<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
</head>
<body>
<div dir="ltr">
<div id="gmail-toolbar" class="gmail-toolbar-container"> </div>
<div class="gmail-container" dir="ltr">
<div class="gmail-header gmail-reader-header
gmail-reader-show-element"> <a class="gmail-domain
gmail-reader-domain"
href="https://theintercept.com/2021/09/21/surveillance-social-media-police-microsoft-shadowdragon-kaseware/?utm_medium=email&utm_source=The%20Intercept%20Newsletter"
moz-do-not-send="true">theintercept.com</a>
<h1 class="gmail-reader-title">ShadowDragon: Inside the Social
Media Surveillance Software That Can Watch Your Every Move</h1>
<div class="gmail-credits gmail-reader-credits">Michael Kwet -
September 21, 2021<br>
</div>
</div>
<hr>
<div class="gmail-content">
<div class="gmail-moz-reader-content
gmail-reader-show-element">
<div id="gmail-readability-page-1" class="gmail-page">
<div>
<div>
<p><u>A Michigan State Police contract</u>, obtained
by The Intercept, sheds new light on the growing use
of little-known surveillance software that helps law
enforcement agencies and corporations watch people’s
social media and other website activity.</p>
<p>The software, put out by a Wyoming company called
ShadowDragon, allows police to suck in data from
social media and other internet sources, including
Amazon, dating apps, and the dark web, so they can
identify persons of interest and map out their
networks during investigations. By providing
powerful searches of more than 120 different online
platforms and a decade’s worth of archives, the
company claims to speed up profiling work from
months to minutes. ShadowDragon even claims its
software can automatically adjust its monitoring and
help predict violence and unrest. Michigan police
acquired the software through a contract with
another obscure online policing company named
Kaseware for an “MSP Enterprise Criminal
Intelligence System.”</p>
<p>The inner workings of the product are generally not
known to the public. The contract, and materials
published by the companies online, allow a deeper
explanation of how this surveillance works, provided
below.</p>
</div>
<div>
<p>ShadowDragon has kept a low profile but has law
enforcement customers well beyond Michigan. It was
purchased twice by the U.S. Immigration and Customs
Enforcement agency in the last two years, documents
show, and was <a
href="https://www.nbcboston.com/investigations/shadowdragon-mass-police-get-new-social-media-monitoring-tool/2424128/"
moz-do-not-send="true">reportedly</a> acquired by
the Massachusetts State Police and other police
departments within the state.</p>
<p>Michigan officials appear to be keeping their
contract and the identities of ShadowDragon and
Microsoft from the public. The Michigan.gov website
does not make the contract available; it instead <a
href="https://www.michigan.gov/documents/dtmb/200000000425_679848_7.pdf"
moz-do-not-send="true">offers</a> an email address
at which to request the document “due to the
sensitive nature of this contract.” And the contract
it eventually provides has been heavily redacted:
The copy given to David Goldberg, a professor at
Wayne State University in Detroit had all mentions
of ShadowDragon software and Microsoft Azure blacked
out. What’s more, Goldberg had to file a Freedom of
Information Act request to obtain the contract. When
the state website did offer the contract, it was
unredacted, and I <a
href="https://theintercept.com/document/2021/09/21/state-of-michigan-2020-kaseware-contract/"
moz-do-not-send="true">downloaded it</a> before it
was withdrawn.</p>
<p>Last year, The Intercept <a
href="https://theintercept.com/2020/06/24/fbi-surveillance-social-media-cellphone-dataminr-venntel"
moz-do-not-send="true">published</a> several <a
href="https://theintercept.com/2020/07/09/twitter-dataminr-police-spy-surveillance-black-lives-matter-protests/"
moz-do-not-send="true">articles</a> detailing <a
href="https://theintercept.com/2020/10/21/dataminr-twitter-surveillance-racial-profiling/"
moz-do-not-send="true">how</a> a social media
analytics firm called Dataminr relayed tweets about
the George Floyd and Black Lives Matter protests to
police. The same year, I detailed at The
Intercept how Kaseware’s partner Microsoft <a
href="https://theintercept.com/2020/07/14/microsoft-police-state-mass-surveillance-facial-recognition"
moz-do-not-send="true">helps police surveil and
patrol communities</a> through its own offerings
and a network of partnerships.</p>
<p>This new revelation about the Michigan contract
raises questions about what digital surveillance
capabilities other police departments and law
enforcement agencies in the U.S. might be quietly
acquiring. And it comes at a time when previously
known government social media surveillance is <a
href="https://www.aclunc.org/news/aclu-demands-twitter-take-immediate-action-stop-developers-facilitating-government"
moz-do-not-send="true">under fire</a> from civil
rights and liberties advocates like MediaJustice and
the American Civil Liberties Union. It also raises
the specter of further abuses in Michigan, where the
FBI has been <a
href="https://archive.thinkprogress.org/fbi-using-its-black-identity-extremists-report-c647091135ab/"
moz-do-not-send="true">profiling Muslim
communities</a> and so-called <a
href="https://theintercept.com/2018/03/19/black-lives-matter-fbi-surveillance"
moz-do-not-send="true">Black Identity Extremists</a>.
