Watching the watchers: Searchable database of NSA contractors revealed
The online database, called “ICWATCH,” was unveiled at a conference in Berlin this week by Transparency Toolkit founder M.C. McGrath.
“My goal with this is to provide a face to the surveillance state and a better mechanism for researching and understanding these programs,” McGrath told a crowd on Wednesday at the 15th installment of re:publica, the self-described biggest conference on internet and society in all of Europe.
Indeed, various disclosures provided by former NSA contractor Edward Snowden have without a doubt revealed agency secrets previously unknown outside of the US intelligence community. Programs with co-names such as XKEYSCORE, PRISM and FLYING PIG have been uncovered by journalists working with Snowden’s trove of top-secret documents, and subsequent reports based on them, have caused outrage at home and abroad about the government’s eavesdropping efforts and its sheer scope.
“There’s been a lot of great work with people looking at what intelligence contractors do and about the function of specific surveillance programs—about what intelligence agencies do and the interactions between them—but no one has really looked at this at much of an individual level,” McGrath said. “However, I think it’s important to look at the surveillance state from an individual level, because institutions are made up of people. And when we can understand what people do within institution—why they do it, what their world view is [and] how they got to that point—we can get a better understanding of how they function, how we can reform them and, luckily, it’s very easily to find out who is involved in the surveillance state with just a few simple Google searches.”
ICWATCH, a searchable database of 27,000 LinkedIn profiles of people in the intelligence community https://t.co/RNkmsf7zwG
— Transparency Toolkit (@TransparencyKit) May 6, 2015
By trawling job sites such as LinkedIn and LookingGlass for specific intel-related queries, McGrath and company extracted the public profiles of thousands of apparent contractors and then published that information in the form of a searchable database—ICWATCH. Although many of the NSA’s programs, even those revealed by Snowden, remain state secrets, Transparency Toolkit exploits the fact that many employees brag online of their proficiency in spy programs in the same sentence they boast of excelling at Microsoft Word.
“People need jobs, and when you need a job you need to post about what you can do,” McGrath said.
By comparing shared skill sets and program names mentioned by analysts, Transparency Toolkit has already been able to draw inferences concerning the apparent NSA programs mentioned in those profiles but not anywhere else. McGrath said that a lot of the code words he came across were absent from previously published NSA documents, but details can be derived by looking for links involving other analysts and programs. ICWATCH offers users the ability to filter by key word, location, area, industry and other factors, ideally allowing any open source analyst to try and make the most of a database. This might very well help uncloak the NSA to a new degree.
Some temporal graphs based on this dataset: people working in SIGINT, for NSA, Pinwale users, SIGINT database users. pic.twitter.com/9uzkaubnDB
— K.M. Gallagher (@ageis) May 6, 2015
As intelligence gathering efforts continue to be waged largely in secret, ICWATCH offers a very real look at those whose jobs involve spying on others. Using open source research on the web, McGrath demonstrated in Berlin how a Denver-based employee of Lockheed Martin admits on his job profile to using DISHFIRE, an NSA program that scans nearly 200 million text messages per day, according to Snowden documents. In another, a contractor trained in security research explains that one of her previous positions involved teaching colleagues about using facial recognition to identify persons of interest. Given that the individual in the second case brags of using biometric tools known as XKEYSCORE and PINWALE, among others, McGrath says it helps to put the pieces of an otherwise largely obscured apparatus together.
“We’re planning to keep gathering this data and I’m hoping that it can be used to start debates…using details of secret surveillance programs that weren’t previously known,” McGrath said, not to mention encourage debate and perhaps even serve as fodder for journalists filing public records requests.
On stage, McGrath reiterated: “I think that open source intelligence is one of our biggest assets in understanding secret surveillance program because it’s something that can’t be shut down and it’s something that can be collected in a very decent decentralized fashion,” he said. “We have the potential to actually build a surveillance state that is a decentralize check on the surveillance state based on this open data.”
“The same people and companies that operate secret surveillance programs also publish details about their work on the open internet. We can use this data to watch the watchers,” a description of Wednesday’s presentation states on the conference website.
However, McGrath cautioned that the 27,000 job profiles (and around 19,000 affiliated photographs) should by no means be considered a hit list.
“Even for people who are working on these things, I don’t think they are all necessarily horrible people,” he said, citing as an example the LinkedIn profile of an analyst who appears to have voluntarily left the intelligence community after two decades to start selling used cars.
— Andrew Blake (@apblake) May 6, 2015
“Some people are probably trying to change the system from within and we don’t necessarily know it,” he said.
Meanwhile, the latest news reports from the Snowden trove surfaced one day earlier when The Intercept published an expose on Tuesday revealing for the first time the scope of the NSA’s ability to monitor and analyze voice conversations in real time millions of times a day.