{"id":195727,"date":"2021-09-27T12:01:38","date_gmt":"2021-09-27T11:01:38","guid":{"rendered":"https:\/\/www.transcend.org\/tms\/?p=195727"},"modified":"2021-09-24T05:36:22","modified_gmt":"2021-09-24T04:36:22","slug":"shadowdragon-inside-the-social-media-surveillance-software-that-can-watch-your-every-move","status":"publish","type":"post","link":"https:\/\/www.transcend.org\/tms\/2021\/09\/shadowdragon-inside-the-social-media-surveillance-software-that-can-watch-your-every-move\/","title":{"rendered":"ShadowDragon: Inside the Social Media Surveillance Software That Can Watch Your Every Move"},"content":{"rendered":"
\n

The tool is the product of a growing industry whose work is usually kept from the public and utilized by police.<\/em><\/p>\n<\/blockquote>\n

\"\"<\/a>

Illustration: The Intercept<\/p><\/div>\n

21 Sep 2021 – <\/em>A Michigan State Police contract, obtained by The Intercept, sheds new light on the growing use of little-known surveillance software that helps law enforcement agencies and corporations watch people\u2019s social media and other website activity.<\/p>\n

\n
\n

The software, put out by a Wyoming company called ShadowDragon, allows police to suck in data from social media and other internet sources, including Amazon, dating apps, and the dark web, so they can identify persons of interest and map out their networks during investigations. By providing powerful searches of more than 120 different online platforms and a decade\u2019s worth of archives, the company claims to speed up profiling work from months to minutes. ShadowDragon even claims its software can automatically adjust its monitoring and help predict violence and unrest. Michigan police acquired the software through a contract with another obscure online policing company named Kaseware for an \u201cMSP Enterprise Criminal Intelligence System.\u201d<\/p>\n

The inner workings of the product are generally not known to the public. The contract, and materials published by the companies online, allow a deeper explanation of how this surveillance works, provided below.<\/p>\n<\/div>\n

\n

ShadowDragon has kept a low profile but has law enforcement customers well beyond Michigan. It was purchased twice by the U.S. Immigration and Customs Enforcement agency in the last two years, documents show, and was reportedly<\/a> acquired by the Massachusetts State Police and other police departments within the state.<\/p>\n

Michigan officials appear to be keeping their contract and the identities of ShadowDragon and Microsoft from the public. The Michigan.gov website does not make the contract available; it instead offers<\/a>\u00a0an email address at which to request the document \u201cdue to the sensitive nature of this contract.\u201d And the contract it eventually provides has been heavily redacted: The copy given to David Goldberg, a professor at Wayne State University in Detroit had all mentions of ShadowDragon software and Microsoft Azure blacked out. What\u2019s more, Goldberg had to file a Freedom of Information Act request to obtain the contract. When the state website did offer the contract, it was unredacted, and I downloaded it<\/a>\u00a0before it was withdrawn.<\/p>\n

Last year, The Intercept published<\/a> several articles<\/a> detailing how<\/a> a social media analytics firm called Dataminr relayed tweets about the George Floyd and Black Lives Matter protests to police. The same year, I detailed at The Intercept\u00a0how Kaseware\u2019s partner Microsoft helps police surveil and patrol communities<\/a> through its own offerings and a network of partnerships.<\/p>\n

This new revelation about the Michigan contract raises questions about what digital surveillance capabilities other police departments and law enforcement agencies in the U.S. might be quietly acquiring. And it comes at a time when previously known government social media surveillance is under fire<\/a> from civil rights and liberties advocates like MediaJustice and the American Civil Liberties Union. It also raises the specter of further abuses in Michigan, where the FBI has been profiling Muslim communities<\/a> and so-called Black Identity Extremists<\/a>. In 2015, it was revealed that for years, the state police agency\u00a0was\u00a0using cell site simulators to spy on mobile phones without disclosing it to the public.<\/p>\n<\/div>\n

\n
\u201cThey\u00a0endanger Black and marginalized communities.\u201d<\/strong><\/em><\/div>\n<\/blockquote>\n
\n

