Page 1 of 70
Written evidence from James John Patrick (Known As J.J. Patrick)
Introduction:
Written evidence submitted to the United Kingdom Parliament, Parliament of the European Union, and the Federal Bureau of Investigation in the United States of America by James John Patrick, known as J.J. Patrick.
This evidence is submitted freely in my capacity as a freelance journalist and contains 33,358 words and spreads over 70 pages. Due to the complex nature of the submission, my forgiveness is kindly requested for the length of the statement.
The content is true to the best of my knowledge and honest belief and I am happy to appear before any hearings, though my financial means are limited and I may require financial assistance in doing so.
Summary of Evidence:
1. Russia is deliberately interfering in Western democracy through the use of disinformation, cybercrime, psychological manipulation and the collaboration of well-placed of third parties. This hybrid conflict is live.
2. This interference has decisively impacted upon the democratic process in the United Kingdom and the United States with negative effect, and has attempted to interfere in Swedish and French democratic process. The threat is continuing and extends to additional nations.
3. There is clear evidence of voter manipulation through the use of psychometric techniques, and evidence indicating data-laundering within and outside of the EMEA data protection area by state and non-state actors.
4. The current legal frameworks and responses of the UK and the US are inadequate and have contributed to the continuance the live threat.
Personal Background:
1. Between 2004 and 2014 I served as a police officer with the Derbyshire Constabulary and Metropolitan Police Service in the United Kingdom. I retired in 2014 after giving evidence in a parliamentary inquiry.
2. In 2013 I acted as a whistleblower in the course of my duties, giving evidence to the House of Commons Public Administration Select Committee on the manipulation of crime figures by the police. The final report of the committee said of me “we are indebted to PC Patrick for his courage in speaking out, in fulfilment of his duty to the highest standards of public service, despite intense pressures to the contrary.”
3. I am now a freelance journalist and member of the National Union of Journalists and my primary publication platform is Byline, an independent news website based in the United Kingdom. This is a non-partisan publication which holds no editorial input or sway over my work. I am also signed up to the Impress regulations. My funding comes direct from the public and is unaffiliated to advertising of any kind.
4. I have also acted as a freelance specialist consultant in respect of crime data analysis with an NGO in Mexico.
Page 2 of 70
Background: Hybrid Threats And The Live Russian Hybrid Conflict
1. The concept of a “hybrid threat” was first introduced in NATO’s “Strategic Concept of 2010” and was then incorporated in the NATO “Capstone Concept”, defining hybrid threats as “those posed by adversaries, with the ability to simultaneously employ conventional and non-conventional means adaptively in pursuit of their objectives.”
2. Hybrid threat gained renewed traction in response to Russian actions in Ukraine and the Da’esh campaign in Iraq.
3. In Riga, in February 2015, EU Defence Ministers called for more unity and decisive action across the union and by May 2015 the European External Action Service had created a circular “Countering hybrid threats” encouraging states to recognise the risks and build a response.
4. An unchecked hybrid threat results in the situation we now face: a full-scale hybrid conflict. An alternative war.
5. A Hybrid conflict is defined as “a situation in which parties refrain from the overt use of armed forces against each other, relying instead on a combination of military intimidation (falling short of an attack), exploitation of economic and political vulnerabilities, and diplomatic or technological means to pursue their objectives.”
6. Most references to “hybrid war” are based around the idea of an “adversary who controls and employs a mix of tools to achieve their objectives,” and this brings with it a number of complexities.
7. There is no doubt whatsoever that we find ourselves in the middle of an alternative war by its very description.
8. As with all conflicts, attributing responsibility and intent is necessary, to ensure that state and allied policy responses are proportionate and legitimate. However, international law limitations, technological constraints, and the diffusion of actions to non-state actors work together to give an adversary in such a conflict substantial deniability.
9. For instance, the involvement of a third party not immediately identifiable as state- sponsored (such as Wikileaks) becomes incredibly difficult to set against the legal concept of “beyond reasonable doubt”. Nonetheless, the US have done this with North Korea after the Sony Pictures hack and a NATO Summit in 2014, held in Wales, has set out that the application of Article 5 of the Washington Treaty in the event of a cyber-attack does apply.
10. Currently, no specific international legal framework is in place to regulate hybrid warfare.
11. Use of “force” in international relations is still catered for under the United Nations Charter, which states “in the absence of an armed attack against a country or its allies, a member state can use force legally only if authorised by a United Nations Security Council resolution.”
12. While rules regarding traditional armed conflict are laid down in international humanitarian and human rights law, hybrid conflict and threats are only covered by a patchwork of legal
Page 3 of 70
instruments covering specific policy areas. These are the seas, counter-terrorism, money laundering, terrorist financing, and human rights.
13. This effect has allowed the growth of complex hybrid conflict operations to run almost unchecked, leading the world to the precipice it now stands upon.
14. Trump, Brexit, the attacks on the French and Dutch elections, the world cyber-attack on infrastructure and health organisations, fake news. These are the fronts in a very real conflict from which there may be no return unless a response begins.
15. Europe and much of the West is very much alive to the ongoing war, with a Summit currently ongoing in Prague.
16. The specific focus of the partly open, partly restricted meeting is to discuss “a coordinated international response to Russian aggression” and to discuss the fact “a wide gap remains between mere acknowledgement of the threat and the development of concrete and viable counter-measures.”
17. Senior NATO figures and high-ranking representatives from a large number of countries are in attendance.
18. Over one hundred specialists representing 27 countries are coming to the restricted part of the SUMMIT.
19. The meeting is being facilitated by Czech think tank European Values.
20. “The 2016 StratCom Summit in Prague was organised at a crucial time when Russian disinformation [was] increasingly targeting Western audiences, trying to sow confusion, distrust and division. I came away from the Summit encouraged by the level of awareness and expertise across Europe, its governments and organisations, who are all actively engaged in countering Russia’s disinformation operations,” said General Petr Pavel, Chairman of the NATO Military Committee, about last year’s gathering.
21. Kremlin Watch is a strategic program run by European Values, which aims to expose and confront instruments of Russian influence and linked disinformation operations focused on working to destabilise the Western democratic system.
22. The introduction to their annual report, the premise for this year’s summit, makes clear the threats uncovered by this investigation are very real.
23. “Demand is growing for a coordinated international response to Russian aggression, with many EU heads of state, other European politicians, and security experts voicing alarm about the threat. As of May 2017, several Western countries have experienced Russian interference in their elections, while the number of cyber attacks across Europe continues to rise,” the report says.
24. The comprehensive strategic assessment for 2017 makes for a sobering read, covering the EU28 including, for now, the United Kingdom.
25. The report immediately identifies two countries as being ‘collaborators’ with Russia: Greece and Cyprus, who have shown - across a number of assessed factors - no resistance to Russian influence.
Page 4 of 70
26. The authors identify a group of eight EU states who largely continue to ignore or deny the existence of Russian disinformation and hostile influence operations - Hungary, Austria, Croatia, Luxembourg, Malta, Portugal, Slovakia, Slovenia – and three states who half- acknowledge existence of the threat. They deduce the latter hesitation is attributable either to geographic distance and historical neutrality (Ireland) or to the presence of pro-Kremlin forces in the political domain which suppress any efforts to place the threat on the agenda (Italy and Bulgaria).
27. Hungary has recently been put on notice of proceedings by the European Commission in relation to its asylum laws.
28. Belgium “recognises the threat of Russian disinformation abroad, particularly in the Eastern neighbourhood, but does not consider this to be a problem for its internal security, and therefore does not consider it a national priority. Its security institutions predominantly focus on the threat of Islamist terrorism,” while Spain and France consider “Islamist propaganda to be the more serious issue and mostly attribute disinformation campaigns to terrorist recruitment. In France, incoming President Macron seems poised to make a shift in this position, but it remains an open question given France’s historically sympathetic attitude to Russia.”
29. Denmark, the Netherlands, Romania, Finland, Czech Republic, Germany, the United Kingdom, Poland are recognised as cognizant of the risks but the counter-measure strategies are identified as being in infancy and having “weak spots”, rendering them vulnerable.
30. The report also states: “For many of the EU28, a wide gap remains between mere acknowledgement of the threat and the development of concrete and viable counter- measures. The implementation of an effective strategy at the state level requires at least partial political consensus, civic support, and strong democratic institutions. Strong rhetoric and condemnation of Russian interference comes at virtually no political cost, but developing a pan-government approach necessitates the dedication of all major political parties and government bodies, as well as their active resistance against local obstacles and Kremlin-linked counter-pressures.”
31. This assessment is accurate by this investigation’s own findings.
32. The four states showing the highest levels of activity, resilience, and readiness to respond to the Russia threat, given their historical experiences, are Sweden, Estonia, Latvia, Lithuania.