In 2015, it was revealed that for years, the state
police agency was using cell site simulators to spy
on mobile phones without disclosing it to the
public.</p>
</div>
<blockquote><span></span>
<p>“They endanger Black and marginalized communities.”</p>
</blockquote>
<div>
<p>“Social media surveillance technologies, such as
the software acquired by Michigan State Police, are
often introduced under the false premise that they
are public safety and accountability tools. In
reality, they endanger Black and marginalized
communities,” Arisha Hatch, vice president and chief
of campaigns at civil rights nonprofit Color of
Change, wrote in an email.</p>
<p>Michigan State Police spokesperson Shanon Banner
said in an email that “the investigative tools
available to us as part of this contract are only
used in conjunction with criminal investigations,
following all state and federal laws.” The founder
of ShadowDragon, Daniel Clemens, wrote that the
company provides only information that is publicly
available and does not “build products with
predictive capabilities.”</p>
<h3>A Shadowy Industry</h3>
<p>Kaseware and ShadowDragon are part of a shadowy
industry of software firms that exploit what they
call “open source intelligence,” or <a
href="https://www.recordedfuture.com/open-source-intelligence-definition"
moz-do-not-send="true">OSINT</a>: the trails of
information that people leave on the internet.
Clients include intelligence agencies, government,
police, corporations, and even schools.</p>
<p>Kaseware, which is partnered to ShadowDragon and
Microsoft, provides a platform for activities that
support OSINT and other elements of digital
policing, like data storage, management, and
analysis. Its capabilities range from storing
evidence to predictive policing. By contrast, the
two ShadowDragon products acquired by the Michigan
State Police are more narrowly tailored for the
surveillance of people using social media, apps, and
websites on the internet. They run on the Kaseware
platform.</p>
<p>To understand how Kaseware and ShadowDragon work
together, let us consider each in turn, starting
with ShadowDragon.<br>
</p>
</div>
<div>
<p><img
src="https://theintercept.imgix.net/wp-uploads/sites/1/2021/09/social-net.png?auto=compress%2Cformat&q=90&w=1000&h=563"
alt="social-net" style="margin-right: 0px;"
moz-do-not-send="true" width="400" height="225"></p>
<p class="gmail-caption">Screenshot: The Intercept</p>
</div>
<div>
<h3>ShadowDragon: Social Media Surveillance</h3>
<p>The Michigan State Police purchased two of
ShadowDragon’s OSINT intelligence tools to run on
the Kaseware platform: SocialNet and OIMonitor.</p>
<p>SocialNet was invented by cybersecurity consulting
firm Packet Ninjas in 2009. Clemens, Packet Ninja’s
founder and CEO, went on to <a
href="https://www.prnewswire.com/news-releases/packet-ninjas-announces-the-formation-of-shadowdragon-to-license-cyber-intelligence-investigative-tools-300221551.html"
moz-do-not-send="true">start</a> ShadowDragon as a
sister company in 2016, licensing the cyber
intelligence and investigative tools developed by
Packet Ninjas over the prior decade.</p>
<p>At the time of SocialNet’s creation, investigators
were left to search social media networks for clues
manually. If a person made a public post on Twitter
or Facebook, for example, an investigator was free
to look online, but they had to personally log onto
and search one social network at a time, post by
post, for people who might be suspects and for their
friends and other associates.</p>
</div>
<blockquote><span></span>
<p>“What used to take us two months in a background
check or an investigation is now taking between five
to 15 minutes.”</p>
</blockquote>
<div>
<p>Alerted to this<a
href="https://blog.shadowdragon.io/understanding-link-analysis-and-using-it-in-investigations"
moz-do-not-send="true"> problem</a> by a friend
from Pretoria, South Africa-based Paterva, makers of
the Maltego OSINT platform, Clemens decided to build
SocialNet. As he put it in an <a
href="https://www.youtube.com/watch?v=Zmq6GcMnSDA"
moz-do-not-send="true">interview</a>, “the idea
[behind SocialNet] was, let’s throw a net out into
all of the social media platforms, the social media
universe, and see what we get back.” Clemens has <a
href="https://shadowdragon.io/socialnet"
moz-do-not-send="true">claimed</a> in a company
video that “when the FBI started using [SocialNet],
