries in Africa. The result was similar to what would happen if 500,000 extra cars joined the New Jersey Turnpike one morning at rush hour. While most DDoS attacks last only moments, the assault on Lonestar dragged on for days. And since Liberia has had virtually no landlines since the brutal civil war that ended in 2003, that meant half the country was cut off from bank transactions, farmers couldn’t check crop prices, and students couldn’t Google anything. In the capital of Monrovia, the largest hospital went offline for about a week. Infectious disease specialists dealing with the aftermath of a deadly Ebola outbreak lost contact with international health agencies.

Eugene Nagbe, Liberia’s minister for information, was in Paris on business when the crisis began. He struggled to marshal a response, unable to access his email or a reliable phone connection. Then his bank card stopped working. On Nov. 8, with hundreds of thousands of people still disconnected, Nagbe went on French radio to appeal for help. “The scale of the attack tells us that this is a matter of grave concern, not just to Liberia but to the global community that is connected to the internet,” he said. The onslaught continued. No one seemed to know why, but there was speculation that the hack was a test run for something bigger, perhaps even an act of war.

Then, on Nov. 27, Deutsche Telekom AG in Germany started getting tens of thousands of calls from its customers angry that their internet service was down. At a water treatment plant in Cologne, workers noticed the computer system was offline and had to send a technician to check each pump by hand. Deutsche Telekom discovered that a gigantic botnet, the same one targeting Liberia, was affecting its routers. The company devised and circulated a software fix within days, but the boldness and scale of the incident convinced at least one security researcher that Russia or China was to blame.

Report: Russian hackers successfully targeted Ukrainian gas company Burisma
By Ursula Perano

Russian hackers from the military intelligence unit known as the GRU successfully targeted Burisma, the Ukrainian gas company that once employed Hunter Biden as a board member, the New York Times first reported.

Why it matters: President Trump was impeached as a result of his alleged efforts to pressure the government of Ukraine to investigate Burisma and the Bidens over unsubstantiated corruption allegations.

  1. “The timing of the Russian campaign mirrors the GRU hacks we saw in 2016 against the DNC and John Podesta,” the co-founder of Area 1, the firm that detected the hack, told the Times. (The company has released a report detailing its findings.)
  2. The Justice Department indicted seven GRU officers in 2018 for conspiring to interfere with the 2016 U.S. presidential election by hacking and releasing the emails of Democrats.

‘Dangerous Stuff’: Hackers Tried to Poison Water Supply of Florida Town
By Frances Robles and Nicole Perlroth

Hackers remotely accessed the water treatment plant of a small Florida city last week and briefly changed the levels of lye in the drinking water, in the kind of critical infrastructure intrusion that cybersecurity experts have long warned about.

The attack in Oldsmar, a city of 15,000 people in the Tampa Bay area, was caught before it could inflict harm, Sheriff Bob Gualtieri of Pinellas County said at a news conference on Monday. He said the level of sodium hydroxide — the main ingredient in drain cleaner — was changed from 100 parts per million to 11,100 parts per million, dangerous levels that could have badly sickened residents if it had reached their homes.

“This is dangerous stuff,” Mr. Gualtieri said, urging managers of critical infrastructure systems, particularly in the Tampa area, to review and tighten their computer systems. “It’s a bad act. It’s a bad actor. It’s not just a little chlorine, or a little fluoride — you’re basically talking about lye.”

In a tweet, Senator Marco Rubio, Republican of Florida, said the attempt to poison the water supply should be treated as a “matter of national security.”

The authorities said the plot unfolded last Friday morning, when an employee noticed that someone was controlling his computer. He initially dismissed it because the city has software that allows supervisors to access computers remotely. But about five and a half hours later, the employee saw that different programs were opening and that the level of lye changed.

The intrusion lasted between three and five minutes, the sheriff said.

Though the hack was mitigated before it could reach the drinking supply, the scenario — a cyberattack on a water treatment facility that contaminates a town’s water — has long been feared by cybersecurity experts. Across the nation, water plant operators, plus those at dams and oil and gas pipelines, have accelerated the transformation to digital systems that allow engineers and contractors to monitor temperature, pressure and chemical levels from remote work stations.

But experts have warned that the same remote access can be exploited by hackers looking to exact harm.

EPA’s Cybersecurity Oversight of Water Sector Falls Short, Report Says
By Catherine Stupp

Last month, the Cybersecurity and Infrastructure Security Agency and other federal agencies warned that ongoing hacking that targets water facilities threatens their ability “to provide clean, potable water to, and effectively manage the wastewater of, their communities.” CISA cited five attacks on water utilities since 2019, four of which were ransomware.

Hackers could create a devastating ripple effect on other critical sectors by attacking a water facility, said Paul Stockton, former assistant secretary of defense for homeland defense. “Adversaries may look to the water sector as a potential target of attack in order to create cascading failures across multiple infrastructure sectors and to jeopardize health and safety,” he said.

