The whistleblower provided a slew of documents that are being compared to the Twitter Files in terms of their scope and ramifications. They describe an “anti-disinformation” group known as the Cyber Threat Intelligence League (CTIL) that shows how far governments intend to reach into people’s online activities.
While the CTIL reportedly started out as a volunteer project involving intelligence and defense veterans and data scientists, its methods have been adopted by official projects at high levels, including the Department of Homeland Security.
The documents include training videos, internal messages, presentations and strategy documents. They demonstrate how military and intelligence contractors from America and the UK developed a comprehensive censorship framework under the leadership of former UK Defense researcher Sara-Jayne Terp.
Slack messages show how Terp, along with colleagues and officials from Facebook and the Department of Homeland Security, worked together to censor people online.
The public-private model they used and their framework appear to have set the stage for methods used by both countries in 2020 and 2021, such as stopping disfavored narratives rather than simply focusing on factual inaccuracies, masking censorship in counter-disinformation agendas, and pressuring social media platforms to remove information or otherwise take steps to stop certain content from going viral.
They show how CTIL started tracking and reporting content on social media in the spring of 2020 that was opposed to lockdown measures for COVID-19. They even went so far as to create a channel that law enforcement could use to report this type of content. They also created a spreadsheet with information from the Twitter bios of users who posted anti-lockdown hashtags such as “#freeCA.” At some point, they also considered reporting the domains of websites they disagreed with to their registrars.
In addition to censoring opinions that don’t align with their preferred narrative, CTIL carried out offensive operations in an attempt to sway public opinion. They considered ways they could co-opt hashtags and launch “counter-messaging” campaigns, create sock puppet accounts, make their way into private groups that are accessed by invitation only, and dilute messaging they disagree with.
The whistleblower who provided the documents is said to be highly credible, and their legitimacy was independently verified. The individual is said to be someone who was recruited into the group via monthly meetings on cybersecurity that were hosted by the Department of Homeland Security.
Among those who are known to be involved in CTIL is DHS employee Justin Frappier, who led training and took part in regular meetings with the group. As many as 20 people actively involved in CTIL worked for CISA or the FBI. Many of them displayed their agency seals by their name in Slack messages.
The whistleblower said the group's ultimate aim “was to become part of the federal government. In our weekly meetings, they made it clear that they were building these organizations within the federal government, and if you built the first iteration, we could secure a job for you.”
Terp and her colleagues formed a group called MisinfoSec Working Group, which developed an anti-disinformation and censorship strategy known as Adversarial Misinformation and Influence Tactics and Techniques (AMITT). This was used to develop the DISARM framework used by the World Health Organization in an attempt to counter anti-vaccination campaigns in Europe.
It also called for using training influencers on how they can spread favorable messages and find ways to convince banks to cut off financial services for those who organize events and rallies that go against the official narrative.
Sadly, we’ve reached the point where none of this is surprising. Like the Twitter Files, these documents show that governments are desperate to use whatever resources they have at their disposal to control online narratives and keep dissenting voices from being heard.
Sources for this article include: