Miss a day, miss a lot. Subscribe to The Defender's Top News of the Day. It's free.

Government agencies, private-sector firms, academia and nonprofits were collaborating to combat alleged “misinformation” and “disinformation” as far back as 2017, according to new documents released Tuesday.

The “CTIL Files” — which refer to the Cyber Threat Intelligence League, or CTI League, a key player in the so-called “Censorship-Industrial Complex” — are based on documents received from an unnamed but “highly credible” whistleblower, according to investigative journalists Michael Shellenberger, Alex Gutentag and Matt Taibbi, who released the files.

The new documents rival or exceed the “Twitter Files” and “Facebook Files” in “scale and importance,” according to the journalists, two of whom — Shellenberger and Taibbi — were instrumental in releasing many of the “Twitter Files” that first called attention to the “Censorship-Industrial Complex.”

A comprehensive picture of the birth of the ‘anti-disinformation’ sector

The documents, which the journalists detailed on Substack, center around the activities of the CTI League, which “officially began as the volunteer project of data scientists and defense and intelligence veterans but whose tactics over time appear to have been absorbed into multiple official projects, including those of the Department of Homeland Security (DHS).”

According to the journalists, the CTI League documents “offer the missing link … to key questions not addressed in the Twitter Files and Facebook Files” and “offer a comprehensive picture of the birth of the ‘anti-disinformation’ sector.”

“The whistleblower’s documents describe everything from the genesis of modern digital censorship programs to the role of the military and intelligence agencies, partnerships with civil society organizations and commercial media, and the use of sock puppet accounts and other offensive techniques,” the journalists wrote.

Documents in the “CTIL Files” show members of the CTI League, DHS officials and key figures from social media companies “all working closely together in the censorship process.”

This “public-private model” laid the groundwork for “anti-misinformation” and “anti-disinformation” campaigns launched by the U.S. and U.K. governments in 2020 and 2021, the journalists wrote, including attempts to circumvent First Amendment protections against government censorship of speech in the U.S.

Such tactics included “masking censorship within cybersecurity institutions and counter-disinformation agendas; a heavy focus on stopping disfavored narratives, not just wrong facts; and pressuring social media platforms to take down information or take other actions to prevent content from going viral,” they added.

The CTI League went still further though, the journalists wrote, engaging “in offensive operations to influence public opinion, discussing ways to promote ‘counter-messaging,’ co-opt hashtags, dilute disfavored messaging, create sock puppet accounts, and infiltrate private invite-only groups.”

Such censorship lies at the heart of Missouri et al. v. Biden et al., a First Amendment censorship case where injunctions were issued against several federal agencies and government officials, barring them from communicating with social media companies regarding user content. The injunctions are now under review by the U.S. Supreme Court.

Former British intelligence analyst charged with creating counter-disinformation project

The journalists wrote that while previous releases of the “Twitter Files” and “Facebook Files” revealed “overwhelming evidence of government-sponsored censorship,” they had not revealed “where the idea for such mass censorship came from.”

The whistleblower alleged that a key figure in the CTI League, “a ‘former’ British intelligence analyst, was ‘in the room’ at the Obama White House in 2017 when she received the instructions to create a counter-disinformation project to stop a ‘repeat of 2016.’”

By 2019, this analyst, Sara-Jayne “SJ” Terp, had “developed the sweeping censorship framework,” leading a team of U.S. and U.K. “military and intelligence contractors” who “co-led CTIL.” Previously, in 2018, Terp attended a 10-day military exercise organized by the U.S. Army Special Operations Command, according to the journalists.

It was there that Terp met Pablo Breuer, a former U.S. Navy commander, who became a key figure in the CTI League. According to Wired, the two realized that misinformation “could be treated … as a cybersecurity problem.” This led to the development of CogSec, which soon housed the “MisinfoSec Working Group.”

“Terp’s plan, which she shared in presentations to information security and cybersecurity groups in 2019, was to create ‘Misinfosec communities’ that would include government,” the journalists wrote.

By spring 2020, it appears Terp achieved this plan, as the CTI League partnered with the Cybersecurity and Infrastructure Security Agency (CISA), which has been implicated in prior releases of the “Twitter Files” for its role in the “Censorship-Industrial Complex.”

The MisinfoSec Working Group included Renee DiResta, a former CIA operative who worked for the Election Integrity Partnership (EIP) — later renamed the Virality Project (VP). This group “created a censorship, influence, and anti-disinformation strategy called Adversarial Misinformation and Influence Tactics and Techniques (AMITT).”