33. This assessment in the case of Sweden is accurate by the findings of the previous “Skada” investigation.
34. The Baltic States (Latvia, Lithuania, and Estonia), the report says “stand at the forefront of the fight against hostile Russian influence, in large part due to their geographic proximity to Russia, historical experience, and sizeable Russian minorities. These countries have adopted strong countermeasures against Russian influence, often restricting Russian pseudo-media. They also actively engage their Russian-speaking minorities, to greater or lesser success. The Baltic experience with Kremlin-linked subversion tactics is the most developed within the EU28 and serves for major lessons learnt.”
35. The report is clear on the need for a free and independent press to form part of a counter- measure, saying “there is a strong negative correlation between the degree of Russian
Page 5 of 70
subversive influence on the one hand and the state of media literacy and press freedom on the other. In countries with deteriorating press freedom, for instance, due to measures that limit serious investigative journalism, submission to Russian influence has increased in recent months (e.g., Hungary and Croatia).”
36. But the assessment of the Western EU nations serves as a stark warning that press freedom alone is not enough.
37. According to the report, the “traditionally powerful European states only begin to display interest in countering Russian disinformation during, immediately before, or even after major domestic elections, when they have experienced or anticipate Russian interference”
38. They correctly identify that France widely ignored the threat until the recent presidential elections even though newly elected President Emmanuel Macron experienced Russian meddling during his campaign. His official foreign policy adviser recently stated, “we will have a doctrine of retaliation when it comes to Russian cyber-attacks or any other kind of attacks.”
39. The government of the Netherlands barely reacted when Russian disinformation circulated during the 2016 referendum on the Association Agreement with Ukraine but during the 2017 parliamentary elections, it decided not to use electronic voting in order to avoid possible Russian meddling.
40. The Dutch intelligence agency AIVD has since concluded that Russia tried to influence the 2017 elections by spreading fake news.
41. In Italy, initial concerns about disinformation and hostile influence operations emerged during the constitutional referendum in December 2016, when the rising anti-establishment Five Star Movement proliferated disinformation and pro-Kremlin propaganda. Nonetheless, the report starkly highlights that “the government is still not taking any action to counter these efforts. Italy is also a Kremlin ally when it comes to halting new EU sanctions related to Kremlin-sponsored atrocities in Ukraine and Syria.”
42. The report is clear that the United Kingdom had been “supporting many strategic communications projects in the Eastern Partnership region, but the debate on Kremlin subversion in the UK was very limited before the Brexit referendum in 2016.”
43. “The UK’s close ties to Kremlin-linked money has also not featured on the agenda until recently” the report adds.
44. Recognition of these threats “results in certain efforts to manage the crisis,” but in the fight against fake news, “governments often seek the help of corporations like Google and Facebook in order to protect their elections, but these companies have very limited assistance options,” the authors point out.
45. The conclusion rings true of this investigation’s own findings, in that “most measures undertaken at the last minute turn out to be “too little, too late” and lack necessary coordination. Importantly, policies against hostile foreign influence must be designed and implemented long in advance.”
Page 6 of 70
46. The Information Commissioner’s Office has launched an investigation into British election interference and voter manipulation following the submission of detailed evidence by this investigation.
47. Rightly, the report's authors highlight that Germany’s position could be the game-changer: “with federal elections in September 2017, Germany is currently preoccupied with developing resistance against Russian meddling.”
48. Over the last few months, Germany has begun taking the threat posed by Russia much more seriously than ever before, “actively boosting its cyber defence and also promoting cyber security internationally, even creating a new Bundeswehr command.”
49. “If the next German government tackles this threat with true German precision and intensity,” the authors write, “it will spill over to EU policy and prompt substantive democratic counter-pressure. Until now, the concerns of mostly smaller EU members on the Eastern flank have been insufficient to instigate a shift in EU policy.”
50. The UK is one of the most concerned countries sending a delegate to the summit, only behind Estonia, Latvia, and Lithuania.
51. The report correctly states that MI5 chief Andrew Parker has warned Russia’s threat to the UK is growing and has stated that Russia’s spy activity in the UK is extensive, as is its subversion campaign in Europe in general.
52. The authors also correctly identify that MI6 chief Alex Younger has also highlighted the issue of subversion and the disinformation campaign waged by Russia and that it was the British intelligence services who alerted the US about the Democratic National Committee hacks and the alleged Trump-Russia connection in 2015.
53. The report correctly identifies that the LSE has published a report raising alarms about weak British electoral laws which can allow foreign interference to undermine British democracy by allowing an influx of funds from unknown or suspicious sources to fund political campaigns.
54. The report also states “the UK government appears to be more concerned with the diplomatic and international aspects of Russian influence rather than malign domestic effects,” while “Facebook has warned that the June 2017 British General Election may become a subject of attack by fake news and other disinformation online.”
55. As this investigation has clearly identified there is a serious weakness in the UK system of regulation and countermeasures, a critical threat which is ongoing at this time.
56. The European Union itself is highly engaged on the threat already.
57. Speaking to Maja Kocijančič, Spokesperson for EU Foreign Affairs and Security Policy, she says “The EU coordinates on all substantial threats, such as terrorism, cyber or hybrid attacks, or propaganda, obviously along the competencies it has.”
58. “Cyber-attacks are a growing concern worldwide – including for the European union. Recent attacks experienced in different sectors require a coordinated response. While Member States remain in the front line for much of this work, the EU has an important role
Page 7 of 70
to play,” she adds. “In this regard, we will update our Cybersecurity Strategy and reinforce the regulatory framework at EU level on cybersecurity.”
59. When it comes to hybrid threats, insofar as they relate to national security and defence, and the maintenance of law and order, the primary responsibility also lies with individual EU Member States. However, many of them face common threats, which can also target cross- border networks or infrastructures. “Such threats can be addressed more effectively with a coordinated response at EU level by using EU policies and instruments,” Kocijančič said.
60. The Commission and the High Representative presented a Joint Communication "Joint Framework on countering hybrid threats – a European Union Response" which was adopted in April 2016, just as Britain’s Brexit referendum campaigns officially began.
61. Kocijančič explained the action taken after the framework was launched. “Finland established the Centre of Excellence for countering hybrid threats in April this year. While it is a Finnish national initiative, it constitutes a direct response to one of the 22 actionable proposals made in the Joint Communication.”
62. On the launch, high Representative of the Union for Foreign Affairs and Security Policy and Vice-President of the Commission, Federica Mogherini, said “as the European Union, we will grant our full support to Finland in driving the new Centre of Excellence for countering hybrid threats forward to a full operation capacity and in its future work in delivering expert strategic analysis on countering hybrid threats, which will contribute to security in Europe. The establishment of the Centre in Helsinki will further strengthen EU- NATO cooperation, particularly on one of the greatest challenges in today's world.”
63. Things have moved forwards since then. “Cyber and hybrid threats are part of the new, important cooperation between the EU and NATO, agreed through a set of 42 concrete proposals in seven different areas identified by the Joint Declaration signed in Warsaw,” Kocijančič told me.
64. The EU has also put in place a task force, aimed which Kocijančič says is aimed at “improving the EU's capacity to forecast, address and raise awareness of disinformation activities by external actors.”
65. The EU STRATCOM Task Force was set up specifically to address Russia's ongoing disinformation campaigns. From the outset one of the key focus areas was “analysing disinformation trends, explaining disinformation narratives and myth-busting.”
66. They publish ongoing fact-checks under the banner of the Disinformation Review Team, which can be found on Twitter @EUvsDisinfo.
67. The alternative war had been a live conflict for at least two years before Trump and Brexit began to unravel, despite all the signs being in plain sight.
68. The damage to date will take years to correct without more stringent response.
69. One crucial element of the political manipulation deployed by Russia, notable by its failure in France due to the government responses, and by its success in the UK with Brexit and US with Trump, is the relatively new and still misunderstood technique of psychometrics.
Page 8 of 70
70. Infamously deployed by American company Cambridge Analytica, part of the British SCL Group, in both the Trump campaign and Leave.EU’s Brexit campaign, psychometrics utilises ‘big data’ gathered through social media, surveys and other databases to create a personal profile to which messages can be tailored and targeted. It is a warfare technique.
71. Cambridge Analytica, through ex-board member and special adviser to Trump, Steve Bannon, is believed to be making attempts to woo the Pentagon and another company in the same market is Palantir, already linked to the US Department of Defense.
72. Until it became widely known in 2017, the technique of harnessing big data had been perceived as a risk for a number of years.
73. Back in 2010, cyber security company HB Gary – who worked on Federal contracts – were in friendly talks about integrating with Palantir about social media. Under the heading “Social Media, Exploitation, and Persistent Internet Operations,” senior employees of both companies were discussing “The rise of the social web has created an entirely new set of useful technologies and security vulnerabilities. It is our experience that most individuals and organisations understand there are risks to using social media but don't understand the full extent, from what types of use, what the real risks are, or how the vulnerabilities can be fully exploited.”
