Surveillance & Government Contractors

Domestic Surveillance Contractors

These companies specialize in selling data to law enforcement, intelligence agencies, and military contractors. Many exist specifically to help government agencies obtain data they would otherwise need a warrant to collect.

Palantir Technologies

What they are: Publicly traded defense contractor (NASDAQ: PLTR).^[1] Builds data integration platforms for government and intelligence agencies. Initially funded in part by the CIA’s venture capital arm, In-Q-Tel.^[2]

What data they have: Palantir doesn’t collect data directly; it builds the tools that fuse data from dozens of other sources — including immigration records, biometric data, social media, financial records, travel histories, passport records, Social Security files, IRS data, license plate reader feeds, and Medicaid data — into a single searchable platform.^[3]

Who buys it: ICE (which has spent over $248 million on Palantir contracts cumulatively),^[4] CIA, NSA, FBI, USCIS,^[5] military, and commercial clients. Palantir’s ImmigrationOS platform, built under a $30 million ICE contract with a second $29.9 million task order,^[6] is designed to streamline identification and apprehension of individuals for removal and provide near real-time visibility into self-deportation metrics. A separate Palantir tool called ELITE reportedly ingests Medicaid and other government data to generate dossiers and leads on potential deportees.^[3]

Clearview AI

What they are: Facial recognition company that scraped what the company claims is 70+ billion facial images from news media, mugshot websites, and public social media without consent.^[7] Independent reporting has documented rapid growth from 3 billion images when Clearview was first exposed in 2020, to 10 billion by late 2021, to 30 billion by mid-2023,^[8] with current independent estimates ranging from 30–50 billion images.

Enforcement: Fined approximately €95–100 million by European privacy authorities, including €20 million from France’s CNIL (2022) plus a €5.2 million penalty for non-compliance (2023),^[9] €20 million from Italy’s Garante (2022),^[10] €20 million from Greece’s Hellenic DPA (2022),^[11] £7.55 million from the UK’s ICO (2022, under appeal),^[12] and a record €30.5 million fine from the Dutch DPA in September 2024 for illegal collection and processing of biometric data.^[13] None of these European fines have been paid; Clearview contests jurisdiction, and in October 2025 NOYB filed criminal charges against the company for ignoring EU data fines.^[14] Canada and Australia have also found Clearview’s practices illegal and ordered data deletion.^[8]

U.S. enforcement: Settled an Illinois Biometric Information Privacy Act class action for approximately $51.75 million — paid not in cash but as a 23% equity stake in Clearview AI, based on a January 2024 company valuation of $225 million.^[15] Agreed to stop selling to private companies but continues serving federal agencies and law enforcement, signing its largest federal contract to date at $10 million in September 2025.^[16] At least eight people have been wrongfully arrested due to false positives from Clearview’s facial recognition as of early 2026.^[17]

Leadership: Co-founder and former CEO Hoan Ton-That resigned in February 2025. Current co-CEOs are Hal Lambert and Richard Schwartz.^[18]

Premise Data Corporation

What they are: A gig-work data collection platform with over one million global contributors.^[19] Former CEO Maury Blackman confirmed in an August 2023 court filing that the company has active contracts with U.S. military and intelligence agencies, calling these relationships “closely-guarded trade secrets.”^[20] Blackman resigned as CEO in December 2023 and was replaced by Matt McNabb.^[21]

What they do: The platform was used to covertly support U.S. Human Intelligence (HUMINT), Signals Intelligence (SIGINT), and Information Operations (IO) collection.^[20] Contributors collected data on cell towers and WiFi hotspots, conducted directed observations and sentiment surveys, and performed tasks designed to “safeguard true intent” — meaning the gig workers themselves did not know they were collecting intelligence. In 2019, Premise pitched these capabilities to the Combined Joint Special Operations Task Force-Afghanistan.^[22] Premise operated in at least 43 foreign countries and earned approximately $5 million from military contracts since 2017.^[22]

