For all the public outcry, official probes and hearings, financial penalties, apologies and proposed regulations, Facebook remains the world’s foremost surveillance tool – weaponized in all manner of malevolent ways by any number of hostile elements.
By Kit KLARENBERG
On April 4, plaintiffs in a class action lawsuit brought against Facebook over its data-sharing practices following the eruption of the Cambridge Analytica scandal filed a fresh motion, charging that the social media giant deliberately obstructed discovery of information revealing the scale of its malfeasance.
It’s the latest development in a wide-ranging controversy that began in the first months of 2017 and shows little sign of abating. In brief, Cambridge Analytica exploited a Facebook loophole to harvest the personal data of up to 50 million Americans, in order to manipulate voters on behalf of a number of right-wing candidates — potentially including Donald Trump — and political campaigns in the U.S. and elsewhere.
Since then, the company and its parent, SCL Group, have folded, with official investigations into their activities conducted in several countries, while Facebook has been fined a record $5 billion by the Federal Trade Commission for egregious breaches of user confidentiality. The entire dispute raised serious public concerns about online privacy and the malign influence of behavioral advertising and microtargeting, which endure to this day.
In September 2020, Cambridge Analytica’s former CEO, Alexander Nix, was disqualified from serving as a U.K. company director for seven years for offering unethical services, including “bribery or honey-trap stings, voter disengagement campaigns, obtaining information to discredit political opponents and spreading information anonymously in political campaigns.”
By contrast, one senior SCL staffer seemingly pivotal to many of those unethical practices – although they deny it — has been unaffected by the scandal’s fallout. In fact, they have profited and prospered immensely in its wake.
One week prior to Cambridge Analytica’s closure on May 1, 2018, Gaby van den Berg – who, among other things, created SCL’s patented, DARPA-approved “Behavioral Dynamics Methodology,” which analyzes and profiles particular target audiences in order to identify optimal strategies for influencing their perceptions and actions — founded a new company in London, Emic Consulting. Ever since, she has taught Cambridge Analytica-style information warfare techniques to militaries the world over.
The findings of a subsequent inquiry into the unit’s cloak-and-dagger activities were absolutely damning. While Emic was unmentioned, it borders on inconceivable the tactics so contentiously deployed weren’t influenced by the firm’s tutelage.
“Advantage of positioning”
It appears that van den Berg is involved in other cloak-and-dagger efforts to surreptitiously influence unwitting target audiences. Leaked files reviewed by MintPress name her as a key staffer on a secret psychological warfare effort in Syria, funded by the British Foreign Office and delivered by shadowy communications firm Global Strategy Network.
The company was founded by MI6 veteran Richard Barrett, who led the agency’s counter-terror operations before and after 9/11, a period in which British intelligence became intimately implicated in Washington’s monstrous extraordinary-rendition program. Questions abound about his complicity in the CIA’s torture of terror suspects as a result.
According to its Foreign Office submissions, Global Strategy began operating in Syria from “the earliest days” of Western attempts to destabilize the government of Bashar al-Assad, by convincing Syrians, Western citizens and foreign states that the Free Syrian Army was a legitimate, moderate alternative, while flooding international media with pro-opposition propaganda.
The company boasted that its “wildly impactful” informational output had influenced perceptions the world over, having been seen by “many hundreds of millions of people and attracting comment as far as the UN Security Council.”
By Global Strategy’s reckoning, its success is attributable to “programming that is not designed on day one and delivered ‘come what may,’ but instead is rapidly iterated and re-deployed as the situation on-the-ground and our adversaries change.”
Referencing the military and intelligence concept of infiltrating an enemy’s “OODA (Observe, Orient, Decide, Act) Loop,” Global Strategy spoke of “getting inside” the decision-making processes of the Assad government and extremist groups in Syria, “to make good decisions faster” than their opponents did, “be strategically proactive and tactically reactive,” and “achieve an advantage of positioning.”
Key to this process is Global Strategy’s extensive use of innovative in-house technology. For example, it has created “Daeshboard,” which provides analysis of terrorist group communications, and draws heavily on the company’s “historical and ongoing access” to “closed communication groups” on Telegram, Rocket.Chat and other ostensibly encrypted platforms.
