According to online statistics provided by The American Monitor’s Internet host, a private corporation specializing in online surveillance, Cyveillance Inc., has begun monitoring this site.1
Serving as a private quasi-intelligence-agency-for-hire and backed primarily by ABS Capital Partners,2 Cyveillance “proactively identifies and eliminates” online “threats” to their clients’ interests.3
Essentially, Cyveillance is paid by companies and governments to scan websites, blogs, news groups, auction sites, peer-to-peer networks, message boards, FTP clients, chat rooms, and email messages in search of anything their clients may find relevant—from negative publicity, to copyrighted material, to confidential information, to potential terrorist threats.4
Cyveillance provides its services to “over 250 leading companies, including over half of the Fortune 50 and 8 of the top 10 technology providers.”5 This includes Merrill Lynch, JP Morgan Fleming, DeBeers, Constellation Energy, Microsoft, AT&T Broadband, Dow Jones, AOL, Goodyear, and numerous others.6
It is currently unknown what originally attracted Cyveillance to The American Monitor, but the company, which apparently began keeping an eye on this site earlier this month, has already expanded its surveillance to include my father’s website, which he uses solely to advertise his personal educational services.7
The content of my father’s website is completely unrelated to that which is contained here, suggesting Cyveillance’s activities have taken on an investigative aspect that goes beyond simple scanning techniques.
While the person, agency, and/or company paying Cyveillance to monitor our online content remains a mystery, a range of news articles and online complaints indicate that Cyveillance has a history of violating Americans’ civil liberties on behalf of private companies and the U.S. government.
“If you maintain a website, keep a blog, chat on IRC or other Internet ‘chat rooms,’ you should be very concerned about a private corporation in the United States called Cyveillance,” the Security and Privacy website has warned.8
“While U.S. troops fight terrorists abroad, law enforcement agents at home use their own high-tech methods to track down potential evildoers,” Fox News reported in 2002, adding that techies “in the private sector are helping.”9
“Virginia-based Cyveillance,” Fox elaborated, “crawls through 40 million sites a month in search of suspicious activity, according to Todd Bransford, the company's vice president of product marketing.” According to Fox, Cyveillance scans the web for “topics as varied as bomb-making and anti-American sentiment.”10
"We download a lot of raw information, then we have technology that processes it for relevancy [and] real intelligence," Bransford told Fox News.11 The company then supplies their clients with a permanent archive of all the information they gather, including a “searchable index of all suspicious data discovered”.12
According to Bransford, government uses "would include everything from information security, [to] identifying the threats and risks that are occurring out there in online discussions."13
According to one website specializing in Internet security, Cyveillance is even “known to work on behalf of the government to spy on whistleblowers who expose waste, fraud and abuse."14
“One can only wonder,” Security and Privacy has commented, “What governments use the services of Cyveillance to monitor their citizens and employees?"15
“I suppose,” the writer remarks, “this could be a round about way for Governments that claim to respect privacy, to purchase information from a company. Governments can then claim they don't collect data. They just forget to tell you that instead, they purchase it in report format.”16
Cyveillance also provides their services to private corporations, sometimes with questionable results.
For instance, according to a 2001 report by The Register, “the UK Independent Media Centre - which prides itself on offering an alternative take on the news…accuses Cyveillance of ‘spying on, and lying about, the anti-capitalist movement’”.17
The independent news outlet cited a report from The Guardian, which stated: "Cyveillance was able to inform a UK high street bank that one of its branches in the city of London was being targeted by May Day protesters, and tell it which window the activists were planning to throw a bomb through."18
As The Register reported, however, “There has been no suggestion of a bomb threat at the May Day event or any previous anti-capitalist march, and [Cyveillance managing director Andrew] Muir's claim that he told a bank not only about a bomb but also which exact window it would be put through stretches his credibility to the breaking point.”19
Another target of Cyveillance’s intelligence operations has been a group known as Wells of Justice, which runs a site dedicated to exposing judicial corruption. As the group remarks on their site, “Fighting terrorism against the United States is suppose[d] to be a top ranking priority of the Department of Justice. Why then, are they spending taxpayers' dollars with a private company to surf a site that addresses bankruptcy court corruption?”20
Cyveillance has also alerted Constellation Energy “to coordinated plans by anti-nuclear activists involving one of its facilities,” as reported by eWeek.com in January of 2006.21
John Petruzzi, Jr., director of enterprise security at Constellation, “said he is impressed with the kinds of information Cyveillance has uncovered about security threats to Constellation's network and facilities,” eWeek reported. The company’s new technology “makes it easier to sift through the information Cyveillance turns up and research threats,” Petruzzi said, according to eWeek.22
“I don't know about you,” one writer for Security and Privacy remarks, “but if I am in a chat room, I have a least some small expectation of privacy with those that are in that room. I would not expect that some bot is logging everything, keeping it in a database for further review and perhaps sale to another corporation or government.”23
FOOTNOTES & SIDEBARS
1. Statistics documented numerous ‘hits’ registered to the Internet Protocol (IP) address 65.222.176.124, which, according to ‘whois’ records, traces back to MCI Communications Services, Inc., an Internet Service Provider located in Ashburn, Virginia. The customer corresponding to the specific IP address in question is listed as follows:
CustName: CYVEILLANCE
Address: 1555 WILSON BLVD
Address: STE 404
City: ARLINGTON
StateProv: VA
PostalCode: 22209-2405
Country: US
RegDate: 2005-04-13
Updated: 2005-04-13
2. “Cyveillance Receives $24.5 Million in Venture Capital Financing; Third Round of Funding Led by ABS Capital Partners,” Business Wire, May 4, 2000, <http://www.findarticles.com/p/articles/mi_m0EIN/is_2000_May_4/ai_61882692>. Other investors include Lazard Technology Partners, National Enterprise Associates (NEA), BlackRock, Graystone Venture Partners, Capital Investors, and the Dinner Club.