74. The emails were dumped on the internet by Wikileaks after one HB Gary employee exposed alleged members of Anonymous to the authorities in 2011, an event which ruined his career.
75. Arron Barr set out in further emails just how significant the development of big data as a weapon could be.
76. “There is an immense amount of information that can be aggregated from social media services to develop competitive intelligence against any target. Take any US defence contractor. If I could harvest a significant amount of data from sites such as FBO, Monster, LinkedIn, Input, Facebook, Twitter. What type of picture could I put together as far as company capabilities, future plans, contract wins, etc. From a targeting perspective could I identify information exposure points that lead to a defensive weakness...I spoke to INSCOM a few weeks ago about their desire to start to incorporate more social media reconnaissance and exploitation into their red team efforts. Such a capability has a broad applicability that will be more significantly needed in the future.”
77. Barr was years ahead of his time in identifying the risks which were subsequently exploited to manipulate both British and American electorates.
78. In one briefing email he wrote, “the explosive growth of social media has created a highly effective channel for the collection and aggregation of personal and organisational information for the purposes of tailoring content for users. To Interact in a social media ecosystem requires some release of personally identifiable information (PII), in fact with most services the more information you provide the more tailored and beneficial the experience. In most cases these are legitimate reasons for providing the information with tangible user benefits, whether it be to more personalise and localise advertising or tailored and real-time information delivery that increases personal productivity. Unfortunately, the same methods are being used to conduct information reconnaissance and exploitation. The most common current examples are spear-phishing attacks. Future social media exploitation tactics will likely be applications and service that provide personal benefit or entertainment,
Page 9 of 70
but serving a dual purpose to collect information that can be used for more insidious purposes. This marks a new class of exploitation, vehicles directly targeting people rather than the machines they use.”
79. HB Gary no longer exists as it was, and Barr is now a recluse. Nonetheless, what they identified many years ago was not only visionary but has become part of the Russian hybrid arsenal via their third-party hacking and disinformation channel, Wikileaks.
80. I tracked down one former employee of HB Gary and asked them how dangerous social media really was and if it had been weaponized. “The Russian stuff kinda proves that out right?” they replied, without hesitation.
81. “There is enough info and interaction purely in the public domain to provide intelligence and to engage in influence. Social media is the perfect mechanism. But we can see that happening right in front of us. Just have to organise and automate,” they added.
82. In the Wikileaks dumps on HB Gary there were a number of mentions about defence from weaponized use of this data, but nothing concrete. Again, the response was stark.
83. “There isn't really a defence of some properly. Not one that can be easily devised. Platforms are of course working to manage "fake info" but that only will take care of the careless and less sophisticated - if done properly. [It’s] taking advantage of people's natural inclinations... but again we can see all this in front of us.”
84. I pressed them on Cambridge Analytica and what they knew through the industry grapevine but the answer confirmed a lot of the rumours about the company’s secrecy. “I haven't heard anything...there are people that obviously have the background and talent and are now, and increasingly going to apply it in the wild. The question is not “is developing the capabilities unethical?” It's what do you do with it.”
85. This all began with a trip to Sweden, to find out the truth about crime and immigration.
86. That investigation opened the door to this one, which has clearly connected the far-right across Europe to both the American alt-right movement and Russia.
87. In turn, the Trump Administration, Brexit, and Russia have become inseparable, along with their third party actors and big data companies adding to the confusion of non-state plausible deniability.
88. I am left in no doubt, however, that the #snowman investigation has exposed the alternative conflict of World War Three. A hybrid battle which, contrary to focus on ballistic tests North Korea as a potential catalyst for future action, has already begun.
89. The dark truth is: Russia never made the official declaration.
Main Evidence: Section 1 – Sweden: The Key To Understanding The Hybrid Threat
90. When President Trump said “last night in Sweden” he had no idea what he was talking about and the right-wing coverage which followed was false. A divisive and deliberate attack on the truth, to serve nefarious ends: creation of fear through propaganda and disinformation.
Page 10 of 70
91. I went to investigate and found a much darker truth.
92. During the course of this investigation I’ve learned Sweden is a liberal, open-minded, forward-thinking country, which believes open democracy and internet access for all are closely interwoven. People feel safe and they share values which have no borders or ethnic definition. The country is strong in its unity, even in the immediate aftermath of terror. (See Appendices for the investigative articles).
93. Sweden has its fair share of criminality but, at the same time, takes one of the most honest approaches to crime recording I’ve ever encountered. The Polisen works constantly on developing innovative strategies to combat high volume crime and, in conjunction with criminologists and other agencies, they strive to address the socio-economic factors driving serious offending. The country also faces challenges of extremism, both foreign and domestic, too.
94. This investigation of the truth in Sweden uncovered the existence of a pattern. Something wrong. There is a thread to untangle and the trip was the key: something seedy is visible in the growth of insular, nationalist politics. Right-wing parties of this ilk are working together globally with a vast machinery of alternative media, ‘cyber attacks’, and data-laundering behind them. And this international network is linked to Russia.
95. People were taken by surprise with Brexit and then Trump. If they’d looked to Sweden, a country where the home-grown nationalist has much clearer Nazi roots, and where the government has acknowledged the political and physical threat posed by Russia, perhaps neither would have taken place.
96. By March 2017 support for the right wing Sverigedemokraterna (Sweden Democrats) party had almost doubled, with polls showing anticipated votes of between 19 and 23% putting them in second place, nationally.
97. Contrary to evidence uncovered in this investigation, the party website claims “the overall net impact of mass immigration from distant countries [is] strongly negative, both economically and socially.”
98. With roots deep in fascism, the party was officially founded in 1988 and rose from the white supremacy movement. The party logo from the 1990s until 2006 was a variant of the torch used by the United Kingdom’s National Front, but was changed to a distinctive blue flower with a yellow centre, the blåsippa (Hepatica).
99. Originally at its politically strongest in the south, the party gained 13% of the vote in the 2006 municipal elections in Malmö. By the 2014 general election, they had gained traction in the north - towards Stockholm - and polled at 12.9%, winning 49 seats in the Riksdag (the Swedish Parliament). They remain, however, isolated due to a policy of the other parties not to enter coalition with them.
100. Gustaf Ekström, a Waffen-SS veteran, was the first auditor of the party and Anders Klarström, once a member of the Nordiska rikspartiet ("Nordic Reich Party"), was an early chair. From the outset, the party sought alliances with the National Democratic Party of Germany and the American National Association for the Advancement of White People – founded by David Duke, Imperial Wizard of the Ku Klux Klan. The early leadership also
Page 11 of 70
sought links with publications such as the Nazi Nation Europa and Nouvelle École, the latter being a newspaper which advocates racial biology.
101. After photographs surfaced of members posing in Nazi regalia, the wearing of any kind of uniform was formally banned in 1996 as the party began to present itself more moderately. The youth branch was expelled due to racism and links to extremist groups in 2015 but has since been re-initiated under the name Ungsvenskarna (Young Swedes).
102. In November 2012 Swedish newspaper the Expressen released a series of videos from August 2010 for the second time. The ‘iron pipe scandal’, as it became known, was recorded by one MP, Kent Ekeroth, and featured his fellow SD MPs Erik Almqvist and Christian Westling. Almqvist was shown arguing with comedian Soran Ismail, and was referring to Sweden as "my country, not your country" before the trio went on to argue with a drunken man. Ekeroth was approached by a woman and called her a whore then pushed her, before the three went on to pick up iron bars in continuance of the argument with Ismail.
103. Almqvist left his position as the party's economic policy spokesperson and resigned from his seat on the executive committee after the publication. The party went on to announce Ekeroth would ‘take a break’ from his position as justice policy spokesman. Before their own expulsion, the youth movement argued the party shouldn’t have bowed to media pressure.
104. Shortly after the departures, another Swedish Democrat MP, Lars Isovaara, left his seat after reporting "two unknown men of an immigrant background" had robbed him of his backpack. The party backed the claim until the Expressen revealed Isovaara had forgotten his backpack at a restaurant and the two innocent men had helped him when he fell out of his wheelchair. The MP was also reported to the police for racial abuse against Riksdag security guards.
105. After the scandals, the party began to rise dramatically in the polls in 2015, at the peak of immigration, seeking rigid controls of those coming in for “the benefit of indigenous Swedish citizens” while simultaneously remaining critical of the special rights given to the indigenous Sami people of northern Sweden. In 2008 they went as far as adopting a motion against the rights to reindeer husbandry, arguing those "who do not involve themselves with reindeer husbandry are treated as second class citizens". They have expressed a desire to abolish funds supporting the Sami and redistribute them "regardless of ethnic identity and business operations” and seek to abolish the Sami Parliament.
