In a cheerfully animated promotional video , a woman narrates Cubic Transportation Systems’ vision for the future. Travelers will pay fares using a ticket-free mobile account. Real-time data will be aggregated, linked, and shared. Deals — such as 50 percent off at a partner coffee shop — may even incentivize users to select certain transit routes at certain times.

“The more information that is gathered, the more powerful the system becomes,” the narrator tells us. “The piece of the puzzle missing … is you.”

This is “NextCity,” Cubic Transportation Systems’ idea of a smart city: an urban area that uses technology and networked data to optimize functioning and mobility.

Over the past decade, Cubic has taken the first steps toward actualizing its vision by snapping up contracts for the development of mobile-based, contactless fare collection systems in eight of America’s 10 largest public transit networks. Gone are the days of cumbersome tokens and flimsy farecards ; now, millions of bus and subway riders can pay their fare directly by hovering a smartphone or credit card over a reader.

Transit authorities have embraced tap-to-pay technology for its convenience and speed, but privacy advocates are worried that the new fare collection systems pose serious surveillance and security risks. The concerns came to the fore as New York City’s Metropolitan Transportation Authority, or MTA, rolled out OMNY, a fare payment system backed by Cubic that’s slated to fully replace MetroCards by the end of 2023. Nevertheless, Cubic’s widespread use of touchless, mobile-based reader technology is sprouting up everywhere — including places like San Francisco and Miami, where public transit riders would need to dig deep into city documents to find Cubic’s roles.

Cubic is a privately held corporation with broad and varied interests. In addition to its transit operation, Cubic is a vast military contractor doing hundreds of millions of dollars in business with the U.S. military and sales to foreign militaries. The company supplies surveillance technologies, training simulators, satellite communications equipment, computing and networking platforms, and other military hardware and software. Most of the headlines Cubic garners, though, stem from its increasingly indispensable role in public transit systems across the world.

“I’m deeply concerned about how the development of smart cities creates growing incentives for companies like Cubic to aggregate our data and then sell it.”

As Cubic’s quiet grip on fare collection takes hold in more cities, the company’s ability to process rider data grows with it, creating a sprawling corporate apparatus that has the extraordinary potential to gather up reams of information on the very people it is supposed to serve. In some cases, its access to that information is explicit in the transit systems’ privacy policies.

“I’m deeply concerned about how the development of smart cities creates growing incentives for companies like Cubic to aggregate our data and then sell it to police, ICE, and other agencies,” said Albert Fox Cahn, founder and executive director of the Surveillance Technology and Oversight Project, referring to U.S. Immigration and Customs Enforcement. “Right now, our data is a huge part of the product, with almost no safeguards against these sorts of abuse.”

Cubic did not respond to a request for comment.

Turnstiles and Military Systems

The privacy concerns around Cubic would be acute even if its interests were limited to transit, but the company wears dual hats as ubiquitous public service provider and defense contractor.

Cubic Transportation Systems is but one division of Cubic Corporation. The company’s other concerns revolve around providing technologies to U.S. and other security forces. The defense contractor, Cubic Mission and Performance Solutions, handles Command, Control, Communications, Computers, Cyber, Intelligence, Surveillance, and Reconnaissance — or C5ISR — capabilities for the U.S. military. And Cubic also owns a variety of subsidiaries, including Abraxas Corporation, which supplies counterintelligence and cybersecurity software to agencies working in national security.

Since 1992, U.S. government agencies have awarded Cubic’s defense wing and its subsidiaries billions of dollars in contracts, including more than $42.1 million from the Department of Defense this year alone. One of Cubic’s largest contracts came in 2020, when the Pentagon awarded the company $193.3 million for work on training systems, with over half of the money allocated to foreign military sales in Saudi Arabia, Egypt, Morocco, Oman, Poland, Qatar, Singapore, Australia, and the U.K.

Cubic has also provided key support for U.S. drone operations. The company received $1.4 million from the U.S. Air Force in 2018 for Predator/Reaper training software, and in 2020, it signed a cooperative agreement with U.S. Special Operations for the research and development of intelligence, surveillance, and reconnaissance technologies related to drones. Cubic also sells surveillance technologies; a subsidiary that sells video enhancement software has clients including the New York Police Department, U.S. Secret Service, and military criminal investigators.

The defense contracting business runs in parallel to the transit work — where Cubic’s reach is also international. The company has implemented contactless payment technology in other major cities globally, including London, Sydney, and Vancouver. It controls about 70 percent of the market for public transit fare collection across the U.S., U.K., and Australia.

In 2013, when the Chicago Reporter flagged that the company responsible for Chicago’s Ventra system — cards for public transit — had national security ties, a Cubic Corporation spokesperson insisted that the transportation and defense wings were “entirely separate entities and not connected through anything but ownership.”

In annual reports, however, the company emphasized the benefits of its “Living One Cubic” ethos. The reports describe the touchless reader at the center of Cubic’s transit business as “an innovation developed through engineering collaboration” across both divisions of the company. The 2019 annual report also cites the launch of a new internal product management system that will facilitate the sharing of “technical information and data amongst our engineering teams and the overall company.”

The notion of “One Cubic” is also on display in lobbying disclosures . While Cubic has spent massive sums on more than two decades of defense-industry lobbying, Cubic Corporation has put lesser, though still significant funding into lobbying on transit issues; in 2015, the company started directing its resources into “promot[ing] Cubic transportation technology solutions.” In 2019, the company pushed for the “adoption of integrated fare payment and mobility as a service solutions” — corporate jargon for its mobile-based fare collection systems and public-private transit partnerships.

Often, Cubic Corporation’s defense and transportation lobbying is targeted at the same lawmaker or handled by the same firm, with disclosures listing House and Senate defense authorizations alongside federal transportation appropriations.

For Bill Budington, senior staff technologist at the Electronic Frontier Foundation, the soft wall between Cubic’s transportation and military businesses raises questions that have yet to be addressed by transit authorities about the risks that personal data could move between the two sides of the company.

“I think it depends on the overlap, and whether the technologies employed are bleeding over to the other side of the company,” said Budington. “And whether the typical concerns, when it comes to the privacy and security of data that’s being handled for the public, are lessened by the fact that you’re part of the intelligence community that is looking for targets and employing military technologies overseas.”

He added, “That is something that should be raised to the public, and there should be a public debate about it. And I don’t think that there has been.”

Vague Privacy Policy

The Cubic Corporation’s privacy policy outlines the notably lenient guidelines governing the use of data provided both through Cubic’s own website and its contracts with clients. The sharing of personal information is permitted among recipients, including Cubic’s family of companies, affiliates, and subsidiaries; external auditors; police, regulators, government agencies, and judicial or administrative authorities; and third parties connected with mergers and acquisitions.

The company also says it may share information “where disclosure is both legally permissible and necessary to protect or defend our rights” and in “matters of national security.” Personal data may be stored for up to 10 years.

Cubic’s privacy policy allows data sharing between corporate divisions only if it’s for the product being delivered, not for ancillary business practices. However, Cahn said that it’s difficult to know what corporate firewalls are truly in place when dealing with private companies.

“I think this highlights one of the broader design tensions with smart cities infrastructure,” Cahn said. “Oftentimes, we have a misalignment of incentives, where companies have every reason to look for ways to monetize our most intimate data, or as a government tracking tool, rather than having incentives to truly keep that information protected.”

The guidelines for the MTA’s touchless system OMNY have been criticized for their weakness. The Surveillance Technology and Oversight Project found in a 2019 report that the policy permits the MTA and Cubic to store users’ personal data indefinitely, allowing law enforcement and other government agencies access to that and other information. The touchless system’s predecessor, the MetroCard, which Cubic designed and implemented in 1992, already enables enforcement agencies to track users’ whereabouts.

