Leaked documents and public records reveal a troubling fusion of private security, public law enforcement, and corporate money in the fight over the Dakota Access Pipeline.
A shadowy international mercenary and security firm known as TigerSwan targeted the movement opposed to the Dakota Access Pipeline with military-style counterterrorism measures, collaborating closely with police in at least five states, according to internal documents obtained by The Intercept. The documents provide the first detailed picture of how TigerSwan, which originated as a U.S. military and State Department contractor helping to execute the global war on terror, worked at the behest of its client Energy Transfer Partners, the company building the Dakota Access Pipeline, to respond to the indigenous-led movement that sought to stop the project.
Internal TigerSwan communications describe the movement as “an ideologically driven insurgency with a strong religious component” and compare the anti-pipeline water protectors to jihadist fighters. One report, dated February 27, 2017, states that since the movement “generally followed the jihadist insurgency model while active, we can expect the individuals who fought for and supported it to follow a post-insurgency model after its collapse.” Drawing comparisons with post-Soviet Afghanistan, the report warns, “While we can expect to see the continued spread of the anti-DAPL diaspora … aggressive intelligence preparation of the battlefield and active coordination between intelligence and security elements are now a proven method of defeating pipeline insurgencies.”
More than 100 internal documents leaked to The Intercept by a TigerSwan contractor, as well as a set of over 1,000 documents obtained via public records requests, reveal that TigerSwan spearheaded a multifaceted private security operation characterized by sweeping and invasive surveillance of protesters.
As policing continues to be militarized and state legislatures around the country pass laws criminalizing protest, the fact that a private security firm retained by a Fortune 500 oil and gas company coordinated its efforts with local, state, and federal law enforcement to undermine the protest movement has profoundly anti-democratic implications. The leaked materials not only highlight TigerSwan’s militaristic approach to protecting its client’s interests but also the company’s profit-driven imperative to portray the nonviolent water protector movement as unpredictable and menacing enough to justify the continued need for extraordinary security measures. Energy Transfer Partners has continued to retain TigerSwan long after most of the anti-pipeline campers left North Dakota, and the most recent TigerSwan reports emphasize the threat of growing activism around other pipeline projects across the country.
The leaked documents include situation reports prepared by TigerSwan operatives in North Dakota, South Dakota, Iowa, Illinois, and Texas between September 2016 and May 2017, and delivered to Energy Transfer Partners. They offer a daily snapshot of the security firm’s activities, including detailed summaries of the previous day’s surveillance targeting pipeline opponents, intelligence on upcoming protests, and information harvested from social media. The documents also provide extensive evidence of aerial surveillance and radio eavesdropping, as well as infiltration of camps and activist circles.
TigerSwan did not respond to a request for comment. Energy Transfer Partners declined to comment, telling The Intercept in an email that it does not “discuss details of our security efforts.”
Additional documents, obtained via public records requests, consist of communications among agents from the FBI, the Department of Homeland Security, the U.S. Justice Department, the Marshals Service, and the Bureau of Indian Affairs, as well as state and local police. The “Intel Group,” as its members refer to it, closely monitored anti-Dakota Access protests in real time, scooped up information on the water protectors from social media, and shared intelligence.
Included among the documents obtained via public records requests were “daily intelligence updates” developed by TigerSwan that were shared with law enforcement officers, thus contributing to a broad public-private intelligence dragnet. In the internal situation reports, TigerSwan operatives comment frequently about their routine coordination and intelligence sharing with law enforcement. The intel group went so far as to use a live video feed from a private Dakota Access security helicopter to monitor protesters’ movements. In one report, TigerSwan discusses meeting with investigators from North Dakota’s Attorney General’s Office.
North Dakota’s Attorney General’s Office declined to comment.
TigerSwan’s internal reports and the intelligence briefings shared with law enforcement name dozens of DAPL opponents. Some of those named are well-known activists, while others have minimal public affiliation with the water protector movement. The reports’ authors often comment on camp dynamics, including protester morale and infighting, and speculate about violent or illegal actions specific individuals might take and weapons they might carry. The documents reveal the existence of a “persons of interest” list as well as other databases that included identifying information such as photographs and license plate numbers.
The situation reports also suggest that TigerSwan attempted a counterinformation campaign by creating and distributing content critical of the protests on social media.
The Intercept is publishing a first set of TigerSwan’s situation reports from September 2016, which describe the company’s initial operations. We are also publishing two additional situation reports dated October 16 and November 5, along with PowerPoint presentations shared with law enforcement that correspond to the same dates. The names of private individuals whose actions are not already in the public record, or whose authorization we did not obtain, have been redacted to protect their privacy. The Intercept will publish the remaining situation reports in the coming weeks.
In addition, The Intercept is publishing a selection of communications, obtained by public records requests, detailing coordination between a wide range of local, state, and federal agencies, which confirm that the FBI participated in core Dakota Access-related law enforcement operations starting soon after protests began last summer. Finally, we are publishing two additional documents, also in the public record, that detail TigerSwan’s role spearheading Energy Transfer Partner’s multipronged security operation.
The FBI did not respond to a request for comment.
Beginning in April of last year, indigenous activists calling themselves water protectors and their allies spent months attempting to block construction of the 1,172-mile Dakota Access Pipeline, which runs near the Standing Rock Sioux reservation in North Dakota and traverses three other states. DAPL opponents were met with a heavily militarized police apparatus including local and out of state police and sheriff’s deputies, as well as Bureau of Indian Affairs police and National Guard troops. The police became notorious for their use of so-called less than lethal weapons against demonstrators, including rubber bullets, bean bag pellets, LRAD sound devices, and water cannons.
But it was the brutality of private security officers that first provoked widespread outrage concerning the pipeline project. On Labor Day weekend of 2016, Democracy Now! captured footage of pipeline security guards attacking peaceful protesters with dogs.
In the aftermath of that incident, Energy Transfer Partners turned to TigerSwan — a company with a deep background in counterterrorism operations — to oversee the work of the other security companies contracted to protect the pipeline. Other security firms working along the pipeline included Silverton, Russell Group of Texas, 10 Code LLC, Per Mar, SRC, OnPoint, and Leighton, documents show.
Based in Apex, North Carolina, TigerSwan was created by retired Army Col. James Reese during the height of the war in Iraq. Reese, a former commander in the elite Army special operations unit known as Delta, entered into the exploding private security and intelligence industry hoping to compete with Blackwater, then the most successful of the private military companies supporting U.S. war efforts in the Middle East and Afghanistan. TigerSwan has an estimated 350 employees and maintains offices in Iraq, Afghanistan, Saudi Arabia, Jordan, India, Latin America, and Japan.
Records from the North Dakota Private Investigation and Security Board show that TigerSwan has operated without a license in North Dakota for the entirety of the pipeline security operation, claiming in a communication with the board, “We are doing management and IT consulting for our client and doing no security work.” In September, the licensing board learned about the company’s position as a Dakota Access contractor and wrote a letter to its North Carolina headquarters requesting that it submit a license application.
TigerSwan then did so, but the board denied the application on December 19. After James Reese wrote a letter objecting to the decision, the security board’s executive director responded on January 10 that “one reason for the denial concerns your failure to respond to the Board’s request for information as to TigerSwan’s and James Reese’s activities within the State of North Dakota.” Neither TigerSwan nor the board responded to questions regarding the current status of the company’s license.
