This piece was published in partnership with The Verge.
Frank Bass contributed to this report.
January 19, 2017 -- In March 2015, Philippe Reines, a former aide to Hillary Clinton at the US State Department, reached out to an old colleague about his consulting firm’s client.
Reines contacted Capricia Marshall, a consultant who had been the US chief of protocol, a top State Department officer who acts as a liaison with foreign diplomats. Reines wanted Marshall to arrange meetings with foreign embassies for Dataminr — a company that has come under scrutiny from privacy experts for its service analyzing Twitter data.
“If you could pull this off, would be a great way to get you a solid ongoing retainer,” Reines wrote in an email. Marshall responded: “Talking to Azerbaijan. May then ask Saudi?”
“Azerbaijan would be AWESOME. I think Saudi is in its own category because they aren’t sure what the Saudis would do with it,” Reines wrote back. Referring to Azerbaijan, a former Soviet republic accused of jailing journalists and online activists, Reines suggested using its territorial dispute with Armenia as leverage: “Pull out all the stops! Tell them if they don’t we’ll sell to the Armenians!”
Reines’ firm, Beacon Global Strategies, met with diplomats from Azerbaijan's embassy, and quickly hired Marshall. A MapLight review of leaked emails found that Marshall arranged conversations between Dataminr and at least five embassies over three months.
The leaked emails shed light on the largely unregulated world of international lobbying in Washington, where “strategic advisors,” “consultants,” and lawyers use their US government experience to benefit clients and themselves, while avoiding public scrutiny both at home and overseas.
Beacon isn’t registered to lobby in Washington. The firm reportedly works for defense contractors and cybersecurity companies, but it hasn’t made its client list public, citing non-disclosure agreements. Beacon’s relationship with Dataminr has not been previously reported.
Emails show that Beacon offered Dataminr’s service to a foreign government in ways that suggest it could have been used for surveillance. A spokesperson for Dataminr told MapLight on Tuesday that the company “decided not to build or deploy the product capabilities” described by Beacon.
Marshall’s emails were posted on DCLeaks.com in October. The US government says Russian military intelligence used the website to distribute emails stolen from American citizens to help Donald Trump win the presidency.
Reached for comment by MapLight on Tuesday, Marshall referred all questions to Beacon. The consulting firm did not respond to repeated requests for comment.
Dataminr’s spokesperson told MapLight that the company “had a single introductory meeting two years ago with mid-level officials from Azerbaijan,” but did not respond to questions about whether it has worked with Beacon or about its meetings with other countries.
The companies do share a public link: David Shedd, a former acting director of the Defense Intelligence Agency and member of a Beacon advisory panel, sits on Dataminr’s government advisory board.
“Secret And Arguably Unlawful Surveillance”
Philippe Reines left the State Department in 2013 and launched Beacon with several former top US national security officials. Reines’ colleague, Andrew Shapiro, had led the State Department’s Bureau of Political-Military Affairs, where he helped oversee US arms exports. Jeremy Bash, another founder, had been a chief of staff at the Pentagon and the CIA.
More than half the people on Beacon’s nine-member advisory board are ex-military and intelligence officials, and two former CIA chiefs — Leon Panetta and Mike Morell — are senior counselors to the firm.
By spring 2015, Beacon was working with Dataminr, a startup founded in 2009 by three Yale alumni. The company has received funding from the CIA’s venture capital arm, In-Q-Tel, according to The Intercept. The FBI and the Pentagon have both agreed to deals with Dataminr in recent months.
Twitter owns a 5 percent stake in Dataminr, and grants the company exclusive access to its “firehose,” or its full feed of users’ public posts.
Dataminr publicly says its service “transforms the Twitter stream and other public datasets into actionable alerts, providing must-know information in real-time for clients” in the public and private sectors. The company’s website advertises breaking news alerts and updates about events like shootings, terror attacks, and natural disasters.