Small water facilities are particularly vulnerable to cyberattacks because many don’t have the budget to hire a chief information security officer, or even a technology director, said Michael Arceneaux, managing director of the Water Information Sharing and Analysis Center, a nonprofit group that helps water facilities exchange information about cyber threats.

The Colonial Pipeline cyber attack is a warning of worse to come
By Misha Glenny

Over the past ten years, we have started to outsource our cars, our homes, our finance, our utilities, our factories, our everything to a dense jungle of ever more complex networked computer systems.

All this is built on an Internet infrastructure which was never developed with security in mind and now requires endless patches, fixes and bodges to prevent its collapse.

Hostile states are not responsible for most of this current wave of crippling attacks. Instead, they are the work of groups like DarkSide who produced the ransomware which led to the Colonial Pipeline shutdown.

But the overarching problem concerns the near total absence of any regulatory agreement between the three cyber superpowers, the US, Russia and China. As a result, the internet is a free-for-all enabling all manner of actors to exploit the protection and deniability it affords. Although talks about establishing cyber norms have been going for years at the UN, they have made only limited progress.

Until the big three set down some rules, commercial, geo-political and military competition will continue to bleed into the more mundane world of cyber security. As the chance of any such regulation is close to zero, it is up to individuals, companies and governments to negotiate the ever thickening jungle of highly vulnerable networks.

Russia’s Hacking Success Shows How Vulnerable the Cloud Is
By Bruce Schneier and Trey Herr

Cloud computing is an important source of risk both because it has quickly supplanted traditional IT and because it concentrates ownership of design choices at a very small number of companies. First, cloud is increasingly the default mode of computing for organizations, meaning ever more users and critical data from national intelligence and defense agencies ride on these technologies. Second, cloud computing services, especially those supplied by the world’s four largest providers—Amazon, Microsoft, Alibaba, and Google—concentrate key security and technology design choices inside a small number of organizations. The consequences of bad decisions or poorly made trade-offs can quickly scale to hundreds of millions of users.

The problem is one of economics. On the surface, it might seem that competition between cloud companies gives them an incentive to invest in their users’ security. But several market failures get in the way of that ideal. First, security is largely an externality for these cloud companies, because the losses due to data breaches are largely borne by their users. As long as a cloud provider isn’t losing customers by the droves—which generally doesn’t happen after a security incident—it is incentivized to underinvest in security. Additionally, data shows that investors don’t punish the cloud service companies either: Stock price dips after a public security breach are both small and temporary.

Cloud providers have become important national infrastructure. Not since the heights of the mainframe era between the 1960s and early 1980s has the world witnessed computing systems of such complexity used by so many but designed and created by so few. The security of this infrastructure demands greater transparency and public accountability—if only to match the consequences of its failure.

Internet Outage That Crashed Dozens Of Websites Caused By Software Update
By Deepa Shivaram

A widespread internet outage caused several major websites to shut down Thursday afternoon, including Amazon, Delta, Capital One and Costco.

Akamai, a content distribution network that helps with the spread of data around the internet, posted on Twitter that a software configuration update caused a bug in its DNS system.

Akamai also confirmed that the outage was not due to a cyber attack.

Major websites hit by global outage
By BBC News

It is the second such widespread outage in two months.

In June, cloud computing provider Fastly had an interrupted service which took down a large number of high-profile websites around the world, including many international newspapers and government websites.

In that case, it later emerged that a settings change by one customer had inadvertently affected the entire infrastructure.

Israel and Iran Broaden Cyberwar to Attack Civilian Targets
By Farnaz Fassihi and Ronen Bergman

Millions of ordinary people in Iran and Israel recently found themselves caught in the crossfire of a cyberwar between their countries. In Tehran, a dentist drove around for hours in search of gasoline, waiting in long lines at four gas stations only to come away empty.

In Tel Aviv, a well-known broadcaster panicked as the intimate details of his sex life, and those of hundreds of thousands of others stolen from an L.G.B.T.Q. dating site, were uploaded on social media.

For years, Israel and Iran have engaged in a covert war, by land, sea, air and computer, but the targets have usually been military or government related. Now, the war has widened to target civilians on a large scale.

Hacks have been seeping into civilian arenas for months. Iran’s national railroad was attacked in July, but that relatively unsophisticated hack may not have been Israeli. And Iran is accused of making a failed attack on Israel’s water system last year.

The latest attacks are thought to be the first to do widespread harm to large numbers of civilians. Nondefense computer networks are generally less secure than those tied to state security assets.

No one died in these attacks, but if their goal was to create chaos, anger, and emotional distress on a large scale, they succeeded wildly.