The leaked situation reports indicate that during the company’s first weeks working on the pipeline, TigerSwan operatives met with law enforcement in Iowa and North Dakota, including Sheriff Dean Danzeisen of Mercer County, North Dakota, who “agreed to sharing of information.” (In the report, TigerSwan misspells the sheriff’s name as “Denzinger.”) By September 13, the documents indicate, TigerSwan had placed a liaison inside the law enforcement “joint operation command” in North Dakota. The fusion of public and private intelligence operations targeting water protectors was underway.
One of TigerSwan’s lines of communication with law enforcement was via intelligence briefings that echo the company’s internal situation reports. The briefings obtained by The Intercept were sent by TigerSwan’s deputy security director Al Ornoski to a variety of recipients, including the Gmail account of Sheriff Danzeisen. Morton County Sheriff Kyle Kirchmeier, who was regularly involved in policing the protests, also received at least one of the TigerSwan briefings.
Danzeisen did not respond to a request for comment. A spokesperson for the Morton County Sheriff’s Department wrote in an email to The Intercept that the department “did maintain communication with TigerSwan security in order to understand when and where DAPL construction activities were taking place. This gave law enforcement situational awareness in order to monitor and respond to illegal protest activity.”
TigerSwan also aided prosecutors in building cases against pipeline opponents. According to an October 16 document obtained via a records request, the security team’s responsibilities included collecting “information of an evidentiary level” that would ultimately “aid in prosecution” of protesters.
A leaked report dated September 14, 2016, indicates that TigerSwan met with the North Dakota Bureau of Criminal Investigation “regarding video and still photo evidence collected for prosecution.” The same document describes plans to “continue building Person of Interest (POI) folders and coordination with [law enforcement] intelligence.” TigerSwan’s situation reports also describe conversations between the company’s operatives and FBI agents on at least four occasions.
Activists on the ground were tracked by a Dakota Access helicopter that provided live video coverage to their observers in police agencies, according to an October 12 email thread that included officers from the FBI, DHS, BIA, state, and local police. In one email, National Security Intelligence Specialist Terry Van Horn of the U.S. attorney’s office acknowledged his direct access to the helicopter video feed, which was tracking protesters’ movements during a demonstration. “Watching a live feed from DAPL Helicopter, pending arrival at site(s),” he wrote. Cecily Fong, a spokesperson for law enforcement throughout the protests, acknowledged that an operations center in Bismarck had access to the feed, stating in an email to The Intercept that “the video was provided as a courtesy so we had eyes on the situation.”
Asked about the intel group, Fong replied, “The Intelligence Group was formed from virtually the beginning. It involved personnel from our [State and Local Intelligence Center], the BIA, FBI, and Justice” consisting of “around 7 people who monitored social media in particular, in this case, because that was the medium most if not all of the protestors were using.”
“I’m honored that they felt that we were a big enough threat to go to this level of intervention,” Ed Fallon, an activist mentioned several times in the TigerSwan documents, told The Intercept.
As the water protector movement expanded from North Dakota to other states, so did the surveillance. A report dated March 29, for instance, points to a meeting between TigerSwan and “the Des Moines Field Office of the FBI, with the Omaha and Sioux Falls offices joining by conference call. Also in attendance were representatives of the Joint Terrorism Task Force, Department of Homeland Security, Iowa Department of Emergency Services, Iowa Department of Homeland Security and Iowa Department of Wildlife. Topics covered included the current threat assessment of the pipeline, the layout of current security assets and persons of interest. The FBI seemed were [sic] very receptive to the information presented to them, and follow-up meetings with individuals will be scheduled soon.”
TigerSwan’s relationship with public police agencies was not always harmonious. The situation reports describe TigerSwan’s frustration with the amount of leeway some law enforcement gave protesters in Iowa and the company’s efforts to convince officers to use more punitive tactics.
In a situation report dated October 16, TigerSwan applauds a recent increase in bail in Lee County, Iowa, calling it “significant because this may impede protestors from risking arrest due to the high cost to be released from bail.” The document contrasts that county’s tactics to those used by others. “Calhoun, Boone and Webster county law enforcement are not supportive of DAPL Security’s mission” the report says, noting those agencies’ “reluctance to arrest or cite trespassing individuals.”
“We need to work closer with Calhoun, Boone, and Webster county [law enforcement] to ensure future protestors will at least be fined, if not arrested,” the analyst notes. “Alternatively, we could request Lee County LE speak to other counties about tactics that are working.”
Contacted for comment, recently elected Lee County Sheriff Stacy Weber said he hadn’t discussed TigerSwan with the previous sheriff. “As far as I knew, the protest stuff was over with, and we haven’t had any protests since,” he said. In fact, Weber hadn’t heard of the company until earlier this week, when a TigerSwan program manager named Don Felt stopped by the office. “He dropped his card off and said he wanted to say hello,” Weber said.
TigerSwan’s internal files describe its utilization of aerial surveillance, including use of helicopters and drones to photograph and monitor the pipeline opponents. The September 12 situation report notes that an operation by construction workers was “over-watched by a predator on loan to the JEJOC from Oklahoma.” The TigerSwan contractor who provided the Intercept with the situation reports said he did not believe the company ever operated a predator drone, but metadata in images he shared pointed to a camera used by a commercially available Phantom 4 drone. One of the daily intelligence updates notes plans to obtain night-vision goggles, LRADs, body armor, and FLIR (forward looking infrared) cameras.
The reports also reveal a widespread and sustained campaign of infiltration of protest camps and activist circles. Throughout the leaked documents, TigerSwan makes reference to its intelligence-gathering teams, which infiltrated protest camps and activist groups in various states. TigerSwan agents using false names and identities regularly sought to obtain the trust of protesters, which they used to gather information they reported back to their employer, according to the TigerSwan contractor.
Covert operations are implicit in many of the other situation reports, which are filled with details that only individuals with close and consistent access to the protesters’ communities could have gathered. On a few occasions, however, the reports make that presence more explicit, for instance by referring to “sources in the camp.”
For example, the November 5 situation report describes the “exploitation of documents found at Camp 1.” Apparently, they didn’t contain much revealing material. “Of most concern,” the situation report says, “were the ‘Earth First’ magazines found on the camp. These magazines promote and provide TTP’s [tactics, techniques, and procedures] for violent activity.”
In an October 3 report, TigerSwan discusses how to use its knowledge of internal camp dynamics: “Exploitation of ongoing native versus non-native rifts, and tribal rifts between peaceful and violent elements is critical in our effort to delegitimize the anti-DAPL movement.” On February 19, TigerSwan makes explicit its plans to infiltrate a Chicago protest group. “TigerSwan collections team will make contact with event organizers to embed within the structure of the demonstration to develop a trusted agent status to be cultivated for future collection efforts,” the report notes, later repeating its intent to “covertly make contact with event organizers.”
“At every action I went to, they had their own people walking around with a video camera getting in people’s faces,” Ian Souter, a protester who was described as a “person of interest” in a TigerSwan report, told The Intercept.