However, one Beacon marketing document about Dataminr from July 2015 specifically offered governments the ability “to explore an individual’s past digital activity on social media and discover an individual’s interconnectivity and interactions with others on social media.” Beacon prepared the memo in advance of a meeting between the firm, Dataminr, and the embassy of Denmark.
A clause in Twitter’s current developer agreement specifically forbids third parties from using its data to "investigate, track or surveil Twitter’s users." Twitter’s policy at the time of the emails had more ambiguity than it does now, but it still banned developers from helping government agencies or other organizations to "conduct surveillance on Content.”
Twitter has said in the past that it has “never authorized Dataminr or any third party to sell data to a government or intelligence agency for surveillance purposes.”
Privacy experts who reviewed the Beacon memo said the firm appeared to be offering governments the ability to drill down into an individual Twitter users’ activities.
"As described, that service appears to allow governments to conduct secret and arguably unlawful surveillance of individuals, and I would hope that Twitter and other social media companies would not be complicit in that surveillance,” said Jennifer Lynch, a senior staff attorney at the Electronic Frontier Foundation.
Matt Cagle, a lawyer for the American Civil Liberties Union of Northern California, said that “Twitter must take additional oversight steps to ensure government actors cannot abuse the Dataminr tool to spy on protesters, map political affiliations, conduct secretive surveillance or track law-abiding Twitter users.”
Dataminr’s spokesperson said on Tuesday the company didn’t move forward with the service outlined in Beacon’s memo, and instead “focused our government product only on our core competency -- breaking news alerts for emergency response.” A Twitter spokesperson did not directly answer questions about whether Dataminr has complied with Twitter's developer agreement.
The ACLU and EFF have expressed concern as law enforcement agencies have started buying tools that sift through social media user posts and profile information, warning the services can be used to target activists or minority groups. Last year, Twitter cut off data access to a company that had helped police monitor protesters and activists in Baltimore and Ferguson, Missouri.
In December, Twitter announced that Dataminr would no longer let public sector clients access its geospatial analysis application, which had allowed intelligence centers to identify individual tweets and users linked to events and keywords.
The emails released by DC Leaks suggest Dataminr sought to work with at least one foreign intelligence agency, with Beacon’s help.
In June 2015, Beacon managing director Michael Allen requested Marshall connect the firm with the British embassy before Dataminr’s visit to the United Kingdom. A few days later, Marshall emailed James Kariuki, a counselor at the embassy, noting that Dataminr would soon be meeting MI6, the British foreign intelligence agency.
“It was wonderful to see you again at the Ambassador's residence for a wonderful afternoon bbq, my son's favorite DC event,” Marshall wrote. “As I discussed with you, The Beacon Global Strategies would like to connect with you on a few issues. In particular, about a client they are introducing to people at 10 Downing and MI6.”
“I’d be more than happy to pick this up and make sure Beacon are talking to the right people in the Embassy,” Kariuki replied.
“Recipe For Corruption”
Under the US Lobbying Disclosure Act, a company must register and publicly disclose its clients if its employees are paid to contact federal policymakers, though there are loopholes that firms can use to avoid registering. For example, an individual doesn’t need to register as a lobbyist unless more than 20 percent of the work for a client consists of lobbying; a firm isn’t required to register unless it employs a lobbyist.
Beacon did not respond to questions from MapLight about whether the firm was involved in arranging any of Dataminr’s deals with US agencies. Dataminr doesn’t employ any federal lobbying firms, records show.
Experts say the meetings Beacon arranged with foreign governments fall under the purview of regulators in other countries, not anyone in the US. Most countries don’t have lobbying laws, and few mandate meaningful disclosures. As a result, the company’s efforts to sell Dataminr abroad happened in the dark.
Canada has fairly strict rules, and one meeting Marshall arranged may have required her to register to lobby there. In Canada, “consultant lobbyists,” or anyone hired by a company to lobby or arrange meetings with federal public officials, must report contacts to the Office of the Commissioner of Lobbying in Ottawa. The law carries potential criminal penalties, although prosecutions are rare.
