The Silicon Spies: Public Money and Private Surveillance
How the American Government Invests in Data-Gathering Start-Ups
A specter is haunting the modern world, the specter of crypto anarchy.
–Timothy C. May, The Crypto Anarchist Manifesto, 1988
I.
In June 2013, headlines flashed across the world: an employee of the National Security Agency had fled the country with a huge cache of top-secret documents and was blowing the whistle on America’s global surveillance apparatus. At first the identity of this NSA leaker remained shrouded in mystery. Journalists descended on Hong Kong, scouring hotel lobbies desperately hunting for leads. Finally, a photograph emerged: a thin, pale young man with disheveled hair, wire-rim glasses, and a gray shirt open at the collar sitting on a hotel room sofa—calm but looking like he hadn’t slept for days.
His name was Edward Snowden—“Ed,” as he wanted people to call him. He was 29 years old. His résumé was a veritable treasure trove of spook world subcontracting: Central Intelligence Agency, US Defense Intelligence Agency, and, most recently, Booz Allen Hamilton, a defense contractor that ran digital surveillance operations for the National Security Agency.
Sitting in his room at the five-star Hotel Mira in Hong Kong, Snowden told journalists from the Guardian that watching the global surveillance system operated by NSA had forced his hand and compelled him to become a whistleblower. “The NSA has built an infrastructure that allows it to intercept almost everything,” he said in a calm, measured voice during a videotaped interview that first introduced the leaker and his motives to the world. “I don’t want to live in a society that does these sorts of things. . . I do not want to live in a world where everything I do and say is recorded. That is not something I am willing to support or live under.”
Over the next few months, a small group of journalists reviewed and reported on the documents Snowden had taken from the NSA. The material backed up his claims, no doubt about it. The US government was running a vast Internet surveillance program, hacking mobile phones, splicing into undersea fiber-optic cables, subverting encryption protocols, and tapping just about every major Silicon Valley platform and company—Facebook, Google, Apple, Amazon. Even mobile games like Angry Birds didn’t escape the spy agency’s notice. Nothing seemed to be off limits.
The revelations triggered a scandal of global proportions. Privacy, surveillance, and data-gathering on the Internet were no longer considered fringe matters relegated mostly to the margins but important subjects that won Pulitzers and deserved front-page treatment in the New York Times, Wall Street Journal, and Washington Post. And Snowden himself, on the run from the US government, became the stuff of legend, his story immortalized on the big screen: an Academy Award-winning documentary and a Hollywood film directed by Oliver Stone, his role played by Joseph Gordon-Levitt.
Following Snowden’s disclosures, people were suddenly appalled and outraged that the US government would use the Internet for surveillance. But given the Internet’s counterinsurgency origins, its role in spying on Americans going back to the 1970s, and the close ties between the Pentagon and such companies as Google, Facebook, and Amazon, this news should not have come as a surprise. That it did shock so many is a testament to the fact that the military history of the Internet had been flushed from society’s collective memory.
The truth is that the Internet came out of a Pentagon project to develop modern communication and information systems that would allow the United States to get the drop on its enemies, both at home and abroad. That effort was a success, exceeding all expectations. So, of course, the US government leveraged the technology it had created, and keeps leveraging it to the max. How could it not?
II.
Governments have been spying on telecommunications systems for as long as they’ve been around, going back to the days of the telegraph and the early phone systems. In the 19th century, President Abraham Lincoln gave his secretary of war, Edwin Stanton, broad powers over the country’s telegraph network, allowing him to spy on communications and to control the spread of unwanted information during the Civil War. In the early 20th century, the Federal Bureau of Investigation tapped phone systems with impunity, spying on bootleggers, labor activists, civil rights leaders, and anyone J. Edgar Hoover considered a subversive and a threat to America. In the 21st century, the Internet opened up whole new vistas and possibilities.
The ARPANET was first used to spy on Americans in 1972, when it was employed to transfer surveillance files on antiwar protesters and civil rights leaders that the US Army had collected. Back then, the network was just a tool to let the Pentagon quickly and easily share data with other agencies. To actually spy on people, the army first had to gather the information. That meant sending agents into the world to watch people, interview neighbors, bug phones, and spend nights staking out targets. It was a laborious process and, at one point, the army had set up its own fake news outfit so that agents could film and interview antiwar protesters more easily. The modern Internet changed the need for all these elaborate schemes.