\u201cSocial media surveillance technologies, such as the software acquired by Michigan State Police, are often introduced under the false premise that they are public safety and accountability tools. In reality, they endanger Black and marginalized communities,\u201d Arisha Hatch, vice president and chief of campaigns at civil rights nonprofit Color of Change, wrote in an email.<\/p>\n

Michigan State Police spokesperson Shanon Banner said in an email that \u201cthe investigative tools available to us as part of this contract are only used in conjunction with criminal investigations, following all state and federal laws.\u201d The founder of ShadowDragon, Daniel Clemens, wrote that the company provides only information that is publicly available and does not \u201cbuild products with predictive capabilities.\u201d<\/p>\n

A Shadowy Industry<\/h3>\n

Kaseware and ShadowDragon are part of a shadowy industry of software firms that exploit what they call \u201copen source intelligence,\u201d or OSINT<\/a>:\u00a0the trails of information that people leave on the internet. Clients include intelligence agencies, government, police, corporations, and even schools.<\/p>\n

Kaseware, which is partnered to ShadowDragon and Microsoft, provides a platform for activities that support OSINT and other elements of digital policing, like data storage, management, and analysis. Its capabilities range from storing evidence to predictive policing. By contrast, the two ShadowDragon products acquired by the Michigan State Police\u00a0are more narrowly tailored for the surveillance of people using social media, apps, and websites on the internet. They run on the Kaseware platform.<\/p>\n

To understand how Kaseware and ShadowDragon work together, let us consider each in turn, starting with ShadowDragon.<\/p>\n

\"\"<\/a>

Screenshot: The Intercept<\/p><\/div>\n<\/div>\n

\n

ShadowDragon: Social Media Surveillance<\/h3>\n

The Michigan State Police purchased two of ShadowDragon\u2019s OSINT intelligence tools to run on the Kaseware platform: SocialNet and OIMonitor.<\/p>\n

SocialNet was invented by cybersecurity consulting firm Packet Ninjas in 2009. Clemens, Packet Ninja\u2019s founder and CEO, went on to start<\/a> ShadowDragon as a sister company in 2016, licensing the cyber intelligence and investigative tools developed by Packet Ninjas over the prior decade.<\/p>\n

At the time of SocialNet\u2019s creation, investigators were left to search social media networks for clues manually. If a person made a public post on Twitter or Facebook, for example, an investigator was free to look online, but they had to personally log onto and search one social network at a time, post by post, for people who might be suspects and for their friends and other associates.<\/p>\n<\/div>\n

\n
\u201cWhat used to take us two months in a background check or an investigation is now taking between five to\u00a015 minutes.\u201d<\/strong><\/em><\/div>\n<\/blockquote>\n
\n

Alerted to this problem<\/a> by a friend from Pretoria, South Africa-based Paterva, makers of the Maltego OSINT platform, Clemens decided to build SocialNet. As he put it in an interview<\/a>, \u201cthe idea [behind SocialNet] was, let\u2019s throw a net out into all of the social media platforms, the social media universe, and see what we get back.\u201d Clemens has claimed<\/a>\u00a0in a company video that \u201cwhen the FBI started using [SocialNet], they did an evaluation\u201d and concluded \u201cwhat used to take us two months in a background check or an investigation is now taking between five to\u00a015 minutes.\u201d<\/p>\n

Today, SocialNet says it pulls data from more than 120<\/a> social media networks, websites, and platforms, as well as from the dark web<\/a>, data dumps, and RSS feeds. A full list of sources isn\u2019t available, but a company promotional video and listing at the Maltego website gives an indication of which websites fall into their surveillance net:<\/p>\n

AOL Lifestream | Amazon | Ameba | Aodle | BabyCenter | BitChute | BlackPlanet | Blogger | Busted! Mugshots | Buzznet | Cocolog | Companies House | Crunchbase | Dailymotion | DeviantArt | Ebay | Etsy | Facebook | Flickr | Foursquare | Gab | GitHub | Goo | Google | Google+ | Gravatar | Hatena | Huffington Post | ICQ | IMVU | ImageShack | Imgur | Instagram | Instructables | Jugem | Kik |LinkedIn | LiveJournal | Livedoor | Mail.ru | Menuism | MeWe | MySpace | Naijapals | Netlog | OK Cupid | Okru | Olipro Company | Pandora | Pastebin | PayPal | PGP | Photobucket | Pinterest | Plurk | POF | PornHub | QQ | Reddit | ReverbNation | Seesaa | Skype | SoundCloud | SourceForge | Spotify | Sprashivai | Steam | Sudani | Telegram | Tinder | TripAdvisor | Tumblr | Uplike | Vimeo | Vine | Virus Total | VK | Voat | Weibo | Xing | Yahoo | Yelp | YouTube | Zillow<\/strong><\/p><\/blockquote>\n<\/div>\n<\/div>\n