3.<http://www.cyveillance.com/web/corporate/default.htm>.
In 2005, in order “to help organizations combat the growing convergence of cyber and physical security threats,” Cyveillance announced a partnership with Vance International, a company specializing in private investigation and security. According to the Cyveillance press release:
“The Internet provides an ideal platform for malicious groups or individuals to share information and further their causes. Threats include activists, extremists, or demonstrators who plan rallies and protests to disrupt company events or operations for political recognition; individuals threatening executives and employees’ personal safety; and those selling gray market or counterfeit products online for personal financial gain. …
“Customers across the board are increasingly concerned with the combination of threats that pose a risk through both online and physical disruptions. They are looking for closed loop solutions that can provide protection simultaneously on both fronts,” said Panos Anastassiadis, CEO of Cyveillance. “Vance has the respected security and investigation personnel recruited from the elite ranks of the intelligence and law enforcement communities, and our leading technology can scour the depths of the Internet to uncover threats. Together, our joint approach truly helps protects our clients with a comprehensive, closed-loop solution.””
4. “Cyveillance Launches New Generation of Technology for Online Monitoring,” Cyveillance press release, March 21, 2002, <http://www.cyveillance.com/web/newsroom/press_rel/2002/2002-03-21.htm>; <http://www.cyveillance.com/web/solutions/overview.htm>.
5. “Cyveillance Announces Record Growth in 2006 Led by New Services and Partnership Strategy,” PR Web, January 31, 2007, <http://www.prwebdirect.com/releases/2007/1/prweb501422.htm>.
6. <http://www.microrose.com/whoiscyv.htm>.
7. Statistics from my father’s website, JohnBuckleyConsulting.com, show several hits from the same Cyveillance IP address that has been visiting The American Monitor.
8. “Who Is Cyveillance And Why Should You Care?”, Security and Privacy, <http://secpriv.com/subject.php?c=5&catname=Privacy>.
9. “Feds Use High-Tech Spyware To Nab Terrorists,” Fox News, October 13, 2002, <http://www.foxnews.com/story/0,2933,65528,00.html>.
10. Ibid.
11. Ibid.
12. <http://www.cyveillance.com/web/solutions/modules/corp_security.htm>.
According to an article published by Computer World in 2000:
“Cyveillance uses both human and artificial intelligence to monitor "online brand abuse" for clients. First, the company's Web crawler looks for information that meets customer-defined criteria. Then a team of e-commerce analysts studies the automated reports and recommends a plan of action. The cost ranges from $80,000 to $400,000 per year.
But such services can be used for much more than just defending against defamation and piracy. "Clients start off having a defensive mind-set, but then they transition to more of an offensive approach," said Brian H. Murray, director of Cyveillance's strategy center.”
13. Ibid., 9.
14. Michael Hampton, “Cyveillance Bad Behavior,” Bad Behavior, December 15, 2006, <http://www.bad-behavior.ioerror.us/2006/12/15/cyveillance-bad-behavior/>.
15. Ibid., 8.
16. Ibid.
17. Kieren McCarthy, “Activists slam Cyveillance May Day Bomber claims,” The Register, September 7, 2001, <http://www.theregister.co.uk/2001/09/07/activists_slam_cyveillance_may_day/>.
18. Sue Denim, “Free Market Internet Cops,” UK IndyMedia, September 5, 2001, <http://www.indymedia.org.uk/en/2001/09/10751.html>.
19. Ibid., 17.
UK Indymedia commented:
“We should be concerned that this company is making up stories about terrorism to demonise the movement and prepare the way for state terror. We should be concerned at any free market intelligence service, at any attempt to police us, on and off the net.”
Intriguingly, an apparent insider left the following comment on the UK IndyMedia site:
“I used to work for Hill & Knowlton in London, Cveillance's PR agency, and I know that Cyveillance in the UK are working for both De Beers and the Diamond Trading Company, De Beers in disguise. They help them to monitor human rights activists opposed against De Beers' role in the blood diamond trade. By collecting and downloading information from websites and newsgroups, they help companies like De Beers to continue changing their corporate PR so they can disassociate themselves from blood diamonds whilst raking in huge profits.”
This person only left a satirical pseudonym, ‘Nikki Oppenheimer’ (the chairman of DeBeers), so there was no way to confirm his or her background.
20. “Who or what is Cyveillance? -- Who's Paying Cyveillance To Monitor This Web Site?”, Wells of Justice, <http://www.wellsofjustice.com/cyveillance.htm>.
21. Paul F. Roberts, “Cyveillance Introduces Threat-Detection Dashboard,” eWeek.com, January 24, 2006, <http://www.eweek.com/article2/0,1895,1914978,00.asp>.
22. Ibid.
23. Ibid., 8.