106. In a mirror of right-wing part policy across Europe, the Sweden Democrats reject any notions of joining the Economic and Monetary Union of the EU, are opposed to the accession of Turkey, and want to renegotiate Swedish membership in the European Union.
107. Within this background is a key to the global network of purported national parties. The SD have long term links with the extreme right but have shifted - trying to escape this image - and found themselves aligning with the newer, more acceptable face of this politik - what is now known as the ‘alt-right’.
108. The party has found itself in regular scandal situations, being accused of antisemitism, having members expelled for extremism, and having its website blocked by the government for posting anti-Islamic cartoons. They are also boycotted from advertising
Page 12 of 70
space by some Swedish newspapers which has hindered their traditional reach to the electorate.
109. A few weeks prior to the general election of September 2014, the chairman of the Swedish Democrat’s Stockholm branch, Christoffer Dulny, resigned from his position. He was found to have been calling immigrants “shameless” and mocking them on alternative media sites.
110. In December 2016, Anna Hagwall was thrown out of the party after using arguments associated with antisemitism to argue for a bill she introduced in parliament, intended to "reduce the concentration of media ownership" in Sweden. She was attempting to make way for alternative outlets through legislation.
111. Right-wing sites Info Wars and Breitbart have been posting articles with a supporting lean towards the Sweden Democrats since 2015 at least, on a cursory search alone.
112. The link is easy to miss unless you are looking for it specifically.
113. Breitbart was founded by a right-wing journalist who died in 2012 and, though it
retains his surname, was headed up by Steve Bannon (chief advisor to President Donald Trump), who was funded directly by billionaire republican donor Robert Mercer. With the original mission being to “take back the culture”, Breitbart launched careers of a host of controversial ‘alt-right’ figures and came to London in 2014 - with Bannon saying the coming election (and subsequent referendum) were a key focus in their “current cultural and political war.”
114. While some of the back links are more obvious – for example, Duke and the SD have a long history and Bannon’s appointment in the Trump cabinet was hailed a success by Duke – these are only small components of a broader, more complex picture. And this also goes well beyond the established links between the Sweden Democrats and their EU parliamentary associations with Nigel Farage’s UKIP and Marine Le Pen’s Front National.
115. Mercer once worked for IBM designing revolutionary technology which went on to form the basis of today’s artificial intelligence and became CEO of a complex hedge fund which uses algorithms to trade. One of the funds is reported to be the most successful in the world. Since the start of the decade, Mercer has also focused millions on right-wing, “ultra- conservative” political donations.
116. Both he and Bannon are also linked to controversial data analytics firm Cambridge Analytica, which uses big data to focus tailored messaging on voters down to an individual level. (This is the subject of my #snowman investigation which builds a picture of the mass manipulation of the electorate with the aim of controlling not only geopolitics but the financial markets too.)
117. The vital factors in the success of any such campaign is a combination of the use of psychometric data, propaganda/disinformation, artificial intelligence, and hacking. The unifying feature which the strands hang off is the involvement of Russia – who have been found to be involved in state-sanctioned hacking and AI targeting of western elections.
118. The Sweden Democrats do have direct links to Russia and this has raised a significant concern over security within the Riksdag.
Page 13 of 70
119. A Russian-born political secretary for the party resigned in September 2016 after making several million kronor in a suspect property deal with a St Petersburg businessman.
120. Known by a Swedish name in parliament, having changed it on arrival in Sweden ten years before, Egor Putilov had wide access to the Riksdag when he entered a deal with an imprisoned businessman known to have strong ties to the Russian state. The property deal in question made around six million SKE for Putilov.
121. While a property scandal may seem a regular or low-level occurrence in politics, the case was unusual as the Defence Minister, Peter Hultqvist, made a quick public statement that “several people with a high level of competence have declared a potential security risk, therefore, I think that one should take the situation seriously.”
122. Clarifying the threat and indicating Russia had acquired a ‘hold’ over Putilov by way of the transaction, Lars Nicander, Director for the Center for Asymmetric Threat Studies at Sweden's National Defence College, said: “You can hear intimate conversations, you can hear the different parties' positions on the Nord Stream [gas pipeline], for example, or on NATO and trade agreements. You can even install listening devices.”
123. In August 2016, while debate was underway as to whether Sweden should enter a military partnership with NATO, Swedish social media was flooded with fake news from alternative outlets. The claims included warnings of stockpiling nuclear weapons on Swedish soil, NATO using Sweden to launch attacks on Russia, and sinister claims that NATO soldiers would rape Swedish women without fear of prosecution. Hultqvist faced harsh questioning across the country about the false stories, which also started to trickle into the mainstream media.
124. Analysts and experts in American and European intelligence singled Russia out as the prime suspect in the disinformation campaign, as the likely outcome was tightly aligned with their national objectives. “Moscow views world affairs as a system of special operations, and very sincerely believes that it itself is an object of Western special operations,” said Gleb Pavlovsky, who worked with the Kremlin before 2008. “I am sure that there are a lot of centers, some linked to the state, that are involved in inventing these kinds of fake stories.”
125. By March 2017, the Swedish defence ministry had announced the country was reinstating the military draft and 4,000 men and women would be called up for service beginning in January 2018. "The security environment in Europe and in Sweden's vicinity has deteriorated and the all-volunteer recruitment hasn't provided the Armed Forces with enough trained personnel," a spokesperson said at the time, adding "the re-activating of the conscription is needed for military readiness."
126. Shortly after the reintroduction of military service, Sweden’s Prime Minister, Stefan Löfven, set out measures designed to prevent foreign countries interfering in the 2018 Swedish general election and Anders Norlén, chair of the Riksdag constitutional committee, told Radio Sweden parties should avoid relying on Russian propaganda or other support. “Every party in the Swedish parliament has a responsibility to make sure that the facts they use and the arguments they use are sound and valid and not just a way of repeating propaganda from, for instance, Russia,” he said.
127. Mattias Karlsson, parliamentary leader of the Sweden Democrats gave a statement that Russian interference was “likely” and the security services should be tasked to
Page 14 of 70
investigate, but added “the Social Democratic government are using Russia as a means to try to silence the opposition, and trying to make everybody who doesn't share their political views suspect of being a Russian spy."
128. In June 2016, the European Council on Foreign Relations, chaired by Carl Bildt the former Swedish PM, carried out the first comprehensive survey of so-called ‘insurgent’ parties in Europe and found that “despite their differences, a majority of them are positively inclined towards Putin’s Russia and pursue policies that promote Russia’s interests in Europe.”
129. The council went on to say “parties are useful for Moscow in that they help legitimise the Kremlin’s policies and amplify Russian disinformation. At times they can also shift Europe’s domestic debates in Russia’s favour. Voting patterns in the European Parliament show that on issues such as Ukraine, the human rights situation in Russia, and association agreements with Ukraine, Georgia, and Moldova, the Dutch PVV leads the pack in pro-Russian votes. UKIP, the Sweden Democrats, Italy’s Northern League, and France’s Front National come in a shared second place.”
130. Crucially, the report did not refrain from adding, “But it is not just in matters of policy that these parties’ sympathies with the Kremlin are revealed. In them, Moscow has also found convenient and willing conveyors of its anti-Western, anti-globalisation narratives. Several of the far right leaders, such as Nigel Farage, Geert Wilders and Marine Le Pen, are frequent guests on Russia Today (RT) and Sputnik, with Farage reportedly having been offered his own show on RT.”
131. While the report noted the obvious policy leanings, it was circumspect in saying “it is less clear to what extent there is collusion,” though it made clear “the notion that Russia might be funding agents of influence by providing financing to sympathetic parties in Europe has become more salient as relations between Russia and the West have deteriorated.” This was published a long time before the extent of the Trump/Russia inquiry began to unravel in the US.
132. In their conclusion, the council recommended “European law enforcement agencies should prioritise looking into Russian covert support for populist parties and [take] steps to counter such support. European governments should consider publishing intelligence on this in the public domain. Voters have a right to be informed about whom they are voting for.”
133. What’s clear, from an investigation which began over alt-right narratives that didn’t fit the publicly available crime figures in Sweden, was the shadow of something much larger loomed over much of the western world.
134. The threat to democracy is credible and substantiated, and it is impossible to dismiss the clear and present security risks – for example, no progressive, modern country re- introduces the military draft on a whim.
135. It’s apparent that data, notably ‘big data’, plays a crucial role in what is happening because without it the delivery of often pro-Russian propaganda would not be able to gain such traction through targeting and tailoring. In turn, the globally similar messages – too alike to be coincidental – can be linked locally to nationalist parties in individual countries, while the people behind those parties and alternative media sources can be traced back to each other – internationally once again - without much effort.
Page 15 of 70
136. It’s not hard to study the interaction between shifting geopolitics and the financial markets either, though within this other factors are obviously at play.