Email, shopping, photo and video sharing, dating, social media, smartphones—the world doesn’t just communicate via the Internet, it lives on the Internet. And all of this living leaves a trail. If the platforms run by Google, Facebook, and Apple could be used to spy on users in order to serve them targeted ads, pinpoint movie preferences, customize news feeds, or guess where people will go for dinner, why couldn’t they also be used to fight terrorism, prevent crime, and keep the world safe? The answer is: Of course they can.
By the time Edward Snowden appeared on the scene, police departments from San Francisco to Miami were using social media platforms to infiltrate and watch political groups and monitor protests. Investigators created fake accounts and ingratiated themselves into their mark’s social network, then filed warrants to access private messages and other underlying data not available publicly. Some, like the New York Police Department, launched specialized divisions that used social media as a central investigative tool.
Detectives could spend years monitoring suspects’ Internet activity, compiling posts from YouTube, Facebook, and Twitter, mapping social relationships, deciphering slang, tracking movements, and then correlating them with possible crimes. Others, like the state of Maryland, built custom solutions that included facial recognition software so that police officers could identify people photographed at protests by matching the images scraped off Instagram and Facebook to those in the state’s driver’s license database. A publishing industry that taught cops how to conduct investigations using the Internet flourished, with training manual titles like The Poor Cops Wiretap: Turning a Cell Phone into a Surveillance Tool Using Free Applications and Google Timeline: Location Investigations Involving Android Devices; it was a popular genre. Naturally, federal intelligence agencies were pioneers in this space.
The Central Intelligence Agency was a big and early fan of what it called “open source intelligence”—information that it could grab from the public Web: videos, personal blogs, photos, and posts on platforms like YouTube, Twitter, Facebook, Instagram, and Google+. In 2005, the agency partnered with the Office of the Director of National Intelligence to launch the Open Source Center, dedicated to building open-source collection tools and sharing them with other federal intelligence agencies. Through its In-Q-Tel venture capital fund, the CIA invested in all sorts of companies that mined the Internet for open-source intelligence. It invested in Dataminr, which bought access to Twitter data and analyzed people’s tweets to spot potential threats. It backed “a social media intelligence” company called PATHAR that monitored Facebook, Instagram, and Twitter accounts for signs of Islamic radicalization. And it supported a popular product called Geofeedia, which allowed its clients to display social media posts from Facebook, YouTube, Twitter, and Instagram from specific geographic locations, down to the size of a city block. Users could watch in real time or wind the clock back to earlier times. In 2016, Geofeedia had 500 police departments as clients and touted its ability to monitor “overt threats”: unions, protests, rioting, and activist groups. All these CIA-backed companies paid Facebook, Google, and Twitter for special access to social media data—adding another lucrative revenue stream to Silicon Valley.
Surveillance is just a starting point. Harking back to the original Cold War dream of building predictive systems, military and intelligence officials saw platforms like Facebook, Twitter, and Google as more than just information tools that could be scoured for information on individual crimes or individual events. They could be the eyes and ears of a vast interconnected early warning system predicting human behavior—and ultimately change the course of the future.
By the time Edward Snowden blew the whistle on the NSA in the summer of 2013, at least a dozen publicly disclosed US government programs were leveraging open source intelligence to predict the future. The US Air Force had a “Social Radar” initiative to tap intelligence coming in from the Internet, a system explicitly patterned after the early warning radar systems used to track enemy airplanes. The Intelligence Advanced Research Project Agency, run by the Office of the Director of National Intelligence, had multiple “anticipatory intelligence” research programs involving everything from mining YouTube videos for terrorist threats to predicting instability by scanning Twitter feeds and blogs and monitoring the Internet to predict future cyberattacks. DARPA ran a human radar project as well: the World-Wide Integrated Crisis Early Warning System, or ICEWS, which is pronounced as “IQs.” Started in 2007 and built by Lockheed Martin, the system ultimately grew into a full-fledged operational military prediction machine that had modules ingesting all sorts of open source network data—news wires, blogs, social media and Facebook posts, various Internet chatter, and “other sources of information”—and routing it through “sentiment analysis” in an attempt to predict military conflicts, insurgencies, civil wars, coups, and revolutions. DARPA’s ICEWS proved to be a success. Its core technology was spun off into a classified, operational version of the same system called ISPAN and absorbed into the US Strategic Command.
The dream of building a global computer system that could watch the world and predict the future—it had a long and storied history in military circles. And, as the documents released by Snowden showed, the NSA played a central role in building the interception and analysis tools that would bring that dream to reality.
__________________________________
From Surveillance Valley: The Secret Military History of the Internet, by Yasha Levine, courtesy Public Affairs. Copyright Yasha Levine, 2018.