Controversies: Premise sued former employee Alex Pompe, and during discovery accidentally disclosed what a judge described as “maybe hundreds” of documents revealing intelligence clients.^[20] After leaving Premise, Blackman filed a $25 million defamation lawsuit against journalist Jack Poulson, which was dismissed under California’s anti-SLAPP statute.^[21]

Anomaly Six (A6)

What they are: Founded in 2018 by two former U.S. military intelligence officers — Brendan Huff (24+ years in national security) and Jeffrey Heinz — both previously at Babel Street, where they managed relationships with the Defense Department, Justice Department, U.S. Cyber Command, and the intelligence community.^[23]

How it works: Anomaly Six embedded its software development kit (SDK) in over 500 mobile applications, giving it the ability to track hundreds of millions of phones globally.^[24] In a leaked 2022 sales pitch reported by The Intercept, A6 demonstrated its surveillance capabilities by tracking the mobile phones of CIA and NSA personnel, showing where intelligence officers traveled around the world.^[23] The company claimed the ability to track approximately 3 billion devices in real time.^[24]

Who buys it: U.S. Special Operations Command (SOCOM) paid $500,000 for A6 services.^[25] Other customers include military, intelligence agencies, and defense contractors. In January 2026, Anomaly Six was acquired by Reveal Technology, a veteran-founded defense tech company, integrating A6’s location intelligence into Reveal’s tactical ecosystem.^[26]

Flock Safety

What they are: Automated License Plate Recognition (ALPR) company founded in 2017 by three Georgia Tech alumni, including CEO Garrett Langley.^[27] Operates in over 5,000 communities across 49 U.S. states, performing over 20 billion vehicle scans per month.^[28] Valued at $7.5 billion after raising $275 million in funding.^[29]

How it works: Cameras photograph the rear of all passing vehicles, use computer vision to read license plates, and log identifying data with time and location in a searchable database shared across a nationwide network.

Data sharing controversies: Mountain View, California, discovered that Flock had enabled two unauthorized sharing features. A “national lookup” setting was turned on by Flock from August to November 2024 without notification, allowing federal agencies including ATF offices and Langley Air Force Base to access the data. A separate “statewide lookup” setting was active for 17 months, during which 250+ agencies ran approximately 600,000 searches with no data-sharing agreement in place. Mountain View Police Chief Mike Canfield ordered all 30 cameras disabled on February 3, 2026.^[30] A University of Washington Center for Human Rights report documented that at least eight Washington state law enforcement agencies enabled direct sharing with U.S. Border Patrol, with “back door” access detected at ten additional police departments.^[31] Redmond, Washington, police completely suspended Flock camera use amid concerns about ICE access.^[32]

Fourth Amendment litigation: In 2024, Norfolk Circuit Court Judge Jamilah LeCruise ruled that ALPR data collection without a warrant violated the Fourth Amendment, comparing it to GPS tracking and suppressing evidence. However, the Virginia Court of Appeals subsequently reversed this ruling, holding that ALPR technology does not require a warrant.^[33] In a separate 2026 federal case, a court ruled that Norfolk’s 176-camera ALPR network does not violate the Fourth Amendment, though the judge warned the constitutional balance “could conceivably tip the other way” as networks expand.^[34]

Surveillance of protesters: In November 2025, the EFF published analysis of 12+ million searches by 3,900+ agencies, documenting that 50+ federal, state, and local agencies ran hundreds of searches through Flock’s network in connection with protest activity, including the 50501 protests, Hands Off protests, and No Kings protests.^[35] EFF also documented discriminatory searches targeting Romani people and surveillance of women seeking reproductive healthcare.^[36]

DRN / Vigilant Solutions (Motorola Solutions)

What they are: Both owned by Motorola Solutions, acquired in 2019 for $445 million.^[37] DRN (Digital Recognition Network) crowdsources license plate data from hundreds of repo agents with vehicle-mounted cameras. Vigilant Solutions operates the largest commercial ALPR dataset in North America: over 5 billion detections and growing by more than 250 million per month.^[38]

Who buys it: DRN serves the private and commercial sector. Vigilant Solutions contracts with the DEA, ICE, FBI, U.S. Marshals, CBP, Forest Service, and others.^[38] Same parent, same data, different doors.