According to one Canadian lobbying expert, Marshall should have registered and disclosed a July 2015 meeting she arranged between Beacon, Dataminr, and Canada’s then-ambassador to the US. A Beacon employee later told Marshall that Dataminr was “looking forward to scheduling” a follow-up meeting with Canada.
Canadian filings do not contain any record of Marshall's lobbying contacts.
“She’s not an employee. She’s on contract. Therefore, by definition, she’s a consultant lobbyist,” said Duff Conacher, who co-founded the Canadian watchdog group Democracy Watch. As for why compliance with the law matters, Conacher said: “Secret lobbying is a recipe for corruption, waste and other abuses.”
When MapLight informed Marshall that Canada’s lobbying rule could apply to the meeting she arranged for Dataminr, she said she couldn’t respond, before adding: “I didn't have a meeting with the ambassador.”
A Canadian embassy spokesperson said she could not confirm the former ambassador’s schedule because the embassy’s staff had changed.
Emails show Marshall also arranged meetings for Dataminr with the embassies of Japan, Denmark, and Portugal. A spokesperson at the Japanese embassy said she could not confirm whether the meeting took place. Portugal and Denmark did not respond to requests for comment.
Dataminr wasn’t Marshall’s only client through Beacon. She also assisted with Beacon’s work for APR Energy, a mobile electricity provider.
In June 2015, Marshall helped at least two APR employees obtain tickets to a luncheon hosted by Vice President Joe Biden to honor then-Brazilian President Dilma Rousseff. The event was held at the State Department, and emails show that the tickets were distributed by the Office of the Chief of Protocol, the office Marshall previously led.
“We engaged Beacon for a short period of time a couple of years ago, but no longer have an agreement with them,” an APR spokesperson told MapLight.
Beacon also asked Marshall to help the consulting firm plan out its strategy for the United Nations General Assembly session — a forum where representatives from all 193 countries in the UN vote on policy.
“We’re meeting with APR tomorrow on their UNGA strategy and that should be helpful in getting us on track,” Michael Allen, Beacon’s managing director, wrote. “But we were talking the other day and wanted to get your help on an UNGA strategy for Beacon! Like are there events that we should go to to see foreign government officials?”
Marshall’s agreement with Beacon ended in October 2015. Beacon paid her consulting company nearly $50,000 that year, emails show.
Many of Beacon’s employees went all in for Clinton during the 2016 presidential campaign. Co-founder Jeremy Bash, the former CIA and Pentagon chief of staff, advised her campaign on foreign policy. And former acting CIA director and Beacon senior counselor Mike Morell wrote a column endorsing Clinton and helped organize a letter from national security experts criticizing Republican Donald Trump.
According to Axios, Morell and Bash were both in line for top jobs in a Clinton administration. Morell was one of two remaining names under consideration for CIA director; Bash, the former CIA and Pentagon staffer, was set to be Clinton’s counterterrorism adviser. Philippe Reines would have been a White House counselor. Marshall was going to chair Clinton’s inaugural committee.
Morell, Bash, and former CIA director Panetta have continued to denounce Trump since the election, primarily for his refusal to accept US intelligence agencies’ conclusion that Russia sought to meddle in the presidential election. Morell has called the alleged Russian hacking campaign “the political equivalent of 9/11,” while Bash and other Beacon staffers have warned journalists against writing stories based on the leaks.
Still, at least one Beacon associate will likely be in Trump’s cabinet: Trump selected Retired Marine General John Kelly, a Beacon advisor, to lead the Department of Homeland Security — which has a $255,000 contract to access Dataminr’s software.
Another Beacon member might wind up in the Trump administration. Beacon vice president Bryan Smith was recently named to Trump’s transition team for the Office of the Director of National Intelligence.