137. Reuters reported in April 2017 that “on eight occasions over the past 12 months, the pound has moved against the dollar in the minutes before the release of the retail sales numbers, correctly anticipating the direction the currency took once the figures were published.” Some experts believe the shifts can only be as a result of leaks – the information only being provided to a short list of 41 people, twenty-four hours in advance of publication. Others believe some funds have just become very good at predicting movements working with technology and broader data sets. Publicly available 'big data'.
138. I thought at first this was about skada, damage caused in Sweden by alternative news, but it turns out I was wrong. The truth is more important now than ever and, in Sweden, I saw the shadow of the “snowman” clearly for the first time.
Main Evidence: Section 2 – Brexit: A Flawed Mechanism To Respond To A Hybrid Threat
139. On the 21st of April 2017 the Electoral Commission (EC), the independent body which oversees elections and regulates political finance in the UK, released a statement confirming they had “begun an investigation into Leave.EU’s EU Referendum spending return.”
140. Leave.EU is a limited company created by UKIP donor Arron Banks, who is currently listed as the main shareholder with Companies House, to campaign for Britain’s exit from the European Union in the 2016 referendum.
141. While Leave.EU applied to the Electoral Commission to be the designated official campaign, this was awarded to Vote Leave and an application for judicial review of the decision was never followed through.
142. The Commission’s press release stated their decision “followed an assessment which concluded that there were reasonable grounds to suspect that potential offences under the law may have occurred. The investigation is focused on whether one or more donations – including of services – accepted by Leave.EU was impermissible; and whether Leave.EU’s spending return was complete.”
143. On clarifying the release with the press office, a spokesperson said “we don’t comment on ongoing investigations,” but they were happy to explain that “a service would be a donation in kind.”
144. They could not give a timeframe for the investigation “due to complexities in these cases” and said they are unable to “speculate on sanctions if a finding was [subsequently] made, as this varies on a case by case basis”. The spokesperson recommended referring to the Enforcement Policy on their website, which gives more detail on offences and sanctions.
145. The EC’s powers to investigate offences are granted under the Political Parties, Elections and Referendums Act 2000, known as PPERA, rather than under their statutory supervisory powers. The policy is clear that the EC will only use the PPERA powers as a last resort, and that it is a criminal offence to fail to comply with, obstruct, or provide false information to such an investigation.
Page 16 of 70
146. On the Commission’s publication confirming the commencement of an investigation, Mr Banks made his own statement. “Today’s announcement is politically motivated and the timing is intended to cause maximum damage just before the general election. We will not be cooperating any further with the commission and we will see them in court.”
147. Banks had been set to stand as the UKIP candidate in Clacton-On-Sea following the resignation of the party’s only MP Douglas Carswell but withdrew on the 24th of April 2017.
148. The Electoral Commission spokesperson said there was “no comment to be made on the response of Mr Banks.”
149. Member of Parliament for Aberavon, Stephen Kinnock, welcomed the investigation which appears to relate to the ‘donation in kind’ of services by psychometric data specialists Cambridge Analytica.
150. According to other reports, Kinnock wrote to the Electoral Commission in March, citing concerns the “market rate for a donation of this kind could amount to hundreds of thousands of pounds” and that “any substantial additional spending between 15 April last year and the referendum on 23 June would have pushed Leave.EU over the spending limit for the regulated period. They were allowed by law to spend up to £700,000 but according to the accounts they filed they spent £693,000.”
151. Cambridge Analytica was used by the successful Trump campaign in the US Elections and the British-born CEO, Alexander Nix, has previously stated this earned the company $15 million dollars from this campaign alone.
152. It is known that, also in March, Mr Kinnock voiced his concerns in writing to the Special Crime and Counter-Terrorism Division of the Crown Prosecution Service. He has not, as yet, been reachable for comment.
153. Documents exclusively seen show a significant level of detail in the allegations made to the Electoral Commission, specifically relating to the donation of services by Cambridge Analytica.
1. “In a February Newspaper interview with The Observer, Andy Wigmore, the director of communications for Leave.EU, stated that Cambridge Analytica were “happy to help” with their EU referendum campaign but that they had not “employed” them. However this appears to run contrary to previous claims made by both Leave.EU and Cambridge Analytica.”
2. “In a now deleted post on their website titled The science behind our strategy, Leave.EU stated that: “Cambridge Analytica are world leaders in target voter messaging. They will be helping us map the British electorate and what they believe in, enabling us to better engage with voters. Most elections are fought using demographic and socio-economic data. Cambridge Analytica’s psychographic methodology however is on another level of sophistication.”
3. “And in November 2015, PR Week reported the following comments from Cambridge Analytica’s development programme editor: “Cambridge Analytica director of programme development Brittany Kaiser, who will be spending time split between the UK and US in the coming months, was
Page 17 of 70
speaking today (Wednesday) at a press conference hosted by Leave.EU. She later told PRWeek that the firm had been approached by the campaign several months ago, but only started working with it more recently. She said the firm’s team of data scientists and analysts, some of whom were based full- time in the UK, would be enabling targeted messaging by “understanding why certain things worry people...probing why people care about a certain issue.””
154. The documents point out that “the market rate for a donation of this kind could amount to hundreds of thousands of pounds, based on the previous experience of referendum campaigns and political parties for such analytical tools. Yet Leave.eu have not declared this donation-in-kind at any point in their returns to the Electoral Commission.”
155. The Commission guidelines specifically define a donation as money, goods, or services which is given towards campaign spending without charge or on non-commercial terms and has a value of over £500.
156. The documents state “neither Cambridge Analytica, as a US company, nor Robert Mercer, as a US citizen, fit the Electoral Commission’s list of permissible donors...there is no record that this donation was returned within 30 days as required”.
157. Robert Mercer, an American Billionaire and Trump campaign donor is reportedly linked to the psychographics company.
158. In their ‘expert paper on splitting campaign spending’, the Electoral Commission sets out the circumstances in which the costs of services might need to be divided, which includes items used before or during the regulated period of a referendum. They highlight that campaign groups must make an honest, factual assessment of the proportion of costs to be attributed to their overall expenditure.
159. The documents specify the identification of this as a serious concern
1. “In his interview with the Observer, Mr Wigmore states that the service provided by Cambridge Analytica were Leave.eu’s most “potent weapon...because using artificial intelligence, as we did, tells you all sorts of things about that individual and how to convince them with what sort of advert. And you knew there would also be other people in their network who liked what they liked, so you could spread. And then you follow them. The computer never stops learning and it never stops monitoring.””
2. “Given his stated views on the importance to their campaign of the service which was provided free of charge by Cambridge Analytica it seems inconceivable that the donation was not split and partially included in their returns for expenditure during the regulated period.”
160. The document states that Leave.EU only became a permitted participant in the
referendum on the 15th of February 2016, and so would not have legally been allowed to hold and use the full electoral register for referendum purposes prior to that date.
161. The documents also refer to US election consultants Goddard Gunster being employed by Leave.EU and states “this service has not been included in their returns as an item of split spending.” Again, the Leave.EU ‘the science behind out strategy’ page is cited:
Page 18 of 70
1. “While Cambridge Analytica will be helping with the data, Goddard Gunster, who have fought some of the most contentious referendum campaigns all over the world (with a success rate of over 90%) will be helping us turn that data into a comprehensive strategy. Working alongside them will be Ian Warren, an expert on the issues that matter to people on lower incomes.”
162. The regulated referendum period began on the 15th of April 2016 and the limits on expenditure came into force for the designated official campaigns – the lead campaigns were given higher spending limits of £7 million. The document makes a number of assessments of potential over-spending by the official Vote Leave campaign but there is no current indication of an investigation by the Electoral Commission.
163. In terms of enforcement, the EC may either force compliance of parties with a contempt of court order or prosecute. They can also issue a Stop Notice requiring an individual or organisation not to begin, or to cease their activity. In addition, in the case of impermissible or unidentifiable donations or loans being involved, the Commission may also apply for forfeiture.
164. Prior to an investigation being launched, an assessment is made by the EC and – according to their policy - they robustly dismiss the investigative option without credible evidence. They only open formal investigations where there are reasonable grounds and where the offence is in the public interest.
165. The formal sanction structure is simplistic and consists of a sliding scale: 1. A fixed monetary penalty of £200
2. A variable penalty between £250 and £20,000
3. Compliance and Restoration notices (which set out what not to do and how conduct must be managed, or force the party to restore ‘the position’ to what it would have been before the offence).
4. An Enforcement Undertaking (a binding agreement to conduct matters in a specified fashion).
166. The Electoral Commission has been instrumental in the current electoral fraud
investigations arising from the 2015 General Election, however, these cases are with the Crown Prosecution Service for charging decisions and no further detail is available at this time.
167. Looking at another recent case, reported by the Commission on the 19th of April 2017, it is possible to gain insight into sanctions and financial scales in a more comparable case to the non-party Leave.EU group.