“There should be some kind of oversight body that is making sure the new surveillance technology that’s employed isn’t going to violate the privacy rights of individuals.”

Recent media reports noted that, because OMNY links credit card information to a user profile by design, location tracking could be connected to names, payment cards, and any other information web tracking and data scraping could tie to the account. According to TransitCenter , a group focused on improving public transportation in cities, OMNY would elevate tracking capabilities to a “near-instantaneous” level.

The MTA’s OMNY privacy policy stipulates that Cubic and other vendors must adhere to privacy practices “at least as stringent” as those in the OMNY policy. Other Cubic-designed systems, though, do not disclose such restrictive rules. The Chicago Ventra program policy simply authorizes the sharing of personal information with Cubic, provided it “maintain[s] the confidentiality of the information” and uses it only as necessary for administering the program.

Budington, of the Electronic Frontier Foundation, told The Intercept that phrases such as “necessary to provide services” or “as permitted by law” raise red flags. This vague language cannily obscures any specifics of what the company is doing with the provided data.

“This is why we at EFF are big advocates for city council ordinances when surveillance technologies are employed on a population,” he said. “There should be some kind of oversight body that is making sure the new surveillance technology that’s employed isn’t going to violate the privacy rights of individuals.”

Public Service, Private Equity

Cubic Corporation had been publicly traded since it was founded in 1959, but in May 2021, Veritas Capital and Evergreen Coast Capital paid roughly $3 billion to take the company private . Veritas also owns the Department of Homeland Security’s biometrics database and has acquired business units of Raytheon, Northrop Grumman, Lockheed Martin, and other defense contractors. One critic has suggested that Cubic’s recent acquisition by the private equity firms could exacerbate the company’s lack of interest in safeguarding users’ data.

Cubic’s defense industry ties highlight a stark paradox: Public transit is widely viewed as an essential public service, but the private contractors that enable the systems may have corporate incentives that don’t align with the goal of a common good. For instance, though the MTA has pushed back against privacy advocates’ concerns, Cubic’s own documents emphasize that it has broad ambitions for the use of rider data.

A brochure for the back-end analytics tool that Cubic offers to transit agencies boasts that the technology can enable transit authorities to search and visualize large datasets to “make discoveries” and “identify trends.” The software can also aggregate and anonymize personally identifiable information, turning that information into “an analytics-ready dataset that can be securely consumed for research, monetization schemes, and other internal and external purposes.” Experts have noted that even purportedly anonymized data holds privacy risks, as it is often possible to re-identify users with their personal information.

The company’s vision for NextCity would join data collected by Cubic with other smart-city infrastructure to “build a model for real-time data gathered across a transportation network.” Cubic Corporation’s annual reports outline how it aims to expand its portfolio beyond fare collection to include ride and bike sharing, tolls and parking, and traffic congestion reduction. Toward these ends, Cubic Corporation has acquired multiple companies in recent years that are focused on smart city technologies, including GRIDSMART, which supplies cameras to enable real-time traffic monitoring, and Delerrok, an electronic fare-collection system.

For now, cities with Cubic’s mobile-based payment systems also offer the option to purchase fare cards with cash, albeit for an additional $5 , at select retailers. Individual people concerned with their privacy might opt for this method despite the convenience of OMNY and similar systems.

Despite the workarounds, transit authorities in major metropolitan areas are increasingly letting any notion of privacy fall by the wayside. As an increasing number of metropolitan areas embrace the concept of smart cities , the privacy risks associated with the technology are poised to grow — until, eventually, everyone’s choice between convenience and privacy might be made for them .

The post Meet the Military Contractor Running Fare Collection in New York Subways — and Around the World appeared first on The Intercept .

When the Supreme Court overturned Roe v. Wade, the country’s top internet companies quickly responded with commitments to help employees in states that moved to ban abortion. In an implicit signal of support for abortion rights, the companies said they would help those employees seek abortions in states where the procedure remains legal.

In the years leading up to the seismic reproductive rights decision, however, the tech giants sponsored a controversial group that’s worked tirelessly to put the Supreme Court under conservative control, setting the stage for Roe’s reversal.

The Independent Women’s Forum traces its origins back to the 1991 fight to confirm the Supreme Court nomination of Clarence Thomas. Since then, the group has expanded into promoting a litany of perennial right-wing causes like climate denial , immigration alarmism , and deregulation , but a conservative-dominated Supreme Court remained a focus.

Public relations plays a key role in its operation. With savvy self-branding as a pro-woman organization, the group fought for the appointment of conservative justices to the Supreme Court. The IWF couched support for Bret Kavanaugh as good feminism and any opposition to Amy Coney Barrett as sexism — despite well-founded concerns that their ascensions to the court would spell the end of Roe. The IWF wields a skillful mix of media placement, op-eds, television punditry, and other contributions to the conservative content ecosystem.

The group also takes advantage of quieter influence peddling as well. In 2020, IWF chief and Vicks VapoRub heiress Heather Higgins boasted to a closed audience of Virginia conservatives about how instrumental the group was in rallying congressional support for Kavanaugh’s nomination. Higgins told the group that the IWF circulated a confidential strategy memo on the Hill. “Most important,” Higgins said, “Susan Collins told me that without that memo, she would not see how to support him,” referring to the Republican senator from Maine.

Independent Women’s Forum and its sister organization, Independent Women’s Voice, draw on donations from right-wing financial mainstays like the Koch brothers, but in recent years the groups have enjoyed financial support from Facebook’s parent company, Meta; Google; and Amazon. In 2017, Google sponsored an IWF gala at the “gold” donor level, according to brochures provided to The Intercept by True North Research, a progressive watchdog group. Other brochures show that Meta (which at the time still using the name Facebook) sponsored IWF galas in 2018, alongside Google, and 2019. Honorees at IWF events have included notable anti-abortion figures like Rep. Lynne Cheney, R-Wy.; top Trump administration official Kellyanne Conway; and Vice President Mike Pence.

Corporate disclosures from Amazon show that the company donated undisclosed sums to the IWF in 2018, 2019, and 2020.

Amazon, Google, Meta, and the IWF did not respond to a request for comment.

True North founder Lisa Graves characterized the IWF’s efforts as an attempt to launder conservative ideology. “They act as a distaff,” she said in an interview, “in essence providing a woman’s face for the right wing’s critique or attack on progressives and its advance of this extreme and regressive, repressive agenda.”

Despite the public perception of Silicon Valley’s alignment with progressive values and liberal causes, tech companies, particularly those fearing state regulation, have long funneled money to right-wing groups like the IWF. At the same time, the IWF routinely pushes policy positions that are highly favorable to its corporate donors.

The IWF has consistently espoused tech industry-friendly positions on labor, antitrust, and other issues, without disclosing its donors’ interests. Take, for example, an April IWF blog post that warned that antitrust enforcement against Big Tech would prove disastrous. “Tech innovation has been nothing short of miraculous over the past few decades,” wrote Patrice Onwuka, director of IWF’s Center for Economic Opportunity and its go-to defender of powerful tech firms.

Few issues in tech have galvanized the IWF and Onwuka like the bipartisan American Innovation and Choice Online Act, which would block tech companies from leveraging their enormous reach to favor their own services over competitors. In a December 2021 piece titled “Amazon Prime may not be around to save the day next Christmas,” Onwuka claimed , “Senator Amy Klobuchar and others are on a path to end services like Prime’s fast and free shipping and other services that we depend upon.” Onwuka then linked to a blog post by the Amazon-funded Chamber of Progress that claimed, dubiously, that the law would “ban Amazon Prime.”