they did an evaluation” and concluded “what used to
take us two months in a background check or an
investigation is now taking between five to 15
minutes.”</p>
<p>Today, SocialNet says it pulls data from <a
href="https://www.maltego.com/transform-hub/socialnet"
moz-do-not-send="true">more than 120</a> social
media networks, websites, and platforms, as well as
from the <a
href="https://blog.shadowdragon.io/demystifying-the-dark-web-part-1"
moz-do-not-send="true">dark web</a>, data dumps,
and RSS feeds. A full list of sources isn’t
available, but a company promotional video and
listing at the Maltego website gives an indication
of which websites fall into their surveillance net:</p>
<blockquote>
<p>AOL Lifestream | Amazon | Ameba | Aodle |
BabyCenter | BitChute | BlackPlanet | Blogger |
Busted! Mugshots | Buzznet | Cocolog | Companies
House | Crunchbase | Dailymotion | DeviantArt |
Ebay | Etsy | Facebook | Flickr | Foursquare | Gab
| GitHub | Goo | Google | Google+ | Gravatar |
Hatena | Huffington Post | ICQ | IMVU | ImageShack
| Imgur | Instagram | Instructables | Jugem | Kik
|LinkedIn | LiveJournal | Livedoor | Mail.ru |
Menuism | MeWe | MySpace | Naijapals | Netlog | OK
Cupid | Okru | Olipro Company | Pandora | Pastebin
| PayPal | PGP | Photobucket | Pinterest | Plurk |
POF | PornHub | QQ | Reddit | ReverbNation |
Seesaa | Skype | SoundCloud | SourceForge |
Spotify | Sprashivai | Steam | Sudani | Telegram |
Tinder | TripAdvisor | Tumblr | Uplike | Vimeo |
Vine | Virus Total | VK | Voat | Weibo | Xing |
Yahoo | Yelp | YouTube | Zillow</p>
</blockquote>
</div>
<div>
<p>The video also shows “public and local” IP
addresses as a source of data for SocialNet.</p>
<p>SocialNet searches for information that is publicly
available across these websites and pulls it in when
there is a match. But it is difficult to know with
precision which data it pulls. In the promotional
video, some categories of information appear, such
as BlackPlanet users; Busted! mugshots; Bing search
results; Amazon comments, products, users, and
wishlists; and so on. Clemens said the company has
“crawlers that scrape information from the public
websites. Nothing proprietary or private is provided
to us by the platform companies.”</p>
<p>On its website, ShadowDragon also <a
href="https://shadowdragon.io/oimonitor"
moz-do-not-send="true">claims</a> to conduct “chat
protocol monitoring (WhatsApp, Telegram, etc.)” as
well as “dialog protocol monitoring (IRC, etc.).”
For these services, it’s also unclear exactly what
kinds of information can be pulled or how it’s done.
Clemens said they don’t intercept any private chats,
and they can confirm whether a specific phone number
has a WhatsApp account if the user’s privacy
settings allow it.</p>
<p>In a March 2019 <a
href="https://blog.shadowdragon.io/continued-osint-collection-innovation-for-expansive-24-7-monitoring-on-chat-platforms-forums-and-social-media"
moz-do-not-send="true">blog post</a>, Clemens
referenced an “integration into monitoring
Telegram,” which, along with WhatsApp, had become “a
go-to when there are disruptions.” He also claimed
to have added “some interesting OSINT capabilities
in our SocialNet platform for more hardened and
encrypted/secure communication protocols. (Please
ping us on this).” Although Telegram has said its
instant messages are “heavily encrypted,” it also
offers widely available groups and channels.</p>
<p>Clemens said the company is able to monitor chat
platforms like Telegram through public sources of
information, which reveal, for example, “if you
respond to a public thread of Twitter or public
Telegram group.” He added, “We don’t evade any
encryption implementations because we’re not
interested in weakening the technical security for
other platforms.” Clemens declined to elaborate on
what “capabilities” SocialNet has “for more hardened
and encrypted/secure communication protocols.”</p>
<p>In fact, ShadowDragon seems to strive toward total
information awareness. In an interview about
investigations, Clemens has <a
href="https://vimeo.com/345808418"
moz-do-not-send="true">stated</a>, “I want to know
everything about the suspect: Where do they get
their coffee, where do they get their gas, where’s
their electric bill, who’s their mom, who’s their
dad?”</p>
<p>The precise inner workings of SocialNet are off
limits to the public, as it is expensive software
that is sold at the discretion of the company.
