Federal censorship machine started years before COVID, involved military contractors: whistleblower

"Cyber Threat Intelligence League" reportedly intended to implement "cognitive security," which involves "preventing malefactors from hacking people's beliefs."

Published: November 29, 2023 11:00pm

The public-private efforts to restrict and suppress purported "mis-, dis- and malinformation" across tech platforms started almost immediately after the surprise election of Donald Trump in 2016, ramped up a year before the COVID-19 pandemic, and included U.S. and U.K. military contractors and plans to cut off financial services to dissenters and sue them.

That's according to a "highly credible whistleblower" who says they were recruited to participate in the Cyber Threat Intelligence League (CTIL) "through monthly cybersecurity meetings hosted by" the Department of Homeland Security, independent journalists who reviewed the Twitter Files at new owner Elon Musk's invitation said Tuesday.

Michael Shellenberger and Matt Taibbi are testifying about their latest revelations before the House Judiciary Committee's Weaponization of the Federal Government Subcommittee on Thursday, a year after the first Twitter Files report. Tablet editor Alex Gutentag also collaborated on the report.

The trio says their so-called CTIL Files include "strategy documents, training videos, presentations, and internal messages" provided by the whistleblower that "offer the missing-link answers to key questions not addressed" by the Twitter Files or the similar Facebook Files made available this summer by Judiciary Chairman Jim Jordan, R-Ohio.

The feds appear to be scrambling in response to the flood of congressional interest in, and lawsuits against, their role in so-called content moderation and repeated pressure on social media companies to censor even self-acknowledged true content.

DHS surreptitiously removed a video from its YouTube channel that encouraged people to report "disinformation" spread by their family members, such as "Covid-19 is no worse than the flu," sometime between April 9 and May 9, according to archives of the video page.

The anti-censorship Foundation for Freedom Online preserved the video, whose existence it flagged a year ago, and called attention this week to the DHS removal. The timing suggests it was in response to a federal judge's March 21 ruling that greenlit a First Amendment lawsuit against the collaboration, which the Supreme Court agreed to review this term.

One of the leaders of the DHS-backed Election Integrity Partnership, which facilitated federal requests to remove purported election misinformation, even called on Tesla shareholders to retaliate against its CEO Musk in response to his purchase of Twitter, now X, and pledge to back off aggressive content moderation on the platform.

CTIL "officially began as the volunteer project of data scientists and defense and intelligence veterans," Shellenberger, Taibbi and Gutentag wrote in the first essay of their planned series on the disclosures that includes a handful of the whistleblower's documents.

According to their source, whose legitimacy they verified "through extensive cross-checking of information to publicly available sources," the planning started in the waning days of the Obama administration in 2017.

The whistleblower claimed a CTIL leader who was a "former" British intelligence analyst was "in the room" at the Obama White House when she was asked to create a project against disinformation to stop a "repeat of 2016."

The project started in earnest the next year, with U.K. defense researcher Sara-Jayne Terp taking the lead in CTIL alongside U.S. military contractor Pablo Breuer, the report says. They started a consultancy called Threet.

WIRED profiled Terp and Breuer in 2020 for their work on "cognitive security," which involves "preventing malefactors from hacking people's beliefs." Breuer's Threet bio says he has worked for Sofwerx, "an innovation platform for the United States Special Operations Command," and advised the National Security Agency and U.S. Cyber Command among others.

Kris Krebs when director of the DHS's Cybersecurity and Infrastructure Security Agency mentioned the agency's collaboration with CTIL. But the whistleblower claimed at least 12 to 20 FBI and CISA employees were actively involved in the organization, and "for a while" they displayed their "agency seals" next to their names in the Slack messaging service, including a CISA seal for Terp.

The reporting trio said documents show one of the most active feds was Justin Frappier, identified in two listings by OpenPayrolls as an employee in DHS's National Protection and Programs Directorate in 2017 and 2018. 

A screenshot from a Slack channel called "disinformation-triage" shows that Terp added Frappier to the group, which gives his affiliation as "Disinformation Team - Incident Management Team Lead." It shows Frappier is fond of internet slang including "lol" and "LMAO."

CTIL's overriding goal was "to become part of the federal government," according to the whistleblower, who also said weekly meetings emphasized that "if you built the first iteration" of these counter-disinformation organizations "we could secure a job for you."

Terp worked through a group called MisinfoSec, alongside former CIA staffer Renee DiResta, to create the Adversarial Misinformation and Influence Tactics and Techniques framework, according to Tuesday's report. 

It posted a presentation slide of AMITT's "Countermeasures Framework" that includes several financial and legal responses: "Ban incident actors from funding sites," "Stem flow of advertising money," "Cut off banking access" and "Spam domestic actors with lawsuits."

Terp shared her plans to create "Misinfosec communities" that included government in presentations to "information security and cybersecurity groups in 2019," according to the Tuesday report on the whistleblower's documents.

She "openly referenced her work 'in the background' on social media issues related to the Arab Spring," suggesting that tactics developed for foreign nationals were migrating to Americans.

Terp and Breuer also openly discussed their work on podcasts. "Most misinformation is actually true but set in the wrong context," Terp said in one, according to the report. (The specific podcasts aren't linked.)

Breuer told a podcast the duo's work involved getting "nontraditional partners into one room," such as social media companies, "special forces operators" and DHS employees, "to talk in a non-attribution, open environment in an unclassified way."

He explained how the "in-group and out-group messaging have to be often different" when trying to sell Americans on a domestic version of the "Great Firewall of China."

While Chinese citizens believe this censorship is to "protect the citizenry," Americans "would absolutely lose our minds" if the feds "tried to sell that narrative," Breuer reportedly said.

The reporting trio said they would present the underlying documents from the whistleblower to congressional investigators in the coming weeks and "make public all of the documents we can while also protecting the identity of the whistleblower and other individuals who are not senior leaders or public figures."

The FBI declined to comment on the report to Just the News, and DHS and CISA did not respond to queries. Neither did Terp and Breuer.

Unlock unlimited access

  • No Ads Within Stories
  • No Autoplay Videos
  • VIP access to exclusive Just the News newsmaker events hosted by John Solomon and his team.
  • Support the investigative reporting and honest news presentation you've come to enjoy from Just the News.
  • Just the News Spotlight

    Support Just the News