Perhaps one of the most striking revelations of the documents is the level of hostility displayed by TigerSwan toward the water protectors. TigerSwan consistently describes the peaceful demonstrators using military and tactical language more appropriate for counterterrorism operations in an armed conflict zone. At times, the military language verges on parody, as when agents write of protesters “stockpiling signs” or when they discuss the “caliber” of paintball pellets. More often, however, the way TigerSwan discusses protesters as “terrorists,” their direct actions as “attacks,” and the camps as a “battlefield,” reveals how the protesters’ dissent was not only criminalized but treated as a national security threat. A March 1 report states that protesters’ “operational weakness allows TS elements to further develop and dictate the battlespace.”
In one internal report dated May 4, a TigerSwan operative describes an effort to amass digital and ground intelligence that would allow the company to “find, fix, and eliminate” threats to the pipeline — an eerie echo of “find, fix, finish,” a military term used by special forces in the U.S. government’s assassination campaign against terrorist targets.
TigerSwan pays particular attention to protesters of Middle Eastern descent. A September 22 situation report argues that “the presence of additional Palestinians in the camp, and the movement’s involvement with Islamic individuals is a dynamic that requires further examination.” The report acknowledges that “currently there is no information to suggest terrorist type tactics or operations,” but nonetheless warns that “with the current limitation on information flow out of the camp, it cannot be ruled out.”
Haithem El-Zabri, a Palestinian-American activist singled out in the reports, was shocked to hear his name mentioned in that context. “As indigenous people, Palestinians stand in solidarity with other indigenous people and their right to land, water, and sovereignty,” he told The Intercept. “To insinuate that our assumed faith is a red flag for terrorist tactics is another example of willful ignorance and the establishment’s continued attempts to criminalize nonviolent protest and justify violence against it.”
Such ethnic and religious profiling of protesters was not unusual. An October 12 email thread shared among members of the intel group provides a striking example of how TigerSwan was able to cast suspicion on specific individuals and communicate it to law enforcement officials. Cass County Sheriff’s Deputy Tonya Jahner emailed several other officers, including two FBI agents, with an overview of information provided by “company intel.” The information pertained to a woman whom Jahner labeled as a “strong Shia Islamic” with a “strong female Shia following.” The woman had “made several trips overseas,” Jahner wrote.
TigerSwan agents also regularly tracked individuals’ movements across state lines.
On November 4, according to one of TigerSwan’s internal documents, a white SUV pulled up to a pipeline valve site in South Dakota. Approached by a security guard, the driver introduced himself as Gary Tomlin and informed the official that he was a freelance reporter covering the pipeline. In an interview, 63-year-old Tomlin, who covers the local school board for the Galesburg, Illinois, Register-Mail, said he had set out to travel the length of the pipeline and write a story about it as a freelancer. “I had time and the ability to do it, and I thought, well, I’ll go look at that sucker,” he said.
A situation report from that day notes, “This is the same individual identified in the SITREP a few days ago in Illinois and Iowa.” The security company, OnPoint, quickly contacted TigerSwan Intel “for an assessment of Gary Tomlin” and notified the guard in the next “sector” that Tomlin was on his way. “Movement of Spread Team 6 was conducted so as to intercept and/or observe Gary Tomlin’s movement throughout the South Dakota Sector,” the document states. “It is my belief,” the analyst adds, “that Gary Tomlin is hiding his true intentions and that he has a plethora of information to provide to the protesters. It is estimated that he will arrive in North Dakota on the evening of the 4th or morning of the 5th.”
Tomlin laughed at the notion that he was working with protesters. When he arrived at the camps in North Dakota, few people would talk openly with him. “They were highly aware of infiltrators,” he said. “I fit the profile of those security people — I’m a white old man.”
Cody Hall, a prominent native activist whose movements are tracked closely in the TigerSwan reports, told The Intercept he knew he was being followed whenever he left the camp.
“It was obvious, they were driving in trucks, SUVs, they would be right behind me, right next to me … it was like, damn, man, it’s like you’re getting an escort,” he said. “That was always the scary thing: How did they know that I was coming?”
A document dated October 16, obtained via a public records request, lays out the mission of the TigerSwan-led security team working in North Dakota: In addition to protecting the pipeline workers, machinery, and construction material, the company was also expected to “protect the reputation of DAPL.” The public relations mission quickly became a priority for the firm, documents show. As a leaked situation report from early September puts it, success would require “strategic messaging from the client that drives the message that we are the good guys, tell the real story and address the negative messaging with good counter messaging.”
On numerous occasions, TigerSwan agents stressed the need to change the public narrative established by protestors and to swing public support in favor of the pipeline. As accounts of protest repression garnered nationwide support for the NoDAPL movement, the firm’s agents painstakingly collected and analyzed media coverage, warning their client about how certain incidents might be received by the public.
“This article is only in the Huffington post, but the expansion of the tribe’s narrative outside of the Native American community media outlets is of concern,” an October 3 report notes. TigerSwan agents regularly describe protesters’ accounts of events as “propaganda.”
But TigerSwan personnel did not limit themselves to monitoring the narrative — they also tried to change it.
In a report dated September 7, TigerSwan agents discuss the need for a “Social Engagement Plan.” On September 22, they discuss the development of an information operations campaign run by the company’s North Carolina-based intel team and Robert Rice, who without disclosing his TigerSwan affiliation posed as “Allen Rice” in a series of amateurish videos in which he provided commentary critical of the protests. The videos, posted on the Facebook pages “Defend Iowa” and “Netizens for Progress and Justice,” were removed after The Intercept contacted TigerSwan, Rice, and the pages’ administrators for comment. None responded.
With the Dakota Access Pipeline construction nearing completion, TigerSwan might have found itself out of a lucrative contract. But in the months leading up to the first oil delivery through the pipeline, the company made sure to stress the continued need for security.
“Everyone must be concerned of the lone wolf,” a TigerSwan operative wrote in a March 7 report. “Should we slip from that conscience, we may all be amiss. I cannot afford this in my duties, nor will We/I allow or accept this. I cannot thank everyone for enough for their support during this entire process, However, the movement continues, and We/I will not stop. That’s not in my vocabulary. We will always over-watch as the protectors what is in the best interest for ETP, as we are the guardians.”
In recent weeks, the company’s role has expanded to include the surveillance of activist networks marginally related to the pipeline, with TigerSwan agents monitoring “anti-Trump” protests from Chicago to Washington, D.C., as well as warning its client of growing dissent around other pipelines across the country.
In a March 24 report discussing the likely revival of protests as summer approaches, TigerSwan writes, “Much like Afghanistan and Iraq, the ‘Fighting Season’ will soon be here with the coming warming temperatures.”
Documents published with this story:
Leaked documents and public records reveal a troubling fusion of private security, public law enforcement, and corporate money in the fight over the Dakota Access Pipeline.
Leaked documents and public records reveal a troubling fusion of private security, public law enforcement, and corporate money in the fight over the Dakota Access Pipeline.
On a freezing night in November, as police sprayed nonviolent Dakota Access Pipeline opponents with water hoses and rubber bullets, representatives of the FBI, the Bureau of Indian Affairs, North Dakota’s U.S. Attorney’s Office, and local law enforcement agencies frantically exchanged emails as they monitored the action in real time.
“Everyone watch a different live feed,” Bismarck police officer Lynn Wanner wrote less than 90 minutes after the protest began on the North Dakota Highway 1806 Backwater Bridge. By 4 a.m. on November 21, approximately 300 water protectors had been injured, some severely. Among them was 21-year-old Sophia Wilansky, who nearly lost her arm after being hit by what multiple sworn witnesses say was a police munition.
The emails exchanged that night highlight law enforcement efforts to control the narrative around the violent incident by spreading propaganda refuting Wilansky’s story, demonstrate the agencies’ heavy reliance on protesters’ social media feeds to monitor activities, and reveal for the first time the involvement of an FBI informant in defining the story police would promote.
The exchange is included in documents obtained by The Intercept that reveal the efforts of law enforcement and private security contractors to surveil Dakota Access Pipeline opponents between October and December 2016, as law enforcement’s outsized response to the demonstrators garnered growing nationwide attention and the number of water protectors living in anti-pipeline camps grew to roughly 10,000. Although the surveillance of anti-DAPL protesters was visible at the time — with helicopters circling overhead, contingents of security officials watching from the hills above camp, and a row of blinding lights illuminating the horizon along the pipeline’s right of way — intelligence collection largely took place in darkness.
In addition to the email communications, The Intercept is publishing 15 internal situation reports prepared by the private security firm TigerSwan for its client, Dakota Access parent company Energy Transfer Partners, as well as three PowerPoint presentations that TigerSwan shared with law enforcement. The documents are part of a larger set that includes more than 100 internal TigerSwan situation reports that were leaked to The Intercept by one of the company’s contractors and more than 1,000 Dakota Access-related law enforcement records obtained via public records request.
Last week, The Intercept published an exclusive report detailing TigerSwan’s sweeping enterprise, over nine months and across five states, which included surveillance of activists through aerial technology, social media monitoring, and direct infiltration, as well as attempts to shift public opinion through a counterinformation campaign. The company, made up largely of special operations military veterans, was formed during the war in Iraq and incorporated its counterinsurgency tactics into its effort to suppress an indigenous-led movement centered around protection of water.
Roughly eight hours prior to Sophia Wilansky’s injury, Bismarck police officer Lynn Wanner — who, records indicate, acted as a liaison between intelligence agencies and field officers throughout the anti-DAPL protests — alerted local, state, and federal law enforcement partners that an “FBI inside source” was “reporting propane tanks inside the camp rigged to explode.” Wanner’s email about the FBI informant echoes the story the Morton County Sheriff’s Department would later tell journalists about Wilansky’s injury.
“We probably should be ready for a massive media backlash tomorrow although we are in the right. 244 angry voicemails received so far,” wrote Ben Leingang, a North Dakota state official, at about 10 p.m. on November 20. By morning, images of Wilansky’s severely injured arm were circulating online.
TigerSwan fretted about the backlash, too. “Protesters are claiming over 100 injuries associated with the demonstration and will surely contort video of the event into anti-DAPL propaganda,” the security firm noted in its internal report that next morning.
As another day passed, U.S. Attorney’s Office National Security Intelligence Specialist Terry Van Horn sent an email to members of various federal agencies noting the FBI’s claim that “a source from the camp reported people were making IED’s from small Coleman type propane canisters.” Van Horn added that Wilansky “was witnessed throwing an IED while on the bridge, it detonated early and caused the below injuries (see graphic photos).”
Less than an hour later, Van Horn emailed to the thread the text of a Facebook post from the page Netizens for Progress and Justice. “This wasn’t caused by law enforcement, it was caused by dumbass ‘direct action’ protesters that think they are doing the right thing without any consideration for the safety and welfare of honest protesters nearby that are caught up in things,” the post read, going on to describe a theory of the injury that conflicted even with law enforcement’s propane tank theory.
“How can we get this story out?” replied Maj. Amber Balken, a public information officer for the National Guard, which was also involved in policing the protests. “This is a must report,” Balken added, suggesting the name of a local conservative blogger. Cecily Fong, a public information officer with the North Dakota Department of Emergency Services, replied by promising to “get with” the blogger to circulate the article.
As The Intercept reported last week, Netizens for Progress and Justice also frequently published content produced on behalf of TigerSwan, including videos critical of pipeline opponents. Fong declined to comment on the exchange. Neither Van Horn nor Balken replied to a request for comment. The FBI declined to comment on any involvement it had in the protests, and the Bureau of Indian Affairs did not respond to a request for comment.
Ultimately, police promoted a story about the incident that echoed the claims of the FBI informant. On November 22, the Morton County Sheriff’s Department distributed press releases implying that Wilansky’s injury had been caused by a protester’s IED.
The Intercept reached Lauren Regan, an attorney representing Sophia Wilansky, and read the text of Van Horn’s email to her over the phone. “So much of it is totally factually incorrect,” Regan said.
“There has never been any evidence I have seen or heard of that gave any credibility to the allegation that propane tanks were being rigged as explosive devices,” continued Regan, who is a staff attorney at the Oregon-based Civil Liberties Defense Center. “To me, the timing of that revelation, in light of their having just basically blown a white woman’s arm off, always seemed extremely dubious.”
Sophia Wilansky’s father, Wayne Wilansky, agreed that “there’s not a shred of truth” to Van Horn’s account of Wilansky’s injury. “Obviously, disinformation is a major component of how they dealt with the protests,” he told The Intercept.
The internal situation reports from around the time of Wilansky’s injury contain their own examples of disinformation, invasive intelligence-gathering practices, and a fixation on the purported violence of DAPL’s opponents. At times, TigerSwan refers explicitly to informants and infiltrators. A document from October 3, for example, explains the ways the company monitored members of the American Indian Movement “mostly through social media” and “informant collection” in order to gauge the effectiveness of their security practices and “develop possible counter-measures moving forward.”
The documents, four of which were first published by Grist, include the names of dozens of pipeline opponents, labeling some as “persons of interest.” They describe meetings with law enforcement, including campus police at the University of Illinois and Lincoln Land College, as well as TigerSwan’s attempts to pressure officers into more aggressive action against protesters.
In the reports, TigerSwan declares success in accessing hard-to-find Facebook content, noting in an October 10 document, “The social media cell has harnessed a URL coding technique to discover hidden profiles and groups associated with the protesters.”
But TigerSwan’s intelligence was far from perfect and its interpretation of events was frequently off. For example, one document referenced a shell necklace that, TigerSwan speculated, marked members of the Mississippi Stand group who “have been arrested for the cause.” Mississippi Stand member Alex Cohen told the Intercept that the necklaces had nothing to do with arrests and were merely gifts given to a number of members by people indigenous to the area of one of their camps.
Overall, TigerSwan depicted the situation on the ground as volatile, at times painting the anti-pipeline camps as rife with drug use and “sexual deviance,” its inhabitants likely to stir violence. The security company found ways to interpret even the most benign social gatherings as potentially dangerous. One document previewed a casino concert featuring Jackson Browne and Bonnie Rait, fretting that it would draw “numerous outside influencers.” The document predicted, “Depending on the progress of drilling by then, the project could be adversely affected if not counter measured.”
After November 8, TigerSwan noted that “the election of President-elect Trump is likely to have a positive effect for the project overall and cooperation from the Federal level will likely improve after 20 JAN.” At the same time, TigerSwan commented on protesters’ post-election “despair,” writing on November 12 that “the DAPL protesters are inherently desperate and are not looking for a peaceful solution regarding the Dakota Access Pipeline (DAPL) in turn we can expect this situation to become more volatile than it has ever become before.”