According to the journalists, AMITT adapted “a cybersecurity framework developed by MITRE, a major defense and intelligence contractor that has an annual budget of $1 to $2 billion in government funding.” MITRE is a backer of the Vaccination Credential Initiative and the SMART Health Card — a digital “vaccine passport.”

Terp used AMITT to develop the DISARM framework, which the World Health Organization (WHO) applied in “countering anti-vaccination campaigns across Europe.”

The same framework “has been formally adopted by the European Union and the United States as part of a ‘common standard for exchanging structured threat information on Foreign Information Manipulation and Interference’” according to the journalists.

‘Can we get a troll on their bums?’

According to the journalists, MisinfoSec’s motivation for counter-misinformation was the “twin political earthquakes of 2016: Brexit and the election of Trump.”

“There’s something off kilter with our information landscape,” Terp and other CTI League members wrote, according to documents.

“The usual useful idiots and fifth columnists — now augmented by automated bots, cyborgs and human trolls — are busily engineering public opinion, stoking up outrage, sowing doubt and chipping away at trust in our institutions. And now it’s our brains that are being hacked,” they added.

In spring 2020, the CTI League set its sights on COVID-19-related narratives, targeting users who engaged in messaging that ran contrary to official policy.

“CTIL began tracking and reporting disfavored content on social media, such as anti-lockdown narratives like ‘all jobs are essential,’ ‘we won’t stay home,’ and ‘open America now,’” the journalists wrote.

“CTIL created a law enforcement channel for reporting content as part of these efforts. The organization also did research on individuals posting anti-lockdown hashtags … and kept a spreadsheet with details from their Twitter bios. The group also discussed requesting ‘takedowns’ and reporting website domains to registrars,” they added.

Regarding the “we won’t stay home” narrative, internal documents revealed by the whistleblower showed that CTI League members wrote, “Do we have enough to ask for the groups and/or accounts to be taken down or at a minimum reported and checked?” and “Can we get all troll on their bums if not?”

They also called posters circulating online promoting anti-lockdown posters “disinformation artifacts,” saying, “We should have seen this one coming” and asking “can we stop the spread, do we have enough evidence to stop superspreaders, and are there other things we can do (are there countermessagers we can ping etc).”

During CTI League brainstorming sessions to develop strategies for “counter-messaging for things like encouraging people to wear masks,” statements such as “Repetition is truth” were uttered by CTI League staff, the journalists noted.

The CTI League also sought to go “beyond simply urging Twitter to slap a warning label on Tweets, or to put individuals on blacklists.”

According to the journalists, “The AMITT framework calls for discrediting individuals as a necessary prerequisite of demanding censorship against them” and “trying to get banks to cut off financial services to individuals who organize rallies or events.”

As part of these efforts, even truthful information was targeted. In a 2019 podcast on “Disinformation, Cognitive Security, and Influence,” Terp admitted, “Most information is actually true … but set in the wrong context.”

“You’re not trying to get people to believe lies most of the time,” she said. “Most of the time, you’re trying to change their belief sets. And in fact, really deeper than that, you’re trying to change, to shift their internal narratives … the set of stories that are your baseline for your culture.”

Previous “Twitter Files” releases have revealed that true information was targeted for censorship by the U.S. government and social media platforms like Twitter if the information contradicted official policy regarding COVID-19 vaccines and restrictions.

‘Cognitive security’ a euphemism for censorship

In the same podcast, according to the journalists, Terp said, “Cognitive security is the thing you want to have. You want to protect that cognitive layer. It basically, it’s about pollution. Misinformation, disinformation is a form of pollution across the Internet.”

The journalists wrote, “A key component of Terp’s work through CTIL, MisinfoSec, and AMITT was to insert the concept of ‘cognitive security’ into the fields of cybersecurity and information security.”

Such “cognitive security” was seen as being threatened by the erosion of the mass media’s control on information and influence over public opinion.

Documents revealed by the whistleblower included a MisinfoSec report stating “For a long time, the ability to reach mass audiences belonged to the nation-state (e.g. in the USA via broadcast licensing through ABC, CBS and NBC).”

“Now, however, control of informational instruments has been allowed to devolve to large technology companies who have been blissfully complacent and complicit in facilitating access to the public for information operators at a fraction of what it would have cost them by other means,” the report said.

The same report also called for a form of “pre-bunking,” to “preemptively inoculate a vulnerable population against messaging,” suggesting that DHS-funded Information Sharing and Analysis Centers could be used to promote such pre-bunking.

