Article Lead Image

Is a CIA-funded analytics firm reading your Facebook chats?

A coder is accusing analytics firm Recorded Future of scouring private Facebook messages.


JC Sevcik


Posted on Apr 13, 2015   Updated on May 29, 2021, 2:14 am CDT

An information analytics company funded by Google and the Central Intelligence Agency is scanning private Facebook chats, a new report alleges.

While testing an application not yet published on the Web, a coder posting under the alias “Andreas Baader” and his team noticed unusual activity in the backend. Andreas Baader was one of the leaders of the German left-wing militant Red Army Faction, more commonly known as the Baader-Meinhof gang. 

Baader is alleging that a company called Recorded Future crawled the private chat and accessed a URL which shouldn’t be accessible to anyone but the developers.

Recorded Future, an American-Swedish predictive analytics company headquartered in Massachusettes, has made predicting the future its business. 

“The world actually knows a fair amount about the future. Little tidbits of information here and there about different behaviors. One company makes a corporate filing. Another person tweets something,” Recorded Future founder Christopher Ahlberg told Co. Labs in a 2013 interview. 

“We wondered…. what if we could get our hands on every single fact that humanity knows about the future, and actually put them together for analysis? That was the idea behind Recorded Future,” Ahlberg added. 

Recorded Future was founded in 2010 with funding from Google Ventures, along with CIA and National Security Agency capital arm In-Q-Tel. (Former In-Q-Tel CEO and CIA money man Jim Breyer’s subsequent venture capital firm Accel Partners was also one of the first major funders of Facebook.) Sounding like something out of a Phillip K. Dick novel, their systems scour the Internet for open-source intelligence—publicly accessible information from hundreds of thousands of sites, including news articles and social media exchanges—and analyze the data to forecast the future.

Their “temporal analytics engine”—software wherein spiders take in content from multiple languages and use algorithms to interpret the information and correlate dates and times to events—was able to accurately anticipate the Arab Spring uprising based on analysis of social media exchanges immediately preceding the Egyptian protests. The company offers products for commercial use as well as a for-government version called Foresite that analyzes ”internal documents, third-party content, or sensitive data sources,” according to Co. Lab

Predictive analytics technology has obvious application. It is useful for military and intelligence agencies in predicting protests, anticipating cyberattacks, and thwarting terrorists threats. It can help corporations and investment funds forecast financial trends. But here’s the thing: Recorded Future is only supposed to be able to analyze open-source intelligence, i.e., publicly accessible information. And Baader is alleging that a CIA-funded company is crawling private Facebook chats. 

Post-Snowden, it’s pretty much common knowledge at this point that Facebook chats are anything but private. Not to mention numerous reports on how the company has thwarted crimes by monitoring users’ chats for suspicious behavior and conversations about criminal activity. Mashable explains how “smart” scanning software screens exchanges for certain signals—algorithms are in place that analyze age-gaps, language use, and previous chat histories between parties, along with other elements. When the software suspects something like a sexual predator, potential violent crime, or a terrorist plot, it flags the communication so a live Facebook security employee can evaluate the exchange and contact the appropriate authorities if necessary. 

“We’ve never wanted to set up an environment where we have employees looking at private communications, so it’s really important that we use technology that has a very low false-positive rate,” Facebook’s Chief Security Officer Joe Sullivan told Reuters.

So the idea is that our private exchanges stay sort-of-private until we say something software flags suspicious, then someone looks at it. 

Recorded Future, a company admittedly interested in getting its hands on “every single fact that humanity knows about the future” is accused of overstepping its bounds and scanning what are supposed to be (sort of) private exchanges.

Recorded Future admitted to accessing the URL in question in the comments section of Baader’s article. Only it claimed the URL was somehow public, which Baader insists is impossible. 

“Recorded Future’s systems followed this URL after it was posted on a public site. Our system constantly explores links published on the web. We’ve checked our logs and confirmed that this is what happened in this specific case. It’s not related to any Facebook chat messages containing this link. Our system doesn’t access that information,” a representative for Recorded Future writes. 

“I assure you it was not posted publicly by any of us. Newly created URL and link c/p to fb chat,” Baader replies. 

Then Matt Kodama, the Recorded Future representative, posted this cryptic response. 

“I’m not saying it was posted publicly by you or someone in the Bosnadev team. Please contact me directly (matt at recordedfuture dot com) and I will share more details with you. I didn’t think dumping that info in the comment thread was appropriate, based on your blog post!”

The Daily Dot was unable able to reach Alias Andreas Baader for comment. 

Are private companies in-league with intelligence agencies over reaching their authority with respect to analyzing our exchanges? And more importantly, do we care until it’s about dick pics?

If we decide we don’t care, where and when will the line on acceptable intrusion be drawn? Or will we eventually just accept privacy as an antiquated idea? 

H/T Bosnadev | Illustration by Max Fleishman

Share this article
*First Published: Apr 13, 2015, 9:10 pm CDT