Appriss Insights / JusticeXchange

What they are: Acquired by Equifax in October 2021 for $1.825 billion.^[39] Delivers over 100 million booking records from approximately 77% of U.S. jails and Departments of Correction. Data is also accessible through LexisNexis Accurint platforms.

What they sell: Real-time jail booking alerts. When someone on an agency’s watchlist is booked into custody nearly anywhere in the U.S., the system sends an immediate alert with location and facility contact info.

Controversy: ICE contracted with Appriss to receive jail booking data from Colorado’s VINE system, allowing ICE agents to arrest individuals upon release from jail, effectively circumventing state sanctuary laws.^[40]

Social Media Intelligence Brokers

The D.C. Metropolitan Police has spent hundreds of thousands of dollars on services from Babel Street, Dataminr, Sprinklr, and Voyager Labs to monitor social media, track individuals, and follow public demonstrations in real time.^[41]

International Surveillance Technology

Some of the most powerful surveillance tools in the world originate not from government agencies themselves, but from private companies — many based in Israel and the Middle East — that develop and sell offensive cyber capabilities, phone extraction tools, and spyware to governments worldwide. These firms operate in a largely unregulated space, and their products have been documented targeting journalists, human rights activists, opposition politicians, and heads of state.

NSO Group (Pegasus Spyware)

What they are: Israeli surveillance technology company and developer of Pegasus spyware, which can remotely infiltrate smartphones and extract messages, emails, photos, location data, and call records — and activate cameras and microphones — without user knowledge. Sold to government clients in dozens of countries.^[42]

Who they target: Pegasus has been used against journalists, activists, opposition politicians, and heads of state across the globe. Amnesty International and the Citizen Lab have documented deployments in countries including Mexico, Saudi Arabia, Morocco, India, and Hungary.^[42]

Enforcement: Added to the U.S. Entity List in November 2021 for acting “contrary to US foreign policy and national security interests,” banning the sale of U.S. technology to NSO.^[43] In December 2024, a U.S. court ruled NSO Group liable for hacking 1,400 WhatsApp users.^[44] A federal jury awarded Meta/WhatsApp $167.25 million in damages in May 2025.^[44] The court imposed sanctions for withholding Pegasus source code. A judge subsequently reduced punitive damages to approximately $4 million and issued an injunction in October 2025 requiring NSO to cease spyware operations on WhatsApp.^[45] Multiple GDPR enforcement actions have followed across EU jurisdictions.

Intellexa / Cytrox (Predator Spyware)

What they are: Developer of Predator spyware, functionally similar to Pegasus but commercially available to a wider range of clients. Created in 2019 by former Israeli military officer Tal Dilian. Operates across Israel, Greece, and North Macedonia. Targets phones via infected SMS links.^[46]

What happened in Greece: Predator was deployed in Greece, resulting in the resignation of the country’s intelligence director and top government officials in 2022. The Hellenic Data Protection Authority found 220 infected SMS messages sent to 92 phone numbers.^[46]

Enforcement: The U.S. Treasury sanctioned Intellexa, Tal Dilian, and Sara Hamou in March 2024, with expanded sanctions in September 2024 targeting five additional executives including Felix Bitzios, Merom Harpaz, and Panagiota Karaoli.^[47] Despite the sanctions, an “Intellexa Leaks” investigation found that Intellexa products remained active.^[48] The Trump administration lifted sanctions on three Intellexa executives in late 2025, marking a significant policy reversal.^[49]

