Last summer, as mass protests in the wake of George Floyd’s killing swept the nation, a group of high schoolers in Bee Cave planned a peaceful demonstration with chalk mural drawings along the sidewalk outside City Hall.
The students requested a permit for the demonstration, even if they didn’t need to — the Austin suburb doesn’t require such formalities for exercising First Amendment rights on public property. But the request itself was enough to catch the eye of someone tied to a regional citizen surveillance program run by an anti-terrorism police organization. Unknown to the high schoolers, the event was added to a watchlist and monitored for “agitators.”
Several days earlier, on an overcast Wednesday morning, a man was driving near an Austin police training facility when he was approached by officers who were curious what he was up to. He was only taking pictures of flowers, he told them, pulling out his phone to snap photos of the flora growing along a fence line.
Unconvinced, the officers later looked him up on Facebook and found he had posts sympathetic toward antifa. He too was added to the watchlist, joining nearly 2,000 others whose actions have quietly drawn police scrutiny since 2013.
Police protests:Several charges dropped in break-in of Austin Target in May
The list, which was leaked by a hacker activist group last summer, includes cases that range from the serious — people threatening school shootings — to the seemingly benign, people expressing political views online. It’s the latter category that has elicited privacy concerns from civil liberty activists and analysts, who fear that the surveillance program is straying beyond its bounds.
The program is run by the Austin Regional Intelligence Center — a regional information gathering entity through which intelligence on terrorism activity is shared among the U.S. Homeland Security Department and a network of Central Texas police agencies. Austin’s center — which was launched in 2010 and now involves about 21 agencies in the metro area — is one of several federally funded fusion centers across the country created in the post-911 era, when sweeping national security reforms sought to prevent future terrorist attacks. Eighty such centers exist across the country today, with eight in Texas, the most of any state.
“Our nation faces an evolving threat environment, in which threats emanate not only from outside our borders but also from within our communities,” reads a Homeland Security Department fact sheet. Fusion centers are designed to help police, first responders and private security firms “understand local implications of national intelligence.”
In June, as protests against police violence amplifiedcalls for police defunding, the Austin fusion center was one of more than 200 law enforcement agencies that fell victim to the hacker group. Nearly 270 gigabytes of sensitive police data were compromised after hackers breached the Houston-based web development company Netsentinal, which had contracts with hundreds of law enforcement agencies for web-hosting services.
The hackers that breached Netsentinal’s servers shared the data with a Wikileaks-like transparency collective known as Distributed Denial of Secrets, or DDoSecrets — named after a term used for a common style of cyberattack. The group posted the data online using servers based in Germany until authorities seized those servers in July, according to The Associated Press.
Known as “BlueLeaks,” the hack-and-leak operation is considered one of the largest data breaches in law enforcement history. The group was designated a “criminal hacker group” in a Homeland Security Department memo issued 10 days after the data appeared online.
Within the heap of stolen data is information revealing the Austin Regional Intelligence Center’s community surveillance program and its operational framework. The program deploys a network of threat liaison officers throughout the metro area trained to keep eyes on the ground and report anything they suspect could be tied to criminal or terroristic activity.
Threat liaison officers are typically first responders or police officers who have gone through the fusion center’s eight-hour training program, but the program also can include civilians — people working for private security companies or employed in the public safety and homeland security sectors.
According to the Austin Police Department, which staffs the fusion center as its lead agency, there are nearly 1,400 threat liaison officers within the Austin region. Slightly more than 300 of them are privatecitizens.
The Bee Cave high schoolers’ peaceful demonstration was reported to the fusion center by one such threat liaison officer, the leaked data show. It was one of many reports logged during summer protests.
Among the reports are numerous incidents of anti-police rhetoric posted either on social media or by acts of spray-painted vandalism. For instance, one man made numerous posts to his Facebook page that expressed “a strongly anti-law enforcement ideology,” including a statement that he wanted to “lock the doors of the Austin Police Department and burn it down.”