httpv:\/\/www.youtube.com\/watch?v=65ySUiSSgDQ<\/span><\/p>\n

\n
\n

The video also shows \u201cpublic and local\u201d IP addresses as a source of data for SocialNet.<\/p>\n

SocialNet searches for information that is publicly available across these websites and pulls it in when there is a match. But it is difficult to know with precision which data it pulls. In the promotional video, some categories of information appear, such as BlackPlanet users;\u00a0Busted!\u00a0mugshots; Bing search results; Amazon comments, products, users, and wishlists; and so on. Clemens said the company has \u201ccrawlers that scrape information from the public websites. Nothing proprietary or private is provided to us by the platform companies.\u201d<\/p>\n

On its website, ShadowDragon also claims<\/a> to conduct \u201cchat protocol monitoring (WhatsApp, Telegram, etc.)\u201d as well as \u201cdialog protocol monitoring (IRC, etc.).\u201d For these services, it\u2019s also unclear exactly what kinds of information can be pulled or how it\u2019s done. Clemens said they don\u2019t intercept any private chats, and they can confirm whether a specific phone number has a WhatsApp account if the user\u2019s privacy settings allow it.<\/p>\n

In a March 2019 blog post<\/a>, Clemens referenced an \u201cintegration into monitoring Telegram,\u201d which, along with WhatsApp, had become \u201ca go-to when there are disruptions.\u201d He also claimed to have added \u201csome interesting OSINT capabilities in our SocialNet platform for more hardened and encrypted\/secure communication protocols. (Please ping us on this).\u201d Although Telegram has said its instant messages are \u201cheavily encrypted,\u201d it also offers widely available groups and channels.<\/p>\n

Clemens said the company is able to monitor chat platforms like Telegram through public sources of information, which reveal, for example, \u201cif you respond to a public thread of Twitter or public Telegram group.\u201d He added, \u201cWe don\u2019t evade any encryption implementations because we\u2019re not interested in weakening the technical security for other platforms.\u201d Clemens declined to elaborate on what \u201ccapabilities\u201d SocialNet has \u201cfor more hardened and encrypted\/secure communication protocols.\u201d<\/p>\n

In fact, ShadowDragon seems to strive toward total information awareness. In an interview about investigations, Clemens has stated<\/a>, \u201cI want to know everything about the suspect: Where do they get their coffee, where do they get their gas, where\u2019s their electric bill, who\u2019s their mom, who\u2019s their dad?\u201d<\/p>\n

The precise inner workings of SocialNet are off limits to the public, as it is expensive software that is sold at the discretion of the company. Nevertheless, some online resources give an indication of how it works.<\/p>\n<\/div>\n

\n
\u201cI want to know everything about the suspect: Where do they get their coffee, where do they get their gas, where\u2019s their electric bill, who\u2019s their\u00a0mom, who\u2019s their\u00a0dad?\u201d<\/strong><\/em><\/div>\n<\/blockquote>\n
\n

With its surveillance net cast across the internet, SocialNet<\/a> can be used to perform investigations on persons and networks of interest, according to publicly available marketing materials. Investigators can run search queries for names, email addresses, phone numbers, aliases, or other information to begin to identify persons of interest, determine their physical location, ascertain their \u201clifestyles,\u201d and analyze their broader networks (such as friends and friends of friends).<\/p>\n

The materials also show how SocialNet organizes information for the analyst, visually mapping social network graphs and suggesting links between persons of interest and their networks. Timelines can be created to help sort out evidence and piece together clues into a broader picture of what the investigator is trying to uncover. Physical locations can be uncovered or inferred.<\/p>\n

