Transparency Watch Releases Searchable Database Of 27,000 US Intelligence Workers

from the publicly-posted-information,-searchable-by-the-public dept

Wed, May 20th 2015 1:09am — Tim Cushing

Intelligence gathering on intelligence gatherers. Watching the watchers. Whatever you want to call it, Transparency Toolkit is doing it. It has gathered 27,000 publicly-posted resumes from members of the "intelligence community" and turned them into a searchable database.

The database -- ICWatch -- was put together using software specifically constructed by Transparency Watch (and posted at Github). Not only can the database be searched through TW's front end, but the data is also available in raw form for data-mining purposes.

Some may find this searchable database to be a form of doxxing, but TW says that isn't the intent. Instead, it's meant to give the public additional insight into the inner workings of the intelligence community, as well as allowing researchers and journalists to sniff out information on still-unrevealed surveillance programs.

"These resumes include many details about the names and functions of secret surveillance programs, including previously unknown secret codewords," Transparency Toolkit said.

"We are releasing these resumes in searchable form with the hopes that people can use them to better understand mass surveillance programs and research trends in the intelligence community."

What Transparency Watch has done is simplified a task anyone could have performed prior to the compilation of the ICWatch database. In fact, nearly two years ago, the ACLU's Chris Soghoian pointed out that public LinkedIn profiles were coughing up classified program names posted by intelligence community members in their listed skills and work history.

This is all Transparency Watch has done -- only in aggregate and accessible to those without a LinkedIn account.

The data was collected from LinkedIn public profiles using search terms like known codewords, intelligence agencies and departments, intelligence contractors, and industry terms, the group said.

What Soghoian noted back in 2013 remains true. Searches for known NSA programs frequently bring up other program names, all posted publicly by employees and contractors with an apparent disregard for the agency's "everything is a secret" policies.

A search for "PINWALE" brings up a profile listing the following:

Cultweave, UIS, Nucleon, CREST, Pinwale, Anchory, Association, Dishfire, SharkFinn, GistQueue, GoldPoint, Mainway

And another listing these terms:

Snort, TRAFFICTHIEF, PINWALE, BOUNDLESS INFORMANT, BLARNEY, BULLRUN, CARNIVORE

You can also find out who's involved in Predator drone flights. Or who's participated in the NSA's Tailored Access Operations.

Some may argue that this algorithmic collection of resumes and LinkedIn profiles may be dragging some people under the "intelligence community" umbrella that shouldn't really be there. That's likely true, but this is one of those inescapable outcomes of dragnet operations. They may also argue that turning over this information to the public may cause some of those listed to be subjected to harassment or put them in danger. Also, this may unfortunately be true as well.

But there's a simple solution, albeit one that can't be applied retroactively.

As the government so frequently points out to us, publicly-posted information carries no expectation of privacy. The same goes for government employees and government contractors in sensitive positions who choose to disclose information about their skills and employment publicly. If any danger to these people exists, it has always existed. ICWatch may make the job simpler, but it's done nothing any person can't do on their own, using simple search tools.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: code names, database, intelligence, intelligence community, resumes
Companies: linkedin, transparency watch

13 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

That One Guy (profile), 20 May 2015 @ 12:19am

What's good for the goose...
'Some may argue that this algorithmic collection of resumes and LinkedIn profiles may be dragging some people under the "intelligence community" umbrella that shouldn't really be there. That's likely true, but this is one of those inescapable outcomes of dragnet operations. They may also argue that turning over this information to the public may cause some of those listed to be subjected to harassment or put them in danger. Also, this may unfortunately be true as well.'

Boy that sounds familiar...

'Some may argue that this algorithmic collection of online activity and communications may be dragging some people under the "terrorists/threat" umbrella that shouldn't really be there. That's likely true, but this is one of those inescapable outcomes of dragnet operations. They may also argue that turning over this information to the government may cause some of those listed to be subjected to harassment or put them in danger. Also, this may unfortunately be true as well.'

They don't like the potential responses or reactions for making such data public? Well as they love to say, 'publicly-posted information carries no expectation of privacy.'

Or in other words: Too bad. If our private data is going to be collected and looked through, your public data is going to get the same treatment.
[ link to this | view in chronology ]
Anonymous Coward, 20 May 2015 @ 1:51am

Well, I called the FBI. That's illegal under the intelligence agents protection act or something like that. Let's see if they're prosecuted.
[ link to this | view in chronology ]
- Anonymous Howard, Cowering, 20 May 2015 @ 3:53am
  
  Re: AC #2
  That's funny!
  Go read it:
  
  http://fas.org/irp/offdocs/laws/iipa.html
  
  Pay special attention to the first part. None of the conditions specified apply to publicly available information.
  