In June, Onwuka wrote a jeremiad against congressional antitrust efforts: “The conveniences that make life and work easier and faster and save consumers money may disappear.” Later that day, Onwuka appeared on Fox Business, again protesting antitrust enforcement against the tech industry. “I’m more worried about the impact on small business owners and on women and families that rely on some of the benefits that some of these big four tech companies provide,” she said.

While shielding Big Tech from antitrust scrutiny has proven a priority for the IWF, the group also stands up directly for its benefactors. In 2019, Onwuka wrote an entire post dedicated sticking up for Meta CEO Mark Zuckerberg after Politico reported that he had attended dinners with notable conservative commentators and lawmakers. “Zuckerberg is a private citizen who can eat dinner with whomever he wants,” Onwuka wrote. “His dinner has a clear business purpose and that’s part of doing business.”

“Institutionally they have no position on abortion, that’s their stated position. But organizationally, they have backed the most aggressive anti-choice slate of judges we’ve ever seen.”

The cordial treatment of industry giants is of course a linchpin of conservatism, and the IWF would almost certainly be warning that antitrust will bring us back to the Bronze Age even without Google sponsoring its gala dinners. But fueling the right-wing punditry mill is a large, ever-expanding facet of Big Tech’s political strategy.

While there’s no evidence that Zuckerberg or Google CEO Sundar Pichai have any personal opposition to abortion access, their companies no doubt benefit from their support of a broad, thriving conservative discourse ecosystem in which any government regulation is anathema. For tech company leadership, the reality that this ecosystem pushes not just Facebook-friendly laissez-faire economics, but also climate denial and abortion bans is considered a perhaps unfortunate but worthwhile byproduct.

Silicon Valley’s patronage of right-wing think tanks and campaigns is an arrangement in which there is ample plausible deniability to go around. When The Guardian reported in 2019 that Google was donating to some of the nation’s most notorious climate-denial organizations, a company spokesperson retorted, “We’re hardly alone among companies that contribute to organizations while strongly disagreeing with them on climate policy.”

The multitude of topics on which the IWF engages, and its careful avoidance of publicly opposing abortion access have helped it avoid a reputation as an anti-abortion group. “Institutionally they have no position on abortion, that’s their stated position,” explained Graves, of True North. “But organizationally, they have backed the most aggressive anti-choice slate of judges we’ve ever seen.”

The post How Amazon, Google, and Facebook Helped Fund the Campaign to Overturn Roe appeared first on The Intercept .

Elon Musk is once again suggesting his business interests can solve a high-profile crisis: This time, the SpaceX CEO says Starlink satellite internet can alleviate Iran’s digital crackdown against ongoing anti-government protests. Iranian dissidents and their supporters around the world cheered cheering Musk’s announcement that Starlink is now theoretically available in Iran, but experts say the plan is far from a censorship panacea.

Musk’s latest headline-riding gambit came after Iran responded to the recent rash of nationwide protests with large-scale disruption of the country’s internet access. On September 23, Secretary of State Anthony Blinken announced the U.S. was easing restrictions on technology exports to help counter Iranian state censorship efforts.

Musk, ready to pounce, quickly replied : “Activating Starlink …”

Predictably, Musk’s dramatic tweet set off a frenzy. Within a day, venture capitalist and longtime Musk-booster Shervin Pishevar was already suggesting Musk had earned the Nobel Peace Prize. Just the thought of Starlink “activating” an uncensored internet for millions during a period of Middle Eastern political turmoil was an instant public relations coup for Musk.

In Iran, though, the notion of a benevolent American billionaire beaming freedom to Iran by satellite is derailed by the demands of reality, specifically physics. Anyone who wants to use Starlink, the satellite internet service provider operated by Musk’s rocketry concern, SpaceX, needs a special dish to send and receive internet data.

“I don’t think it’s much of a practical solution because of the problem of smuggling in the ground terminals.”

While it may be possible to smuggle Starlink hardware into Iran, getting a meaningful quantity of satellite dishes into Iran would be an incredible undertaking, especially now that the Iranian government has been tipped off to the plan on Twitter.

Todd Humphreys, an engineering professor at the University of Texas at Austin whose research focuses on satellite communication, said, “I don’t think it’s much of a practical solution because of the problem of smuggling in the ground terminals.”

The idea is not without precedent. In Ukraine, after the Russian invasion disrupted internet access, the deployment of Musk’s satellite dishes earned him international press adulation and a bevy of lucrative government contracts . In Ukraine, though, Starlink was welcomed by a profoundly pro-American government desperate for technological aid from the West. U.S. government agencies were able to ship the requisite hardware with the full logistical cooperation of the Ukrainian government.

This is not, to say the very least, the case in Iran, where the government is unlikely to condone the import of a technology explicitly meant to undermine its own power. While Musk’s claim that Starlink’s orbiting satellites are activated over Iran may be true, the notion that censorship-free internet connectivity is something that can be flipped on like a light switch is certainly not. Without dishes on the ground to communicate with the satellites, it’s a meaningless step: technologically tantamount to giving a speech to an empty room.

Humphreys, who has previously done consulting work for Starlink, explained that because of the specialized nature of Starlink hardware, it’s doubtful Iranians could craft a DIY alterative. “It’s not like you can build a homebrew receiver,” he said. “It’s a very complicated signal structure with a very wideband signal. Even a research organization would have a hard time.”

Musk is famously uninterested in the constraints imposed by reality, but he seems to acknowledge the problem to some degree. In a September 25 tweet , Carnegie Endowment for International Peace fellow Karim Sadjadpour wrote, “I spoke w/ @elonmusk about Starlink in Iran, he gave me permission to share this: ‘Starlink is now activated in Iran. It requires the use of terminals in-country, which I suspect the [Iranian] government will not support, but if anyone can get terminals into Iran, they will work.’”

Implausibility hasn’t stopped Musk’s fans, either. One tweet from a senior fellow at the Atlantic Council purporting to document a Starlink dish already successfully secreted into Iran turned out to be a photo from 2020 , belonging to an Idaho man who happened to have a Persian rug .

The fandom — and the starpower it’s attached to — might be the point here. Given the obstacles, Musk’s Starlink aspirations may be best understood in the context of his past spectacular, spectacularly unfulfilled claims, rather than something akin to Starlink’s rapid adoption in Ukraine. Musk’s penchant for internet virality has become a key component of his business operations. He has repeatedly made bold pronouncements, typically on Twitter, that a technology he happens to manufacture is the key to cracking some global crisis. Whether it’s Thai children stuck in a waterlogged cave , the Covid-19 pandemic, or faltering American transit infrastructure , Musk has repeatedly offered technological solutions that are either plainly implausible , botched in execution , or a mixture of both .

It’s not just the lack of dishes in Iranian homes. Musk’s plan is further complicated by Starlink’s reliance on ground stations: communications facilities that allow the SpaceX satellites to plug into earthbound internet infrastructure from orbit. While upgraded Starlink satellites may no longer need these ground stations in the near future, the network of today still largely requires them to service a country as vast as Iran, said Humphreys, the University of Texas professor. Again, Iran is unlikely to approve the construction within its borders of satellite installations owned by an American defense contractor .

Humphreys suggested that ground stations built in a neighboring country could provide some level of connection, albeit at reduced speed, but that still doesn’t get over the hump of every Iranian who wants to get online needing a $550 kit with “Starlink” emblazoned on the box. While Humphreys added that he was hopeful that a slow trickle of Starlinks terminals could aid Iranian dissidents over time, he said, “I don’t think in the short term this will have an impact on the unrest in Iran.”

Alp Toker, director of the internet monitoring and censorship watchdog group NetBlocks, noted that many Iranians already watch banned satellite television channels through contraband dishes, meaning the smuggling of Starlink dishes is doable in theory. While he praised the idea of bringing Starlink to Iran as “credible and worthwhile” in the long term, the difficulty in sourcing Starlink’s specialized equipment means that accessing Musk’s satellites remains “a solution for the few,” not a counter to population-scale censorship.