Nevertheless, some online resources give an
indication of how it works.</p>
</div>
<blockquote><span></span>
<p>“I want to know everything about the suspect: Where
do they get their coffee, where do they get their
gas, where’s their electric bill, who’s their mom,
who’s their dad?”</p>
</blockquote>
<div>
<p>With its surveillance net cast across the internet,
<a href="https://shadowdragon.io/socialnet"
moz-do-not-send="true">SocialNet</a> can be used
to perform investigations on persons and networks of
interest, according to publicly available marketing
materials. Investigators can run search queries for
names, email addresses, phone numbers, aliases, or
other information to begin to identify persons of
interest, determine their physical location,
ascertain their “lifestyles,” and analyze their
broader networks (such as friends and friends of
friends).</p>
<p>The materials also show how SocialNet organizes
information for the analyst, visually mapping social
network graphs and suggesting links between persons
of interest and their networks. Timelines can be
created to help sort out evidence and piece together
clues into a broader picture of what the
investigator is trying to uncover. Physical
locations can be uncovered or inferred.</p>
<p>An online <a
href="https://www.youtube.com/watch?v=FceN0T_a_uM&t=1s"
moz-do-not-send="true">tutorial</a> from 2011
depicts an investigator using SocialNet to hunt down
possible targets by cross-referencing their company
domain names with their email addresses, then
finding a friend who two targets might have in
common. The demonstration suggests that the
investigator might want to “social engineer” — or
trick — the mutual friend into speaking to the
targets.</p>
</div>
<div>
<p>The other ShadowDragon tool purchased by the
Michigan State Police, OIMonitor, sends alerts in
response to the sort of data captured by SocialNet,
a company engineer <a
href="https://shadowdragon.io/videos"
moz-do-not-send="true">says</a> in an online
video.</p>
<p>Other company materials say OIMonitor can go
further, helping to detect potential crime before it
happens and performing other advanced feats. One <a
href="https://www.youtube.com/watch?v=bgjHjFvXVak"
moz-do-not-send="true">video</a> explains
OIMonitor can “automate and customize monitoring
parameters.” In another video, a ShadowDragon
representative provides <a
href="https://www.youtube.com/watch?v=PCQBdkGq8xM"
moz-do-not-send="true">an example</a> of a
corporation looking to protect its physical venue or
executives. The corporation would “build out an
entire dossier of attack patterns, of things people
say that’s bad or something threatening,” and
OIMonitor “just alerts them when it sees the
criteria that they’ve set and that they have
experience recognizing as a problem.”</p>
<p>Clemens told me that “customers come to us for the
ability to identify and analyze previous patterns of
behavior and relationships using only public
information. We disagree with predictive policing
and so we don’t build products with predictive
capabilities or even suggestions.” Yet their own
website says, in the description for the “<a
href="https://shadowdragon.io/oimonitor"
moz-do-not-send="true">Predicting Violence</a>”
video, “Clever security teams use OIMonitor to find
indicators of unrest and violence before they start.
