Exclusive: The IDF is monitoring what Israeli citizens say on Facebook

Did you post the word ‘demonstration’ in Hebrew on Facebook? The army is keeping an eye on you. Did you use the word ‘Al Quds’ in Arabic in a WhatsApp conversation? You may have just been flagged as a terrorist. How the IDF contracts private tech companies to monitor Israeli citizens on social media.

By John Brown* and Noam Rotem / Local Call

Illustrative photo of digital surveillance. (Shutterstock.com)
Illustrative photo of digital surveillance. (Shutterstock.com)

Several years ago, a group of uniformed Israeli military officers walked into a conference room of an Israeli company that tracks and monitors discussions on the Internet for commercial purposes. The company looks at what social media users are saying about a certain brand or what they think about new products, and more.

A former employee of the company, who spoke to +972’s Hebrew sister-site, Local Call, describes how the military officers didn’t really care about those things. They got right to the point: “We need you to use your systems to monitor trigger words,” they said.

The employee, who we have agreed not to name, told us about the company’s involvement in security-based projects: “They work with the technology branch of Israeli intelligence… they provide information in Arabic on protests or conversations that include trigger words. The same goes for Hebrew, of course, including information on geographical location of the users, but I am not sure just how far it extends.”

At that same meeting the officers inquired over whether data could be purchased from companies that deal in keystroke logging, in order to tap into all the information typed into tablets or smartphones.

“There are many companies that gather open data from the web,” says the employee. “Take, for example, a company like GetTaxi. The company can ask for conversations about [its own brand], about taxis, public transportation, or any form of transportation, or anything that has been written about it in Hebrew. Technically, there is access to open data in any language of your choosing. It’s just a matter of price.”

But the Israeli army officers were interested in different words, like “boycott” or “demonstration.”

The data they requested included the identities of the authors on social media, his/her profile, the content of what they wrote, as well as their physical location. They requested the raw data without any analysis. Similar conversations took place in at least five other Israeli tech companies.

From ‘suspects’ to criminals

The IDF contracted the services of Israeli tech companies to monitor both open and private posts by Israeli citizens on social media. Army Intelligence filed a request to gather data on Israelis who write about protests in Hebrew on Facebook, WhatsApp, private chats and other networks, as well as data on users who write in Arabic and use words like “the Zionist state” and “Al-Quds” (Jerusalem in Arabic).

The testimonies we collected paint a worrying picture of the level and scope of monitoring and tracking that the security services use against both Jews and Arabs.

IDF soldiers participate in a cyber defense course. (IDF Spokesperson)
IDF soldiers participate in a cyber defense course. (IDF Spokesperson)

It must be stated that these companies are not tracking individuals suspected of any crimes, but rather in the widespread gathering of all public data available in Israel, which isn’t limited solely to posts published on social media platforms.

At its most basic level, the monitoring softwar locates keywords such as “protest” in Hebrew or “shaheed” (martyr) in Arabic. Therefore, any person who writes any of these words is supposed to receive special attention from the company’s information system.

At the highest level of monitoring, the company can recognize groups of people who are talking about a specific subject that interests the security services, allowing them to check semantic similarities between posts on social networks and posts by “flagged” individuals. The circle of “flagged” individuals grows into potential suspects based entirely on their writing style. The monitoring begins through the program’s algorithm before is it taken over by humans at a later stage.

Fictitious profiles

According to the employee, several of the monitoring companies create fictitious profiles as a tracking technique. These profiles connect with specific individuals that the system wants to monitor. This is how the companies “circumvent” privacy mechanisms, so that even when a user marks a specific piece of content as private (intended for his/her friends alone), the companies still have access to it and are able to pass it on to the security services.

After receiving numerous testimonies from employees, we contacted Bazila, an Israeli tech company that takes pride in having a “national security” specialist on staff. The specialist functions as a liaison with government organizations dealing with security in Israel and abroad, and assists in developing the interface of Bazila’s security system.

Following conversations with a number of employees in the company, we were referred to Guy Mor, the vice president of resource development and one of the founders of the company. Mor confirmed that the company works in tandem with the IDF, and that they monitor Hebrew-language users, and specifically conversations regarding boycotts of Israel.

IntuView, another Israeli company, uses a similar practice. The company’s product analyzes the way social media users feel regarding different bodies and organizations, including the state itself. Shlomi Amber, a senior executive at the company who is responsible for technological development, confirmed that the company works with the IDF and other bodies in the security services. IntuView also provides tracking and monitoring for Hebrew-language users.

Among the other companies who work in the field are Taldor, which markets its product, “Kapow” — which analyzes blogs, forums, Twitter and Facebook — in Israel.

First comes the monitoring, then comes prison

It is important to remember that a reality in which the army monitors citizens is not a nightmare that has only recently come true. It has been going on for years, day in and day out, in the West Bank and Gaza Strip. In 2014, 43 veterans from the elite Unit 8200 signed a protest letter decrying the signals intelligence unit’s abusive gathering of Palestinians’ private information, including on demonstrations, sexual orientation, financial status and anything else that would aid them in blackmailing or pressuring the population to collaborate. The goal is, in the army’s words, to “sear the consciousness” of the subjects of Israel’s military regime.

In 2011, the IDF established an “[anti] de-legitimization branch” as part of Unit 8200, whose stated goal is to gather intelligence on foreign organizations that oppose Israeli policies. The branch focuses on those who criticize Israel, and specifically BDS and flotilla activists, as well as bodies that are at the forefront of legal struggles targeting Israel, such as the International Criminal Court. After Operative Protective Edge in 2014, the unit mainly gathered intelligence that would aid Israel in its struggle against UN reports on war crimes that allegedly took place during the war. This is a clear case of the IDF’s intervention in political, and policy based issues.