An online tutorial<\/a> from 2011 depicts an investigator using SocialNet to hunt down possible targets by cross-referencing their company domain names with their email addresses, then finding a friend who two targets might have in common. The demonstration suggests that the investigator might want to \u201csocial engineer\u201d \u2014 or trick \u2014 the mutual friend into speaking to the targets.<\/p>\n

httpv:\/\/www.youtube.com\/watch?v=bgjHjFvXVak<\/span><\/p>\n<\/div>\n

\n

The other ShadowDragon tool purchased by the Michigan State Police, OIMonitor, sends alerts in response to the sort of data captured by SocialNet, a company engineer says<\/a> in an online video.<\/p>\n

Other company materials say OIMonitor can go further, helping to detect potential crime before it happens and performing other advanced feats. One video<\/a> explains OIMonitor can \u201cautomate and customize monitoring parameters.\u201d In another video, a ShadowDragon representative provides an example<\/a> of a corporation looking to protect its physical venue or executives. The corporation would \u201cbuild out an entire dossier of attack patterns, of things people say that\u2019s bad or something threatening,\u201d and OIMonitor \u201cjust alerts them when it sees the criteria that they\u2019ve set and that they have experience recognizing as a problem.\u201d<\/p>\n

Clemens told me that \u201ccustomers come to us for the ability to identify and analyze previous patterns of behavior and relationships using only public information. We disagree with predictive policing and so we don\u2019t build products with predictive capabilities or even suggestions.\u201d Yet their own website says, in the description for the \u201cPredicting Violence<\/a>\u201d video, \u201cClever security teams use OIMonitor to find indicators of unrest and violence before they start. Because riots don\u2019t start in a vacuum; there are always indicators.\u201d It\u2019s also unclear if information pulled from ShadowDragon may be pooled with other data and used by clients for predictive policing on other systems (Clemens declined to comment on that).<\/p>\n

Hatch raised an alarm about the civil rights implications of ShadowDragon\u2019s software, stating, \u201cIt could be used to incorrectly identify Black people as criminal suspects and out social justice activists who wish to remain anonymous for fear of being harassed by police and white nationalists.\u201d<\/p>\n<\/div>\n

\n
\u201cIt could be used to incorrectly identify Black people as criminal suspects and out social justice activists.\u201d<\/strong><\/em><\/div>\n<\/blockquote>\n
\n

ShadowDragon also appears to be hoarding information that users and platforms wanted to delete. OIMonitor provides clients with access<\/a> to ShadowDragon\u2019s private \u201chistorical archive from 2011 to today,\u201d and it saves monitoring results in case the data disappears from the web, according to one company video.<\/p>\n

In a case example given by the company, running the phone number of a suspect through the ShadowDragon software \u201cpopped up with an old Foursquare account\u201d he had logged into at his mother\u2019s house 10 years ago. After looking for the suspect for a month, the investigators were able to find him the following day.<\/p>\n

In addition to police, ShadowDragon services corporate clients, and it can be potentially used for worker surveillance. In a blog post<\/a>, the company advertised the ability to use OIMonitor for employee background checks by employers. Clemens declined to respond to questions about using ShadowDragon for worker surveillance.<\/p>\n

Kaseware: An End-to-End Investigative Platform<\/h3>\n

Compared with ShadowDragon, Kaseware, the other software company contracting with Michigan State Police, is more sweeping in scope, handling more aspects of police work and venturing into the controversial realm of algorithmic crime fighting.<\/p>\n

In 2009, Kaseware\u2019s founders were working at the FBI, where, the company says, they transformed<\/a> its 1980s mainframe system into an award winning, modern, web-enabled platform called Sentinel. Soon thereafter, some of the designers of Sentinel left the FBI to build Kaseware, based out of Denver and launched in 2016 as a cloud \u201csoftware as a service\u201d product for government<\/a> and corporations<\/a>.<\/p>\n

Kaseware is a centralized online platform where law enforcement authorities, intelligence agencies, and corporations can dump their surveillance data. Once on the platform, the surveillance can be monitored, mapped, and otherwise analyzed using tools<\/a> built specifically for Kaseware. The company touts the system\u2019s speed and ability to integrate diverse sources of information for command-and-control centers, saying it handles investigations and security monitoring in an \u201cend-to-end\u201d way: from the ingestion of raw surveillance at one end to the conclusion of an investigation at the other. Its diverse set of capabilities are similar to Microsoft\u2019s Domain Awareness System<\/a>.<\/p>\n