Because riots don’t start in a vacuum; there are
always indicators.” It’s also unclear if information
pulled from ShadowDragon may be pooled with other
data and used by clients for predictive policing on
other systems (Clemens declined to comment on that).</p>
<p>Hatch raised an alarm about the civil rights
implications of ShadowDragon’s software, stating,
“It could be used to incorrectly identify Black
people as criminal suspects and out social justice
activists who wish to remain anonymous for fear of
being harassed by police and white nationalists.”</p>
</div>
<blockquote><span></span>
<p>“It could be used to incorrectly identify Black
people as criminal suspects and out social justice
activists.”</p>
</blockquote>
<div>
<p>ShadowDragon also appears to be hoarding
information that users and platforms wanted to
delete. OIMonitor <a
href="https://shadowdragon.io/oimonitor"
moz-do-not-send="true">provides clients with
access</a> to ShadowDragon’s private “historical
archive from 2011 to today,” and it saves monitoring
results in case the data disappears from the web,
according to one company video.</p>
<p>In a case example given by the company, running the
phone number of a suspect through the ShadowDragon
software “popped up with an old Foursquare account”
he had logged into at his mother’s house 10 years
ago. After looking for the suspect for a month, the
investigators were able to find him the following
day.</p>
<p>In addition to police, ShadowDragon services
corporate clients, and it can be potentially used
for worker surveillance. In a <a
href="https://blog.shadowdragon.io/background-checks"
moz-do-not-send="true">blog post</a>, the company
advertised the ability to use OIMonitor for employee
background checks by employers. Clemens declined to
respond to questions about using ShadowDragon for
worker surveillance.</p>
<h3>Kaseware: An End-to-End Investigative Platform</h3>
<p>Compared with ShadowDragon, Kaseware, the other
software company contracting with Michigan State
Police, is more sweeping in scope, handling more
aspects of police work and venturing into the
controversial realm of algorithmic crime fighting.</p>
<p>In 2009, Kaseware’s founders were working at the
FBI, where, the company says, they <a
href="https://www.kaseware.com/about"
moz-do-not-send="true">transformed</a> its 1980s
mainframe system into an award winning, modern,
web-enabled platform called Sentinel. Soon
thereafter, some of the designers of Sentinel left
the FBI to build Kaseware, based out of Denver and
launched in 2016 as a cloud “software as a service”
product for <a
href="https://www.kaseware.com/government"
moz-do-not-send="true">government</a> and <a
href="https://www.kaseware.com/corporate-security"
moz-do-not-send="true">corporations</a>.</p>
<p>Kaseware is a centralized online platform where law
enforcement authorities, intelligence agencies, and
corporations can dump their surveillance data. Once
on the platform, the surveillance can be monitored,
mapped, and otherwise analyzed using <a
href="https://www.kaseware.com/product-overview/intelligence-analysis"
moz-do-not-send="true">tools</a> built
specifically for Kaseware. The company touts the
system’s speed and ability to integrate diverse
sources of information for command-and-control
centers, saying it handles investigations and
security monitoring in an “end-to-end” way: from the
ingestion of raw surveillance at one end to the
conclusion of an investigation at the other. Its
diverse set of capabilities are similar to <a
href="https://theintercept.com/2020/07/14/microsoft-police-state-mass-surveillance-facial-recognition"
moz-do-not-send="true">Microsoft’s Domain
Awareness System</a>.</p>
<p>Kaseware <a
href="https://www.kaseware.com/government/law-enforcement/"
moz-do-not-send="true">claims</a> to streamline a
wide range of law enforcement drudgery: generating
reports, managing workloads, facilitating video
conferences, and querying information from the
controversial federal records clearinghouse National
Crime Information Center. A redacted portion of the
MSP contract says it can “integrate with <a
href="https://www.fbi.gov/resources/law-enforcement/eguardian"
moz-do-not-send="true">FBI eGuardian system</a>
via file exchange.” The eGuardian system allows the
FBI to collect and share Suspicious Activity