Other reports involve less menacing activity such as a vehicle slowly driving by a state police officer’s home or a woman buying 60 gas masks from a North Austin military surplus store.
But the program had been logging actions of everyday people well before anti-police activity became one of the fusion center’s focal points. And while some reports credibly warn of serious threats of violence, others detail minor incidents or peaceful demonstrations like the one in Bee Cave.
“The report about this potential (Bee Cave) protest has no legitimate basis for ARIC to collect and retain,” said Peter Steffensen, a civil rights attorney who serves on the fusion center’s advisory committee. “If there are no standards to strain out and purge from the system that type of information, then what ends up happening is ARIC accumulates all this information about people.”
‘Committed to making improvements’
A key provision of that policy limits the fusion center’s scope to “suspicious activity that has a potential terrorism or criminal nexus,” the policy says. Put another way, the fusion center is charged with monitoring behavior that reasonably looks like planning related to a terrorist attack or other criminal activity. And information that is determined to be irrelevant, obsolete or unreliable to that mission “will be immediately purged … from the ARIC information system.”
The problem is that the purging doesn’t appear to be happening, as the leaked data reveal. And many of the reports submitted by threat liaison officers fail to demonstrate a terrorism or criminal nexus, Steffensen said.
“That makes it seem like ARIC is straying far beyond its mission, and I think that’s a problem,” he said.
The data breach revealed this issue not only to the public, but to the fusion center’s top leadership. In response to a set of questions sent through the Austin Police Department, the fusion center’s deputy director, Ron Phillips, said “a solution is in the works.”
“We are committed to making improvements in this area,” Phillips said.
‘Troubling history of surveillance’
Because the reports don’t require officers to include race or ethnicity information, the database’s racial breakdown is unclear. However, advocacy groups long have been concerned with how the fusion center’s surveillance program might disproportionately target people of color.
“We have known that there’s heavy surveillance for a long time, particularly here in Austin,” said Claudia Muñoz, co-executive director of the Austin-based immigrant advocacy group Grassroots Leadership.
“Nobody’s really looking at how these fusion centers are operating, how they’re sharing information,” Muñoz said.
In August, weeks after DDoSecrets leaked the police data, Grassroots Leadership released a report detailing itsconcerns regarding the Austin Police Department and the Austin Regional Intelligence Center’s surveillance, especially as it might target immigrant communities and potentially be shared with federal immigration agents.
“ARIC, along with fusion centers generally, has a troubling history of surveillance including … surveillance of immigrants for ICE enforcement,” the report says.
The leaked documents don’t show direct cooperation with Immigration and Customs Enforcement, but activists say they do show how the surveillance program has targeted people based on religious or other stereotypes.
A report from 2016, for instance, shows that a woman associated with St. Edwards University felt suspicious of a Muslim student after he expressed anti-American political views. She reported him as a “loner on campus” who doesn’t hang out with other Middle Eastern students “because they aren’t as devoted to Islam as he is.”
“He speaks out against the Bible and says it’s all lies. Complains he is unhappy at St. Edwards University and that all the other students are too materialistic,” the report says.
Two months later, another report details a man pulling in front of a North Austin salon and lifting the hood to his car. The man then walked into the salon and said his car was overheating and asked to use the restroom. The stylist offered him a seat and bottle of water to cool off. He accepted the gesture, but he said he couldn’t drink the water until sundown because he was observing an Islamic holiday.
Thirty minutes later he got up, “thanked them for their kindness and left.” As he was walking out, a woman in the salon noticed a handgun in his waistband, the report says. She reported the incident, and it was added to the fusion center’s watchlist.
In 2018, a cab driver reported to airport police that a group of Muslim cab drivers made him “afraid to wear his Christian cross fearing that the group may come after him.” They should be monitored, he told police, because “it would be easy for them to do something at the airport.”
All of these seemingly innocuous incidents, and many others, have remained on ARIC’s watchlist for years. Then, as anti-police brutality protests spread across the country, the surveillance apparatus turned its attention to Black Lives Matter-related events and protests.