  Oopsies -- maybe you should call the FBI back and tell them to "never mind."
  [ link to this | view in chronology ]
  - AJ, 20 May 2015 @ 4:29am
    
    Re: Re: AC #2
    Sounds to me like the intelligence agents may have broken the law. They released classified information into the wild by putting it on their public resume's.
    
    Or would they be considered whistle blowers? If they are, they may want to brush up on their Russian.
    [ link to this | view in chronology ]
- Anonymous Coward, 20 May 2015 @ 4:56am
  
  Re:
  Did they violate the copyrights, expectations of privacy, or any other law or legal principle under which they can be charged? Did the violate the terms of services on the websites they scraped in such a way that they cannot legally republish that information to the public. I bet they could make a case if they wanted to.
  [ link to this | view in chronology ]
  - Anonymous Howard, Cowering, 20 May 2015 @ 7:17am
    
    Re: Re: AC #7
    Copyrights, probably not. This appears to be a transformative work, and probably deals in facts (which were published on a publicly visible profile) rather than concepts/ideas.
    
    Expectations of privacy, certainly not. Other than the fact that the data was scraped from public sites, the Third Party Doctrine would easily apply (they gave that information to a third party, therefore their privacy interest in it is zero -- no citation beyond: read TechDirt frequently).
    
    Any other law? Most likely; after all, they are (presumably) breathing and walking around in the United States in the early 21st century. By definition, they are violating SOME law.
    
    Legal principle? It's chargeable to violate a legal principle?
    
    Terms of Service(s) are usually limited to the use of the website. The website/owner can pursue legal action if it wants to, but the FBI is unlikely to have standing to prosecute.
    
    Vis-à-vis the bet: I wouldn't bet against you. That doesn't mean it's a valid case, that it would be upheld, or that it even makes legal sense. However, given the sorry state of Federal prosecutorial decisions these days, I would bet against eventual final conviction.
    [ link to this | view in chronology ]
  - AJ, 20 May 2015 @ 7:17am
    
    Re: Re:
    The story says "publicly-posted resumes from members of the "intelligence community" and turned them into a searchable database. ". If you post your resume publicly, how do you have copyright, expectation of privacy, or any other legal argument? If they posted their info to a private website, where employers could pay to search and view it, then perhaps you have an argument.. but just on a job board or something?
    
    Hell, they could consider it a service. If i were looking for spooks, and i needed to find one that has a specific specialty, that database would be the first place I looked. No telling how many of them find a job because of that.
    [ link to this | view in chronology ]
Anonymous Coward, 20 May 2015 @ 2:17am

That's likely true, but this is one of those inescapable outcomes of dragnet operations.

Such as massive metadata collection?
[ link to this | view in chronology ]
TRX (profile), 20 May 2015 @ 4:01am

I'm a double-nought spy!
[ link to this | view in chronology ]
Anonymous Coward, 20 May 2015 @ 5:17am

Some may argue that this algorithmic collection of resumes and LinkedIn profiles may be dragging some people under the "intelligence community" umbrella that shouldn't really be there.

Tell that to the people who were drone-killed based on metadata.
[ link to this | view in chronology ]
David, 20 May 2015 @ 7:29am

There's no program details...
So it's just "meta-data", right? And there's nothing private about that, is there? You know, we just got this information using the 3rd party doctrine...
[ link to this | view in chronology ]
Griffdog (profile), 20 May 2015 @ 12:11pm

more for the goose...
'Some may argue that this automated collection of license plates may be dragging some people under the "suspected criminals" umbrella that shouldn't really be there. That's likely true, but this is one of those inescapable outcomes of dragnet operations. They may also argue that turning over this information to the public may cause some of those listed to be subjected to harassment or put them in danger. Also, this may unfortunately be true as well.'
[ link to this | view in chronology ]
Anonymous Coward, 20 May 2015 @ 1:01pm

If you don't want to be found...
...be careful what you put in your resume.

I have worked on a variety of classified programs relating to intelligence, and I know a number of people who either have been or were in the intelligence field. None of their names appear in the database.

The question is how some people appear, and some do not. I suspect that the people I know did the same as me, and said something like "Led a variety of defense related projects," or "Designed components and systems for government projects." No code words, no buzz words, and no other words that would present a clue as to what we really did.

What that means, of course, is that many of us (and perhaps even most of us) can't be found through the techniques used to develop this database, which was alluded to in the post. If you do not want to be pigeon holed as "intelligence," or other fields, do not put that information in your resume, on your Facebook page, etc.
[ link to this | view in chronology ]