168. Greenpeace and Friends Of The Earth worked as campaign groups during the 2015 General Election. Following an EC investigation, Greenpeace was fined £30,000 for incurring over £111,000 in campaign-related expenditure. Friends Of The Earth were fined a further £1,000 for a £24,000 campaigning spend in conjunction with Greenpeace.
169. Mr Wigmore has not yet replied to a request for Leave.EU’s official response and their press inbox is no longer monitored.
Page 19 of 70
Main Evidence: Section 3 – Data-Laundering, Non-State Actors, And The Hybrid Threat In Action
170. Our personal data is electronically stored on thousands of servers across the world. Our employment records, our personal lives, our medical histories, psychological profiles, political views, and our private communications.
171. When assembled together this forms what’s become known as a big data profile and, in reality, none of us can escape its existence.
172. Scientific research, including that by Michael Kosinski at Cambridge University, has shown that a big data profile can be used to develop targeted marketing or messaging, designed to drive a behavioural response in an individual. The technique is known as either psychographics or psychometrics and has become famous following its use by Cambridge Analytica in the Trump and Brexit campaigns.
173. Data is now the single biggest commodity in the world and can be used to drive electorates in almost every aspect of their decision making. The control of the data subsequently controls geopolitics and the world financial markets.
174. Our data is also unsafe and being deliberately stolen.
175. The largest known hack to date was centred around international technology
company Yahoo, with the data of 1.5 billion users stolen across its platforms. The company believed the attack was “state sponsored” and in March 2017 the FBI and US Department Of Justice announced charges against Russian individuals, including Russian Federal Security Service (FSB) agents Dmitry Dokuchaev and Igor Sushchin.
176. The indictment reads “The FSB officer defendants, Dmitry Dokuchaev and Igor Sushchin, protected, directed, facilitated and paid criminal hackers to collect information through computer intrusions in the U.S. and elsewhere. In the present case, they worked with co-defendants Alexsey Belan and Karim Baratov to obtain access to the email accounts of thousands of individuals.”
177. It also highlights that “during the conspiracy, the FSB officers facilitated Belan’s other criminal activities, by providing him with sensitive FSB law enforcement and intelligence information that would have helped him avoid detection by U.S. and other law enforcement agencies outside Russia, including information regarding FSB investigations of computer hacking and FSB techniques for identifying criminal hackers.”
178. In commenting, the US law enforcement community does not pull punches. “The criminal conduct at issue, carried out and otherwise facilitated by officers from an FSB unit that serves as the FBI’s point of contact in Moscow on cybercrime matters, is beyond the pale,” said Acting Assistant Attorney General McCord. “Once again, the Department and the FBI have demonstrated that hackers around the world can and will be exposed and held accountable. State actors may be using common criminals to access the data they want, but the indictment shows that our companies do not have to stand alone against this threat.”
179. The illegal data trade is well documented across the world, with so-called "Data laundering" now defined as "obscuring, removing, or fabricating the provenance of illegally obtained data such that it may be used for lawful purposes".
Page 20 of 70
180. Security experts are well aware of the huge scale of the problem. New Zealand based expert Andy Prow has previously said turning hacked data into a legitimate commercial asset is "the nature of a maturing industry". He highlights that hacked data is easily made to look legitimate and then sold on to often unsuspecting clients. "It doesn't raise too many warnings."
181. Hackers, traditionally, sell stolen data for Bitcoin payments.
182. In May 2016, one hacker offered the private data of 117 million Linked In users,
including passwords, in exchange for 5 Bitcoin. In September 2016 a further 68 million account details, this time from Dropbox, were offered for sale for 2 Bitcoin. Both offers were made on the ‘dark web’ outlet The Real Deal.
183. Bitcoin are worth £1,040 each at the current exchange rate and their value has increased exponentially over the last five years, though there have been other electronic global currencies before its creation.
184. In 2006, Donald Trump’s advisor Steve Bannon was involved in a company called IGE who, via Goldman Sachs investments, spent $60 million dollars on a ‘gold farming’ enterprise within the online game World Of Warcraft. This involved harvesting virtual gold resources and selling it back to players. Eventually, IGE was confronted with a lawsuit, the gold trade came to an end, and Bannon went on to head up the right-wing news site Breitbart. He also sat on the board at Cambridge Analytica.
185. Bitcoin’s cryptographic, decentralised currency first appeared in 2007 and was developed by what is thought to be a collective of people operating under the pseudonym Satoshi Nakamoto. The patents for bitcoin and its encryption first appeared in 2008 and were registered by Neal Kin, Vladimir Oksman, and Charles Bry, though they have always denied being involved with Nakamoto.
186. Nakamoto disappeared from Bitcoin forums - and then altogether - in December 2010. This came after Wikileaks began to accept the currency for donations despite pleas from the Bitcoin founder for this not to happen. He wrote “I make this appeal to Wikileaks not to try to use bitcoin. Bitcoin is a small beta community in its infancy. You would not stand to get more than pocket change, and the heat you would bring would likely destroy us at this stage.”
187. WikiLeaks went on to harness the use of Bitcoin and has also reportedly hidden messages in blockchain code associated with Bitcoin transactions.
188. Russia officially describes Bitcoin as “a virus” but this hasn’t deterred legitimate global investments elsewhere, with China investing hundreds of millions of dollars. What is clear is that the market is heavily masked, unregulated by conventional standards, and is used as the currency of data criminality.
189. In July 2016, British citizen George Cottrell was arrested on 21 charges including attempted extortion, money laundering and fraud. At the time, he was stepping off a plane at Chicago’s O’Hare airport with Nigel Farage.
190. They were on their way to Heathrow at the time of the arrest after attending the Republican party’s Convention in Cleveland, where they appeared on television, met with US senators, and engaged in discussions with aides to presidential candidate Donald Trump.
Page 21 of 70
Cottrell had been working for Mr Farage during the Brexit referendum and is the nephew of Lord Hesketh, a hereditary peer and former Conservative Party treasurer who defected to UKIP in 2011.
191. Cottrell had been offering money laundering services on the ‘dark web’ and met with undercover agents in Las Vegas, where he made arrangements for them to send him £15,500 before threatening to expose them to the authorities unless they transferred him £62,000 in Bitcoin.
192. Following a ‘dump’ of CIA data on the WikiLeaks site in March 2017, analysts have begun to draw conclusions that Assange’s site is, in fact, a Russian interest.
193. Dr Andrew Foxall, director of the Russia Centre at the Henry Jackson Institute says “Wikileaks has secret Russian intelligence but hasn’t disclosed anything remotely sensitive about Russia. He [Assange] has taken a consistently pro-Russia stance.”
194. Though Assange denied the claims, speaking from the Ecuadorian Embassy in London, Foxall added “The documents contained 75,000 redactions. These were codes that would also affect Russia’s security, because some of the data was relatively fresh, it is unlikely it had been in the pipeline for a while. And Assange’s team is small. The logical conclusion is that the data was given already redacted. This was the work of a sophisticated team, and it fits entirely into a pattern of behaviour demonstrated by Russia in the past.”
195. In January 2017, the Office of the Director of National Intelligence confirmed there was a “high confidence that Russian military intelligence relayed material to WikiLeaks.”
196. Former UKIP Leader and instrumental Brexit politician Nigel Farage has documented close links to the Trump administration and in March 2017 personally thanked Steve Bannon for his help in making the trigger of Article 50 a reality. During the same period, the MEP was also seen visiting Ecuadorian embassy.
197. Though Farage said at the time of the embassy visit “I never discuss where I go or who I see,” leaked emails show that UKIP has been supporting Assange since 2011.
198. The Farage-led Europe of Freedom and Democracy group subsequently tabled a motion attacking "the possible abuse of the European Arrest Warrant for political purposes,” and on Russian Today a UKIP representative labelled extradition proceedings against Assange as “legalised kidnap.”
199. Farage also used his LBC radio show to broadcast a repeat Assange's denial of Russian involvement in the hacking of the Democratic National Committee and Democratic presidential nominee Hilary Clinton during the US election. In January 2017 Farage said “[Julian Assange] is absolutely clear that all the information he has got is not from Russian sources.”
200. In the same month as Farage’s Broadcast, senior officials in the CIA confirmed the leaked DNC material had been traced to Russian GRU officials and “handed off” to Assange via a “circuitous route” in an attempt to avoid detection of the original source. The US security service and congressional investigations are continuing.
201. By April 2017, with the French presidential elections underway, right-wing candidate Marine Le Pen had been to Moscow to visit Vladimir Putin and Assange had made a
Page 22 of 70
statement to Russian newspaper Izvestia that WikiLeaks would “throw oil on the fire of the French presidential election.” Le Pen was also interviewed by Farage.
202. After Le Pen successfully passed through the first round in the election race in April 2017, cyber security experts warned that her rival, centrist Emanuel Macron, has been targeted by the same hacking group involved in the US elections.