Kaseware claims<\/a> to streamline a wide range of law enforcement drudgery: generating reports, managing workloads, facilitating video conferences, and querying information from the controversial federal records clearinghouse National Crime Information Center. A redacted portion of the MSP contract says it can \u201cintegrate with FBI eGuardian system<\/a> via file exchange.\u201d The eGuardian system allows the FBI to collect and share Suspicious Activity Reports, or SAR, from different agencies across the United States. As the ACLU notes<\/a>, the system gives law enforcement officials broad discretion to collect information about commonplace activities and to store it in criminal intelligence files without evidence of wrongdoing.<\/p>\n

A cornerstone Kaseware feature is its ability to ingest and analyze massive amounts of data. Files, records, logs, disc images, and evidence are pulled<\/a> into the platform, which can also handle evidence<\/a> from \u201crecordings, body cameras, closed-circuit television (CCTV) cameras and other sources.\u201d The company claims<\/a> it can help hunt down a perpetrator\u2019s physical location.<\/p>\n

\"\"<\/a>

Screenshot: The Intercept<\/p><\/div>\n<\/div>\n

Kaseware marketing materials say its platform ingests zip codes, addresses, GPS coordinates, geotags, satellite imagery, and data from internet-connected devices, correlating it with \u201csocioeconomic trends and environmental events to create layered maps\u201d to reveal \u201cillegal activity\u201d and \u2014 crucially, for civil rights advocates \u2014 conduct \u201cpredictive policing.\u201dPredictive policing, or the use of statistics that quantifies past crimes to predict future ones, has been heavily criticized by legal scholars<\/a> and activists<\/a>\u00a0on grounds that the systems generate discrimination <\/a>and harm<\/a>. Two scholars tested the PredPol predictive policing software for Oakland, California, and found<\/a> its software would target Black people at twice the rate as white people. This is because Black people are overrepresented in Oakland\u2019s drug crime databases, leading to disproportionate policing of low-income communities and communities of color.The Michigan State Police told me, \u201cWe do not use the predictive policing function of the Kaseware platform.\u201d However, it is worth noting the capability is there, and the software has been sold to other clients who may be making use of it.<\/p>\n

Kaseware also touts its access to open source intelligence across its marketing literature. Its platform utilizes OSINT tools like ShadowDragon \u201cto instantly search hundreds of open web, dark web, deep web and social media sources to access crucial data on cybercriminals\u2019 names, keywords, emails, aliases, phones numbers and more.\u201d Clients \u201ccan also import social media information for forensic analysis alongside other case details, including photos, followers, likes, friends and post connections.\u201d<\/p>\n

It\u2019s unclear if Kaseware has special access to information or services with the companies listed in the way that Dataminr, for example, is provided<\/a> access<\/a> to Twitter\u2019s \u201cfirehose,\u201d a database of every public tweet from the moment it was posted. Twitter\u2019s senior director of global public policy strategy, Nick Pickles, told me in an email that \u201cwe\u2019re not able to disclose details of our commercial agreements,\u201d but it is \u201csafe to say that\u201d Kaseware is \u201con our radar.\u201d Another Twitter spokesperson, Katie Rosborough, did not answer questions about Kaseware or ShadowDragon, saying only that Twitter\u2019s public programming interface is not available for law enforcement purposes. Partners like Dataminr historically have not used that interface.<\/p>\n

Contracts and Deployments<\/h3>\n

The Michigan State Police contract redacts every mention of ShadowDragon, SocialNet, OIMonitor, and Microsoft Azure in the contract shared with the public. David Goldberg\u2019s FOIA request was \u201cpartially denied\u201d citing exemptions to the act to protect \u201ctrade secrets, or financial or proprietary information\u201d; to \u201cprotect the security or safety of persons or property, or the confidentiality, integrity, or availability of information systems\u201d; and to protect \u201cthe identity of a person who may become a victim of a cybersecurity incident as a result of the disclosure of identifying that person\u201d or that person\u2019s \u201ccybersecurity-related practices.\u201d<\/p>\n