By tracking these groups’ public statements and the manner in which their “themes change over time and geographically,” Global Strategy pinpoints “emerging trends” in extremist propaganda, “and how to stifle them.” A cited example of this capability was northeast Nigeria in September 2019, after Boko Haram’s private chat channels indicated the terror group intended to target Christians.
Daeshboard enabled Global Strategy “to identify and visualize how this threat was taking shape” before Boko Haram duly began executing Christians three months later, in turn altering its propaganda messaging “on a weekly basis” to promote religious tolerance, “thereby getting ahead of [Boko Haram’s] efforts to provoke sectarian conflict.”
All of which might be well and good, but as we shall soon see, the company has the avowed ability to do this with far less positive motivations in other contexts, and target innocent everyday people in the process.
Daeshboard operates in tandem with Murmurate, “social listening” software enabling Global Strategy to monitor online conversations “trending geographically,” which provides insight into how target audiences react to certain messaging, how responses and discussions diverge in different regions of a given country, and “how digital audiences are connected to each other.”
“Creative war approaches”
It would be entirely unsurprising if van den Berg played a role in the creation of these resources, and indeed ExTrac – a big data platform combining “real-time attack and communications data with artificial intelligence,” and providing “actionable insights” on the communications of violent extremist groups for use by counter-terror and “countering violent extremism” (CVE) “policymakers and practitioners” – launched by Global Strategy March 2021.
That same month, van den Berg was one of two “experts” who led an online discussion convened by NATO’s Riga-based Strategic Communications Centre of Excellence. Among the topics under consideration were, “What are the limitations of big data to understand [sic] our audiences?” and “Can social listening predict behaviors?”
Evidently, van den Berg has an intense professional interest in the precise disciplines Global Strategy has harnessed. The reference to social listening predicting behaviors is particularly tantalizing too, given this is precisely what Cambridge Analytica’s “psychographic” techniques attempted to achieve, although apparently with little success. Perhaps given the failure of the company’s methods, van den Berg is investigating new means of achieving the same intrusive objective.
In any event, what ExTrac’s classified client reports contain is anyone’s guess, although it’s likely highly sensitive: “Access is granted on a case-by-case basis via subscriptions,” its website’s footer notes, underlining the platform’s exclusivity and secrecy. Strikingly though, repeated reference to the Facebook activities of extremist actors, and their audiences, is made in ExTrac’s publicly-available threat assessments.
In one such report, extremist activity on the social network is mentioned in the same passage as private discussions conducted through Telegram and “illicit offline networks and covert communications,” strongly suggesting it’s not purely “open” Facebook content that ExTrac scrutinizes.
Furthering this interpretation, listed directly alongside van den Berg in the leaked Global Strategy files is Charlie Winter, ExTrac’s research director, who runs the initiative alongside nameless “former intelligence personnel.” A long-time academic investigator of extremist groups, his PhD – which examined how “contemporary militant groups cultivate creative approaches to governance and war” online – was directly funded by Facebook.
Winter’s tenure at the Centre led him to write a book, “The Terrorist Image,” which examined 20,000 images “collected from the Islamic State’s covert networks online.” Its content speaks to extensive knowledge of the internal workings of elite ISIS propaganda units and their private discussions via various chat platforms on the part of the author, including the Facebook-owned WhatsApp.
All this raises the obvious question of whether Global Strategy directly or indirectly accesses Facebook user data, and weaponizes it in the exact manner of Cambridge Analytica, with the assistance of van den Berg, an individual centrally connected to that firm and its malicious methods of mass manipulation.
Notably, both companies, and Emic, have ignored repeated requests for clarity from MintPress.
“Aggressive commercial organization”
If private Facebook data is being exploited by Global Strategy for counter-terror purposes, one might argue the ends justify the means, as such intrusion undermines barbarous extremist groups, prevents further radicalization, and potentially averts future atrocities.
However, Global Strategy’s clandestine crosshairs aren’t solely trained on extremists and their supporters. Over the course of its Syrian operations, it avowedly used Murmurate to collect information on online discussions between target audiences in the U.K., including Syrian refugees, which was then fed back to the Foreign Office.