While future versions of the Starlink system might be able to communicate with more accessible devices like handheld phones, Toker said, “As far as we know this isn’t possible with the current generation of kit, and it won’t be until then that Starlink or similar platforms could simply ‘switch on’ internet in a country in the sense that most people understand.”

Even with Iran’s culture of bootleg satellite TV, these experts warned that a Starlink connection could endanger Iranians. Rose Croshier, a policy fellow at the Center for Global Development, noted the risks: “A word of caution: TV dishes are passive — they don’t transmit — so a Starlink terminal (that both receives and transmits data) in a crowd of illegal satellite dishes would still be very findable by Iranian authorities.”

“I don’t think in the short term this will have an impact on the unrest in Iran.”

The plan faces further terrestrial hurdles. The complex two-way nature of satellite connections is part of why they’re subject to international regulation, most notably through the International Telecommunication Union, of which both the United States and Iran are members. Croshier pointed to a 2021 paper on satellite internet usage by the Asia Development Bank that explained how “US-based entities such as Starlink … require regulatory approval from the FCC as well the ITU” and that “service provision to customers will require regulatory approval in every country of operation.” Mahsa Alimardani of the Oxford Internet Institute tweeted that even if Starlink could beam internet to Iranians in a meaningful way, the company would face consequences from the International Telecommunications Union if it did so without Iranian approval — approval it is unlikely to ever get.

Then there are sanctions against Iran . Blinken, the secretary of state, announced a relaxation of tech exports, but the restrictions on trade with Iran remain a serious obstacle. “There are a host of human rights related sanctions on Iranian actors in the IT space under a sanctions authority called GHRAVITY that complicate any of this beyond the questions raised of whether Iran would allow Starlink terminals in country,” explained Brian O’Toole, a senior fellow at the Atlantic Council and expert on global sanctions. The relaxed rules would still require a special license for Starlink use in Iran, O’Toole said, which he doubts would be granted: “Much of this Starlink stuff doesn’t appear terribly likely to do much, from my point of view.”

Starlink — or a competitor — may one day bring unfettered net uplinks to Iran and other countries where online dissent is choked out, but for today’s Iranian protesters, the realities far exceed the PR punch of a two-word tweet.

The post No, Elon Musk’s Starlink Probably Won’t Fix Iranian Internet Censorship appeared first on The Intercept .

In early 2018, former National Security Agency chief Keith Alexander worked out a deal with Saudi Crown Prince Mohammed bin Salman and the cyber institute led by one of his closest aides, Saud al-Qahtani, to help the Saudi ruler train the next generation of Saudi hackers to take on the kingdom’s enemies.

While the agreement between IronNet, founded by Alexander, and the cyber school was widely reported in intelligence industry outlets and the Saudi press at the time, it faced no scrutiny for its association with Qahtani, after the brutal killing of Jamal Khashoggi he reportedly orchestrated just a few months later.

Alexander officially inked the deal with the Prince Mohammed bin Salman College of Cyber Security, Artificial Intelligence, and Advanced Technologies — a school set up to train Saudi cyber intelligence agents — at a signing ceremony in Washington, D.C., according to an announcement in early July.

Qahtani’s proxy at the signing noted in a statement that “the strategic agreement will ensure [Saudi Arabia is] benefiting from the experience of an advisory team comprising senior officers who had held senior positions in the Cyber Command of the US Department of Defense.” Alexander’s for-profit cyber security firm IronNet would work closely with the Saudi Federation of Cybersecurity, Programming, and Drones, an affiliate of the college devoted to offensive cyber operations and at the time overseen by Qahtani.

Saudi Arabia’s agreement with IronNet was part of a host of moves to step up its cyber capabilities, coinciding with a campaign against the kingdom’s critics abroad. Khashoggi, then a Washington Post columnist and prominent Salman critic, received a series of threatening messages, including one from Qahtani, warning him to remain silent. Khashoggi, whose family and close associates discovered listening malware electronically implanted on their smartphones, was then lured to the Saudi Embassy in Istanbul.

It was there that a team dispatched by Qahtani detained and tortured the Saudi government critic. Qahtani, according to reports, beamed in through Skype to insult Khashoggi during the ordeal, allegedly instructing his team to “bring me the head of the dog.” Khashoggi was then dismembered with a bone saw.

IronNet’s agreement tied to the alleged mastermind behind the killing of Khashoggi is not listed on the IronNet website, and it is not known if the business relationship still stands — or what the extent of it ever was. IronNet and representatives of the Saudi government did not respond to repeated requests for comment. The Saudi Arabia relationship, according to former IronNet employees, has largely been shrouded in secrecy, even within the firm.

Qahtani’s role of enforcer on behalf of bin Salman, well known prior to the Khashoggi slaying, has closely followed the young prince’s meteoric rise as the effective leader of Saudi Arabia.

In 2017, Qahtani played a pivotal role in the abduction and interrogation of hundreds of Saudi elites, who were held captive at the Ritz-Carlton in Riyadh, at which they were forced to pledge loyalty and money to Salman. Qahtani personally led the questioning efforts, according to reports.

Later that year, he reportedly participated in the interrogation of former Lebanese Prime Minister Saad al-Hariri, who was beaten and forced to resign. The following year, according to the brother of Saudi women’s rights activist Loujain al-Hathloul, Qahtani also directly participated in the torture of al-Hathloul , where he mocked her and threatened to have her raped.

On behalf of the kingdom, Qahtani has made it his personal quest to acquire and expand Saudi cyberwarfare tools. Beyond the deal with IronNet and other top-flight American cyber experts, he has spent over a decade directly negotiating the accumulation of computer and phone infiltration technology.

Qahtani took the helm of official state-backed efforts to expand Saudi Arabia’s cyber offensive capabilities in October 2017, when he was named president of a committee called the Electronic Security and Software Alliance, later renamed the Saudi Federation for Cybersecurity, Programming, and Drones.

Earlier this year, SAFCSP signed an agreement with Spire Solutions, a consulting firm that partners with a wide range of cyber intelligence contractors. Haboob, another cyber venture promoted by Qahtani, is a private venture that recruits hackers on behalf of the Saudi government. Haboob’s chair, Naif bin Lubdah, is on SAFCSP’s board of directors .

In 2018, Chiron Technology Services, another American cyber consulting firm, also inked a memorandum of understanding to provide training to the same Saudi hacker school advised by IronNet. Chiron’s team includes top talent recruited from the U.S. Air Force, Army, and NSA, including Michael Tessler, who previously worked at the NSA’s Tailored Access Operations command, which handles high-profile computer infiltration missions of foreign governments.

Jeff Weaver, the chief executive of Chiron, said in an email that his company signed a memorandum of understanding “with the college to develop a cybersecurity curriculum in support of their technical degree programs. However, no collaboration ever occurred, and they never called on us to contribute. We haven’t heard from them since 2018.”

Online cyber sleuths identified Qahtani’s multiple handles on online hacking forums, where he was an active member seeking to purchase hacking tools. A screen name used by Qahtani, for instance, appeared to have purchased a remote access trojan known as Blackshades, which can infect targeted computers to modify and seize files, activate the webcam, and record keystrokes and passwords.

Cybersecurity researchers have identified powerful hacking technology implanted on the phones of Khashoggi’s family , likely by agents of the United Arab Emirates, a close Saudi ally. Several received malicious texts that infected their phones with Pegasus, a tool created by the NSO Group to remotely access a target’s microphone, text messages, and location .