Each side blames the other for the escalation, and even if there were the will to stop it, it’s hard to see how this genie gets recorked.

“We are in a dangerous phase,” Maysam Behravesh, a former chief analyst for Iran’s Intelligence Ministry, said in a Clubhouse chat on Monday. “There will be a next round of widespread cyberattack on our infrastructure. We are a step closer to military confrontation.”

Why Putin wants deal to avoid “cyber Pearl Harbor” from pulling Biden into war
By Tom O’Connor and Naveed Jamali

Russian President Vladimir Putin is seeking an agreement from his U.S. counterpart Joe Biden in order to rein in global cyberwarfare. Moscow sees the effort as critical in stemming an already raging 21st-century digital arms race and avoiding a miscalculation that could spark a conflict between the two top military powers.

Such an inadvertent conflagration becomes especially dangerous in the absence of “red lines” not yet established among nations and non-state actors, who are also quickly honing potentially devastating cyber capabilities.

Putin made note of this latent threat in September, asserting that “one of today’s major strategic challenges is the risk of a large-scale confrontation in the digital field,” part of remarks referred to Newsweek by the Russian embassy in Washington.

Just in the past year, this has been demonstrated by mass infiltrations like last year’s SolarWinds hack. This was followed by a pair of major ransomware attacks, one that prompted a panic over a fuel shortage as the nation’s largest gas pipeline shut down, and another that disrupted the food supply chain as U.S. operations of the world’s largest beef supplier were forced to close.

“I mean, imagine if you’re a healthcare system, you’re going to have people dying,” J.D. Cook, a former senior CIA official, told Newsweek. “My mom’s taking chemo, chemo, all of that other stuff is computerized. You think I care about that principle of you not paying a ransom if my mom dies? If my mom dies because of a ransomware attack, it’ll hit home.”

One such attack that seemed to test the boundaries came in February, when a still-undisclosed group managed to remotely access the controls of a water treatment center in Oldsmar, Florida and increased the output of sodium hydroxide, a highly caustic chemical also known as lye, from a safe 100 parts per million to a dangerous 11,100 ppm.

If even one person had died as a result of this, or a future attack, it may prove a game changer.

“The cyber red line—I think everybody is fairly clear on this—is loss of life,” William Hurd, a former CIA clandestine officer who served in Congress as a Texas representative from 2015 to this January, told Newsweek.

He referenced the incident in Florida as one that could have elicited a “kinetic response”—military action—if U.S. lives were lost.

The prospect of a “physical” attack in response to cyberattacks already has a real-life precedent. The U.S. has already targeted the cyber capabilities of the Islamic State militant group (ISIS) in operations, with an August 2015 airstrike that killed jihadi hacker Junaid Hussain in the de facto caliphate capital of Raqqa, Syria.

But the first known example of an immediate, kinetic reaction came nearly four years later elsewhere in the Middle East.

In May 2019, the Israel Defense Forces reported that they “thwarted an attempted Hamas cyber offensive against Israeli targets” by conducting an airstrike on an alleged headquarters in the Palestinian-controlled Gaza Strip. Israeli forces similarly targeted Hamas cyber stations during last month’s 11-day war with Hamas and allied Palestinian factions in Gaza.

“We need to find what the red lines are, this continues to escalate, and we can’t allow it to escalate,” Shawn Henry, president and chief security officer of cybersecurity company CrowdStrike, told Newsweek. “It’s the exact reason we had nuclear arms talks, because we realize things couldn’t continue to escalate, they couldn’t spiral out of control. We couldn’t worry about an adversary launching a weapon mistakenly because we know what the response would be.”

The former FBI executive assistant director said now is the time for dialogue to avoid a catastrophic cyber event, one that could trigger a response that would have not only immediate but generational consequences.

“It takes us back to that exact point in the conversation where nation-states need to sit down and define what the red lines are,” Henry said, “and what the responses are going to be says there’s no misinterpretation, there’s no misunderstanding.”

The Wild West of cyberspace just got a little less wild
By Joseph Marks

Israel’s government is belatedly reining in the notorious NSO Group and other spyware vendors amid a wave of international opprobrium directed at the industry.

“This shows that Israel is a country that doesn’t want to be on the other side of normative opinion [on cyber issues], not just from the U.S. but from many other countries,” Chris Painter, the top cyber diplomat during the Obama administration, told me. “It shows that when countries consider themselves bound by basic democratic principles, you can make some progress on cyber norms.”

U.S. to Lead Global Effort to Curb Authoritarians’ Access to Surveillance Tools
By Yuka Hayashi and Alex Leary

The Biden administration said Thursday that it would launch an initiative with friendly nations to establish a code of conduct for coordinating export-licensing policies. The effort would also see participating nations share information on sensitive technologies used against political dissidents, journalists, foreign government officials and human rights activists, administration officials said.