Such indiscriminate infringement highlights a wider failing of CVE programs: they are founded on the flawed, unsupported axiom that literally anyone exposed to extremist propaganda in any way represents a prospective terror threat, therefore effectively pre-criminalizing countless innocent people – overwhelmingly Muslims – and making them targets for manipulation and surveillance.
Given the ease and fluidity with which memes travel on social media, a great many users may inadvertently — and involuntarily — become part of an extremist group’s “audience,” and thus included in Global Strategy’s sweeping dragnet. Without elucidation on how ExTrac categorizes an extremist “audience”, or indeed even what constitutes “extremist”, we have no way of knowing how sweeping its data collection is.
It may be incumbent to note though that the UK government has previously designated distrust of the mainstream media, and belief in “conspiracy theories” and criticism of the government, particularly in the field of foreign policy, as signifiers of potential extremist radicalization. The Department of Homeland Security has also published official guidance leveling much the same charges.
Even if ExTrac is merely hoovering up their public information and communications, law-abiding individuals are unlikely to acquiesce to such data being secretly collected and analyzed by a sinister state-funded propaganda merchant run by intelligence operatives, let alone the fruits of this research being sold on to unknown actors for profit, then used for uncertain ends.
That techniques originally honed for use in war to effect “behavior change” in enemy targets were trained on citizens was a core component of the Cambridge Analytica scandal. ExTrac unambiguously represents a tool influenced by military and intelligence techniques adapted for commercial purposes, with unsuspecting civilians in the firing line.
In March 2020, the domain Daeshboard.net was registered using WhoisGuard, which shields a registrant’s identity. It expired one year later, although today a Google search for the website turns up ExTrac’s customer login page, implying the two are either one and the same, or that the latter is a technologically evolved version of the former, now opened up for wider usage by the private sector and state entities.
On top of its record-breaking $5 billion FTC fine, Facebook still faces further major penalties elsewhere due to its lackadaisical approach to protecting user data. Once harvested by Cambridge Analytica – among a great many others – the company had no way of knowing where that data ended up or the purposes to which it was put.
There is little indication Facebook takes privacy any more seriously today, but a hitherto unexplored question is whether controls are in place to prevent individuals such as Charlie Winter from sharing sensitive insights into its platform and users with others.
Winter’s cloak-and-dagger operations in Syria, which placed him in such close quarters with van den Berg, were conducted concurrently to his researching extremists’ use of social media, at Facebook’s invitation and with its financial sponsorship. The social network is cited by Global Strategy as a key conduit for its anti-regime, anti-ISIS propaganda. During this time, Winter was also an “expert” adviser to another covert Foreign Office endeavor, which targeted Lebanon’s refugee camps with anti-extremist messaging.
Winter’s Facebook work, and resultant insider knowledge, may well have been one of the factors that led to his recruitment – particularly in the latter instance, given that one element of the campaign was the creation of a private Facebook group for camp inhabitants to discuss local issues, a group that was “closely monitored” by the contractor delivering the project, unbeknownst to those using it. At the very least, his multiple simultaneous roles represent a massive conflict of interest.
Both Foreign Office operations were conducted under the auspices of London’s Counter-Daesh Communications Cell. A scathing internal Whitehall review of the Cell’s efforts in Syria, not intended for public consumption, found they were “poorly planned, probably illegal and cost lives.”
Syrians employed by contractors, such as Global Strategy, were killed by the extremist groups they were targeting. The extent of the bloodshed was substantial. One operator “suffered losses of core staff that damaged the organization quite fundamentally.” Another was condemned as “an aggressive commercial organization,” which took “personal and political” risks, and endangered its employees by “[going] too far.”
It’s uncertain whether either description refers to Global Strategy, but that the firm was entangled at all in what was a clearly dangerous and possibly criminal conspiracy means it is particularly vital that Facebook clarify whether it was aware of Winter’s involvement in it, whether its relationship with him endures to this day, and of course whether their connection one way or another grants ExTrac admission to privileged private user information without user knowledge or consent.
What’s abundantly clear, though, is that – for all the public outcry, official probes and hearings, financial penalties, apologies and proposed regulation, Facebook remains the world’s foremost surveillance tool, weaponized in all manner of malevolent ways by any number of hostile elements, the extent of which the public will likely never know. And the same unaccountable individuals are using the same methods to do so, with the support and financial backing of Western governments, and the compliance of Facebook itself.