As I reported<\/a> at The Intercept, through its Public Safety and Justice division, Microsoft provides an extensive array of services to police forces across the world via its own products and that of partners (like Kaseware), who typically operate on the Azure Cloud. Microsoft services the U.<\/a>S.<\/a> and Israeli<\/a> militaries with its HoloLens augmented reality goggles. Its carceral solutions<\/a> include its own Digital Prison Management Solution based on its Domain Awareness System surveillance platform built with the New York Police Department years ago. Together with its partners, Microsoft\u2019s products and services extend across the carceral pipeline, from juvenile detention and pretrial through prison and parole.<\/p>\n<\/div>\n

\n
Kaseware\u2019s Mark Dodge,\u00a0a former Naval intelligence and CIA officer, helped develop Microsoft\u2019s Domain Awareness System for the NYPD.<\/strong><\/em><\/div>\n<\/blockquote>\n
\n

Kaseware\u2019s Chief Business Officer Mark Dodge, a former Naval intelligence and CIA officer, told me in interviews prior to this year that before working at Kaseware, he had worked at Accenture, where he helped develop Microsoft\u2019s Domain Awareness System for the NYPD. He said he also did work for Singapore, which runs the Microsoft DAS, and \u201ca couple others,\u201d including in London. Dodge then had a brief stint with Microsoft partner Axon, the industry leader in Taser stun guns and body cameras \u2014 illustrating how circles in the intelligence, police, and corporate surveillance industry intersect.<\/p>\n

The length of the MSP contract is five years, from January 31, 2020, to January 31, 2025. The Kaseware license costs $340,000 annually, while SocialNet and OIMonitor cost $39,000 each, bringing the package to $418,000 per year, or $2,090,000 over five years. The state of Michigan redacted the contract values of ShadowDragon features. The MSP opted for a two-day training session at $3,000, which ShadowDragon says constitutes a \u201cbig deep dive on threat assessment and sentiment analysis.\u201d<\/p>\n

The total cost of the MSP contract is $3,293,000.<\/p>\n

The sum paid to Microsoft for its Azure Government Cloud services is bundled into the \u201cLicensing & Support Services\u201d portion of the contract, and there is no indication how much of that money Microsoft receives.<\/p>\n

Because most of their contracts are not made public or difficult to access, it\u2019s hard to discern how pervasive Kaseware and ShadowDragon are in the world.<\/p>\n

The first ShadowDragon contract<\/a> with the U.S. Immigration and Customs Enforcement agency was awarded to IT firm C & C International Computers & Consultants, Inc. on July 16, 2020, at a cost of $289,500. The second was for a contract awarded<\/a> to cybersecurity firm Panamerica Computers on August 31, 2021 at a cost of $602,056. Both were for the use of SocialNet.<\/p>\n

ShadowDragon\u2019s SocialNet, OIMonitor, and malware investigation product MalNet is also being deployed<\/a> by IT firm ALTEN Calsoft Labs and Cloudly in Asia \u2014 \u201cespecially India\u201d\u00a0\u2014 as \u201csolutions for industries such as Government, Banking, Financial Services, Healthcare and many other verticals.\u201d ALTEN is headquartered in Bangalore, India, and has offices in the U.S., Europe, and Singapore. Cloudly is a cybersecurity, intelligence, and surveillance firm based in Silicon Valley.<\/p>\n

With offices in the U.S. and Denmark, ShadowDragon\u00a0claims a market presence in \u201cNorth America, Europe, the Middle East, Asia and Latin America.\u201d<\/p>\n

When asked about potential human rights abuses by clients, Clemens said the company vets \u201call in-bound requests for our products to ensure they\u2019re not used to conduct human rights violations.\u201d<\/p>\n

Dodge, in the interviews predating this story, told me Kaseware had about 30 customers as of June 2020 but does not disclose most of them. The Winslow, Arizona, Police Department rolled <\/a>out<\/a> a Kaseware Computer Aided Dispatch and Records Management System in 2018, and the Wickenburg, Arizona, Police Department was at least considering it<\/a>.<\/p>\n

Kaseware states<\/a> its platform \u201cis now used by police departments around the world, Fortune 100 Companies, and many international non-profit organizations.\u201d<\/p>\n