Qahtani, who briefly faced house arrest, was swiftly cleared of wrongdoing in Khashoggi’s death by the Saudi government. Five of the hitmen in the squad sent to kill Khashoggi were sentenced to death, including Maher Abdulaziz Mutreb, an intelligence officer who worked under Qahtani. Qahtani’s current relationship with the institute is unknown.

Following Khashoggi’s killing, many U.S. firms faced pressure to exit business deals with Saudi Arabian entities. Yet, in the years following Khashoggi’s murder, the Saudi cyberwarfare institute central to the plot has continued to do business with Western defense industry leaders.

In 2019, BAE Systems, a major defense contractor based in the U.S. and the U.K., entered into a training agreement with the MBS College of Cyber Security. Last year, Cisco unveiled a training relationship with the Saudi Federation of Cybersecurity, Programming, and Drones.

BAE, reached for comment, distanced itself from the deal. “BAE Systems works with a number of partner companies based in Saudi Arabia,” said a spokesperson for the company. “ISE, one of our Saudi partner companies, was awarded a contract in 2019 by the MBS College for Cyber Security to provide support services to establish the college, such as general staffing and facilities management but this contract wasn’t activated and is still on hold.”

Alexander has continued to do work in the region as a member of Amazon’s board. Intelligence Online, a trade outlet for intelligence contractors, reported , “As a partner of Amazon, for which it offers native surveillance of its AWS’ cloud traffic, IronNet helps the company win public contracts, especially since CEO Keith Alexander has sat on Amazon’s board.”

IronNet, however, has faltered in recent months, with two waves of layoffs this year and a lawsuit from investors . The company has touted skyrocketing growth, like many defense-related contractors, by promising to harness growing security threats. Much of the American traditional defense industry has long sought lucrative foreign relationships, particularly with the Saudi Arabian government, a path IronNet appears to have attempted to follow.

And President Joe Biden, who promised during his election campaign to make the Saudi state a “pariah” over the slaying, has since appeared to move on from the scandal. In June, he traveled to Riyadh to shore up the U.S.-Saudi alliance and request an increase in oil production. The four-year anniversary of Khashoggi’s slaying is on October 2.

The post Former NSA Chief Signed Deal to Train Saudi Hackers Months Before Jamal Khashoggi’s Murder appeared first on The Intercept .

Facebook and Instagram’s speech policies harmed fundamental human rights of Palestinian users during a conflagration that saw heavy Israeli attacks on the Gaza Strip last May, according to a study commissioned by the social media sites’ parent company Meta.

“Meta’s actions in May 2021 appear to have had an adverse human rights impact … on the rights of Palestinian users to freedom of expression, freedom of assembly, political participation, and non-discrimination, and therefore on the ability of Palestinians to share information and insights about their experiences as they occurred,” says the long-awaited report, which was obtained by The Intercept in advance of its publication.

Commissioned by Meta last year and conducted by the independent consultancy Business for Social Responsibility, or BSR, the report focuses on the company’s censorship practices and allegations of bias during bouts of violence against Palestinian people by Israeli forces last spring.

“Meta’s actions in May 2021 appear to have had an adverse human rights impact.”

Following protests over the forcible eviction of Palestinian families from the Sheikh Jarrah neighborhood in occupied East Jerusalem, Israeli police cracked down on protesters in Israel and the West Bank, and launched military air strikes against Gaza that injured thousands of Palestinians, killing 256, including 66 children, according to the United Nations . Many Palestinians attempting to document and protest the violence using Facebook and Instagram found their posts spontaneously disappeared without recourse, a phenomenon the BSR inquiry attempts to explain.

Last month, over a dozen civil society and human rights groups wrote an open letter protesting Meta’s delay in releasing the report, which the company had originally pledged to release in the “first quarter” of the year.

While BSR credits Meta for taking steps to improve its policies, it further blames “a lack of oversight at Meta that allowed content policy errors with significant consequences to occur.”

Though BSR is clear in stating that Meta harms Palestinian rights with the censorship apparatus it alone has constructed, the report absolves Meta of “intentional bias.” Rather, BSR points to what it calls “unintentional bias,” instances “where Meta policy and practice, combined with broader external dynamics, does lead to different human rights impacts on Palestinian and Arabic speaking users” — a nod to the fact that these systemic flaws are by no means limited to the events of May 2021.

Meta responded to the BSR report in a document to be circulated along with the findings. (Meta did not respond to The Intercept’s request for comment about the report by publication time.) In a footnote in the response, which was also obtained by The Intercept, the company wrote, “Meta’s publication of this response should not be construed as an admission, agreement with, or acceptance of any of the findings, conclusions, opinions or viewpoints identified by BSR, nor should the implementation of any suggested reforms be taken as admission of wrongdoing.”

According to the findings of BSR’s report, Meta deleted Arabic content relating to the violence at a far greater rate than Hebrew-language posts, confirming long-running complaints of disparate speech enforcement in the Palestinian-Israeli conflict. The disparity, the report found, was perpetuated among posts reviewed both by human employees and automated software.

“The data reviewed indicated that Arabic content had greater over-enforcement (e.g., erroneously removing Palestinian voice) on a per user basis,” the report says. “Data reviewed by BSR also showed that proactive detection rates of potentially violating Arabic content were significantly higher than proactive detection rates of potentially violating Hebrew content.”

BSR attributed the vastly differing treatment of Palestinian and Israeli posts to the same systemic problems rights groups, whistleblowers , and researchers have all blamed for the company’s past humanitarian failures : a dismal lack of expertise . Meta, a company with over $24 billion in cash reserves , lacks staff who understand other cultures, languages, and histories, and is using faulty algorithmic technology to govern speech around the world, the BSR report concluded.

Not only do Palestinian users face an algorithmic screening that Israeli users do not — an “Arabic hostile speech classifier” that uses machine learning to flag potential policy violations and has no Hebrew equivalent — the report notes that the Arabic system also doesn’t work well: “Arabic classifiers are likely less accurate for Palestinian Arabic than other dialects, both because the dialect is less common, and because the training data — which is based on the assessments of human reviewers — likely reproduces the errors of human reviewers due to lack of linguistic and cultural competence.”

Human employees appear to have exacerbated the lopsided effects of Meta’s speech-policing algorithms. “Potentially violating Arabic content may not have been routed to content reviewers who speak or understand the specific dialect of the content,” the report says. It also notes that Meta didn’t have enough Arabic and Hebrew-speaking staff on hand to manage the spike in posts.

These faults had cascading speech-stifling effects, the report continues. “Based on BSR’s review of tickets and input from internal stakeholders, a key over-enforcement issue in May 2021 occurred when users accumulated ‘false’ strikes that impacted visibility and engagement after posts were erroneously removed for violating content policies.” In other words, wrongful censorship begat further wrongful censorship, leaving the affected wondering why no one could see their posts. “The human rights impacts … of these errors were more severe given a context where rights such as freedom of expression, freedom of association, and safety were of heightened significance, especially for activists and journalists,” the report says.

Beyond Meta’s failures in triaging posts about Sheikh Jarrah, BSR also points to the company’s “Dangerous Individuals and Organizations” policy — referred to as “DOI” in the report — a roster of thousands of people and groups that Meta’s billions of users cannot “praise,” “support,” or “represent.” The full list, obtained and published by The Intercept last year, showed that the policy focuses mostly on Muslim and Middle Eastern entities, which critics described as a recipe for glaring ethnic and religious bias.

Meta claims that it’s legally compelled to censor mention of groups designated by the U.S. government, but legal scholars have disputed the company’s interpretation of federal anti-terrorism laws. Following The Intercept’s report on the list, the Brennan Center for Justice called the company’s claims of legal obligation a “fiction.”

“Meta’s DOI policy and the list are more likely to impact Palestinian and Arabic-speaking users, both based upon Meta’s interpretation of legal obligations, and in error.”