Others are reading:Hays County lawyers allege ‘insane chaos’ in new judge’s court
Documents leaked by DDoSecrets date up to June 13, 2020 — six days before they were released publicly. But additional documents obtained by The Intercept in November show that the fusion center was keeping tabs on advocacy and protest events well after that date. For instance, a bulletin was issued for a Juneteenth event organized by Black residents, a Black Lives Matter student-led protest, a Democratic Socialists of America event and, among several others, a Protest Against State Violence event.
“It has a chilling effect, even if it’s unsurprising,” said Madeline Detelich, who helped organize the Democratic Socialists of America event in July.
“It makes me upset thinking about Black and brown organizers, the working-class organizers who have to make that extra level of calculation about whether or not they even want to associate with us, because they don’t want to be on a watchlist,” Detelich said.
Phillips told The Intercept that the fusion center only monitors events to determine “if there is an impact on the area that could pose a concern for the safety of our community.”
“What I worry about is that there are many instances where people are reporting suspicious activity that seems to be racially driven, that people are being targeted based on the color of their skin or their religious beliefs,” Steffensen said. “Then ARIC is retaining that information for what appears to be years and potentially acting on that information as well.”
‘Trampling on the civil liberties of innocent people’
These kinds of complaints, and privacy concerns in general, have dogged fusion centers for years. In 2009, for instance, a fusion center in North Texas drew criticism for issuing a report that said Muslim lobbyist groups were creating “an environment for terrorist organizations to flourish.” More recently, in 2019, fusion centers came under fire after documents revealed that the Homeland Security Department disseminated mined Facebook data to fusion centers across the country to monitor more than 600 protests against President Donald Trump’s family separation policy.
“For years, fusion centers have been the cause of bipartisan concern, both for their ineffectiveness and their civil liberties violations,” privacy watchdogs like the American Civil Liberties Union and the Brennan Center for Justice wrote in a 2019 letter to the Senate Judiciary Committee.
“Government documents have shown that fusion centers yield little intelligence of value and waste resources while trampling on the civil liberties of innocent people,” the letter said.
It wasn’t the first time U.S. lawmakers had heard these concerns. A 2012 investigation by a subcommittee of the Senate Committee on Homeland Security and Governmental Affairs “identified problems with nearly every significant aspect of DHS’s involvement with fusion centers,” according to a government report. The Department of Homeland Security also had been violating the Privacy Act by improperly retaining records solely for the purpose of monitoring activities protected by the Constitution, the report said.
Homeland security officials describe fusion centers as a centerpiece of counterterrorism strategies, but the committee’s investigators found that they “often produced irrelevant, useless or inappropriate intelligence reporting to DHS, and many produced no intelligence reporting whatsoever,” the report stated. Homeland security officials who routinely authored “useless or potentially illegal” reports never faced any sanctions, according to the report.
In the Senate subcommittee’s list of recommendations, investigators asked homeland security officials to improve training and prevent improper or illegal collection and retention of intelligence on constitutionally protected activity.
“It should not retain inappropriate and illegal reporting. It should strictly enforce policies, and hold all of its employees to the highest standards, including by promptly barring poorly performing personnel from issuing domestic intelligence reports involving Americans,” the report said.
While Austin’s fusion center has committed to cleaning up its surveillance retention practices, there is still concern over how racial biases seep into the operation.
“There’s a long history of radicalized surveillance in this country,” Steffensen said. “I am especially concerned when I see time and time again that people of color and groups and organizations predominantly made up of people of color continually appear as targets or subjects in these reports.”
Publication of stolen documents
Clear protections surrounding the publication of stolen government documents date back to 1971 when The New York Times published the Pentagon Papers. The U.S. Supreme Court ruled in that case that media organizations cannot be punished for publishing truthful information.
These protections were clarified in a 2001 case in which an illegally obtained recording of a phone conversation was shared with Wyoming media organizations. The court found again that the First Amendment allows journalists to publish contents of illegally intercepted communication, so long as the journalists didn’t participate in the theft.