An FBI-partnered chatroom infiltration firm tried to sell me cellphone location data
An FBI-partnered chatroom infiltration firm tried to sell me cellphone location data
Despite recent attention on a declassified report on Commercially Available Intelligence, the fusion of social media surveillance with cellphone location-tracking data remains opaque.
Two Thursdays ago, an executive at the internet surveillance firm Flashpoint pitched me for fifteen minutes via a Google Meet video conference on why I should buy from his company instead of from their competitor, Babel Street. The executive, North Carolina-based former U.S. Army Special Operations officer Richard Fisher, suggested that I purchase his firm’s fifteen year trove of “dark web” and social media surveillance data as a feed within the platform of their cellphone location-tracking partner, Creative Radicals.
Flashpoint was founded in 2010 as the largely one-man shop of Evan François Kohlmann, a long-time counter-terrorism contractor with the Federal Bureau of Investigation who pivoted from in-person infiltrations of Islamic events into doing the same through pseudonyms online. After years of being dogged by his critical nickname as the “Doogie Howser of Terrorism,” Kohlmann left Flashpoint to found his own company.
Despite Flashpoint’s expertise in using pseudonyms to infiltrate the chatrooms of its targets — which have included both left-wing pipeline and anti-pollution protestors, as well as right-wing ‘anti-vax’ groups — I signed up for the conversation with my real name and both the website and email address of the investigative nonprofit I lead, Tech Inquiry. The closest I came to dishonesty was answering that my clients were “confidential.”
After my initial Philadelphia-based host — Flashpoint’s Evan LaMont — cancelled, Fisher remarked that he thumbed through my website and it looked like I did “supply chain stuff.” I clarified that I studied government procurement and, after asking whether Flashpoint could replicate Babel Street’s fusion of cellphone location-tracking geofences with social media surveillance, Fisher confirmed a bevy of details about the complicated network of national security data brokers:
And so how we would partner, let’s just say, with Creative Radicals. They’re going to use, you know, the [advertising] IDs to follow the devices, kind of like you said, and then from the device they see using ad-IDs, we pivot into — a user would pivot in their platform — into our datasets and be able to deep dive on that individual themselves and start to learn more about them, and where they’re operating, and that type of information. So that’s how you would use those two together if you were targeting in that way.
Fisher had just confirmed that the partnership between Flashpoint’s social media surveillance and Creative Radicals’ cellphone location-tracking roughly mirrored what I had seen of both Babel Street’s in-house capabilities and what Babel Street’s informal spin-out Anomaly Six had pitched to social media surveillance firm Zignal Labs.
Fisher also gave me the core pitch for why I should buy Flashpoint instead of going with Babel:
"If you want me to give you the sales reason of why people choose Flashpoint over, over, over Babel, is, um, our data is higher fidelity, higher quality, is typically what, like, consumers will tell you if you really dig into the data and the fidelity of who these people are — the threat actors are. And if you want a deep dive on them, our data is much better and much deeper.”
The caveat was that Flashpoint had chosen to avoid the “business risk” of importing cellphone location-tracking data itself and outsourced such work to the OpeniO platform of its close partner, Creative Radicals. Despite being now largely forgotten, Creative Radicals made numerous headlines in 2013 due to its development of a “Social Bubble” social media surveillance plugin for the U.S. Department of Energy’s now-defunct “RaptorX” data fusion platform as part of the “Quantum Leap” anti-money laundering collaboration between the U.S. Defense Department’s Special Operations Command (SOCOM) and Homeland Security’s Immigration and Customs Enforcement (ICE). Legal concern focused on the collaboration between the military and ICE, while the public outcry focused on the project’s geolocation of Twitter users. (The ingestion of financial data was largely unremarked upon.)
I knew to ask about Flashpoint’s partnership with Creative Radicals due to my previous reporting on an ongoing international ‘counter-disinformation’ contract with SOCOM which Flashpoint and Creative Radicals recently subcontracted on. One of the child awards went to the most elite fighting components of the U.S. military — Joint Special Operations Command, or JSOC. As I previously reported, former Delta Force operator Lee Van Arsdale has served as both CEO and, later, Co-Chairman of Creative Radicals. (Delta Force is an Army component of JSOC whose counter-terrorism work preceded the formation of JSOC.)
Yesterday Flashpoint announced former JSOC commander Scott Howell as one of four members of Flashpoint’s inaugural advisory board for its National Security Solutions division. Until recently, Howell was listed as an advisor to competitor Babel Street. According to Fisher, Flashpoint also has “a number of people that work here that came from Babel.”
Other members of Flashpoint’s new advisory board include Andrew Makridis, the former Chief Operating Officer of the Central Intelligence Agency who claims credit for running “the investigation into the CIA WikiLeaks data breach (aka Vault 7),” and Tim Newberry, the founder of an offensive cyber firm named BlackHorse, which has since been acquired by Parsons.
When I asked Fisher how much it would cost for me to buy a single year of access to Flashpoint for just myself, he answered:
“[Flashpoint] starts at $10,000 and up, for one license. Obviously there’s bulk pricing and stuff like that. If…you wanted social media and Flashpoint datasets, it gets up to like twenty [thousand]. It’s actually at thirty [thousand] list, but typically we sell it at twenty [thousand].”
Towards the beginning of our discussion, Fisher noted that the name of Flashpoint’s “national security” division was a bit misleading, as its scope includes “not just national security, but local law enforcement and IRS and stuff like that.”
(As I previously revealed through Freedom of Information requests, both the Internal Revenue Service and the Treasury’s Office of Foreign Assets Control (OFAC) have purchased Babel Street — OFAC even explicitly purchased Babel’s cellphone location-tracking.)
Like many of its competitors, Flashpoint plays a role in both national security targeting and counter-disinformation work. When asked how his company engaged in counter-disinformation, Fisher emphasized Flashpoint’s partnership with the artificial intelligence and national language processing company Primer:
“The way we do it is partnering with companies like Primer, or the government will do it. At the end of the day, Flashpoint is all about collections, data collections, right. We do some light analytics, in our platform it does some light analytics, but we are really focused on the data and the collection piece of it, as opposed to the analysis of disinformation. Now, we do report some stuff, but we would partner with a Primer or another government partner that would take our data and then do the heavy analytics on top of it to identify the disinformation. But certainly like, collection of disinformation on those types of channels is something we focus on.”
Fisher also noted that “Everybody’s in Telegram, you know. That’s a gold mine for…what’s going on in Ukraine.”
Neither Evan LaMont nor Richard Fisher responded to a request for comment.