BSR agrees the policy is systemically biased: “Legal designations of terrorist organizations around the world have a disproportionate focus on individuals and organizations that have identified as Muslim, and thus Meta’s DOI policy and the list are more likely to impact Palestinian and Arabic-speaking users, both based upon Meta’s interpretation of legal obligations, and in error.”

Palestinians are particularly vulnerable to the effects of the blacklist, according to the report: “Palestinians are more likely to violate Meta’s DOI policy because of the presence of Hamas as a governing entity in Gaza and political candidates affiliated with designated organizations. DOI violations also come with particularly steep penalties, which means Palestinians are more likely to face steeper consequences for both correct and incorrect enforcement of policy.”

The document concludes with a list of 21 nonbinding policy recommendations, including increased staffing capacity to properly understand and process Arabic posts, implementing a Hebrew-compatible algorithm, increased company oversight of outsourced moderators, and both reforms to and increased transparency around the “Dangerous Individuals and Organizations” policy.

In its response to the report, Meta vaguely commits to implement or consider implementing aspects of 20 out of 21 the recommendations. The exception is a call to “Fund public research into the optimal relationship between legally required counterterrorism obligations and the policies and practices of social media platforms,” which the company says it will not pursue because it does not wish to provide legal guidance for other companies. Rather, Meta suggests concerned experts reach out directly to the federal government.

The post Facebook Report Concludes Company Censorship Violated Palestinian Human Rights appeared first on The Intercept .

Detroit’s city council will soon vote on whether to spend millions in federal cash meant to ease the economic pains of the coronavirus pandemic on ShotSpotter, a controversial surveillance technology critics say is invasive, discriminatory, and fundamentally broken.

ShotSpotter purports to do one thing very well: telling cops a gun has been fired as soon as the trigger is pulled. Using a network of microphones hitched to telephone poles, rooftops, and other urban vantage points, ShotSpotter is essentially an Alexa that listens for a bang rather than voice commands. Once the company’s black-box algorithm thinks it has identified a gunshot, it sends a recording of the sound — and the moments preceding and following it — to a team of human analysts. If these ShotSpotter staffers agree the loud noise in question is a gunshot, they relay an alert and location coordinates to police for investigation.

At least, that’s the pitch. Despite ShotSpotter’s corporate claims of 97 percent accuracy, the technology’s efficacy has been derided as dangerously ineffective — a techno-solutionist approach to public safety. Critics contend that the system draws police scrutiny to already over-policed areas using a proprietary, secret sound detection algorithm. The technology, according to reports , regularly mistakes city noises , including fireworks and cars for gunshots, ignores actual gunshots, provides misleading evidence to prosecutors, and is subject to biases because ShotSpotter employees at times manually alter the algorithm’s findings.

Detroit already has a $1.5 million contract with ShotSpotter, a California company, to deploy the microphones in select areas, but city officials, including Mayor Mike Duggan, insist that substantially expanding the audio surveillance network will deter gun slayings. The plan is set to go to a vote before the full city council on September 20, and local organizers are opposing the use of money meant for economic relief to expand city security contracts and beef up police surveillance.

“The Biden administration passed the American Rescue Plan and put forth this Covid relief money to inject money into local economies and to get people back on their feet after the pandemic,” said Branden Snyder, co-director of Detroit Action, a community advocacy group that opposes the vote. “And this is doing the opposite of that. What it does is fatten the wallets of ShotSpotter.”

Cities across the country are tapping federal recovery money to add or broaden ShotSpotter systems, NBC News reported earlier this year. Syracuse, New York, for instance, spent $171,000 on ShotSpotter, and Albuquerque, New Mexico, paid the company $3 million from the recovery fund. Should the vote pass, Detroit would be the biggest of these customers using Covid relief funds, both in terms of population and the proposed price tag for the surveillance expansion.

ShotSpotter spokesperson Izzy Olive pointed to remarks by President Joe Biden encouraging local governments to use flexible relief funds to beef up police departments. “Some cities have chosen to use a portion of these funds for ShotSpotter’s technology,” she said. The company claims that more than 125 cities and police departments use the system and that it guarantees 90 percent efficacy within some basic parameters, according to self-reported data from police compiled by the company. Asked about Detroit’s system, Olive said the city owns the data collected by ShotSpotter. She did not comment on whether the company restricts what cities can say about it, saying only that “the contract itself is not confidential.”

ShotSpotter’s opponents in Detroit agreed that gun violence is a serious problem but said Covid-19 relief money would be far better spent on addressing the social ills that form the basis of crime.

“What it does is fatten the wallets of ShotSpotter.”

“If people had jobs, money, after-school programs, housing, the things that they need, that’s going to reduce gun violence,” said Alyx Goodwin, a campaign organizer with Action Center on Race and the Economy.

Snyder pointed to the fundamental irony of diverting public money billed as form of relief for the pandemic’s downtrodden to surveil those very same people.

“The reason why we’re in these policing fights, as an economic justice organization, is that our members are folks who are looking for housing, rental support, looking for job access,” Snyder said. “And what we’re given instead is surveillance technology.”

Duggan’s case for expanding the ShotSpotter contract kicked into high gear in late August when, following a mass shooting, he claimed that police could have thwarted the killings had a broader surveillance net been in place. “They very likely could have prevented two and probably three tragedies had they had an immediate notice,” Duggan said.

The mayor’s claims echo those of the company itself, which positions the product as an antidote to rising national gun violence rates, particularly since the onset of the pandemic. ShotSpotter explicitly urges cities to tap funds from the American Rescue Plan Act, intended to salve financial hardship caused by the pandemic, to buy new surveillance microphones.

“As the U.S. recovers from COVID-19, gun crime is surging to historically high levels,” reads a company post titled “The American Rescue Act Can Help Your Agency Fund Crime Reducing Technology.” The post refers interested municipalities to a company portal that lists resources to help navigate the procurement process, adorned with an image of a giant pile of cash, including a “FREE funding consultation with an expert who knows the process.”

ShotSpotter even published a video webinar guiding police through the process of obtaining Covid money to buy the surveillance tech. In the video, the company’s Director of Public Safety Solutions Ron Teachman offers to personally connect interested parties with ShotSpotter’s go-to expert on federal funding, consultant and former congressional aide Amanda Wood.

Teachman and Wood say in the video that ShotSpotter will furnish eager police with pre-drafted language to help pitch relevant elected officials. “I know you all understand the value of ShotSpotter and that’s why you’re here, but if there are other folks in your community who don’t understand it, we’re happy to sort of spoon-feed them that information,” Wood says. “We have broad language, and we can really personalize it for whatever you need.” (Olive, the ShotSpotter spokesperson, said the company was sharing publicly available information and did not comment on what efforts the company made to guide Detroit through the process of applying for funds.)

Wood also suggests that police enlist local groups, from grassroots organizations to medical administrators, to help with the pitch. “Those hospital CEOs are pretty well connected. So let’s use them, let’s leverage their relationships so that they’re echoing the same sort of messaging that you are … put a little pressure on those electeds and administrators.”

Overall, the use of federal Covid money to buy microphones is described as a cakewalk. In the webinar, Teachman says, “This is as easy a federal funding source as I’ve seen.”

Despite the objections from community groups, Biden himself outlined uses like this for Covid relief funds. “Mayors will also be able to buy crime-fighting technologies, like gunshot detection systems,” Biden said in a June 2021 address on gun violence.

Billions in Covid aid have been spent on funding police departments, a flood of money that’s proven a boon to surveillance contractors, said Matthew Guariglia, a policy analyst with the Electronic Frontier Foundation. “For a long time already, money that has been intended for public well-being has been specifically funneled into police departments,” said Guariglia, “and specifically for surveillance equipment that maybe they didn’t have the money to fund beforehand.”