On November 13, TigerSwan again insisted on the likelihood of violence erupting. “Most locals are now carrying weapons to protect themselves, their families and their property,” that report notes. “They have also expressed frustration with what they see as a lack of action by law enforcement.” Around the same time, TigerSwan and law enforcement expressed concerns about the impact the death of a protester might have on the pipeline project. “The use of force or death of a protester or rioter will result in the immediate halt to DAPL operations, which will likely permanently halt the entire project,” the PowerPoint presentations TigerSwan shared with law enforcement warned.
Weeks later, the Obama administration would deny the pipeline company a key federal permit, putting construction on hold. In January, President Donald Trump revived the project. The pipeline began service to customers last Thursday.
The email chain from the night of the Backwater Bridge incident and other documents represent detailed illustrations of the work of a so-called fusion center. In 2007, President George W. Bush signed the 9/11 Commission Act, which allocated $300 million to the Department of Homeland Security for the establishment of fusion centers, originally intended to facilitate sharing of anti-terrorism intelligence among different state, local, and federal law enforcement agencies. According to the DHS website, there are currently 77 fusion centers nationwide, with every state home to at least one.
Brendan McQuade, an assistant professor of sociology at the State University of New York, Cortland, who is working on a book on fusion centers, said the records pertaining to the North Dakota State and Local Intelligence Center’s monitoring and repression of Standing Rock demonstrations offer unique insight into how fusion centers are used for political repression. “We’ve seen hints of this monitoring of the online presence of Black Lives Matter and Occupy protests, but never such explicit evidence of it as in the documents you’ve collected,” he told The Intercept after reviewing a selection of the documents.
According to former FBI Special Agent Michael German, who is now with the Brennan Center for Justice at New York University Law School, fusion centers have become part of a broader “surveillance-industrial complex” in which security agencies and the corporate sector merge together in a frenzy of mass information gathering, tracking, and surveillance. Federal support for fusion centers is predicated on increased government access to “non-traditional information sources,” he notes. And one of the goals of fusion centers is to protect the nation’s critical infrastructure, 85 percent of which is owned by private interests.
“The insidious thing is that the role of private-sector entities in fusion centers has grown up without any specific legislation authorizing it,” said German, who co-authored a 2007 report on behalf of the ACLU called “What’s Wrong with Fusion Centers?” “Instead, the development of these techniques and relationships, such as the one involving TigerSwan and North Dakota law enforcement, has occurred within the closed-off world of law enforcement.”
TigerSwan’s status as a private company has enabled it to operate with virtually no transparency or oversight. The North Dakota Private Investigation and Security Board confirmed in an email to The Intercept this week that TigerSwan still has not obtained a license to work as a private security firm in the state despite nine months on the ground. The company’s close collaboration with law enforcement, to which it has regularly fed intelligence, raises serious questions.
“The line between private security and law enforcement at DAPL has been nonexistent,” Bruce Ellison of the National Lawyers Guild, who also works with the Water Protector Legal Collective, told The Intercept. “They have been one in the same.”
Still, it’s not clear that either TigerSwan or law enforcement crossed a legal line with their surveillance activities. Private companies have few obligations to protect constitutional rights to free speech, association, or privacy. And while public agencies, including law enforcement, do have that obligation, they also have ample leeway to operate in invasive and unethical ways that are nonetheless legal. As The Intercept reported in January, detailed guidelines govern the FBI’s activities involving confidential informants and covert online work. But the guidelines are filled with loopholes that ultimately allow FBI agents to spy on just about anybody if they get the right approvals.
If TigerSwan were meeting regularly enough with the FBI, acting at the bureau’s behest, or even simply feeding agents information, it could represent an end-run around FBI rules. However, as Ramzi Kassem, a law professor at the City University of New York School of Law who directs the Creating Law Enforcement Accountability & Responsibility (CLEAR) project, put it, “The guidelines are one thing, but the legal baseline for what’s constitutional and what’s not constitutional is another.”
To a large degree, unless they were found to be acting at the direction of government, TigerSwan’s agents would likely be held to similar standards as regular citizens, their most likely violations being things like trespassing.
Despite the legal ambiguity, TigerSwan’s actions raise questions. “You have these privatized actors that are performing what are commonly understood to be government functions — whether or not we’ve agreed that these are acceptable government functions,” said Kassem. “Private corporations are taking these actions on a scale that is unheard of before — this isn’t your local private eye investigative service, we’re talking about tactics that the military uses overseas.”
“We need to be looking at whether our laws are sufficient to protect political groups from disruption, interference, and attacks by people who are infiltrating or surveilling their activities,” said Kris Hermes, an author and activist who has worked for years providing legal support at protests as a member of the National Lawyers Guild. “What it has done is thrown a chilling blanket over political organizing today whereby everybody feels that they should be engaging in some kind of security culture to avoid the snooping of law enforcement or private security firms. That has a far-reaching effect that I don’t think is appreciated enough. It prevents people from engaging effectively in First Amendment activity.”
The privatization of law enforcement and its subjugation to corporate interests are hardly a novelty, though the increased militarism of the domestic policing of dissent has taken on sinister overtones in the wake of the so-called global war on terror.
In the late 19th century, Allan Pinkerton’s National Detective Agency offered private detective and security services to public and corporate clients. The “Pinkertons,” as they were known, relied heavily on undercover agents and often acted as agents provocateur, triggering violence as much as they engaged in surveillance and propaganda.
Through their involvement as armed guards during labor conflicts, the Pinkertons “became a shorthand for the abusive power of unchecked capitalism,” Paul O’Hara, a history professor at Xavier University who wrote a book about them, told The Intercept. To workers, the Pinkertons were “hired thugs for capital” and “a symbol of corporate power,” he wrote. Their activities led to two congressional investigations and the Anti-Pinkerton Act of 1893, which barred the federal government from contracting with the Pinkertons and similar groups. But the act largely failed in its intent, and the Pinkertons set the stage for public partnerships with mercenary groups continuing to this day.
TigerSwan never responded to The Intercept’s repeated requests for comment, oscillating instead between following and blocking these reporters on Twitter. The company did, however, retweet a comment by a reader of The Intercept. He had called TigerSwan “modern day Pinkertons.”
Documents published with this story:
The Intercept has redacted the names of persons identified in internal TigerSwan and public documents unless those persons have directly communicated their willingness to be included. The names of senior TigerSwan and law enforcement personnel have not been redacted. To search all TigerSwan documents published by The Intercept, go to the TigerSwan project page on DocumentCloud.
Correction: June 3, 2017
This story has been updated to correct Brendan McQuade’s title and the spelling of his name.
By the time law enforcement officers began evicting residents of the Oceti Sakowin Dakota Access Pipeline resistance camp near the Standing Rock Sioux reservation on February 22, the brutal North Dakota winter had already driven away most of the pipeline opponents. With protesters’ numbers dwindling, along with nationwide attention to their cause, it would have been a natural time for the private security company in charge of monitoring the pipeline to head home as well. But internal communications between TigerSwan and its client, pipeline parent company Energy Transfer Partners, show that the security firm instead reached for ways to stay in business.