‘If we get away with it, it’s legal’

Public-private partnerships were specifically sought out in an attempt to circumvent First Amendment free speech protections in the U.S., the documents revealed, even while Bloomberg, The Washington Post and Wired wrote glowing articles portraying the CTI League as a mere group of “volunteer” cybersecurity experts.

Yet, according to the journalists, “In just one month, from mid-March to mid-April [2020], the supposedly all-volunteer CTIL had grown to ‘1,400 vetted members in 76 countries’” and had “helped to take down 2,833 cybercriminal assets on the internet” including some which impersonated government organizations, the United Nations and WHO.

On the same 2019 podcast, according to the journalists, Breuer explained how the CTI League was getting around the First Amendment, by working to get “nontraditional partners into one room,” including “maybe somebody from one of the social media companies, maybe a few special forces operators, and some folks from Department of Homeland Security.”

Together, they would “talk in a non-attribution, open environment in an unclassified way so that we can collaborate better, more freely and really start to change the way that we address some of these issues,” Breuer said.

Breuer even likened these tactics to those employed by the Chinese government, saying “If you talk to the average Chinese citizen, they absolutely believe that the Great Firewall of China is not there for censorship. They believe that it’s there because the Chinese Communist Party wants to protect the citizenry and they absolutely believe that’s a good thing.”

“If the US government tried to sell that narrative, we would absolutely lose our minds and say, ‘No, no, this is a violation of our First Amendment rights.’ So, the in-group and out-group messaging have to be often different,” he said.

The whistleblower told the journalists that CTI League leaders did not discuss their potential violation of the First Amendment.

“The ethos was that if we get away with it, it’s legal, and there were no First Amendment concerns because we have a ‘public-private partnership’ — that’s the word they used to disguise those concerns. ‘Private people can do things public servants can’t do, and public servants can provide the leadership and coordination,’” the whistleblower said.

According to the journalists, the authors of the MisinfoSec report also “advocated for police, military, and intelligence involvement in censorship, across Five Eyes nations, and even suggested that Interpol should be involved.”

The CTI League documents also suggest that the organization was involved in a form of domestic spying, with one document noting that while censorship activities abroad are “typically” performed by “the CIA and NSA and the Department of Defense,” such efforts “against Americans” necessitate the use of private partners because the government lacks the “legal authority” to do so.

According to the whistleblower, CTI League members also went to great lengths to conceal their activities, with a CTI League handbook recommending the use of burner phones, online pseudonyms and the generation of fake AI faces. One document advised, “Lock your s**t down … your spy disguise.”

One suggested list of questions to be posed to prospective CTI League members proposed asking whether those individuals had ever “worked with influence operations (e.g. disinformation, hate speech, other digital harms etc) previously” and whether those efforts included “active measures” and “psyops” (psychological operations).

Indeed, according to the documents, several CTI League members had worked for the military or intelligence agencies, while according to the whistleblower, “roughly 12-20 active people involved in CTIL worked at the FBI or CISA” — even, for a time, displaying their agency seals alongside their names on the CTI League’s internal Slack channel.

Terp, for instance, previously designed machine learning algorithms and unmanned vehicle systems for the U.K.’s Ministry of Defence.

According to the whistleblower, the CTI League sought “to become part of the federal government.”

Shellenberger, Taibbi to testify before Congress this week

According to the journalists, the FBI declined to comment, while CISA, Terp and other CTI League figures did not respond to requests for comment.

However, one CTI League member, Bonnie Smalley, did respond to the journalists’ request. She wrote, verbatim, “all i can comment on is that i joined cti league which is unaffiliated with any govt orgs because i wanted to combat the inject bleach nonsense online during covid. … i can assure you that we had nothing to do with the govt though.”

“CTIL appears to have generated publicity about itself in the Spring and Fall of 2020 for the same reason EIP did: to claim later that its work was all out in the open and that anybody who suggested it was secretive was engaging in a conspiracy theory,” the journalists wrote.

“But as internal messages have revealed, much of what EIP did was secret, as well as partisan, and demanding of censorship by social media platforms, contrary to its claims,” they said, adding that “EIP and VP, ostensibly, ended, but CTIL is apparently still active, based on the LinkedIn pages of its members.”

The journalists said the documents will be presented to Congressional investigators and made public, while protecting the identity of the whistleblower.

Shellenberger and Taibbi will testify at Thursday’s hearing of the U.S. House of Representatives’ Select Subcommittee on the Weaponization of the Federal Government. They previously testified before the same committee in March.

On Tuesday, Taibbi appeared in a live YouTube webcast presenting some of the key revelations from the first release of the “CTIL Files.”