Detroit’s city government isn’t shying away from the notion that millions in economic stimulus money might go to ShotSpotter. The public safety section of a city website outlining how Detroit plans to use hundreds of millions in federal Covid aid mentions ShotSpotter by name, including a city-produced infomercial touting the technology’s benefits. While the clip, echoing the company’s own claims , assures Detroit residents that ShotSpotter doesn’t listen to conversations, there have been at least two documented instances of prosecutors attempting to use ambient chatter caught on ShotSpotter’s hot mics.

Critics of Detroit’s plan said ShotSpotter doesn’t stop gun violence and exacerbates over-policing of the same struggling neighborhoods the Covid relief money was meant to help. A study published last year by Northwestern University’s MacArthur Justice Center surveyed 21 months of city data on ShotSpotter-based police deployments and “found that 89% turned up no gun-related crime and 86% led to no report of any crime at all. In less than two years, there were more than 40,000 dead-end ShotSpotter deployments.”

City government data from Chicago and other locations using ShotSpotter revealed the same pattern over and over, according to the MacArthur Justice Center. In Atlanta, only 3 percent of ShotSpotter alerts resulted in police finding shell casings. In Dayton, Ohio, another ShotSpotter customer, “only 5% of ShotSpotter alerts led police to report incidents of any crime.” A series of academic studies into ShotSpotter’s efficacy reached the same conclusion: Loud noise alerts don’t result in fewer gun killings.

“People don’t want gunshots in their neighborhood, period. And a microphone does not stop the gunshot.”

Not only is ShotSpotter a waste of money, critics say, but the system menaces the very neighborhoods it claims to protect by directing armed, keyed-up police onto city blocks with the expectation of a violent confrontation. These heightened police responses occur along stark racial lines. “In Chicago, ShotSpotter is only deployed in the police districts with the highest proportion of Black and Latinx residents,” the MacArthur Justice Center found, pointing to a Chicago inspector general’s report that found ShotSpotter alerts resulted in more than 2,400 stop-and-frisks. A 2021 investigation by Motherboard found that “ShotSpotter frequently generates false alerts—and it’s deployed almost exclusively in non-white neighborhoods.”

The concern is not hypothetical: A March 2021 ShotSpotter-triggered Chicago deployment resulted in the fatal police shooting of an unarmed 13-year-old boy, Adam Toledo . “If you have police showing up to the site of every loud noise, guns drawn, expecting a firefight, that puts a lot of pedestrians, a lot of people who lives in neighborhoods where there are loud noises, in danger,” Guariglia said.

ShotSpotter’s claims of turn-key functionality and deterrent effect are tempting for mayors like Detroit’s Duggan, according to Snyder of Detroit Action. The politicians are eager to project a “tough on crime” image as gun violence has spiked during the pandemic. Yet Snyder said that ShotSpotter’s limited trial in Detroit has so far proven ineffective. “It actually hasn’t led to any sort of like real, significant arrests,” he said. “It actually hasn’t produced that type of success that I think many elected officials as well as the company itself are spouting.”

An infographic created by the city claims that “ShotSpotter is saving lives!” and cites a downward trend in fatal shootings in neighborhoods where the equipment is installed. The infographic, though, provides no evidence that the technology itself was responsible for this decline and provides only one example of a ShotSpotter alert leading to a gun-related conviction in the city.

“ShotSpotter doesn’t stop gunshots from happening,” said Goodwin of the Action Center on Race and the Economy. “People don’t want gunshots in their neighborhood, period. And a microphone does not stop the gunshot.”

The post Detroit Cops Want $7 Million in Covid Relief Money for Surveillance Microphones appeared first on The Intercept .

Tibetan police inked a deal last month to buy over $160,000 worth of profiling kits and other supplies made by Thermo Fisher, a Massachusetts-based company that has come under fire in the past for selling similar supplies to police in Xinjiang. The deal, revealed in procurement documents published on a Chinese government website , will provide DNA kits and replacement parts for sequencers to authorities in Tibet, the site of long-standing government repression .

“The deployment of DNA databases across the whole of China lacks elementary fundamental rights safeguards,” said Yves Moreau, a bioinformatician at Belgium’s University of Leuven who uncovered the procurement documents through the Chinese search engine Baidu. “Western suppliers should not aid and abet those abuses.”

In October 2021, a second tender announcement shows, police in Lhasa spent $173,000 upgrading a “3500 sequencer,” a product name and price range matching Thermo Fisher’s 3500 Genetic Analyzer line. Other documents hosted on a third-party government tender site suggest that Tibetan police also bought Thermo Fisher equipment in August of last year.

The news comes amid two reports from human rights groups describing a vast Chinese government drive to collect DNA from ethnic Tibetans. In a report published Tuesday by the University of Toronto’s Citizen Lab, author Emile Dirks estimates that since 2016 authorities have taken DNA from 919,000 to 1.2 million Tibetans — a fourth to a third of the region’s population. A second report, released by Human Rights Watch last week, finds that authorities have collected blood samples from children in Tibet and surrounding regions.

In at least one county in Tibet, according to the Citizen Lab report, authorities combined DNA testing with what they termed Covid-19 prevention efforts. Dirks, a postdoctoral fellow at Citizen Lab, said that may just be a matter of timing and that more information is needed before drawing firm conclusions. In general, DNA is collected in China through blood samples, while Covid testing is done through swabbing.

“When the police want to engage in mass DNA collection, they’re actually very open about it,” said Dirks. Often, he added, police in China will combine projects to save time. “They may be informing the public about pandemic prevention measures, and then alongside that they’ll say, ‘OK, while you’re here, we’re going to collect some DNA.’”

Amid stringent pandemic control measures in 2020, Dirks found, government and local media posts mentioning mass DNA collection in the region tripled.

Thermo Fisher has been criticized in the past for selling DNA equipment to police in Xinjiang, a region in northwest China where authorities have interned an estimated 1 million Muslim Uyghurs and other ethnic minorities in inhumane camps and forced others into labor . Citing what it called “ fact-specific assessments ,” the company said in 2019 that it would no longer sell or service DNA equipment in Xinjiang. Later that year, the Trump administration blacklisted several of the region’s police agencies.

But there are no such restrictions in place for Tibet, where DNA collection enables research on high-altitude tolerance valued by the Chinese military, or for the rest of China, where authorities are building a massive DNA database with blood samples taken from men and boys.

“We design our products with great care, follow rigorous trade export policies, and work with governments to contribute to good global policy overall,” Thermo Fisher spokesperson Ron O’Brien wrote in an email to The Intercept. “As the world leader in serving science, we recognize the importance of considering how our products and services are used — or may be used — by our customers.”

The new sale documents show “that the abuses that led to the export controls against Xinjiang public security are not at all confined to Xinjiang,” Moreau told The Intercept. O’Brien said that Thermo Fisher would review the transactions The Intercept had flagged.

For its recent report, Human Rights Watch found records of police going into Tibetan schools to collect DNA. In one case, a local police department from neighboring Qinghai province, where much of the population is ethnically Tibetan, posted on its WeChat account a photo of boys getting their fingers pricked while officers stood by. In addition to children, the report says, police are sweeping up DNA from people in Tibet’s rural areas.

“What’s happening in Tibet is part of the authorities deepening intrusive surveillance and policing, extending all the way to local village levels in rural areas,” said Maya Wang, senior China researcher for Human Rights Watch.

The sale of Thermo Fisher testing kits in Tibet was made by a Chinese broker, a third-party company that bundles surveillance technology and security equipment for police and other buyers. Such transactions can obscure responsibility for the flow of fraught technologies. In 2021, two years after Thermo Fisher said it would stop selling in Xinjiang, the New York Times reported that the company’s DNA equipment continued to be sold by brokers in the region. Thermo Fisher claimed at the time that it had no record of the transactions in its system.

