Ex-U.S. Officials Exploited Loophole to Build UAE’s DREAD/Project Raven Surveillance Giant

Several former U.S. officials made millions constructing an internet-surveillance apparatus, known initially as DREAD, for the United Arab Emirates. Reuters, in a new investigation, reveals that the ex-officials benefited from a loophole in laws designed to prevent espionage on behalf of a foreign power. DREAD, later known as Project Raven, surreptitiously targeted accounts provided by U.S. digital giants Google, Facebook, Yahoo, and Microsoft to reap and exploit information on American citizens, Mideast and German human-rights activists, diplomats, and even soccer giant FIFA. And the loophole they exploited looks like contract fraud. 

DREAD was the result of consulting work of Richard Clarke, the White House counterterrorism czar for Bill Clinton and initially George W. Bush, along with former National Security Agency officials turned contractors deeply experienced in digital surveillance. Reuters, which broke the Project Raven story, says five other former White House officials aided the UAE project. The surveillance suite they built was agnostic to the counterterrorism purpose Clarke intended, and later expanded into spying against perceived political enemies of the wealthy, influential Gulf state. Several ex-U.S. officials involved told Reuters they became discomfited at how their UAE client used the purpose-built hacking tools, and the abuses expanded after a new contractor, Emirati cybersecurity firm DarkMatter, took over the project. 

Aiding a foreign power in surveillance on Americans or U.S. companies is illegal. Americans who worked on DREAD/Project Raven kept their U.S. security clearances, necessary for intelligence-related work, after taking advantage of what Reuters calls an obscure rule permitting defense contractors to keep clearances “for their staff even if they do no work on relevant U.S. government contracts.” That let initial DREAD contractor CyberPoint to “place some operatives onto an unrelated NSA contract for which they did no work.” While the DREAD/Project Raven effort has led to the empanelment of a federal grand jury, Reuters notes that “use of shell contracts is common among large intelligence contractors.”