Reports, or SAR, from different agencies across the
United States. As the ACLU <a
href="https://www.aclu.org/cases/aclu-v-fbi-eguardian-foia-lawsuit"
moz-do-not-send="true">notes</a>, the system gives
law enforcement officials broad discretion to
collect information about commonplace activities and
to store it in criminal intelligence files without
evidence of wrongdoing.</p>
<p>A cornerstone Kaseware feature is its ability to
ingest and analyze massive amounts of data. Files,
records, logs, disc images, and evidence are <a
href="https://www.kaseware.com/product-overview"
moz-do-not-send="true">pulled</a> into the
platform, which can also handle <a
href="https://www.kaseware.com/product-overview/evidence-management"
moz-do-not-send="true">evidence</a> from
“recordings, body cameras, closed-circuit television
(CCTV) cameras and other sources.” The company <a
href="https://www.kaseware.com/product-overview/forensics-cybersecurity"
moz-do-not-send="true">claims</a> it can help hunt
down a perpetrator’s physical location.<br>
</p>
</div>
<div>
<p><img
src="https://theintercept.imgix.net/wp-uploads/sites/1/2021/09/kaseware.png?auto=compress%2Cformat&q=90&w=1024&h=491"
alt="kaseware" style="margin-right: 0px;"
moz-do-not-send="true" width="400" height="192"></p>
<p class="gmail-caption">Screenshot: The Intercept</p>
</div>
<div>
<p>
Kaseware marketing materials say its platform
ingests zip codes, addresses, GPS coordinates,
geotags, satellite imagery, and data from
internet-connected devices, correlating it with
“socioeconomic trends and environmental events to
create layered maps” to reveal “illegal activity”
and — crucially, for civil rights advocates —
conduct “predictive policing.”</p>
<p>Predictive policing, or the use of statistics that
quantifies past crimes to predict future ones, has
been heavily criticized by <a
href="https://www.nyulawreview.org/wp-content/uploads/2019/06/NYULawReview-94-3-ODonnell.pdf"
moz-do-not-send="true">legal scholars</a> and <a
href="https://stoplapdspying.org/wp-content/uploads/2018/05/Before-the-Bullet-Hits-the-Body-May-8-2018.pdf"
moz-do-not-send="true">activists</a> on grounds
that the systems <a
href="https://twitter.com/rajiinio/status/1375957284061376516"
moz-do-not-send="true">generate discrimination </a><a
href="https://twitter.com/rajiinio/status/1375957284061376516"
moz-do-not-send="true">and harm</a>. Two scholars
tested the PredPol predictive policing software for
Oakland, California, and <a
href="https://rss.onlinelibrary.wiley.com/doi/full/10.1111/j.1740-9713.2016.00960.x"
moz-do-not-send="true">found</a> its software
would target Black people at twice the rate as white
people. This is because Black people are
overrepresented in Oakland’s drug crime databases,
leading to disproportionate policing of low-income
communities and communities of color.</p>
<p>The Michigan State Police told me, “We do not use
the predictive policing function of the Kaseware
platform.” However, it is worth noting the
capability is there, and the software has been sold
to other clients who may be making use of it.</p>
<p>Kaseware also touts its access to open source
intelligence across its marketing literature. Its
platform utilizes OSINT tools like ShadowDragon “to
instantly search hundreds of open web, dark web,
deep web and social media sources to access crucial
data on cybercriminals’ names, keywords, emails,
aliases, phones numbers and more.” Clients “can also
import social media information for forensic
analysis alongside other case details, including
photos, followers, likes, friends and post
connections.”</p>
<p>It’s unclear if Kaseware has special access to
information or services with the companies listed in
the way that Dataminr, for example, is <a
href="https://theintercept.com/2020/10/21/dataminr-twitter-surveillance-racial-profiling"
moz-do-not-send="true">provided</a><a
href="https://theintercept.com/2020/10/21/dataminr-twitter-surveillance-racial-profiling"
moz-do-not-send="true"> access</a> to Twitter’s
“firehose,” a database of every public tweet from
the moment it was posted. Twitter’s senior director
of global public policy strategy, Nick Pickles, told
me in an email that “we’re not able to disclose
details of our commercial agreements,” but it is
“safe to say that” Kaseware is “on our radar.”