“This is a group of like-minded governments who will commit to working together to determine how export controls could better monitor and, as appropriate, restrict the proliferation of such technologies given their increasing misuse by end users in human rights abuses,” another senior administration official said.

N.S.A. Takes Step Toward Protecting World’s Computers, Not Just Hacking Them
By Julian E. Barnes and David E. Sanger

The National Security Agency has taken a significant step toward protecting the world’s computer systems, announcing Tuesday that it alerted Microsoft to a vulnerability in its Windows operating system rather than following the agency’s typical approach of keeping quiet and exploiting the flaw to develop cyberweapons.

The warning allowed Microsoft to develop a patch for the problem and gave the government an early start on fixing the vulnerability.

The National Security Agency’s action suggests the vulnerability for American government systems likely outweighed its usefulness as a tool for the agency to gather intelligence.

Experts and technology companies praised the agency. But some noted that even as one arm of the government was moving to protect the public’s ability to encrypt its communications, another was taking the opposite tack. A day earlier, the Justice Department called on Apple to break the encryption on its phones, and it has pushed for so-called back doors on Facebook’s encrypted message services.

Spies, Lies, and Algorithms
By Amy Zegart and Michael Morell

Intelligence has always been an essential part of warfare and statecraft. “Know the enemy,” the Chinese military strategist Sun-tzu instructed around 500 BC. On the battlefield, good intelligence helps save lives and win wars by pinpointing hostile forces, anticipating their next moves, and understanding the adversary’s intentions, plans, and capabilities. Off the battlefield, intelligence helps leaders make better decisions by preventing miscalculations and providing timely insights into threats and opportunities. In 1962, for example, intelligence collected by U-2 spy planes gave President John F. Kennedy the time and evidence he needed to compel the Soviet Union to remove nuclear weapons from Cuba without sparking a nuclear war. Of course, intelligence can also be wrong—sometimes disastrously so, as with assessments of Saddam Hussein’s weapons of mass destruction programs before the Iraq war. Intelligence is, by nature, an uncertain business that involves piecing together fragments of information about adversaries who are intent on denial and deception.

But the enduring value of intelligence comes from a fundamental reality: government leaders make better decisions when they have better information. And U.S. intelligence agencies have long been able to deliver better information than other sources. Using both human agents and technical methods, they collect secret information that U.S. adversaries are trying to hide. They combine those secrets with data from other parts of the government and open-source information gleaned from news reports, unclassified foreign government documents, and public statements, to name but a few sources. They tailor their analysis to the specific needs of policymakers and deliver it without opinion, partisanship, or a policy agenda.

Advances in technology tend to be a double-edged sword for intelligence. Almost any technological development can make adversaries more capable and undermine existing defenses. At the same time, it can allow intelligence agencies to do their job better and faster. AI, for instance, can both improve analysis and make enemies’ information warfare nearly impossible to detect. Commercial encryption services protect the communications of U.S. citizens and policymakers but also enable terrorists to coordinate clandestinely. Technologies such as AI, facial recognition, and biometrics can help agencies catch wanted people, but they also make traditional clandestine operations difficult.

The explosion of open-source information—the result of connecting ever more smart devices to the Internet—offers perhaps the best unclassified example of the promise and perils of new technology. Over half of the world’s population is now online. By some estimates, more people will have cell phones than access to running water next year. This connectivity is turning normal citizens into knowing or unwitting intelligence collectors. Cell phones can videotape events and even record seismic activities, such as underground nuclear tests, in real time. Surveillance cameras capture much of what takes place in cities around the world. Social media, search engines, and online retail platforms expose a great deal of information about users. For analysts, this is a treasure-trove of information. Secrets still matter, but open-source information is becoming more ubiquitous and potentially valuable—both to the United States and to its adversaries.

Open-source information even offers access to areas that secret sources can have a hard time penetrating. When Russia invaded eastern Ukraine in 2014, the most compelling evidence came from time-stamped photos taken by Russian soldiers and posted on social media, showing tank transporters and Ukrainian highway signs in the background. Likewise, social media captured how Russia’s sophisticated SA-11 air defense system was moved into eastern Ukraine just before the shootdown of Malaysia Airlines Flight 17 and later transported back to Russia. Social media has become such a valuable resource that consoles at U.S. Strategic Command’s underground nuclear command center now display Twitter alongside classified information feeds.

At the same time, easy access to data and technologies is leveling the intelligence playing field at the United States’ expense. More countries, including U.S. adversaries such as Iran and North Korea, as well as nonstate actors, can now collect intelligence worldwide at little cost. Anyone with an Internet connection can see images on Google Maps, track events on Twitter, and mine the Web with facial recognition software. When U.S. Navy SEALs raided bin Laden’s compound in Pakistan in 2011, the Pakistani military did not detect the operation—but a local information technology consultant named Sohaib Athar did. As U.S. forces were landing, Athar started tweeting about hearing unusual noises. “Helicopter hovering above Abbottabad at 1AM (is a rare event),” he wrote. Athar continued unwittingly live-tweeting the raid, even reporting that an explosion shook his windows. It is easy to imagine how similar incidents could put future U.S. operations at risk.

