After 9/11, federal law enforcement and
intelligence agencies were roundly criticized for failing to coordinate
information that, in the aggregate, might have allowed the government to
stop the attacks before they happened. Since then, the pendulum has
swung in the opposite direction. The FBI has built a secretive and
guarded intelligence operation, the tentacles of which stretch beyond
its core task of domestic law enforcement and into the construction of
the great American panopticon.
Despite the almost complete lack of transparency surrounding that effort,
Forbes
has uncovered two previously-undisclosed units that sources say form
crucial parts of the FBI's surveillance machinery.
Known as the FBI
Collections Operations Group and the FBI WiFi Group, they appear in
virtually no public records. Google searches for the names return
nothing. Not a single LinkedIn profile contains a reference to either.
And with the unearthing of these two units, civil liberties activists,
legal experts and even former intelligence analysts are crying foul
about the possibility of widespread domestic surveillance occurring
across America with zero oversight.
Forbes learned about the existence of the furtive Collections Operations Group (insiders call it "the COG") from the
results of a freedom of information act request
filed with the FBI in 2017. That FOIA filing concerned a deal signed
last year between tech contractor CDW Government and the Data Intercept
Technology Unit (DITU, pronounced "dee-too") for $1.1 million in
services. DITU, part of the Operational Technology Division in Quantico,
Virginia, is one of the most clandestine divisions within the FBI,
helping gather crucial data for investigations and intelligence. The OTD
is the overarching body that oversees bleeding edge tech development
for the entire FBI.
The FBI confirmed to
Forbes that the COG is a sub-unit within
DITU. The agency refused to comment on the specific nature of the group
and its operations. But there's some tantalizing new information
nonetheless: according to the FOIA response, the COG's mission "is to
provide tools, expertise and solutions to effect lawfully-authorized
electronic surveillance of data communications on today's evolving local
area network and internet technologies. The COG is responsible for the
procurement, development and deployment of network equipment to assist
in electronic surveillance to various field offices and OGAs."
OGA stands for “other government agency.” As previously revealed in
NSA files leaked by Edward Snowden in 2013
detailing the now-infamous PRISM espionage initiative, one of DITU's
roles sees it collect data from technology and telecom companies
(whether that's Facebook, Google, Microsoft or your phone and internet
provider) before turning it over to intelligence agencies (which could
be the DIA, CIA and NSA).
The COG is core to that intelligence sharing both within the FBI and outside the agency. Sources tell
Forbes the
COG is a go-between surveillance shop, setting up spy tools and
associated networking across the FBI or whatever agency demands its
services, and helping shift intel between them.
Forbes spoke
with multiple sources in the security and intelligence fields who
claimed knowledge of DITU and its sub-units. All asked to remain
anonymous.
"Think of it like this: it's a technical group that oversees
technical capabilities so that when lawful requests are issued on
providers, and the data they return needs to be analyzed, it can be
converted to human-readable formats," said a person with knowledge of
the COG. “Often, raw network data comes back in many forms and these
teams work to make sure that the special agents and investigative teams
can properly interpret the data."
What kinds of equipment does the COG build and deploy in order to
capture data? Sources who previously worked in the national intelligence
community say it was probably technology such as pole-mounted boxes
that capture wireless network traffic, or devices installed at ISPs that
vacuum up data.
As for the WiFi Group, it's another DITU sub-unit "responsible for
the deployment and installation of communications equipment to support
ongoing criminal, counter-terrorism and foreign counter-intelligence
investigations," according to a
FOIA response for another CDW contract. That 2014 deal, for unspecified surveillance equipment, was worth just $26,571.
It's easy to see why the FBI would want such capabilities. But,
looking at the COG, cross-agency sharing of intelligence and
surveillance resources conducted by a group unknown to the public (until
now) has civil liberties folk worried.
"Unfortunately law enforcement agencies spying on their own citizens'
communications is a trend that is steadily increasing around the world.
When these groups operate in secret there is no way for the public to
confirm that they are operating with all due legal restraint as required
by their nation's laws," said Cooper Quintin, security researcher and
technologist at the Electronic Frontier Foundation.
"There's far too much secrecy when it comes to the FBI's spying on
Americans' internet activities. This surveillance has the potential to
be very broad, putting large amounts of sensitive information in the
hands of an agency responsible for domestic criminal investigations.
Americans need to know more about the reach of this surveillance, how it
affects them and how it is legally justified," added Patrick Toomey,
staff attorney at the American Civil Liberties Union's National Security
Project.
One former intelligence agency analyst who reviewed the information
Forbes gathered on the COG and DITU said it appeared they were carrying out
signals intelligence (SIGINT),
the collection and analysis of traffic as it crosses the internet.
This, intelligence geeks know, falls under the charter and thus is
typically the domain of the NSA, not the FBI. (This may simply come down
to semantics; SIGINT could apply to any form of data collection and
analysis. Some disagree the FBI is collecting and analyzing giant sets
of internet data like other government intel agencies. As one source put
it: "They are not doing hardcore, NSA-type SIGINT").
"The fact that the FBI operates in multiple spaces makes this SIGINT
capability extremely concerning for civil rights," the ex-analyst said.
"The concerns were much less when they had the wall between intel and
law enforcement… Now that there's no 'wall' separating the two, you're
left to trust that information gained from intelligence activities is
not being used for law enforcement."
And there's more to worry about than parallel construction. "Simply
making it easier to share this data and information also worries us as
in this era of big data," Joseph Lorenzo-Hall, chief technologist at the
Center for Democracy & Technology, told
Forbes. "There are
very few assurances that the data is protected well and won't
essentially be used at some point in a panopticon-like mechanism that
we're seeing in places like China, where every little detail controls
opportunities available to certain segments of society."
If it's to stick to the letter of the law, government agencies must
obtain court approval prior to spying on targets in a criminal
investigation, whether or not that investigation is borne on the back of
snooping in another probe. "To put it conceptually, the government
needs to have shown probable cause to obtain the court’s approval for
each criminal investigation it is conducting against the individual,"
said a legal representative for a major technology company.
Whatever the ethical quandaries at play, the nature of DITU and its
sub-units' work is, on the face of it, entirely legal. "It's certainly
true that pursuant to law, the bureau can and does collect a broad range
of metadata for use in both criminal cases and domestic intelligence
work," said Daniel Richman, professor of law at Columbia Law School.
Richman is a confidant of former FBI director James Comey, as revealed
last year when he
leaked memos detailing conversations Comey had with President Trump.
Richman added: "And pursuant to warrants, it has engaged in various
network exploitations, what some call 'legal hacking'. Whether or not
you call that collection SIGINT, the Bureau is the primary domestic
intelligence agency."
The FBI declined to comment for this Forbes article.
For the complete Forbes report click here: Revealed: Two Secret Cogs In The FBI National Surveillance Machine
