February 7, 2008
Exclusive! The FBI Deputizes Business
Today, more than 23,000 representatives of private industry are working quietly with the FBI and the Department of Homeland Security. The members of this rapidly growing group, called InfraGard, receive secret warnings of terrorist threats before the public does—and, at least on one occasion, before elected officials. In return, they provide information to the government, which alarms the ACLU. But there may be more to it than that. One business executive, who showed me his InfraGard card, told me they have permission to “shoot to kill” in the event of martial law.
InfraGard is “a child of the FBI,” says Michael Hershman, the chairman of the advisory board of the InfraGard National Members Alliance and CEO of the Fairfax Group, an international consulting firm.
InfraGard started in Cleveland back in 1996, when the private sector there cooperated with the FBI to investigate cyber threats.
“Then the FBI cloned it,” says Phyllis Schneck, chairman of the board of directors of the InfraGard National Members Alliance, and the prime mover behind the growth of InfraGard over the last several years.
InfraGard itself is still an FBI operation, with FBI agents in each state overseeing the local InfraGard chapters. (There are now eighty-six of them.) The alliance is a nonprofit organization of private sector InfraGard members.
“We are the owners, operators, and experts of our critical infrastructure, from the CEO of a large company in agriculture or high finance to the guy who turns the valve at the water utility,” says Schneck, who by day is the vice president of research integration at Secure Computing.
“At its most basic level, InfraGard is a partnership between the Federal Bureau of Investigation and the private sector,” the InfraGard website states. “InfraGard chapters are geographically linked with FBI Field Office territories.”
In November 2001, InfraGard had around 1,700 members. As of late January, InfraGard had 23,682 members, according to its website, www.infragard.net, which adds that “350 of our nation’s Fortune 500 have a representative in InfraGard.”
To join, each person must be sponsored by “an existing InfraGard member, chapter, or partner organization.” The FBI then vets the applicant. On the application form, prospective members are asked which aspect of the critical infrastructure their organization deals with. These include: agriculture, banking and finance, the chemical industry, defense, energy, food, information and telecommunications, law enforcement, public health, and transportation.
FBI Director Robert Mueller addressed an InfraGard convention on August 9, 2005. At that time, the group had less than half as many members as it does today. “To date, there are more than 11,000 members of InfraGard,” he said. “From our perspective that amounts to 11,000 contacts . . . and 11,000 partners in our mission to protect America.” He added a little later, “Those of you in the private sector are the first line of defense.”
He urged InfraGard members to contact the FBI if they “note suspicious activity or an unusual event.” And he said they could sic the FBI on “disgruntled employees who will use knowledge gained on the job against their employers.”
In an interview with InfraGard after the conference, which is featured prominently on the InfraGard members’ website, Mueller says: “It’s a great program.”
The ACLU is not so sanguine.
“There is evidence that InfraGard may be closer to a corporate TIPS program, turning private-sector corporations—some of which may be in a position to observe the activities of millions of individual customers—into surrogate eyes and ears for the FBI,” the ACLU warned in its August 2004 report The Surveillance-Industrial Complex: How the American Government Is Conscripting Businesses and Individuals in the Construction of a Surveillance Society.
InfraGard is not readily accessible to the general public. Its communications with the FBI and Homeland Security are beyond the reach of the Freedom of Information Act under the “trade secrets” exemption, its website says. And any conversation with the public or the media is supposed to be carefully rehearsed.
“The interests of InfraGard must be protected whenever presented to non-InfraGard members,” the website states. “During interviews with members of the press, controlling the image of InfraGard being presented can be difficult. Proper preparation for the interview will minimize the risk of embarrassment. . . . The InfraGard leadership and the local FBI representative should review the submitted questions, agree on the predilection of the answers, and identify the appropriate interviewee. . . . Tailor answers to the expected audience. . . . Questions concerning sensitive information should be avoided.”
One of the advantages of InfraGard, according to its leading members, is that the FBI gives them a heads-up on a secure portal about any threatening information related to infrastructure disruption or terrorism.
The InfraGard website advertises this. In its list of benefits of joining InfraGard, it states: “Gain access to an FBI secure communication network complete with VPN encrypted website, webmail, listservs, message boards, and much more.”
InfraGard members receive “almost daily updates” on threats “emanating from both domestic sources and overseas,” Hershman says.
“We get very easy access to secure information that only goes to InfraGard members,” Schneck says. “People are happy to be in the know.”
On November 1, 2001, the FBI had information about a potential threat to the bridges of California. The alert went out to the InfraGard membership. Enron was notified, and so, too, was Barry Davis, who worked for Morgan Stanley. He notified his brother Gray, the governor of California.
“He said his brother talked to him before the FBI,” recalls Steve Maviglio, who was Davis’s press secretary at the time. “And the governor got a lot of grief for releasing the information. In his defense, he said, ‘I was on the phone with my brother, who is an investment banker. And if he knows, why shouldn’t the public know?’ ”
Maviglio still sounds perturbed about this: “You’d think an elected official would be the first to know, not the last.”
In return for being in the know, InfraGard members cooperate with the FBI and Homeland Security. “InfraGard members have contributed to about 100 FBI cases,” Schneck says. “What InfraGard brings you is reach into the regional and local communities. We are a 22,000-member vetted body of subject-matter experts that reaches across seventeen matrixes. All the different stovepipes can connect with InfraGard.”