Another Twitter spokesperson, Katie Rosborough, did
not answer questions about Kaseware or ShadowDragon,
saying only that Twitter’s public programming
interface is not available for law enforcement
purposes. Partners like Dataminr historically have
not used that interface.</p>
<h3>Contracts and Deployments</h3>
<p>The Michigan State Police contract redacts every
mention of ShadowDragon, SocialNet, OIMonitor, and
Microsoft Azure in the contract shared with the
public. David Goldberg’s FOIA request was “partially
denied” citing exemptions to the act to protect
“trade secrets, or financial or proprietary
information”; to “protect the security or safety of
persons or property, or the confidentiality,
integrity, or availability of information systems”;
and to protect “the identity of a person who may
become a victim of a cybersecurity incident as a
result of the disclosure of identifying that person”
or that person’s “cybersecurity-related practices.”</p>
<p>As I <a
href="https://theintercept.com/2020/07/14/microsoft-police-state-mass-surveillance-facial-recognition"
moz-do-not-send="true">reported</a> at The
Intercept, through its Public Safety and Justice
division, Microsoft provides an extensive array of
services to police forces across the world via its
own products and that of partners (like Kaseware),
who typically operate on the Azure Cloud. Microsoft
services the <a
href="https://www.cnbc.com/2021/03/31/microsoft-wins-contract-to-make-modified-hololens-for-us-army.html"
moz-do-not-send="true">U.</a><a
href="https://www.cnbc.com/2021/03/31/microsoft-wins-contract-to-make-modified-hololens-for-us-army.html"
moz-do-not-send="true">S.</a> and <a
href="https://mondoweiss.net/2021/03/how-microsoft-is-invested-in-israeli-settler-colonialism"
moz-do-not-send="true">Israeli</a> militaries with
its HoloLens augmented reality goggles. Its <a
href="https://www.aljazeera.com/features/2020/12/21/microsofts-iron-cage-prison-surveillance-and-e-carceral-state"
moz-do-not-send="true">carceral solutions</a>
include its own Digital Prison Management Solution
based on its Domain Awareness System surveillance
platform built with the New York Police Department
years ago. Together with its partners, Microsoft’s
products and services extend across the carceral
pipeline, from juvenile detention and pretrial
through prison and parole.</p>
</div>
<blockquote><span></span>
<p>Kaseware’s Mark Dodge, a former Naval intelligence
and CIA officer, helped develop Microsoft’s Domain
Awareness System for the NYPD.</p>
</blockquote>
<div>
<p>Kaseware’s Chief Business Officer Mark Dodge, a
former Naval intelligence and CIA officer, told me
in interviews prior to this year that before working
at Kaseware, he had worked at Accenture, where he
helped develop Microsoft’s Domain Awareness System
for the NYPD. He said he also did work for
Singapore, which runs the Microsoft DAS, and “a
couple others,” including in London. Dodge then had
a brief stint with Microsoft partner Axon, the
industry leader in Taser stun guns and body cameras
— illustrating how circles in the intelligence,
police, and corporate surveillance industry
intersect.</p>
<p>The length of the MSP contract is five years, from
January 31, 2020, to January 31, 2025. The Kaseware
license costs $340,000 annually, while SocialNet and
OIMonitor cost $39,000 each, bringing the package to
$418,000 per year, or $2,090,000 over five years.
The state of Michigan redacted the contract values
of ShadowDragon features. The MSP opted for a
two-day training session at $3,000, which
ShadowDragon says constitutes a “big deep dive on
threat assessment and sentiment analysis.”</p>
<p>The total cost of the MSP contract is $3,293,000.</p>
<p>The sum paid to Microsoft for its Azure Government
Cloud services is bundled into the “Licensing &
Support Services” portion of the contract, and there
is no indication how much of that money Microsoft
receives.</p>
<p>Because most of their contracts are not made public
or difficult to access, it’s hard to discern how
pervasive Kaseware and ShadowDragon are in the
world.</p>
<p>The first ShadowDragon <a
href="https://govtribe.com/award/federal-contract-award/delivery-order-hshqdc12d00011-70cmsd20fr0000090"
moz-do-not-send="true">contract</a> with the U.S.
Immigration and Customs Enforcement agency was
awarded to IT firm C & C International Computers
& Consultants, Inc. on July 16, 2020, at a cost
of $289,500. The second was for a contract <a
href="https://govtribe.com/award/federal-contract-award/delivery-order-hshqdc12d00013-70cmsd21fr0000107"
moz-do-not-send="true">awarded</a> to
cybersecurity firm Panamerica Computers on August
31, 2021 at a cost of $602,056. Both were for the
use of SocialNet.</p>
<p>ShadowDragon’s SocialNet, OIMonitor, and malware
investigation product MalNet is also being <a
href="https://markets.businessinsider.com/news/stocks/alten-calsoft-labs-joins-shadowdragon-and-cloudly-to-build-cybersecurity-practices-1027344202"
moz-do-not-send="true">deployed</a> by IT firm
ALTEN Calsoft Labs and Cloudly in Asia — “especially
India” — as “solutions for industries such as
