The surveillance software applications that are assisting (replacing?) spycops


Political protest groups from the early 1970s onwards were shocked (though not exactly surprised) to discover they had been infiltrated by political police to spy on their activities and even to act as agent provocateurs. In more recent years evidence emerged how it was routine for undercover police officers to form intimate relationships with members – invariably women – of these groups in order to secure long-term surveillance opportunities. Exposing these practices led to the Pitchford Inquiry and widespread condemnation, as well as financial compensation, miscarriages of justice and official apologies – though the police continue to ‘neither confirm nor deny’ much about anything; nor will they reveal the undercover names or the real names of the UCOs involved, or how many are still operating in this way. No doubt UCOs continue to be deployed, though in the age we are in it would be inconceivable if much of the surveillance and intelligence-gathering work has not been replaced by complex and sophisticated network monitoring applications. Below we outline several of these applications, used in various parts of the world.

New and emerging surveillance methodologies will see new and emerging counter-surveillance methodologies, including reverting to old style, non-digital networking but with enhanced security (and not just a couple of ‘background questions’ asked of newcomers).

Meanwhile, around 30 fairly basic social network monitoring tools – they are freely available and police and security services and journalists use them routinely – can be found here.

Putting aside the use of the PNC, surveillance cameras, GPS monitoring, GCHQ bulk surveillance and other routine surveillance procedures, there are lesser known applications that should be highlighted. Here are some you may not have heard of…


One of the main software tools used by UK police (and more and more law enforcement agencies across Europe) for intelligence gathering is SOCMINT, which was designed by GCHQ in the wake of the 2011 UK riots. (An article by former GCHQ head, David Omand, on SOCMINT, is available here.)

In May 2013 Umut Ertogal, the ‘head of open source intelligence with the UK Police National Domestic Extremism Unit’, revealed in a private report to the Australian police (then preparing for the Brisbane G20 Summit), that the Unit used a software tool called SOCMINT to monitor social media sites to gauge public mood. It was apparently extensively used during the London 2012 Olympics and for ‘predicting hotspots during the 2011 student protests’ – including a call for a protest against a visit of Prime Minister David Cameron to King’s Cross railway station that resulted in the arrests of 10 people.

It was also revealed that at the time SOCMINT (which stands for ‘Social Media Intelligence’, a name also given to this open source intelligence gathering technique) was being run by a staff of 17 people working around the clock, scanning Twitter, YouTube, Facebook and other public forums used by UK citizens. Ertogral reportedly said that YouTube effectively acted as CCTV and Google Glasses were ‘another channel for us to explore and look at’.

Training in SOCMINT is provided by King’s College London and IHS (which also offers training in SOCMINT to the Australian police). The EU training in SOCMINT and OSINT (a sister product) is handled by

Training includes: Evaluating Sources; Verifying information in a variety of media; Synthesising open source information; Developing a framework for Extracting Information from Social Media; Organisation, Legal and Ethical Challenges, Sentiment Analysis; Prediction and Early Warning; Searching and analysing social media information. Dealing with Tor users is also on the course agenda.

B. Guardian/ASS/ISIS

Agenda Security Services (ASS) is a UK company that works with Government Institutions, global corporations and small to medium sized businesses and boast its staff includes “teams of ex-police, ex-military, desktop researchers and security analysts”. It “combines high tech and secure systems with well trained and customer focused researchers and analysts…” Its main program is Information Security Investigation System (ISIS). ASS explains that it intelligence can be gathered on “threats to the organisation, animal rights, extremists, competitors and counterfeiters, to name but a few.”

ASS uses an interactive software system called Guardian, which it uses to to check over a billion web pages on behalf of clients.


INDECT is a European Union project that aims to implement an Orwellian state-of-the-art surveillance system across the continent (and eventually the world). The Indect Project seeks to “develop a platform for the registration and exchange of operational data, acquisition of multimedia content, intelligent processing of all information and automatic detection of threats and recognition of abnormal behaviour or violence.”

The focus of INDECT is on the following: Word Sense Induction, Entity Resolution, Relationship Mining, Social Network Analysis and Sentiment Analysis. This level of analysis is similar to that used by Tartan (see below). INDECT combines the latest surveillance technology with algorithmic, semantic and contextual analysis on an automated basis to enable targetting of behaviour on a scale not seen before. This can be applied to any defined group, including protesters. Research papers relating to the technologies applied, with authors named, are listed too on its site and are worth examining,

In short, INDECT aims to:

  • Develop the prototype of an integrated, network-centric system supporting the operational activities of police officers, providing techniques and tools for observation of various mobile objects 

  • Develop a set of techniques supporting surveillance of internet resources, analysis of the acquired information and detection of criminal activities and threats

Funding for Indect began in 2009, with universities and research centres across 12 EU Member States receiving a total of €15 million, of which the EU contribution was €10.9 million, spread over five years.

D. CrowdControl

As suggested by the company name, CrowdControl provides computer applications to monitor demonstrations and other events that attract crowds. It is used by several UK police forces.

E. Ntrepid products

Both applications described below were developed by Ntrepid, a US-based company that sells its products worldwide. Ntrepid was first discovered by Telecomix BSRE (which appears to be no longer active) with further details about its products provided by several internet investigative researchers.


Tartan is an agent-based, influence modeling software that aids in the visualization and quantification of relationships within social networks. It was initually designed to target anarchists. While other Social Network Analysis (SNA) tools emphasize the obvious connections through simple link analysis, Tartan takes a different approach using mathematical algorithms to discover “hidden” networks, quantify influence, and identify less-visible group dynamics.

Tartan is basically a browser-based investigation software that leverages users’ (agents) all the source information to reveal influence ranks and hidden connections within human networks. Tartan looks beyond charting leadership roles to identify the core group of individuals who motivate and drive the actions of entire organizations and populations. Traditional social network analysis only provides “line and block” charts of an organization (whether adversarial or allied) but does not capture the human terrain “choke points” that exist in any organization.

Tartan is an add-on to the browser to allow the user to simply send web pages directly to Tartan (Ntrepid) for processing. Tartan then extracts details of people and places. The software then examines relationship characteristics, such as deference and meeting frequency. From this information, Tartan generates a dynamic, visual relationship model (see photo at top of article). Algorithms quantify each actor’s degree of influence and centrality and highlights unobserved links between people (sometimes called “hidden networks”).

Via Timestream users (agents) can build a case using an interactive timeline. Users can collect compelling case evidence and simply drag it into Timestream. Files are then forensically hashed, establishing verifiable authenticity and a digital chain of custody.
Timestream is also available as a mobile app to collect evidence in the field: photos, videos, audio, or the importation of documents. These resources can then be sent wirelessly to an agent’s Timestream case over a WiFi connection. Uploaded files retain their creation date, forensic check-sum hash and geolocation data.
This entry was posted in Intelligence, Surveillance and tagged , , , . Bookmark the permalink.

5 Responses to The surveillance software applications that are assisting (replacing?) spycops

  1. alistairliv says:



  2. sdbast says:

    Reblogged this on sdbast.


  3. joekano76 says:

    Reblogged this on TheFlippinTruth.


  4. Pingback: The surveillance software applications that are assisting (replacing?) spycops – WRITTEN BY UNDERCOVER1 | winstonclose

  5. Pingback: Inside Info on- RIPA – GCHQ and surveillance software used by police and intelligence agencies. – North Wales Enemy in the Community

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.