In the past five years, the number of countries owning and operating satellites has doubled, and the annual number of launches has increased by 400 percent. In December 2018, the aerospace company SpaceX launched a rocket containing 64 small satellites from 17 countries. Inexpensive satellites roughly the size of a shoebox offer imagery and analysis to paying customers worldwide. Although no match for U.S. government capabilities, these satellites are getting better day by day.

In the Middle Ages, when paper was a sign of wealth and books were locked up in monasteries, knowledge was valuable and creating it was costly. Now, creating content is so cheap that, by some estimates, the amount of data stored on earth doubles every two years, meaning that humankind will produce as much data in the next 24 months as it has throughout its entire history so far. Intelligence agencies have always had to find needles in haystacks. Today, the haystacks are growing exponentially.

A large number of private-sector companies are delivering “social listening” and other solutions that take advantage of open-source information and are able to quickly assess it.

Separating the true from the spurious will only become more difficult. AI is giving rise to a deception revolution. Russian disinformation ahead of the 2016 election pales in comparison to what will soon be possible with the help of deepfakes—digitally manipulated audio or video material designed to be as realistic as possible. Already, commercial and academic researchers have created remarkably lifelike photographs of nonexistent people. Teams at Stanford University and the University of Washington have each used AI and lip-synching technology to generate deepfake videos of Barack Obama saying sentences he never actually uttered. As with other technologies, access to simplified deepfake code is spreading rapidly. Some programs are easy enough that high schoolers with no background in computer science can use them to generate convincing forgeries. Even the high-end computing power needed for more sophisticated deepfakes can now be acquired at relatively low cost.

It does not take much to realize the manipulative potential of this technology. Imagine watching a seemingly real video that depicts a foreign leader discussing plans to build a clandestine nuclear weapons program or a presidential candidate molesting a child just days before an election. Their denials could easily be dismissed because the evidence seems incontrovertible—after all, seeing has always been believing.

Intelligence agencies will face the Herculean task of exposing deepfakes. And unlike other forgeries, such as doctored images, deepfakes are uniquely hard to detect, thanks to an AI technique invented by a Google engineer in 2014. Known as “generative adversarial networks,” the approach pits two computer algorithms against each other, one generating images while the other attempts to spot fakes. Because the algorithms learn by competing with each other, any deepfake detectors are unlikely to work for long before being outsmarted. Deception has always been part of espionage and warfare, but not with this level of precision, reach, and speed.

The United States surpasses its adversaries on a number of fronts. A broad array of alliances—including the Five Eyes intelligence partnership, with Australia, Canada, New Zealand, and the United Kingdom—extends the United States’ global reach and capabilities. An ethnically diverse population offers a natural edge in collecting human intelligence around the world. The United States’ open society and democratic values have long encouraged the free flow of ideas and helped persuade foreign nations and individuals to join its cause. And the United States’ innovation ecosystem continues to serve as an unrivaled incubator of breakthrough technologies.

For major technology companies such as Apple, Facebook, Google, and others, the surveillance programs revealed by the former defense contractor Edward Snowden in 2013 created a deep and abiding trust deficit. Twitter won’t do business with intelligence agencies out of concerns about how its information will be used. A senior executive at a major technology company and a former senior executive at another leading technology firm told one of the authors that they consider U.S. intelligence agencies adversaries that, similar to Chinese government operatives, must be kept out of their systems.

The intelligence community, for its part, is more and more concerned about the willingness of U.S. technology companies to sell their products and services to foreign clients who do not share the United States’ democratic principles or national interests. Google, which has some of the most sophisticated AI capabilities in the world, has said that it will not work with the Pentagon on any AI projects that could be used in making weapons, but it is considering helping the Chinese government develop a better-censored search engine. Russia’s highly touted deep-learning project iPavlov uses hardware from NVIDIA, a cutting-edge California-based chip company. “We sell those to everyone,” NVIDIA’s vice president for business development recently said publicly. Managing this clash of commercial incentives, privacy, and national interests requires a better working relationship between the U.S. intelligence community and Silicon Valley.

The Spycraft Revolution
By Edward Lucas

In the world of human intelligence, the difference between the intelligence services and armed forces was in theory clear-cut. An intelligence officer’s job was always to find things out, not to make things happen. Military personnel wear uniforms, and the laws of armed conflict govern their activities; when captured, they are meant to be taken prisoner. Spies and plainclothes saboteurs get shot.

