A group of former US National Security Agency (NSA) operatives and other elite intelligence veterans helped the United Arab Emirates construct secret internet-surveillance apparatus, a Reuters investigation reveals.
According to the probe, whose findings were released on Tuesday, the UAE’s Development Research Exploitation and Analysis Department (DREAD), later known as Project Raven, spied on a wide range of targets -- from suspected extremists to human rights activists, dissidents, diplomats and FIFA personnel.
DREAD was set up in an unused airport facility in Abu Dhabi in 2008 by former American counterterrorism czar Richard Clarke, along with ex-NSA officials-turned-contractors.
The program began as an arm of Abu Dhabi Crown Prince Sheikh Mohammed bin Zayed Al Nahyan's royal court and was initially managed by the prince's son, Khalid.
The contractors trained Emirati staff in hacking techniques and created covert computer networks and Internet accounts the UAE could use for surveillance operations.
By 2012, DREAD operatives had targeted Google, Hotmail and Yahoo email accounts to exploit information on targets despite prohibitions against targeting US servers.
"The program's evolution illustrates how Washington's contractor culture benefits from a system of legal and regulatory loopholes that allows ex-spies and government insiders to transfer their skills to foreign countries, even ones reputed to have poor human rights track records," the Doha-based Al Jazeera broadcaster reported.
In an interview in Washington, Clarke said that after recommending that the UAE create a cyber-surveillance agency, his company, Good Harbor Consulting, was hired to help the Persian Gulf country build it.
The plan, he added, was approved by the US State Department and the NSA, and that Good Harbor Consulting followed US law.
"The incentive was to help in the fight against al-Qaeda. The UAE is a very good counterterrorism partner. You need to remember the timing back then, post 9-11," he said. "The NSA wanted it to happen."
Mike Rogers, former chairman of the US House Intelligence Committee, raised concerns that former US intelligence officials are cashing in by working for foreign countries, saying it is time for Washington to impose tougher restrictions on foreign intelligence contracting.
"Outright eliminating those opportunities, I think, should absolutely be on the table," he said.
Reuters examined over 10,000 DREAD program documents and interviewed more than a dozen contractors in order to chart the UAE spying mission's evolution.
A former DREAD operative said the program hacked the emails of Saudi women's rights activist Loujain al-Hathloul in 2017, after she tried to defy a female driving ban in the kingdom.
In 2018, just weeks before a royal decree allowed Saudi women to drive, she was arrested in Abu Dhabi by Emirati security forces and sent back to Saudi Arabia in a private jet.
Her brother Walid al-Hathloul said Saudi security forces had jailed her on charges of sedition and tortured her in a secret facility outside Jeddah.
"It's very disappointing to see Americans taking advantage of skills they learned in the US to help this regime," he said. "They are basically like mercenaries."
The new revelations have led Congress to press the State Department to explain DREAD and a federal grand jury in Washington to investigate whether American staff violated US hacking laws in the UAE mission.