Four local activists received strange, cryptic notices from Twitter in December.
"As a precaution, we are alerting you that your Twitter account is one of a small group of accounts that may have been targeted by state-sponsored actors," the notice read in part. "We believe that these actors (possibly associated with a government) may have been trying to obtain information such as e-mail addresses, IP addresses, and/or phone numbers."
All four of the local activists who received the notices have worked on issues of transparency, privacy, and surveillance. They are Jan Bultmann, who runs the Seattle Privacy Coalition Twitter account, Phil Mocek, Lee Colleton, and David Robinson. All have been quoted in The Stranger before; the Seattle Privacy Coalition—of which they are all members—was instrumental in the city's creation of a privacy initiative. Mocek and Colleton have also had their photos published in the Seattle Times.
An estimated 50 Twitter users worldwide have received the notices. Last month, the four locals joined 21 others, including activists in Germany and France, in launching a website called Twitter State Sponsored Attack with a long list of questions they want Twitter to answer, including: When did this targeting of their accounts take place? How was the targeting detected? Who did this? Is Twitter's silence the result of a gag order? Has Twitter received warrants, subpoenas, or national security letters from the US government in connection with the attacks?
I sent the list of questions about the notices to the company in January.
"Sorry, we don't have a comment for your story," replied spokesperson Nu Wexler.
Colleton, a 37-year-old father of two, is a bearded computer systems administrator who lives on Beacon Hill. He tweets about surveillance and the challenges and benefits of owning an electric car, and he frequently tags private companies with customer-service complaints. During a protest in 2014 in Seattle's Central District, his cell phone detected what the police later admitted was a "rogue node" from its wireless mesh network. Colleton was concerned that it could be used to track people's phones. Police shut the node down.
"[Twitter is] what passes for a public square," Colleton told me. "You can get a reply from a company or a state agency... that you can't get just by writing letters." And, he recalled, Twitter proudly described itself as the "free speech wing of the free speech party" in 2011 after democracy activists in Egypt used the social-media platform during the Tahrir Square uprising.
But after receiving no response from Twitter to his digital inquiries about the potential hacking by "state sponsored actors," Colleton decided to visit the company's downtown Seattle office on January 29. The sleek 16,000 square foot space, on the 19th floor of an office building near Westlake Park, is reportedly home to more than 100 software engineers. A massive, glowing white Twitter bird icon greets visitors in the main lobby.
Colleton explained his problem to a young receptionist in a striped shirt named Brady, who manned a desk at the entrance. "That does sound grave," Brady agreed, before taking down Colleton's contact details and promising that someone would be in touch. As of publication time, Colleton hasn't heard anything further from the company.
Christopher Soghoian, a former hacker and now the American Civil Liberties Union's national expert on cybersecurity and digital privacy, said he doesn't think anything fishy is going on. Google and Facebook have sent out similarly worded warnings to some of their users about potential hacking by "state sponsored actors," Soghoian pointed out in an e-mail.
"I think the reason that these companies do not provide more detail is that they don't want to tip sophisticated nation state offensive hackers off and reveal how they have figured out that these users have been targeted," Soghoian continued. "I can only imagine how frustrating it is to be told that a shadowy government is trying to hack you, but not be told which government or how they tried to do so. However, these three firms are giving users far more notice than other companies." (In December, Microsoft pledged to start notifying users of state-sponsored hacking attacks as well.)
Cyberattacks are estimated to cost the average US company $15.4 million annually, according to a 2015 report by Hewlett-Packard and the Ponemon Institute. Data on hacking by specifically state-sponsored actors is much harder to come by. But the fact that major tech companies are now notifying their users of these attacks suggests the problem is widespread.
For now, Colleton and the other local activists who received the notices plan to keep using Tor, a web browser that anonymizes data, as well as Signal, an app for Android and iOS smartphones that sends encrypted text messages.
"How can we best protect ourselves? How can we fight back? I plan on taking that idea to the other targets," said Robinson.