Late last year, hackers with the anonymous hacking group LulzSec raided the servers of Strategic Forecasting, Inc., or Stratfor, a private intelligence company in Austin, Texas, coming away with some 5 million emails. Last month, Wikileaks began publishing the emails as “The Global Intelligence Files” to much fanfare.
Significant revelations have already emerged from the material.
One email from a Mexican military analyst alleged that Russia and Israel have swapped data link codes for their military hardware, allowing Russia to hack into Israeli-supplied Georgian drones and Israel to disable Russian-supplied Iranian missiles.
Another claims that Osama Bin Laden’s body was not “buried at sea” as claimed by official US military sources—a claim Stratfor CEO George Friedman said he personally doubted—but flown to the Armed Forces Institute of Pathology in Bethesda and eventually cremated.
Yet another email, this one from a Turkish security analyst, claims to confirm recent rumours that Turkish Prime Minister Recep Erdogan has terminal cancer and has been given just two years to live by doctors.
All of these claims, and the many, many more like them that continue to emerge on a daily basis from this email archive, are just that: claims. Stratfor itself had its own system for assessing the trustworthiness of its sources, grading them on a letter scale with “A” being the most reliable. At best, many of these emails amount to nothing more than informed speculation. At worst, they are nothing more than gossip, rumours and outright lies that have been cynically peddled to a company that makes its living dealing in salacious information.
Regardless of the truth of this or that particular claim, perhaps the most significant thing to emerge from the emails is the fact that companies like Stratfor exist at all. That private companies are in possession of vast intelligence networks and vast sums of data on private individuals is a trend that few are comfortable with, but few are aware of until situations like the Stratfor leak bring back to the public’s attention.
Last week I had the chance to discuss this issue with Russell Tice, a 20-year veteran intelligence analyst who worked for the DIA and the NSA, and is best known for blowing the whistle on the Bush-era illegal NSA wiretapping program, about the concept of privatized intelligence and what concerns him about the Stratfor leak.
The entire idea of outsourcing intelligence work to private companies is disturbing for the exact same reasons that the outsourcing of military work to contractors like Blackwater is disturbing. It fosters an unhealthy relationship between intelligence agencies and the private sector. It defers the question of culpability for misconduct and can be used to shield the government from being held accountable for crimes committed on its behalf. And it creates a revolving door that allows the private companies enormous leeway in bending and breaking laws by offering incentives to the agencies that are supposedly keeping an eye on them.
As the home page of the Global Intelligence Files notes, the release shines a light on the murky world of the intelligence-industrial complex. Stratfor’s sources include embassy staff, government employees and journalists, paid via Swiss bank accounts and pre-paid credit cards to provide the company with information that it could provide for clients.
Some of the more bizarre targets of this network included The Yes Men, a group of pranksters who have targeted Dow Chemical for the Bhopal gas disaster of 1984 which killed thousands and injured half a million people. Stratfor also spied on PETA for Coca-Cola, which was apparently concerned that the group’s protest of the Vancouver Olympics might reflect poorly on Coke’s sponsorship of the games.
More worryingly, the emails reveal that in 2009 Stratfor CEO George Friedman consulted with Goldman Sachs managing director Shea Morenz on “StratCap,” a scheme for using the insider intelligence gained from Stratfor’s sources for making money from investments. In an August 2011 email, Friedman explained:
“What StratCap will do is use our Stratfor’s intelligence and analysis to trade in a range of geopolitical instruments, particularly government bonds, currencies and the like”
In 2011, Morenz invested $4 million in the company and joined Stratfor’s board. StratCap is set to launch later this year.
Nor is Stratfor the only such company that uses such questionable and possibly illegal tactics in the world of spies-for-hire. Last year, hackers compromised the servers of HBGary Federal, a Stratfor-like company, revealing that they had pitched ideas to companies like the Bank of America and the US Chamber of Commerce to distribute fake documents about the companies’ critics in order to discredit them.
But even more than all of that, the question of for-profit intelligence work takes on an altogether sinister tone in an increasingly electronic world where so much data about each and every person’s private lives are being tracked, stored and sold by private, unaccountable corporations.
In 2010, a major scandal erupted when it was revealed that Google Street View cars were not only snapping pictures for the construction of Google’s mapping service, but wi-fi data, including passwords and email messages. The revelations prompted investigations in dozens of countries, as well as fines in Swiss and French courts. In June of last year, a US federal judge ruled that the company could be fined for wiretapping in the case.
The company, whose corporate motto is “don’t be evil,” was helmed from 2001 until 2011 by Eric Schmidt, who once advised users who were worried about privacy, “If you have something that you don’t want anyone to know, maybe you shouldn’t be doing it in the first place.” He also suggested that in the future, people might have to change their names as they get older so friends, employers and co-workers won’t be able to Google their past.
Also in 2010, whistleblowing repository Cryptome.org published criminal compliance guides for Microsoft, Skype, Facebook, AOL, PayPal and MySpace, detailing how each site responds to various government requests for information on their users. Microsoft was so angry about the posting of their document, which included detailed guides for government workers about what type of information was logged for each account and how to read the logs themselves, that they got Cryptome’s ISP to take the site down due to a copyright claim. After a counter-claim by the site’s owner, Cryptome and the Microsoft document were restored.
In December 2011, Privacy International released the results of a year-long sting operation targeting the international surveillance industry. Posing as potential customers, the group managed to acquire hundreds of documents detailing all manner of electronic surveillance equipment that could be used to track an iPhone, Android or Blackberry users’ location, steal email contacts, and even change messages.
In January of this year, it was revealed that a company called Vigilant Video has been compiling a database of license plate scans using license plate reading technology. The database has so far logged hundreds of millions of datapoints, each showing the date, time and location of a given vehicle. The database, called the National Vehicle Location Service, is available for free use by law enforcement.
All of this information paints a bleak picture, but it is important to understand that the question of increasing surveillance over our personal lives is one that rests to a large extent in the hands of the public. We tacitly endorse the actions of Microsoft every time we purchase a computer running a Windows operating system. We give the OK to Apple every time we purchase an iPhone. More and more, we even willingly give up our privacy by posting the details of our whereabouts, our contacts, and our activities on social media platforms.
It is true that programs like the NSA’s illegal wiretapping program are an ongoing concern for all citizens of the US and around the world, and remain largely out of the purview of the general public. That governments around the world are increasingly contracting the services of companies like Stratfor to do their dirty work for them is something that must be rectified through a political process.
But when we fail to hold the corporations whose services we are using accountable for what they do with our data, that is a problem which begins and ends with an informed, active public taking the responsibility of protecting their own information back into their own hands.
Perhaps, in an ironic way, this is what the Stratfor leak really points to after all: the fact that in an electronic world, our secrets are only secret if we protect them. And if the Stratfor story teaches us nothing else, the mere reminder that the safeguarding of our personal information begins by taking our private data seriously will make the entire episode valuable.