“The threat level has dropped significantly. This however does not rule out the chance of future attack,” states a document dated February 24, two days after the eviction began. “As with any dispersion of any insurgency, expect bifurcation into splinter groups, looking for new causes.”
Indeed, TigerSwan appeared to be looking for new causes, too. As The Intercept has reported, the security firm’s sweeping surveillance of anti-Dakota Access protesters had already spanned five months and expanded into Iowa, South Dakota, and Illinois. More than 100 leaked situation reports provided to The Intercept by a contractor working for TigerSwan describe in detail the firm’s observations of the NoDAPL movement; information obtained via invasive surveillance tactics such as infiltration of protest groups, aerial surveillance, and radio eavesdropping; and efforts to track the movements of individual pipeline opponents.
In January and February the NoDAPL movement suffered major blows. On January 24, days after his inauguration, President Donald Trump revived the stalled pipeline by reversing an Obama administration decision that had denied Energy Transfer Partners a key permit. The eviction of the resistance camps followed a month later.
Situation reports filed to Energy Transfer Partners in January and February reveal that as the pipeline’s construction neared completion, potentially threatening TigerSwan’s continued relationship with its client, the security company stepped up its efforts to portray the situation as volatile and dangerous.
In a document dated February 27, the report’s author made a comparison clearly derived from TigerSwan’s background as a private defense contractor in Afghanistan and Iraq:
The archetype of a jihadist post-insurgency is the aftermath of the anti-Soviet Afghanistan jihad. While many insurgents went back to their pre-war lives, many, especially the external supporters (foreign fighters), went back out into the world looking to start or join new jihadist insurgencies. Most famously this “bleedout” resulted in Osama bin Laden and the rise of Al Qaeda, but the jihadist veterans of Afghanistan also ended up fighting in Bosnia, Chechnya, North Africa, and Indonesia, among other places.
The “anti-DAPL diaspora,” the document argued, was spreading to Iowa, New York, Florida, and Arkansas. Finding less to report in North Dakota, the company focused in February on individual opponents’ movements to other states and described surveillance of causes as varied as climate change and resistance to incoming President Donald Trump.
TigerSwan became particularly interested in Chicago, and the February documents describe various efforts to infiltrate area activist groups. A February 4 report refers to a TigerSwan operative’s intention to conduct “observation and photographic documentation” of a local protest. Documents dated between February 19 and February 21 describe TigerSwan’s efforts to monitor an anti-Trump protest organized by the local chapter of the Answer Coalition, an anti-war, anti-racism group. “TigerSwan collections team will make contact with event organizers to embed within the structure of the demonstration to develop a trusted agent status to be cultivated for future collection efforts,” notes the February 19 report, which also speculates on the remote possibility of violence at the event.
Answer Coalition’s coordinator in Chicago, John Beacham, who organized the protest TigerSwan described, said that while participants were supportive of the NoDAPL movement, it was not the event’s primary focus. “They’re trying to make connections where they aren’t. It’s almost like they’re trying to cast conspiracy theories across the entire progressive movement because they’re sympathetic to the NoDAPL movement,” he told The Intercept.
A February 22 document describes an upcoming organizer training put on by the group Lifted Voices: “This would be a good opportunity for us to get someone inside, become known and gather the most current direct action [tactics, techniques, and procedures]. While Lifted Voices is not a #NoDAPL organization, Kelly Hayes has influenced organizing protest events and has spoken at the last two events in Chicago.”
“We were pretty aware that, with that number of people in the mix, an agent of law enforcement might be in the room,” Hayes told The Intercept. “So hearing that it was a rent-a-spy that was in the room isn’t that shocking.”
TigerSwan also focused on Iowa, and the documents describe in detail the growth there of the Little Creek Camp, built primarily as a space for education and healing. Documents dated between February 22 and February 27 provide updates on the movements of a group of water protectors as they traveled from North Dakota to the new Iowa camp, stopping at a hotel and at one point getting stuck in the mud.
Meanwhile, in the weeks before the Oceti Sakowin camp eviction, TigerSwan continued to deploy its invasive surveillance tactics in North Dakota. On February 7, TigerSwan noted its use of a “rotary-wing mounted mobile [forward-looking infrared cameras] to conduct evaluation of heat signatures and disposition of camps,” while on February 10 it made a case for the expansion of a “listening post” that might “yield increased situational awareness due to proximity of [radio frequency] devices” and on February 13 it made reference to “unsecure [radio frequency] communications used by camp security.”
The documents also highlight TigerSwan’s continued close cooperation with law enforcement, often referencing meetings with local sheriffs’ deputies, police chiefs, and the National Guard, as well as its effort to procure intelligence to be used to prosecute protesters. On February 10, a TigerSwan operative in Iowa even mentioned a meeting with Sen. Joni Ernst’s husband “to rekindle an informal relationship.” Sen. Ernst did not respond to a request for comment on the nature of any such relationship.
A February 5 document notes that the company had “continued to proceed with ETP’s legal team’s requests,” and on February 12, a report stated that the company would continue to “assist Federal Law Enforcement with identifying locations of Camp 4, pertinent to their criminal activity investigations.” On February 13, discussing the movement of “weapons cases” by some unidentified individuals, TigerSwan reported that the federal Bureau of Alcohol, Tobacco, Firearms, and Explosives and North Dakota law enforcement “were passed the information and media gathered from the event.” And a February 27 document notes, “(TigerSwan-North Dakota) continues to support The Department of Interior with requests for [intelligence, surveillance, and reconnaissance] and information in the completion of the full removal of illegal personnel within the [U.S. Army Corps of Engineers] land and the Reservation lands.”
On February 9, mentioning a well-known water protector’s recommendation that others stop using Facebook, TigerSwan notes: “Remaining protestors are acutely aware of LE infiltration, and the monitoring of Social Media, seeing themselves as increasingly vulnerable to prosecution.”
As it was throughout the operation, TigerSwan was particularly alarmist about the potential for violence and sabotage, speculating about “flammable liquids being gathered” and “homemade incendiary weapons.”
At times, the speculative nature of its observations is almost farcical. “There is no indication the protesters have planned sabotage activities; however successful sabotage of equipment will hinder ongoing construction,” a report dated February 15 reads. “The threat of IEDs is of concern, however there is no indication that such devices are employed along the routes used by DAPL personnel.”
The February documents also repeatedly refer to water protectors with derogatory terms such as “snow poopers” and “sewage producers,” apparently in reference to a refuted narrative spread by local officials that water protectors had polluted the grounds of their camp. Occasionally, the documents openly display racism toward Native Americans. On February 24, for instance, after listing the names of various water protectors, the author adds, “Editors note! These names were not made up at a bar!”
While earlier documents had focused on the presence of Palestinians and Muslims at the camps, in February TigerSwan zeroed in on groups like Veterans for Peace and the Catholic Worker, which it accused, respectively, of “anti-American/Pro-communist activities” and gathering funds “from various democratic parties, communist groups, and various other groups that seek to establish a revolutionary movement in the United States.”
As was the case in the fall, the January and February reports name dozens of individuals, with particular focus on some whom TigerSwan deemed to be the “most radical.”
Among them is Chase Iron Eyes, an activist, attorney, and former candidate for Congress, whom TigerSwan tracked to the airport where he boarded a flight to a climate conference in British Columbia, which TigerSwan characterized as a meeting with “an extremist native organization.”