Kaseware did not respond to a request for comments for this article.<\/p>\n

Human Rights: A World of All-Seeing Public Surveillance<\/h3>\n

With Kaseware and ShadowDragon, we live in a world where the public\u2019s online behavior can be monitored across the internet and accessed at the click of a button to determine who we are, who we know, what our \u201clifestyle\u201d is like, where we are located, and more.<\/p>\n

These capabilities fundamentally change police powers, said Eric Williams, managing attorney at the Detroit Justice Center\u2019s Economic Equity Practice: \u201cIt is qualitatively different when you go from the police being able to check information\u201d a little at a time \u201cto artificial intelligence being able to analyze everything that you\u2019ve done online.\u201d<\/p>\n

The potential for discriminatory applications is enormous. Williams noted that searches made by big data tools are \u201cinevitably biased against people of color, poor people\u201d and the like. He said that activists from Black Lives Matter, unions, and the #MeToo movement may be targeted by these technologies, \u201cdepending on who is in charge of them.\u201d<\/p>\n<\/div>\n

\n
\u201cThis presents the scary possibility of law enforcement of our daily lives that would be unimaginable until recently.\u201d<\/strong><\/em><\/div>\n<\/blockquote>\n
\n

Phil Mayor, a senior staff attorney at the ACLU of Michigan, said of ShadowDragon, \u201cmapping of the relationships between people risks suspicion by association\u201d and \u201cis likely to entrench systemic racism and is a threat to everyone\u2019s privacy. \u2026 This presents the scary possibility of law enforcement of our daily lives that would be unimaginable until recently.\u201d<\/p>\n

There is virtually no transparency behind what Kaseware and ShadowDragon do, or how the Michigan State Police and other clients might be using their products, where they are deployed, for what purpose, and who gets access. Likewise for how these tools impact activists, the poor, and marginalized communities, who are disproportionately the targets of police surveillance.<\/p>\n

\u201cIt\u2019s deeply concerning that this kind of technology is being purchased and used by law enforcement without public discussion,\u201d Mayor told me. \u201cBefore engaging in new forms of surveillance of citizens, law enforcement should be coming to the polity and asking what we expect in terms of our privacy rather than making those decisions for us.\u201d<\/p>\n

Williams echoed this, stating, \u201cIt is problematic that public money is being spent on surveillance, of a particularly intrusive type, and the public is unaware of it.\u201d Even if the police want to keep their surveillance methods hidden, \u201cthe public has a right to know, and should know, given the lack of laws we have governing a lot of electronic surveillance.\u201d<\/p>\n

In the U.S., as many as 70 percent of police forces use social media to gather intelligence and monitor the public. Yet the law does little<\/a> to constrain these kinds of tools and practices.<\/p>\n

\u201cThere\u2019s not a lot of regulations on this,\u201d Williams said, \u201cand we can\u2019t begin to have a discussion on how it should be regulated if we\u2019re not aware that it\u2019s happening.\u201d He added that he favors a ban on the technology, given its opaque deployment and intrusive nature.<\/p>\n

Dragnet social media surveillance needs to be urgently addressed by lawmakers, who should step in and ban this attack on civil rights and liberties immediately.<\/p>\n

__________________________________________<\/p>\n

Michael Kwet<\/em><\/a> –\u00a0@michael_kwet<\/a><\/em><\/p>\n

Go to Original – theintercept.com<\/a><\/p>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"

21 Sep 2021 – A Michigan State Police contract obtained by The Intercept sheds new light on the use of a little-known surveillance software that helps law enforcement and corporations watch people\u2019s social media and other activities\u2014the product of a growing industry.<\/p>\n","protected":false},"author":4,"featured_media":195728,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[60],"tags":[910,550,1220,1277,1109,911,921],"class_list":["post-195727","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-whistleblowing-surveillance","tag-big-brother","tag-corruption","tag-privacy","tag-privacy-rights","tag-spying","tag-surveillance","tag-whistleblowing"],"_links":{"self":[{"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/posts\/195727","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/comments?post=195727"}],"version-history":[{"count":0,"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/posts\/195727\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/media\/195728"}],"wp:attachment":[{"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/media?parent=195727"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/categories?post=195727"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/tags?post=195727"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}