In the online world, attributing motive is far harder. An intrusion into another country’s sensitive computers and networks for the so-called innocent purpose of reconnaissance can easily be mistaken as an act of sabotage or at least preparation for it. The potential for misunderstanding intent pushes cyberespionage practitioners into unfamiliar political and legal territory. Human intelligence agencies have developed norms, which to some extent substitute for the lack of legal regulation in what can never be a law-governed space. For example, toward the end of the Cold War, both sides refrained from physical attacks on each other’s intelligence officers or their families. There are, to date, no similar arrangements in cyberspace.

Privacy and human rights laws are placing more and more constraints on intelligence agencies’ activities, especially as they seek to gain new powers, such as compelling tech companies to help break into encrypted devices and communications. A 2016 ruling by the European Court of Justice, for example, risked making illegal all the bulk data collection conducted by Britain’s signals intelligence agency, GCHQ, on behalf of the U.S. National Security Agency. Intelligence agencies in the United States, Britain, and other Western countries now employ lawyers and public affairs specialists to monitor data protection and other laws.

Intelligence officials must also reckon with the fact that sanctioned illegality today may get them into trouble tomorrow. Extraordinary rendition of suspected terrorists, for example, has been the subject of intense legislative scrutiny in the United States. In 2012, Abdelhakim Belhaj, a Libyan émigré opposition figure, sued the British government for his kidnapping in Thailand in 2004 and forcible return to Libya, where he and his pregnant wife were tortured. In 2018, the British authorities paid the family compensation and apologized.

Such legal worries would have been unheard of during the Cold War, when no explicit legal framework governed spy activities. Now, due to freedom of information legislation in many countries, intelligence officers must reckon with the possibility that in 30 years’ time—when documents are declassified—they may be held accountable for decisions that seem entirely justifiable today but will be highly questionable by the standards of the future.

Indeed, what may seem trivial today will be shocking tomorrow because it clashes with accepted social norms. Take, for example, the use of dead babies’ birth certificates—a common way of creating a cover identity, first made public by Frederick Forsyth in his thriller The Day of the Jackal. When, between 2011 and 2013, it emerged that British undercover police officers were using this technique in order to infiltrate radical political groups, the public erupted in outrage, leading to a series of high-profile government inquiries and expensive legal settlements.

The booming world of private intelligence companies is watching these techniques and their practitioners with a greedy eye. Indeed, the intelligence profession is increasingly overlapping with the corporate world. The world of spies used to be cloistered. People who joined it never spoke about it and often served until retirement. Penalties for disclosure could include the loss of a pension or even prosecution.

That has changed. A stint at the CIA or MI6 has become a paragraph on a resume, not a career. Britain and the United States have caught up with Israel, where the private sector has long prized a spell in a senior position in intelligence or defense. In London and Washington, such work is increasingly a launchpad for an interesting career in corporate intelligence or other advisory work.

Government intelligence agencies have stopped battling the commercialization of espionage; instead, they embrace it—a practice exemplified by the Israeli company NSO Group, which, according to a New York Times investigation in March, is one of several firms that broker the sale of former government hackers’ expertise to countries such as Saudi Arabia. Security clearances in the United States and United Kingdom used to lapse on retirement. Now, retired intelligence officers are, in many countries, encouraged to maintain them. Retirees may be hired as contractors, or they can make job offers to people still inside the service.

And when the tricks of the trade—bugging, impersonation, hacking—are illegal, they can simply be outsourced to a suitably unscrupulous subcontractor. The food chain in the private spy world is highly respectable at the top, with former spymasters offering exquisitely priced and presented inside information about the way the world works.

Further down the ladder, things are different; if you want to find out where your rival’s corporate jet has been flying, someone with access to the air traffic control database will provide the answer in exchange for a fat envelope. The theft of electronic data is effectively untraceable: There is no need to download the data; you can just photograph the computer screen with a mobile phone. Or the data can be obtained by impersonation—infiltrating the target organization undercover as a temporary secretary, security guard, or cleaner.

Meanwhile, public tolerance is waning as knowledge, trade-craft, and contacts gained at taxpayer expense are used for self-enrichment in retirement. The conflicts of interest and other pitfalls are obvious. Many of the techniques used by government spy agencies are intrinsically illegal (including bribery, burglary, bullying, and blackmail). Such lawbreaking raises the question of what happens if a client hires a private company that is also the target of a government investigation. Must the private company sacrifice its profits? Who makes it do so?

As the cost of conducting espionage operations—in money, time, and effort—has shrunk, spying has become less esoteric. These days it is an integral part of business, finance, sports, and family litigation over divorce and child custody. Indeed, modern life encourages people and institutions of all kinds to adopt the thinking and practices of the spy world. Are you worried about your date? Then you will find open-source information establishing whether he or she has a criminal record, bad credit, unfortunate habits involving drug use, or unusual sexual preferences. The same goes for prospective hires.