“I had suspicions [they were watching me] but I also want to believe that we live in liberty, and that we can pursue freedom, justice, and equality without being demonized, having our rights violated, having our privacy violated, and being treated like a terrorist and not a patriot,” Iron Eyes told The Intercept.
“It was an event at a university. … Naomi Klein was one of the speakers,” he added. “It literally was inside this university amphitheater and we had Indian tacos and we had a meal together and we talked about the context and the importance of these pipeline struggles.”
The Dakota Access Pipeline began service to its clients this month. Opponents saw a win last week when a federal judge ordered the U.S. Army Corps to revisit parts of its environmental review of the project, raising the possibility that oil flow could be halted as the review is completed.
Energy Transfer Partners declined to comment on the leaked situation reports, writing in an email to The Intercept that it does not “discuss details of our security initiatives, which are designed to ensure the safety of our employees and the communities in which we live and work.” In an email sent to The Intercept from a TigerSwan account, an unnamed representative of the firm stated, “We will not comment on the security aspects of your story beyond saying that safety is always our top priority.”
Documents published with this story:
Internal TigerSwan Situation Report 2017-02-28
Internal TigerSwan Situation Report 2017-02-27
Internal TigerSwan Situation Report 2017-02-26
Internal TigerSwan Situation Report 2017-02-25
Internal TigerSwan Situation Report 2017-02-24
Internal TigerSwan Situation Report 2017-02-23
Internal TigerSwan Situation Report 2017-02-22
Internal TigerSwan Situation Report 2017-02-21
Internal TigerSwan Situation Report 2017-02-20
Internal TigerSwan Situation Report 2017-02-19
Internal TigerSwan Situation Report 2017-02-18
Internal TigerSwan Situation Report 2017-02-17
Internal TigerSwan Situation Report 2017-02-16
Internal TigerSwan Situation Report 2017-02-15
Internal TigerSwan Situation Report 2017-02-14
Internal TigerSwan Situation Report 2017-02-13
Internal TigerSwan Situation Report 2017-02-12
Internal TigerSwan Situation Report 2017-02-11
Internal TigerSwan Situation Report 2017-02-10
Internal TigerSwan Situation Report 2017-02-09
Internal TigerSwan Situation Report 2017-02-08
Internal TigerSwan Situation Report 2017-02-07
Internal TigerSwan Situation Report 2017-02-05
Internal TigerSwan Situation Report 2017-02-04
Internal TigerSwan Situation Report 2017-01-25
Internal TigerSwan Situation Report 2017-01-18
The Intercept has redacted the names of persons identified in internal TigerSwan and public documents unless those persons have directly communicated their willingness to be included. The names of senior TigerSwan and law enforcement personnel have not been redacted. To search all TigerSwan documents published by The Intercept, go to the TigerSwan project page on DocumentCloud.
After months of employing military-style counterinsurgency tactics to subvert opposition to the Dakota Access Pipeline in North Dakota, Iowa, Illinois, and South Dakota, the private security firm TigerSwan is monitoring resistance to another project — the controversial Mariner East 2 pipeline.
Like DAPL, Mariner East 2 is owned by Energy Transfer Partners. The pipeline is slated to run for 350 miles, transporting ethane, butane, and propane through Ohio, Pennsylvania, and West Virginia to a hub near Philadelphia for shipment to both domestic and international markets. Internal TigerSwan documents reviewed by The Intercept suggest the company has had a presence in Pennsylvania since at least April.
On April 1, the Mariner East 1 pipeline, which runs parallel to the proposed path of ME2, spilled 20 barrels of ethane and propane near Morgantown, Pennsylvania. On the day of the incident, an email provided to The Intercept by a TigerSwan contractor shows the firm was watching social media for signs the spill would become a rallying point for pipeline opponents.
“At this time the incident has NOT gained any public interest,” a TigerSwan operative wrote in the email.
TigerSwan founder James Reese replied, “We nees [sic] to monitor social media for blow baxk [sic] on the leak.”
The company had been monitoring Dakota Access opponents’ social media for months and analyzing press coverage related to that pipeline fight, according to more than 100 internal situation reports leaked to The Intercept. The documents routinely referenced counterinformation efforts to produce and distribute propaganda favorable to the pipeline.
TigerSwan apparently carried at least some of these practices to Pennsylvania. It would be weeks before the public learned of the leak of highly explosive natural gas liquids. According to a source with direct knowledge of TigerSwan’s operation, making sure nobody found out about the incident was part of TigerSwan’s mission on the project. Nearby residents were kept in the dark until April 20, when Sunoco, which recently completed a merger with Energy Transfer Partners, confirmed to a local media outlet that the leak had occurred.
As Dakota Access opponents moved to new pipeline fights across the country, other repressive tactics deployed against the NoDAPL movement migrated too. TigerSwan’s entry into the ME2 struggle comes as industry-supported lawmakers in Pennsylvania, a center of the nation’s fracking boom, are advancing legislative efforts to increase fines and charges associated with anti-pipeline direct action protests.
The TigerSwan situation reports show that as early as February, as state officials prepared to evacuate the first pipeline resistance camp in North Dakota, the security firm was monitoring the potential for DAPL opposition to spill over into grassroots struggles against other pipeline projects, including ME2 and Energy Transfer Partners’ Rover pipeline in Ohio. “Recently, Illinois activists have begun to shift their focus in earnest from anti-DAPL to anti-pipeline,” a situation report dated February 21 reads. “They have started sharing information on multiple pipeline projects across the country. There has not yet been any mention of Mariner East or Rover, but there is an active effort to continue their momentum in fighting pipeline construction and operation.”
Public records also show an increased interest by the company in areas through which other Energy Transfer Partners projects would pass.
Last November, TigerSwan obtained business licenses in Pennsylvania, Ohio, and West Virginia, the three states in the path of ME2. On June 1, TigerSwan also obtained a business license to operate in Louisiana, where Energy Transfer Partners is building the Bayou Bridge Pipeline, which would connect to the Dakota Access Pipeline system and carry Bakken shale oil to Gulf Coast export terminals.
At a February hearing held by the Louisiana Department of Natural Resources, TigerSwan advisory board chair James “Spider” Marks, a retired U.S. Army major general, spoke in favor of building the pipeline — without revealing his association with TigerSwan. He also published an op-ed in the Lafayette Daily Advertiser newspaper decrying the “anti-energy agitators” who oppose the project.
“No Louisianan wants to live under the conditions that those unsuspecting North Dakota residents were subject to — with protesters trespassing, interrupting the local flow of traffic, and generally injecting elements of fear and the unknown into their daily lives,” Marks wrote. “A timely approval process of the Bayou Bridge Pipeline, however, would prevent the possibility of such conditions arising in this state.”
In May, Marks wrote another opinion piece that failed to disclose his TigerSwan affiliation, this time for the Pennsylvania news site PennLive, warning readers there to “be wary of professional pipeline protesters” who turned Standing Rock into a scene of “hapless violence and bloodshed.”
“Many of the same professional agitators who fomented chaos in North Dakota are turning their efforts to the Mariner East II Pipeline in Pennsylvania,” Marks wrote. “These orchestrators make no qualms about their intent to turn Camp White Pine — a small but growing protest area in Huntingdon County — into the next national showdown.”