Schneck is proud of the relationships the InfraGard Members Alliance has built with the FBI. “If you had to call 1-800-FBI, you probably wouldn’t bother,” she says. “But if you knew Joe from a local meeting you had with him over a donut, you might call them. Either to give or to get. We want everyone to have a little black book.”
This black book may come in handy in times of an emergency. “On the back of each membership card,” Schneck says, “we have all the numbers you’d need: for Homeland Security, for the FBI, for the cyber center. And by calling up as an InfraGard member, you will be listened to.” She also says that members would have an easier time obtaining a “special telecommunications card that will enable your call to go through when others will not.”
This special status concerns the ACLU.
“The FBI should not be creating a privileged class of Americans who get special treatment,” says Jay Stanley, public education director of the ACLU’s technology and liberty program. “There’s no ‘business class’ in law enforcement. If there’s information the FBI can share with 22,000 corporate bigwigs, why don’t they just share it with the public? That’s who their real ‘special relationship’ is supposed to be with. Secrecy is not a party favor to be given out to friends. . . . This bears a disturbing resemblance to the FBI’s handing out ‘goodies’ to corporations in return for folding them into its domestic surveillance machinery.”
When the government raises its alert levels, InfraGard is in the loop. For instance, in a press release on February 7, 2003, the Secretary of Homeland Security and the Attorney General announced that the national alert level was being raised from yellow to orange. They then listed “additional steps” that agencies were taking to “increase their protective measures.” One of those steps was to “provide alert information to InfraGard program.”
“They’re very much looped into our readiness capability,” says Amy Kudwa, spokeswoman for the Department of Homeland Security. “We provide speakers, as well as do joint presentations [with the FBI]. We also train alongside them, and they have participated in readiness exercises.”
On May 9, 2007, George Bush issued National Security Presidential Directive 51 entitled “National Continuity Policy.” In it, he instructed the Secretary of Homeland Security to coordinate with “private sector owners and operators of critical infrastructure, as appropriate, in order to provide for the delivery of essential services during an emergency.”
Asked if the InfraGard National Members Alliance was involved with these plans, Schneck said it was “not directly participating at this point.” Hershman, chairman of the group’s advisory board, however, said that it was.
InfraGard members, sometimes hundreds at a time, have been used in “national emergency preparation drills,” Schneck acknowledges.
“In case something happens, everybody is ready,” says Norm Arendt, the head of the Madison, Wisconsin, chapter of InfraGard, and the safety director for the consulting firm Short Elliott Hendrickson, Inc. “There’s been lots of discussions about what happens under an emergency.”
One business owner in the United States tells me that InfraGard members are being advised on how to prepare for a martial law situation—and what their role might be. He showed me his InfraGard card, with his name and e-mail address on the front, along with the InfraGard logo and its slogan, “Partnership for Protection.” On the back of the card were the emergency numbers that Schneck mentioned.
This business owner says he attended a small InfraGard meeting where agents of the FBI and Homeland Security discussed in astonishing detail what InfraGard members may be called upon to do.
“The meeting started off innocuously enough, with the speakers talking about corporate espionage,” he says. “From there, it just progressed. All of a sudden we were knee deep in what was expected of us when martial law is declared. We were expected to share all our resources, but in return we’d be given specific benefits.” These included, he says, the ability to travel in restricted areas and to get people out.
But that’s not all.
“Then they said when—not if—martial law is declared, it was our responsibility to protect our portion of the infrastructure, and if we had to use deadly force to protect it, we couldn’t be prosecuted,” he says.
I was able to confirm that the meeting took place where he said it had, and that the FBI and Homeland Security did make presentations there. One InfraGard member who attended that meeting denies that the subject of lethal force came up. But the whistleblower is 100 percent certain of it. “I have nothing to gain by telling you this, and everything to lose,” he adds. “I’m so nervous about this, and I’m not someone who gets nervous.”
Though Schneck says that FBI and Homeland Security agents do make presentations to InfraGard, she denies that InfraGard members would have any civil patrol or law enforcement functions. “I have never heard of InfraGard members being told to use lethal force anywhere,” Schneck says.
The FBI adamantly denies it, also. “That’s ridiculous,” says Catherine Milhoan, an FBI spokesperson. “If you want to quote a businessperson saying that, knock yourself out. If that’s what you want to print, fine.”
But one other InfraGard member corroborated the whistleblower’s account, and another would not deny it.
Christine Moerke is a business continuity consultant for Alliant Energy in Madison, Wisconsin. She says she’s an InfraGard member, and she confirms that she has attended InfraGard meetings that went into the details about what kind of civil patrol function—including engaging in lethal force—that InfraGard members may be called upon to perform.
“There have been discussions like that, that I’ve heard of and participated in,” she says.
Curt Haugen is CEO of S’Curo Group, a company that does “strategic planning, business continuity planning and disaster recovery, physical and IT security, policy development, internal control, personnel selection, and travel safety,” according to its website. Haugen tells me he is a former FBI agent and that he has been an InfraGard member for many years. He is a huge booster. “It’s the only true organization where there is the public-private partnership,” he says. “It’s all who knows who. You know a face, you trust a face. That’s what makes it work.”
He says InfraGard “absolutely” does emergency preparedness exercises. When I ask about discussions the FBI and Homeland Security have had with InfraGard members about their use of lethal force, he says: “That much I cannot comment on. But as a private citizen, you have the right to use force if you feel threatened.”
“We were assured that if we were forced to kill someone to protect our infrastructure, there would be no repercussions,” the whistleblower says. “It gave me goose bumps. It chilled me to the bone.”