Cellebrite

What they are: Israeli digital forensics company founded in 1999. Their Universal Forensic Extraction Device (UFED) extracts data including contacts, locations, deleted messages, and calls from smartphones, tablets, SIM cards, and GPS devices. The company has drawn extensively from Israel’s intelligence talent pool, employing dozens of ex-Unit 8200 veterans in technical roles.^[50]

Who buys it: U.S. federal government contracts exceeding $18 million in 2024. Over $48.6 million from ICE contracts between 2008 and 2025. Seven UK government agencies signed contracts in 2024 totaling $370,000. Widely used by law enforcement and intelligence agencies worldwide.^[51]

Controversies: In December 2024, Amnesty International reported that Serbian police used Cellebrite UFED tools on journalist and activist devices, then installed “NoviSpy” spyware.^[52] Cellebrite halted product use by certain Serbian customers in February 2025. Cellebrite tools were also used to harvest data from phones of captured Palestinians during 2023–2025 operations in Gaza. A rights group urged a UFED ban in Uganda due to use by the Museveni regime. Human rights organizations have raised concerns about Cellebrite’s lack of meaningful human rights policy or code of conduct.^[51]

Cognyte (formerly Verint)

What they are: Israeli surveillance technology and intelligence analytics company, spun out from Verint Systems in 2021. Provides investigative analytics, surveillance, and intelligence solutions to government and law enforcement agencies globally.^[53]

Recent contracts: An approximately $20 million per year, three-year agreement with a national security agency (March 2025). A $20+ million annual contract renewal with a national security agency in the EMEA region (September 2025).^[54] Multiple contracts of approximately $5 million each with military intelligence and law enforcement agencies in EMEA and APAC throughout 2025.

Parent company — Verint Systems: Verint built Switzerland’s wiretap and surveillance infrastructure in 2014, received a $35 million order through an existing prime contractor in 2017 (the end customer has not been independently confirmed as the Department of Defense),^[55] and won part of a £50 million deal for UK police cyber intelligence capabilities in 2019.^[56] Verint operates in 175+ countries and is being taken private by Thoma Bravo in a deal announced in August 2025 (the Thoma Bravo acquisition applies to Verint Systems, not to Cognyte, which remains a separate publicly traded entity).^[57] Amnesty International reported an Israeli subsidiary provided South Sudanese authorities with communications interception equipment and annual support services from 2015 to 2017.^[58] Indonesia reportedly used Verint products to create a database of LGBT rights activists.^[58]

DarkMatter Group (Project Raven)

What they are: UAE-based company founded in 2014–2015. Describes itself as a defensive cybersecurity company, but became a contractor for “Project Raven” — a confidential initiative using former U.S. NSA and CIA employees to surveil governments, militants, and human rights activists on behalf of the UAE.^[59]

What they did: Project Raven hacked phones and computers of hundreds of human rights activists and political opponents across the Middle East and Europe between 2016 and 2019.^[59] DarkMatter developed a surveillance system capable of intercepting, modifying, and diverting traffic on IP, 2G, 3G, and 4G networks.^[60]

Enforcement: In September 2021, the U.S. Department of Justice charged three former U.S. intelligence operatives — Marc Baier, Ryan Adams, and Daniel Gericke — who worked on Project Raven. All three entered into deferred prosecution agreements and paid combined fines totaling $1.685 million for violations of U.S. computer fraud and export control laws.^[61] The UAE’s Personal Data Protection Law (Federal Decree-Law No. 45 of 2021) has been in force since January 2022, though its application to state-directed surveillance remains unclear.^[62]

NICE Systems

What they are: Israeli company (Neptune Intelligence Computer Engineering) created in 1986 by former IDF engineers to commercialize military logging and recording software.^[63] Provides mass, targeted, and lawful communication interception, collection, processing, and analysis solutions to law enforcement, intelligence organizations, and national security agencies. Serves clients in over 150 countries. The Cyber and Intelligence division was later acquired by Elbit Systems; NICE has since pivoted to customer engagement platforms.^[63]

Sources & References