Last year, The Intercept reported that cellphone crackers made by the Israeli surveillance tech outfit Cellebrite continued to be sold by brokers in China, despite the company saying it had pulled out of the country. The Intercept also revealed that software and databases from the Austin-based software giant Oracle were bundled and sold to Chinese authorities as surveillance tools by brokers with close ties to Beijing.

Thermo Fisher is not the only entity outside China implicated in the Tibetan DNA drive. At Molecular Genetics & Genomic Medicine, published by the New Jersey-based Wiley, eight editorial board members resigned last year after the journal published papers detailing genetic differences among Chinese ethnic groups, including Tibetans. One of the flagged papers listed an author from the Tibetan Public Security Bureau, the region’s major police agency.

At the time, the board members called for an investigation and said they were dismayed at the journal’s failure to react promptly. The journal still has not retracted the papers.

Partial DNA sequences from Tibetan men, without names attached, are also stored in a German database called the Y-Chromosome Haplotype Reference Database, which focuses on so-called Y-STR data, the unique sequences that occur on the Y chromosome. Last December, the highly regarded scientific journal Human Genetics retracted a paper based on Tibetan, Uyghur, and other partial genetic profiles in the German database.

“You can imagine YHRD as a Google search without providing actual search results,” Sascha Willuweit, an administrator of the database, wrote in an email to The Intercept in February. YHRD recently removed ancestry information from the public database and tightened its standards for ensuring that subjects give informed consent, he added.

The new evidence of mass testing in Tibet will likely lead to renewed pressure on Thermo Fisher, YHRD, and international journals that publish fraught genetic studies from China.

In recent years, DNA collection has expanded globally. In Orange County, California, prosecutors were caught prying DNA samples from people accused of low-level misdemeanors, like walking a dog without a leash. Kuwait required that all citizens give DNA samples before a court struck down the law in 2017. But China has the largest collection program in the world.

Moreau said that DNA collection in Tibet can veer into “biocolonialism,” a global problem. Because some DNA is shared across families and populations, he said, “If I start collecting DNA from members of a population, then I’m getting information about the entire population.” As a result, he added, “The notion of community needs to be made center to the notion of group harm.”

Genetic studies of Indigenous people around the world — including Aboriginal and Torres Strait Islander people in Australia, San people in Southern Africa, and several Native American groups in the United States — used either inadequate consent measures or none at all. In Europe, forensic geneticists have for decades collected DNA from the Roma, a persecuted minority. In Pakistan, the CIA organized a fake hepatitis B vaccination drive in an attempt to recover DNA from locals, hoping it would help lead them to Osama Bin Laden.

Last year, the family of Henrietta Lacks, a Black cancer patient whose cells were taken in 1951 without her knowledge, sued Thermo Fisher in federal court for selling product lines derived from her cells.

In Tibet, some see DNA collection as part of a larger campaign of erasure. “China’s mass DNA collection of Tibetans is outrageous, but it is not entirely surprising,” said Bhuchung K. Tsering, interim president of the International Campaign for Tibet. “The end goal is not simply to bring Tibetans to heel but to undermine their unique identity altogether so that their right to determine their own destiny will no longer matter.”

The post Tibetan Police Bought Thermo Fisher DNA Equipment, Chinese Government Documents Show appeared first on The Intercept .

A Twitter spokesperson said the social media giant deleted a Carnegie Mellon University professor’s controversial tweet condemning Queen Elizabeth II on the grounds that it was “abusive.” The company defines abusive behavior as “an attempt to harass, intimidate, or silence someone else’s voice” — in this case the voice of the world’s longest-reigning monarch.

It was a banner day for posting. As soon as news of the queen’s impending death hit Twitter, the platform was quickly dominated by a global outpouring of both grief and glee, a heated mixture of paeans to the queen’s 70-year tenure and angry denunciations of the British monarchy’s legacy of colonial violence and exploitation. Among the latter was Carnegie Mellon’s Uju Anya, an associate professor of second language acquisition. “I heard the chief monarch of a thieving raping genocidal empire is finally dying. May her pain be excruciating,” Anya tweeted.

“We took enforcement action on the account you referenced for violating the Twitter Rules on abusive behaviour,” Twitter spokesperson Lauren Myers-Cavanagh, using the British spelling of “behavior,” wrote to The Intercept in response to a query.

“It does highlight the power imbalances that can often exist in the way these platforms treat powerful figures.”

The removal of the post illustrates how criticisms of powerful people, however distasteful, can be disappeared from social media sites for murky reasons. “It does highlight the power imbalances that can often exist in the way these platforms treat powerful figures,” Evelyn Douek, an assistant professor at Stanford Law School and scholar of content moderation policies, told The Intercept. “Often people in power get allowances because it’s in the public interest but people don’t for criticizing them, even though that’s often clearly in the public interest too.”

Anya’s tweet immediately attracted widespread attention and criticism, not least because it was reproachfully quote-tweeted by Amazon founder Jeff Bezos. “This is someone supposedly working to make the world better?” the second-richest American tweeted. “I don’t think so. Wow.” Twitter users were quick to point out that Anya had recently tweeted approvingly of Chris Smalls, a rising labor leader instrumental in efforts to unionize Amazon warehouses .

After the criticisms came pouring in, Anya, who was born in Nigeria, tweeted in defense of her remarks: “If anyone expects me to express anything but disdain for the monarch who supervised a government that sponsored the genocide that massacred and displaced half my family and the consequences of which those alive today are still trying to overcome, you can keep wishing upon a star.” (Anya did not immediately respond to The Intercept’s request for comment.)

While the tweet was no doubt offensive to many fans of the crown in wishing suffering upon Elizabeth, the specific rule cited by Myers-Cavanagh justifying the censorship isn’t typically deployed in defense of royalty. The company claims that its ban on abusive remarks is designed to protect speech rather than delete it.

“In order to facilitate healthy dialogue on the platform, and empower individuals to express diverse opinions and beliefs, we prohibit behavior that harasses or intimidates, or is otherwise intended to shame or degrade others,” Twitter’s online help center says . “We consider abusive behavior an attempt to harass, intimidate, or silence someone else’s voice.”

Such speech is deleted to shield vulnerable voices from suppression. “On Twitter, you should feel safe expressing your unique point of view,” the policy reads. “We believe in freedom of expression and open dialogue, but that means little as an underlying philosophy if voices are silenced because people are afraid to speak up.”

It is not clear how the queen of England could ever be meaningfully “silenced” or “afraid to speak up” because of an academic’s tweet. Twitter did not respond in time for publication when asked whether the “abusive behavior” policy applies to the deceased.

The policy lays out a variety of “abusive” speech types, including “violent threats”; “content that wishes, hopes, promotes, incites, or expresses a desire for death, serious bodily harm or serious disease”; and “unwanted sexual advances.” It’s unclear which of these categories Anya’s tweet, published when its subject was on the verge of death and most likely not checking Twitter, would fall under.

The examples of abusive behavior that Twitter provides are of the more clear-cut “I hope you get cancer and die” variety, rather than an edge case hoping that someone already near death will experience greater suffering. The policy does note that in some cases offending tweets will be deleted while sparing the account from suspension, as was the case with Anya, when “regarding certain individuals credibly accused of severe violence,” an enforcement that would seem to implicitly agree with the professor’s underlying argument against the crown.

Douek, the Stanford professor, said that it seemed like an odd enforcement of the rule given the vast gulf in power between a professor and a monarch. “Unclear to me how the queen is going to be intimidated by that tweet,” she told The Intercept. “Surprised they stood by it, actually.”

The post Twitter Censored Professor’s Post for “Abusive Behaviour” Toward the Queen appeared first on The Intercept .