Government, Banking, Financial Services, Healthcare
and many other verticals.” ALTEN is headquartered in
Bangalore, India, and has offices in the U.S.,
Europe, and Singapore. Cloudly is a cybersecurity,
intelligence, and surveillance firm based in Silicon
Valley.</p>
<p>With offices in the U.S. and Denmark,
ShadowDragon claims a market presence in “North
America, Europe, the Middle East, Asia and Latin
America.”</p>
<p>When asked about potential human rights abuses by
clients, Clemens said the company vets “all in-bound
requests for our products to ensure they’re not used
to conduct human rights violations.”</p>
<p>Dodge, in the interviews predating this story, told
me Kaseware had about 30 customers as of June 2020
but does not disclose most of them. The Winslow,
Arizona, Police Department <a
href="https://www.winslowaz.gov/2018%20Annual%20Report%20Final.pdf"
moz-do-not-send="true">rolled </a><a
href="https://www.winslowaz.gov/2018%20Annual%20Report%20Final.pdf"
moz-do-not-send="true">out</a> a Kaseware Computer
Aided Dispatch and Records Management System in
2018, and the Wickenburg, Arizona, Police Department
was at least <a
href="http://destinyhosted.com/wickedocs/2018/CCRM/20180904_283/AGENDApacket__09-04-18_1650_283.pdf"
moz-do-not-send="true">considering it</a>.</p>
<p>Kaseware <a href="https://www.kaseware.com/about"
moz-do-not-send="true">states</a> its platform “is
now used by police departments around the world,
Fortune 100 Companies, and many international
non-profit organizations.”</p>
<p>Kaseware did not respond to a request for comments
for this article.</p>
<h3>Human Rights: A World of All-Seeing Public
Surveillance</h3>
<p>With Kaseware and ShadowDragon, we live in a world
where the public’s online behavior can be monitored
across the internet and accessed at the click of a
button to determine who we are, who we know, what
our “lifestyle” is like, where we are located, and
more.</p>
<p>These capabilities fundamentally change police
powers, said Eric Williams, managing attorney at the
Detroit Justice Center’s Economic Equity Practice:
“It is qualitatively different when you go from the
police being able to check information” a little at
a time “to artificial intelligence being able to
analyze everything that you’ve done online.”</p>
<p>The potential for discriminatory applications is
enormous. Williams noted that searches made by big
data tools are “inevitably biased against people of
color, poor people” and the like. He said that
activists from Black Lives Matter, unions, and the
#MeToo movement may be targeted by these
technologies, “depending on who is in charge of
them.”</p>
</div>
<blockquote><span></span>
<p>“This presents the scary possibility of law
enforcement of our daily lives that would be
unimaginable until recently.”</p>
</blockquote>
<div>
<p>Phil Mayor, a senior staff attorney at the ACLU of
Michigan, said of ShadowDragon, “mapping of the
relationships between people risks suspicion by
association” and “is likely to entrench systemic
racism and is a threat to everyone’s privacy. … This
presents the scary possibility of law enforcement of
our daily lives that would be unimaginable until
recently.”</p>
<p>There is virtually no transparency behind what
Kaseware and ShadowDragon do, or how the Michigan
State Police and other clients might be using their
products, where they are deployed, for what purpose,
and who gets access. Likewise for how these tools
impact activists, the poor, and marginalized
communities, who are disproportionately the targets
of police surveillance.</p>
<p>“It’s deeply concerning that this kind of
technology is being purchased and used by law
enforcement without public discussion,” Mayor told
me. “Before engaging in new forms of surveillance of
citizens, law enforcement should be coming to the
polity and asking what we expect in terms of our
privacy rather than making those decisions for us.”</p>
<p>Williams echoed this, stating, “It is problematic
that public money is being spent on surveillance, of
a particularly intrusive type, and the public is
unaware of it.” Even if the police want to keep
their surveillance methods hidden, “the public has a
right to know, and should know, given the lack of
laws we have governing a lot of electronic
surveillance.”</p>
<p>In the U.S., as many as 70 percent of police forces
use social media to gather intelligence and monitor
the public. Yet the law <a
href="https://www.brennancenter.org/our-work/analysis-opinion/how-reform-police-monitoring-social-media"
moz-do-not-send="true">does little</a> to
constrain these kinds of tools and practices.</p>
<p>“There’s not a lot of regulations on this,”
Williams said, “and we can’t begin to have a
discussion on how it should be regulated if we’re
not aware that it’s happening.” He added that he
favors a ban on the technology, given its opaque
deployment and intrusive nature.</p>
<p>Dragnet social media surveillance needs to be
urgently addressed by lawmakers, who should step in
and ban this attack on civil rights and liberties
immediately.</p>
</div>
</div>
</div>
</div>
</div>
<div> </div>
</div>
</div>
</body>
</html>