Military Whistleblower Challenges Pentagon's Warrantless Purchase Of Internet Data

Screen shot from Naval Criminal Investigative Service (NCIS) internship posting

A United States military whistleblower filed a series of complaints alleging the Naval Criminal Investigative Service (NCIS) is engaged in the warrantless purchase and use of Americans’ internet browsing data, which it obtained from a broker.

“According to the whistleblower, NCIS is purchasing access to data, which includes netflow records and some communications content from Team Cymru,” Senator Ron Wyden shared in a letter to the offices of the inspector general for the Pentagon, Justice Department, and Homeland Security Department.

The warrantless purchase of Americans’ data is not limited to the NCIS. Wyden’s office examined public contracting records and found Team Cymru was awarded data brokering contracts with US Cyber Command, the US Army, the Federal Bureau of Investigation (FBI), and the US Secret Service.

The contracts do not appear under Team Cymru’s name. Instead, Argonne Ridge Group is listed as the contractor. Wyden’s office noticed that Argonne and Team Cymru have the same corporate address, and contracting records indicate that Argonne is the “only known source” of the internet data.

US government agencies with such contracts are purchasing bulk data to circumvent warrant requirements as well as oversight by federal courts.  

NCIS’ contract involves Team Cymru’s tool known as Augury. As described by Wyden, “The Augury tool provides access to ‘petabytes’ of network data ‘from over 550 collection points worldwide’ and ‘is updated with at least 100 billion new records each day.”

Augury also provides NCIS with warrantless access to email data and browser activity, particularly “cookie usage.”

Presumably, the FBI, Army, Secret Service, and Cyber Command have also been purchasing massive amounts of data on Americans to circumvent privacy requirements intended to somewhat uphold the Fourth Amendment—and perhaps with this exact "tool."

On June 22, 2018, as recalled by the Electronic Privacy Information Center (EPIC), the US Supreme Court ruled that the “seizure and search of 127 days’ worth of an individual’s cell phone location data” is definitely covered by the Fourth Amendment.

US military and security agencies are well aware of the controlling precedent in the courts and recognize that data brokers may be a way to still obtain all the data they desire.

Team Cymru boasts that they collect, process, and aggregate “global network traffic and 50+ other types of data to give our clients Pure Signal™.”

Pure Signal allows contractors to unlock more than “three months of global internet telemetry, revealing unmatched levels of critical data about billions of connected nodes, networks, servers, and clients,” whether they victims, targets, or threat actors. “The data is updated in near real time.”

Since at least 2021, Wyden’s office has been involved in a concerted effort to share details with citizens on the government’s purchasing of internet browsing records. The Pentagon has fought to prevent him from bringing transparency to their contracts and arrangements with data brokers.

It is already known through public contracting records that the Defense Counterintelligence and Security Agency has spent more than $2 million on internet data. The Defense Intelligence Agency has purchased “Domain Name System data,” or DNS data, which contain information necessary for users to access websites.

This whistleblower may not have realized that they were challenging a practice that is increasingly relied upon by the national security state to bolster dragnet surveillance. But clearly, there is good reason to believe what we have learned from the whistleblower and Wyden’s office barely scratches the surface when it comes to which US agencies have contracts with data brokers and what they are doing with this data.