The long-standing practice of opposition research became an everyday phrase during the U.S. presidential election in 2016. Republicans determined to undermine Donald Trump hired a firm founded by Christopher Steele, a former top MI6 Russia hand, to dig for dirt. When Trump won the Republican nomination, the research project continued—but with the firm allegedly being paid by Democratic candidate Hillary Clinton’s campaign. Steele’s research involved contacts with the FBI, which some critics say crossed the public-private and serving-retirement boundaries.

The rise of commercially available spying technology has led to some savings for governments in money, risk, and time. Investigative outfits such as Bellingcat, using open-source information, commercial databases, and material hacked or leaked by sympathetic allies, have produced startling scoops and exposes, including identifying the three would-be assassins of Sergei Skripal, a former Russian military intelligence officer who had retired to the quiet English town of Salisbury.

Competition raises standards, in spycraft as in other fields. Intelligence agencies need to work with other actors outside the spy world, both in order to find out what is going on and in order to influence it. Spies and intelligence chiefs need to be media-savvy, countering and mounting information operations. In the old days, spymasters told spies that any contact whatsoever with a journalist was a sackable offense.

That dividing line is now thin and full of holes. Intelligence officers find plenty to talk about with journalists. They can discuss the credibility of open sources and the difficulties of operating in hostile environments. Intelligence officers involved in “active measures”—making things happen rather than just finding out about them—can find it useful to brief journalists, either highlighting solid facts and logic that help their case or on occasion inventing or twisting source material in order to produce new coverage with the requisite slant or spin.

Given this changing landscape, spies also need to be at home in the worlds of business and finance. Unraveling the webs of offshore companies that lie behind Iran’s evasion of sanctions, Russian oligarchs’ influence operations, or China’s exploitation of its ethnic diaspora has become a formidable task.

… The intelligence services of democratic countries may become too flexible and too deeply involved in the institutions and procedures of a free society. The temptation to do so will be particularly strong in countries facing the full blast of hostile influence operations, such as Australia (which faces a Chinese threat) or Ukraine (which faces a Russian one). Intelligence-led criminal justice sanctions and regulatory sanctions—arrests, asset freezes, deportations, banning media outlets, and so forth—that should be the exception could become the rule.

Most of us don’t want to live in a country where the leadership spends all its time reading intelligence briefs, where the intelligence and security agencies are at the heart of public life and political decision-making. I once lived in a country like that: Putin’s Russia. Western democracies need the intelligence services to defend open societies against Putinism—but not at the price of self-Putinization.

The Digital Dictators
By Andrea Kendall-Taylor, Erica Frantz, and Joseph Wright

In contrast to what technology optimists envisioned at the dawn of the millennium, autocracies are benefiting from the Internet and other new technologies, not falling victim to them.

Data from the Mass Mobilization Project, compiled by the political scientists David Clark and Patrick Regan, and the Autocratic Regimes data set, which two of us (Erica Frantz and Joseph Wright) have helped build, reveal that between 2000 and 2017, 60 percent of all dictatorships faced at least one antigovernment protest of 50 participants or more. Although many of these demonstrations were small and posed little threat to the regime, their sheer frequency underscores the continuous unrest that many authoritarian governments face.

Many of these movements are succeeding in bringing about the downfall of authoritarian regimes. Between 2000 and 2017, protests unseated ten autocracies, or 23 percent of the 44 authoritarian regimes that fell during the period. Another 19 authoritarian regimes lost power via elections. And while there were nearly twice as many regimes ousted by elections as by protests, many of the elections had followed mass protest campaigns.

The rise in protests marks a significant change in authoritarian politics. Historically, coups by military elites and officers posed the greatest threat to dictatorships. Between 1946 and 2000, coups ousted roughly a third of the 198 authoritarian regimes that collapsed in that period. Protests, in contrast, unseated far fewer, accounting for about 16 percent of that total. Fast-forward to this century, and a different reality emerges: coups unseated around nine percent of the dictatorships that fell between 2001 and 2017, while mass movements led to the toppling of twice as many governments. In addition to toppling regimes in the Arab Spring, protests led to the ouster of dictatorships in Burkina Faso, Georgia, and Kyrgyzstan. Protests have become the most significant challenge that twenty-first-century authoritarian regimes face.

As protests have increased, however, authoritarian regimes have adapted their survival tactics to focus on mitigating the threat from mass mobilization. Data compiled by Freedom House reveal that since 2000, the number of restrictions on political and civil liberties globally has grown. A large share of this increase has occurred in authoritarian countries, where leaders impose restrictions on political and civil liberties to make it harder for citizens to organize and agitate against the state.

The example of Cambodia illustrates how these dynamics can play out.