203. Trend Micro, a Japanese cyber security company, have stated there is evidence “APT 28”, a group of hackers linked by US security services to the GRU (Russia’s military intelligence agency), was directing resources to influence the French contest. The group initially masqueraded as ISIS during previous hacking activities.
204. The hackers are said to have been found setting up a number of phishing sites aimed at duping En Marche! members into attempting to log in, thus giving the group access to their email servers. This was the technique allegedly deployed against the Clinton campaign which led to the release of thousands of emails via Wikileaks. The Macron campaign insists it has not been compromised as yet.
205. Russian election hacking has also been deployed in the UK.
206. In 2015, the general election campaign was targeted by Russian hackers, who GCHQ
believe were state-backed. Former minister Chris Bryant said in February 2017 “There is now clear evidence of Russian direct, corrupt involvement in elections in France, in Germany, in the United States of America, and I would argue also in this country.”
207. And, in April 2017, the Commons Public Administration and Constitutional Affairs Committee concluded foreign states had attempted to target the Brexit referendum. While the committee report focused on a denial of service attack on the "register to vote" site, it also made clear “The U.S. and U.K. understanding of 'cyber' is predominantly technical and computer-network based. For example, Russia and China use a cognitive approach based on understanding of mass psychology and of how to exploit individuals.”
208. While specific state data can be washed and released through back channels like Wikileaks, aiming to negatively impact individual candidate campaigns, and denial of service or phishing attacks can work crudely towards a similar aim, the exploitation aspect is central to big data’s inherent value.
209. Using big data, companies such as Cambridge Analytica often conduct what’s called an 'Ocean' personality assessment (normally used in psychology). The more expansive the data held the more intricate your individual profile can be and, with the ‘right’ data, it can then be targeted at people you know too.
210. A basic profile, as Michael Kosinski found in his research, can predict your behaviours just based on social media likes. An advanced profile, based on what websites you visit, what news you read, your job, your politics, your purchases, your medical records, would mean such a company knows you better than you know yourself.
211. This allows the people who pay for such services to target you at an individual level with news, information or social media posts which are tweaked to make sure they have the biggest psychological impact on you.
Page 23 of 70
212. Fake news and alternative facts are a central part of this and will be covered as part of this series in more detail, though the Russian terms ‘pokazukha’, which means something like a staged stunt, and ‘zakazukha’, which refers to the widespread practice of planting puff pieces or hatchet jobs, are both terms which are relevant in the broader context of this investigation.
213. Using psychometric profiles, the simplistic creation of AI driven ‘bots’ on social media can push selected messages into more common public view – with the added bonus of the Social Media Echo Chamber ensuring the activity is only seen by the appropriate recipients. This kept much of the activity out of sight and is the core reason the authorities were so late in responding to the threat.
214. Giving evidence to the Senate Intelligence Committee in April 2017, former FBI Agent Clint Watts highlighted the reason the bots are so effective as a delivery mechanism “whenever you're trying to socially engineer them [voters] and convince them that the information is true, it's much more simple because you see somebody and they look exactly like you, even down to the pictures.”
215. AI was originally thought to be primarily a Twitter issue, but Facebook has now recognised that the creation of these bots (false accounts) has also infected their platform. They acknowledge how this impacted on both the US Presidential election and on the UK’s Brexit referendum.
216. Watts says the bot campaign comes via a "very diffuse network" which often competes with its own efforts “even amongst hackers, between different parts of Russian intelligence, and propagandists — all with general guidelines about what to pursue, but doing it at different times and paces and rhythms."
217. Facebook does, now, directly attribute the growth of its false accounts problem to ‘government’ interference. “We recognize that, in today’s information environment, social media plays a sizable role in facilitating communications – not only in times of civic events, such as elections, but in everyday expression,” they said in their latest security report. “In some circumstances, however, we recognize that the risk of malicious actors seeking to use Facebook to mislead people or otherwise promote inauthentic communications can be higher.”
218. In advance of France’s election campaign the company shut down around 30,000 suspicious accounts posting high volumes of material to large audiences, saying: “We have had to expand our security focus from traditional abusive behavior, such as account hacking, malware, spam and financial scams, to include more subtle and insidious forms of misuse, including attempts to manipulate civic discourse and deceive people.”
219. What’s clear is that all of the strands of the hacking web interact to create a whole. A viral organism dependent on each of its elements to work effectively, mutate, and spread. We, people, are little more than the host keeping it alive; like any good virus, it relies on us.
220. This is a natural progression, a computer virus for all intents and purposes, engineered by a malicious enemy to attack humans rather than machines. The next generation of chemical warfare. And, so far, it has proven highly effective.
221. Big data provides the key to the delivery system and the route to infection. Hence the commodity value.
Page 24 of 70
222. What is also clear is that the organism relies on the interactions of key figures across the world - ones who share a common goal. Among them are many who show some signs of having fallen to a much older, cold war technique: provokatsiya.
223. The full meaning of the term is often given as “taking control of your enemies in secret and encouraging them to do things that discredit them and help you. You plant your own agent provocateurs and flip legitimate activists, turning them to your side.” In some cases it can extend to creating extremists and terrorists where none exist, effectively creating a problem in order to solve it, and the Russian services have been known to deploy such tactics since the Tsarist period.
224. As with all classic money-laundering operations, the trick to successful data- laundering to these ends would be to establish a legitimate looking front. And it would make sense to deploy provokatsiya in this context to integrate the business as quietly as possible, this would be especially effective somewhere cash has been successfully cleaned for years.
225. In March it was revealed that $740 million of money from Russian criminal operations was laundered in the UK as part of a global scheme to clean up to $80 billion in illegal funds. One source, while discussing how the financial sector is so complex this could easily go unnoticed, said: “if you are on the back end you are kind of playing whack-a- mole, trying to pick this up.”
226. But this is no longer about following the money - finances are now secondary. The thing to follow is the most valuable commodity of all: the data itself
227. The figures, companies, and groups involved in the UK arm of this operation – which relies on hacking, psychometric targeting, propaganda, and disinformation - are left exposed by the same thing they are using as a weapon: big data.
228. Extraordinarily, those involved received an unveiled warning from the Information Commissioner’s office ahead of June 2017’s general election.
229. The findings of this piece of investigative work were referred to the Electoral Commission – as Leave.EU may have further undeclared donations of services within their complex company structure, taking them well beyond permissible campaign limits – and to the ICO due to the complex of issue of ‘sugging’ across multiple companies.
230. The ICO has now announced an official investigation (details of which are included herein).
231. The Information Commissioner’s Office, known as the ICO, is the UK's independent body set up to ensure information rights in the public interest. They keep a national register of data controllers – people authorised to handle our data – and uphold the laws set out in the Data Protection legislation. Their powers are similar to the Electoral Commission in terms of demanding compliance through orders and agreements, issuing substantial fines, or instigating prosecutions.
232. The data protection regulations are set to change next year and, though this enhancement is an EU initiative, the current government has committed to implementing the new framework. The General Data Protection Regulations is the title of the new law, which will replace the Data Protection 1998 on the 25th of May 2018.
Page 25 of 70
233. The ICO holds information on all companies handling controlled data in the UK and, in the wake of revelations about the use of ‘big data’, has issued starkly worded guidance for political parties ahead of the general election 2017.
234. The ICO were initially approached with three specific questions arising from this investigation:
1) Was Vote Leave (not Leave.EU) ever fined or reported over spam messages sent by US company UCampaign via their app?
2) Is there an official, ongoing inquiry into Cambridge Analytica / SCL Elections and, if so, what is the official comment?
3) Where one company is restricted to transfers of data within the European Economic Area (EEA) and they transfer data to a non-restricted company (who can transfer data anywhere in the world), is it legal?
235. The ICO replied with an unprecedented press release, headed “Information Commissioner warns political groups to campaign within the law,” which confirms just how serious the situation really is as we approach a contentious, snap general election.
236. The ICO has written to all major political parties reminding them of their obligations when contacting potential supporters during the election campaign. Extraordinarily, the Commissioner’s Office has invited every party to a briefing session, to hear details of the “updated guidance on the use of personal data in political campaigning,” which includes “data analytics and associated technologies.”
237. The ICO briefing for political parties wass scheduled for the 4th of May, the same day as local elections across the United Kingdom.
238. Elizabeth Denham was appointed UK Information Commissioner in July 2016, having previously held the position of Information and Privacy Commissioner for British Columbia, Canada and Assistant Privacy Commissioner of Canada. In her statement, she said “engagement with the electorate is vital to the democratic process. But, if a party or campaign group fails to comply with the law, it may face enforcement action as well as reputational damage to its campaign. People have a right to expect that their information will be used in line with the law and my office is there to uphold that right.”
239. The ICO make clear the new guidance was issued in response to an “increase in complaints from members of the public about the promotion of political parties, their candidates, and their views during political campaigns.”