The decision to use the army to intervene in inherently political issues is concerning. The IDF takes pride in the fact that it monitors foreigners but the evidence shows that the army also tracks Israeli citizens. Should the army involve itself in domestic issues of opposition to government policies? How about when that opposition is directed at Israel’s military regime in the occupied territories?

But Military Intelligence isn’t the only body involved in gathering data on Israelis through the web. According to information passed on to Local Call, it turns out that uniformed officers serving in the IDF’s research division and the Defense Ministry’s R&D units are acting as liaisons to Israeli tech monitoring companies. In addition, soldiers belonging to units dealing with teleprocessing and communications are also in contact with private tech companies.

The IDF’s cooperation with civilian groups does not end with these companies. Even the cyber department at Ben-Gurion University has contracts worth tens of millions of shekels with the army, and cooperates with the army in establishing lesson plans for the department, such that they will suit the needs of the security services. In a presentation by one of the faculty members on monitoring web data in Arabic, one can see that a study done by the department classified the words “shaheed” and “The Zionist,” among others, as words that ascribe terrorism to the writer.

Slide in a presentation by a researcher at Ben-Gurion University.
Slide in a presentation by a researcher at Ben-Gurion University.

From the information we have seen, it appears that the monitoring of Jewish Israelis in Hebrew primarily centers on political activity. In contrast, most of the information gathered about Israeli citizens in Arabic is put to use by law enforcement — leading to dozens of arrests and indictments. Authorities use the information even more widely and freely when it comes to Palestinian residents of the West Bank and East Jerusalem.

According to data, information in Hebrew is focused on things like incitement, while in Arabic the monitoring extends far beyond, to words and phrases like “shaheed” and “Al-Quds,” which are far more common and widely used in both public and private political discourse. That difference could potentially explain the disparity between the number of indictments filed against Arabs and Jews. In the criminal trials that have taken place in such cases, the security forces have not been asked to explain to the court how they collected the incriminating information, nor what lies behind their selective prosecutions.

We asked the IDF Spokesperson’s Unit whether the army is also monitoring Jewish Israelis who incite to violence against Arabs, but the spokesperson chose not to respond to the question.

One Bedouin activist’s case serves as a good example of how the state makes use of its Internet monitoring of political activism. Roughly a month ago, Israeli Police summoned the activist for interrogation. Officers presented him with printouts of entire conversations from WhatsApp, accusing him of vandalizing a nature site by painting a Palestinian flag in a village inside present-day Israel, which was destroyed in 1948. From the WhatsApp messages, police learned that the activist had made plans to visit the site, but despite that being the only information available to them, it was enough to consider him a suspect and summon him for questioning.

One might be tempted to say it is reasonable to violate someone’s privacy if they are suspected of a crime, and of course we are not condoning the alleged vandalization of a nature site. But if such prosecutions were not selective, then police should also be violating the privacy of half of the Jewish Israeli population on Independence Day in order to investigate similar crimes. We can presume that didn’t happen.

When you cast such a wide net, one which collects information that only slightly deviates from the mainstream, we must presume that information has been gathered on any one of us who has ever said or done anything on the Internet, and that that information is now sitting on an IDF server somewhere. Even if that information was eventually passed on to the Shin Bet or the police for the sake of law enforcement, the fact that information was gathered on civilians by a massive organization like the IDF, which isn’t really subject to any supervision, exposes us all to constant monitoring.

Even if nobody has made use of that information, it is important to remember that it is being gathered. For Palestinians in the West Bank it is illegal to demonstrate against the military regime, and information on such demonstrations enables authorities to act against protesters. It would also not be outrageous to imagine that if and when the boycott picks up steam, such online monitoring might be used against activists under Israel’s boycott law.

It is relatively common to imagine online social networks as a city square, an open and egalitarian space where anybody can stand up and exercise his or her freedom of expression. But with the information exposed here, perhaps a better analogy would be that social networks are more like a closed room subject to constant monitoring, in which every word uttered is collected and, when expedient, used against you. Anybody who was at all outraged by the use of “Raccoon” military surveillance vehicles against social protests in Tel Aviv, should prepare themselves for a reality in which they are monitored by the army every day, even inside their homes.

This is bad enough when it comes to public content — where the parameters for constant monitoring are determined according to political needs when it comes to Jews, and far looser parameters when it comes to non-Jews. It gets even worse when it comes to things we believe are private, like emails and private messaging apps.

Also outrageous is that the body responsible for this monitoring is the IDF; never mind the fact that in accordance with Israeli law it passes on the information to the Shin Bet and Israel Police for purposes of law enforcement. Just last week, Haaretz journalist Uri Blau revealed that the army recently attempted to purchase spyware software.

Meretz MK demands answers

In response to this article, MK Michal Rozin (Meretz) submitted a parliamentary question to the Defense Ministry, demanding answers about selective enforcement targeting Arabs on social media.

We presented the results of this investigation to the IDF Spokesperson a week ago and requested a series of clarifications and answers, among other things, about the nature and cost of contracting with private companies, whether any court approved the monitoring of private information, and on the specific flagged words and terms. This is the IDF’s full response:

The intelligence division carries out a variety of collection activities against bodies and individuals that are not citizens of the state of Israel in accordance with Israeli law, in accordance with intelligence questions that require answers. In certain circumstances the intelligence division uses civilian technology, as is the norm among intelligence agencies worldwide.

*John Brown is the pseudonym of an Israeli academic and blogger. Noam Rotem is an Israeli activist, high-tech executive and author of the blog o139.org, subtitled “Godwin doesn’t live here any more.” This article was first published in Hebrew on Local Call. Read it here.

Newsletter banner