The government of Prime Minister Hun Sen, who has been in office since 1985, has adopted technological methods of control to help maintain its grip on power. Under Hun Sen’s rule, traditional media have restricted their coverage of the Cambodian opposition. In the run-up to the July 2013 election, this led the opposition to rely heavily on digital tools to mobilize its supporters. The election was fraudulent, prompting thousands of citizens to take to the streets to demand a new vote. In addition to employing brute force to quell the protests, the government ratcheted up its use of digital repression. For instance, in August 2013, one Internet service provider temporarily blocked Facebook, and in December 2013, authorities in the province of Siem Reap closed down more than 40 Internet cafés. The following year, the government announced the creation of the Cyber War Team, tasked with monitoring the Internet to flag antigovernment activity online. A year later, the government passed a law giving it broad control over the telecommunications industry and established an enforcement body that could suspend telecommunications firms’ services and even fire their staff. Partly as a result of these steps, the protest movement in Cambodia fizzled out. According to the Mass Mobilization Project, there was only one antigovernment protest in the country in 2017, compared with 36 in 2014, when the opposition movement was at its peak.

Between 1946 and 2000—the year digital tools began to proliferate—the typical dictatorship ruled for around ten years. Since 2000, this number has more than doubled, to nearly 25 years.

Not only has the rising tide of technology seemingly benefited all dictatorships, but our own empirical analysis shows that those authoritarian regimes that rely more heavily on digital repression are among the most durable. Between 2000 and 2017, 37 of the 91 dictatorships that had lasted more than a year collapsed; those regimes that avoided collapse had significantly higher levels of digital repression, on average, than those that fell. Rather than succumb to what appeared to be a devastating challenge to their power—the emergence and spread of new technologies—many dictatorships leverage those tools in ways that bolster their rule.

… aspiring dictatorships can purchase new technologies, train a small group of officials in how to use them—often with the support of external actors, such as China—and they are ready to go. For example, Huawei, a Chinese state-backed telecommunications firm, has deployed its digital surveillance technology in over a dozen authoritarian regimes. In 2019, reports surfaced that the Ugandan government was using it to hack the social media accounts and electronic communications of its political opponents. The vendors of such technologies don’t always reside in authoritarian countries. Israeli and Italian firms have also sold digital surveillance software to the Ugandan regime. Israeli companies have sold espionage and intelligence-gathering software to a number of authoritarian regimes across the world, including Angola, Bahrain, Kazakhstan, Mozambique, and Nicaragua. And U.S. firms have exported facial recognition technology to governments in Saudi Arabia and the United Arab Emirates.

Pushing back against the spread of digital authoritarianism will require addressing the detrimental effects of new technologies on governance in autocracies and democracies alike. As a first step, the United States should modernize and expand legislation to help ensure that U.S. entities are not enabling human rights abuses. A December 2019 report by the Center for a New American Security (where one of us is a senior fellow) highlights the need for Congress to restrict the export of hardware that incorporates AI-enabled biometric identification technologies, such as facial, voice, and gait recognition; impose further sanctions on businesses and entities that provide surveillance technology, training, or equipment to authoritarian regimes implicated in human rights abuses; and consider legislation to prevent U.S. entities from investing in companies that are building AI tools for repression, such as the Chinese AI company SenseTime.

The U.S. government should also use the Global Magnitsky Act, which allows the U.S. Treasury Department to sanction foreign individuals involved in human rights abuses, to punish foreigners who engage in or facilitate AI-powered human rights abuses. CCP officials responsible for atrocities in Xinjiang are clear candidates for such sanctions.

U.S. government agencies and civil society groups should also pursue actions to mitigate the potentially negative effects of the spread of surveillance technology, especially in fragile democracies. The focus of such engagement should be on strengthening the political and legal frameworks that govern how surveillance technologies are used and building the capacity of civil society and watchdog organizations to check government abuse.

What is perhaps most critical, the United States must make sure it leads in AI and helps shape global norms for its use in ways that are consistent with democratic values and respect for human rights. This means first and foremost that Americans must get this right at home, creating a model that people worldwide will want to emulate. The United States should also work in conjunction with like-minded democracies to develop a standard for digital surveillance that strikes the right balance between security and respect for privacy and human rights. The United States will also need to work closely with like-minded allies and partners to set and enforce the rules of the road, including by restoring U.S. leadership in multilateral institutions such as the United Nations.

In the near term, rapid technological change will likely produce a cat-and-mouse dynamic as citizens and governments race to gain the upper hand. If history is any guide, the creativity and responsiveness of open societies will in the long term allow democracies to more effectively navigate this era of technological transformation. Just as today’s autocracies have evolved to embrace new tools, so, too, must democracies develop new ideas, new approaches, and the leadership to ensure that the promise of technology in the twenty-first century doesn’t become a curse.

Posted in Games.