240. The Commissioner’s Office has received complaints about “the use of surveys to gain support for campaigns now or in the future” and also “concerns that their personal information has been shared between national and local organisations.”
241. The employment of surveys is broadly cited by controversial company Cambridge Analytica, who use the data gathered to form psychometric profiles which guide targeted messaging and were successfully deployed in both the Brexit and Trump campaigns. Both campaigns are linked to Russia, hacking, and the use of disinformation to drive voter behaviour.
Page 26 of 70
242. The ICO guidance explicitly covers ‘viral’ marketing, stating that it must comply with the same rules as direct marketing and cannot dip around consent to the use of data by simply asking people to pass it on.
243. Leave.EU, the campaign of Arron Banks fronted by Nigel Farage, trading under the name Better For The Country Limited, was fined £50,000 by the ICO for sending 500,000 unsolicited text messages asking people to support Brexit between May and October 2015 – a year before the referendum.
244. The ICO, though specifically asked, have made no comment on the official Vote Leave campaign’s use of American app provider UCampaign, which used phone book access via the application to send unsolicited messages to the relatives of hundreds of thousands of voters. The ICO database shows no registrations for UCampaign, the company behind it, Political Social Media LLC, Vote Leave, Vote Leave Limited, or Get Change Limited.
245. Both of these activities would fall well within the definition of viral marketing set out in the guidance.
246. In terms of the survey data gathering, such as that deployed by Cambridge Analytica, the ICO specifically define this practice as “sugging.” They make clear that using surveys to collect data (whether it is ultimately used by the company conducting the survey, or sold on to others, or intended to gather the information for use in marketing) falls within direct marketing.
247. Even open source data, they say, requires adherence to data protection legislation and this would include your social media likes and posts. There is no access to collection and retention of this data which escapes the legal protections.
248. Leave.EU and Cambridge Analytica worked together during the Brexit campaign, though comments have been made attempting to distance themselves from this.
249. This investigation has already exclusively uncovered that the Electoral Commission are investigating Leave.EU for undeclared and potentially illegal donations of services by Cambridge Analytica, also known in the UK as SCL Elections, during the Brexit campaign.
250. The documents seen point out that “the market rate for a donation of this kind could amount to hundreds of thousands of pounds, based on the previous experience of referendum campaigns and political parties for such analytical tools. Yet Leave.eu have not declared this donation-in-kind at any point in their returns to the Electoral Commission.”
251. Though the ICO have refused to confirm whether they are investigating these companies in tandem with the Electoral Commission, with this investigation revealing a broader picture of Russian-linked data laundering the ICO’s public access database holds valuable information on both companies.
252. It appears both are structurally designed to engage in ‘sugging’ and facilitate transfers of data within and outside of the EEA.
253. The ICO state that ‘sugging’ “attracts a maximum fine of £500,000” as it is a “breach of the Privacy and Electronic Communications Regulations (PECR).”
254. Set against the context of the hybrid threat, the ICO powers alone are insufficient.
Page 27 of 70
255. Leave.EU, the company behind the unofficial Brexit campaign, registered with the ICO on the 29th of February 2016 and this expires in 2018. They give their headline reason for processing data as being to “enable us to promote our goods & services” and state they hold “personal, family, lifestyle, social circumstances, and financial details.”
256. In the sensitive class of information, they are registered to hold “political interests and racial/ethnic origin” data and the company is authorised to share what it holds with affiliate groups, central government, suppliers and service providers, financial organisations, and the Electoral Commission.
257. Despite being a company established specifically to support the domestic Brexit campaign, the register for Leave.EU shows that “personal information is traded as a primary business function” and adds the information may be shared with “business associates, advisers, associates” and “traders in personal data.”
258. The UK based company entry also states “it may sometimes be necessary to transfer personal information overseas” though this is restricted to within the EEA.
259. Cambridge Analytica is slightly different.
260. The company was first registered in November 2015, and the registration expires this
year. The address listed is at the Cooperation Trust Center, Wilmington, Delaware, though it also gives a UK representative, Jordanna Zetter, based in London. She is an Operations Executive at SCL Group.
261. Listed as a “data analytics” company, they state they carry out marketing, advertising, and PR functions, as well as undertaking research. They hold the same classes of primary data as Leave.EU but the sensitive information is much deeper.
262. Cambridge Analytica holds information on people’s physical and mental health, racial and ethnic origin, religious or “other similar” beliefs, trade union memberships and “political opinions.”
263. The other differences from Leave.EU are that the US company includes retained data from survey respondents, and can transfer the data they hold to territories and countries around the world.
264. One of their primary functions is to acquire data through surveys – a method first developed by a Cambridge academic and which bears similarities to aspects of Cambridge Analytica’s psychometric profiling.
265. But Cambridge Analytica is not the principle trading name for the organisation in the United Kingdom, in fact, it is the US brand which became famous as a result of the Trump campaign. In the UK the primary business is SCL Elections Limited, and its registration strengthens the depth of connection to Leave.EU and the businesses (and people) behind it.
266. SCL Elections Limited registered in November 2015, the same month as Cambridge Analytica but trades at a separate London address in E14. The sensitive data classes held
Page 28 of 70
are the same as CA but the headline data is expanded to include “memberships, employment, and education” information.
267. Again the transfer of data is worldwide, not EEA restricted, and the company can share data with business associates. Working with Leave.EU, whose primary business function is the trade of data, this means a legitimate transfer from the UK could reach America or another worldwide territory without the law technically being broken.
268. This also means Leave.EU, via its connection with CA/SCL, could buy in databases created outside of the EEA area where data is regulated, or simply buy ‘sugged’ databases created through CA/SCL surveys hosted outside of the EEA.
269. As this investigation has previously highlighted, Steve Bannon has defined links to Cambridge Analytica by way of his former seat on the board, and the company’s owner, Robert Mercer, was a key donor to Trump’s campaign.
270. In January 2017, Trump signed an executive order exempting non-US citizens from the privacy shield – an EU-US law which defined what data could be shared between businesses on both sides of the Atlantic ocean and how that data can be used. It was designed so data protection laws can be upheld between EU's the member states and the US.
271. Wired reported at the time that “the Privacy Shield was developed by EU and US negotiators in 2015 after the previous data sharing agreement between the two groups was struck down by Europe's highest court. In October 2015, the European Court of Justice ruled the Safe Harbour framework was invalid as data being sent out of the EU was not being properly protected.”
272. Both the EU and the US were aware of the capabilities of data exploitation in circumstances exactly matching the Leave.EU and CA/SCL scenario, and it appears Trump has interfered in enhanced protections while being directly connected to parties benefitting the arrangement.
273. The data laundering trade, also highlighted by this investigation, involves reportedly legitimate purchases of hacked data in exchange for Bitcoin.
274. The arrangements of international transfer available to CA/SCL provide a direct channel for the use of laundered data in the UK.
275. When Leave.EU received it’s £50,000 fine for the 2015 spam campaign, they claimed they obtained the lists from a third-party supplier.
276. In much the same way, the official Vote leave campaign would have avoided data protections – they were not registered themselves and nor was the app provider, UCampaign, who would have retained the data captured by the app in the US.
277. The data wash is clear: whether it is legally or illegally sourced it can enter the country and leave it freely.
278. Looking behind Leave.EU, the mirror of SCL’s registration is much clearer. Better For The Country Limited registered in August 2015 at the same address as Leave.EU but included transfers to countries and territories throughout the world.
Page 29 of 70
279. The company connections are labyrinthine, but finally provide the direct connections which have been missing.
280. While Leave.EU has not yet posted accounts, Better For The Country Limited last filed showing £1.295 million in shareholder funds. The company was registered with Companies House in May 2015, listing its nature as “other information services.”
281. The current directorships show Andrew Wigmore (prominent Leave.EU figure), Maria Ming, Alison Marshall, Elizabeth Bilney, Arron Banks (well-known UKIP Donor), Ranja Abbot, and Dawn Williams.
282. Bilney is interesting, also being listed as a director at Banks’ flagship alternative media outlet Westmonster, and a new venture ‘Big Data Dolphins’ alongside Alison Marshall.
283. Big Data Dolphins is an unknown quantity but was only registered with Companies House in December 2016 giving its nature as “business and domestic software development” and “data processing, hosting and related activities.”
284. The ICO registration is a mirror of SCL’s but is shown as having data transfers restricted to the EEA. The shareholders also link to Rock Services, Banks’ insurance company, though the majority share (91%) shows as being owned by Deep DD Limited which returns no trace on any company searches.
285. Also registered at Lysander House, a development in Bristol and the home of most of Banks’ businesses, Bilney is listed as an active director of Chartwell Political Limited, a company set up in June 2014 to carry out “market research and public opinion polling.”
https://jjpatrickauthor.files.wordpress ... threat.pdf