Energy Transfer Partners declined to comment, writing in an email to The Intercept that it does not “discuss details of our security initiatives, which are designed to ensure the safety of our employees and the communities in which we live and work.” In an email sent to The Intercept from a TigerSwan account, an unnamed representative of the firm declined to answer questions about TigerSwan’s work on ME2, but commented on its social media monitoring efforts. “Of course we monitor social media during any type of situation,” the person wrote. “With the advent of so many bots on twitter and those organizations who perpetuate defamatory and outrageous slander against not only American companies but local, state and national law enforcement on the internet, we wouldn’t be doing our job unless we did.” Marks did not respond to a request for comment. Last week, TigerSwan retweeted a comment characterizing his PennLive piece as a “TigerSwan op-ed.”
Opponents of the ME2 project say they’ve noticed an increased security presence around the pipeline’s path in recent months. “They’ve been making us feel that we’re under constant threat and observation,” Elise Gerhart told The Intercept.
Elise and her parents, Ellen and Stephen Gerhart, have campaigned against ME2 for more than two years and currently host Camp White Pine on their 27-acre property along the pipeline’s right of way in Pennsylvania’s Huntingdon County, where they stage tree-sits to protest the clearing of land for construction. As the pipeline’s construction moves closer, Elise said unmarked pickup trucks have parked across the road from their driveway at night, shining their high beams toward the camp. Helicopters have regularly hovered low over their land, a tactic familiar to Standing Rock protesters.
According to StateImpact Pennsylvania, a spokesperson for Sunoco and Energy Transfer Partners denied that the newly merged company or its partners had flown helicopters over the Gerhart property.
In southeastern Pennsylvania’s Delaware County, Eric Friedman, president of a local homeowner’s association, said that as resistance to the project has grown more vocal, so has residents’ sense that they are being watched. Friedman’s group is concerned that the pipeline will move pressurized natural gas liquids through a densely populated suburban area, in close proximity to schools and a senior living facility. Last month, one of the schools started practicing emergency drills to prepare for a possible pipeline explosion, and a study commissioned by a local coalition for community safety warned of the worst-case consequences of potential leaks, including the ignition of “a fireball with a blast radius up to 1,100 feet.”
In recent months, administrators of area Facebook groups opposed to the pipeline reported getting requests from individuals they “have questions about,” Friedman noted. “I suspect that they’re here and using the same kinds of tactics,” he told The Intercept, referring to private security agents. “My sense is that they escalate their response in accordance to the resistance that they’re being met with.”
While the unmarked trucks and strange Facebook requests couldn’t be definitively traced to a private security contractor, TigerSwan’s documented efforts on behalf of Energy Transfer Partners to repress the anti-DAPL movement have raised concerns for ME2 opponents.
“A year ago, people didn’t realize that the company that was using these kinds of tactics in North Dakota was the same company that’s proposing to build this project here. There wasn’t a lot of awareness,” Friedman said. “Now that’s very much in everybody’s mind.”
In Pennsylvania, as in North Dakota, public officials have also played a role increasing pressure on pipeline opponents.
On May 4, state Sen. Scott Martin hosted a closed-door forum between first responders in Lancaster County and officials from North Dakota who were involved in policing the NoDAPL movement. The next day, citing costs associated with the North Dakota protests, Martin distributed a memorandum seeking a co-sponsor for a bill he was drafting that would hold individuals “civilly liable for response costs related to a demonstration if the person is convicted for rioting,” “is a public nuisance,” or “is involved in hosting the demonstration.”
Martin represents much of Lancaster County, which is home to the Lancaster Stand, an action camp located on private property whose organizers have promised to use the grounds as a base for direct actions against the Atlantic Sunrise pipeline once construction begins.
This isn’t the first anti-protester legislation to be pushed in the state. State Sen. Mike Regan recently introduced a measure defining a new type of felon: the “critical infrastructure facility trespasser.” The label could be applied for as little as “attempt[ing] to enter a critical infrastructure facility, knowing that the person is not licensed or privileged to do so.” An individual who succeeded in entering the property with “intent” to damage or destroy equipment or even simply to impede facility operations would face up to two years in prison and a minimum $10,000 fine, as would anyone “conspiring” with others to trespass. Critical infrastructure is defined in the bill as including numerous types of oil and gas infrastructure. The bill was scheduled for a judiciary committee vote last month, which was canceled at the last minute.
As Pennsylvania’s Raging Chicken Press reported, language in the bill mirrors that of a recently approved Oklahoma law penalizing oil and gas industry protesters. And indeed, it’s part of a trend of anti-protester legislation introduced in more than a dozen states across the U.S., including bills aimed at oil infrastructure protesters in Colorado, South Dakota, and North Dakota.
But even without the new legislation, ME2 opponents have faced stiff penalties for hindering construction.
In March 2016, as contractors for Sunoco began cutting down trees, Huntingdon County sheriff’s deputies arrested Ellen Gerhart on her own property when she attempted to warn construction crews that her daughter, Elise, was in a tree dangerously close to where they were clearing. Two other pipeline opponents were also arrested. One of them, Alex Lotorto, was detained for three days on a $200,000 bail. Gerhart, a retired special education teacher, was later arrested a second time on her property, and according to a public comment she submitted to the state Department of Environmental Protection, was held in isolation for three days without access to a lawyer.
Charges against her were eventually dropped, but Sunoco later requested that a Pennsylvania judge allow law enforcement to arrest trespassers on the pipeline easement — even if they happened to own the easement land. On April 28, in a rare decision, Huntingdon County Judge George Zanic complied with the request, ordering what’s known as a “writ of possession” enabling authorities to arrest the Gerharts for trespassing on their own property.
Meanwhile, in Delaware County, disputes between property owners and the pipeline company have also ramped up. In May, after some stakes that a pipeline survey crew had placed along the project site were removed overnight, a project manager representing Sunoco emailed an attorney for the local homeowners association. “Because of this, the survey will have to be done again and further monitoring of the property will be requested from the local authorities,” the agent warned in an email reviewed by The Intercept. The Sunoco agent added that “the professional survey crew staked within the limits of the project and did not trespass on anyone’s property.”
But Eric Friedman disputes that and says the stakes were placed by the pipeline company on the private property of the Andover Homeowners’ Association and private lots within the subdivision. “The very idea that Sunoco’s agents would call upon law enforcement to protect their trespass strikes me as completely backwards,” Friedman told The Intercept.
“I took that as a threat to use law enforcement against us,” he added. “It indicated to me that he was at some level in contact with the Pennsylvania State Police and threatening to activate them against us.”
Lt. James Hennigan of the Pennsylvania State Police, which is in charge of the area where the incident took place, wrote in a statement to The Intercept that the agency “responds to all calls for service. Our members take appropriate action if any crime has been committed.”
In North Dakota and Iowa, TigerSwan regularly shared information with law enforcement. The Huntingdon County Sheriff’s Office, in the Gerharts’ county, and the police department in Caernarvon Township, where the Mariner East 1 leak took place, did not respond to requests for comments about collaboration with private security.
Friedman said he hopes local law enforcement will work with residents rather than pipeline representatives. “We live here, we are your neighbors, we are the same as you,” he said. “These people are not, they are outsiders, and you should be working for us. We are your constituents.”
TigerSwan, the private company behind a monthslong, multi-state surveillance operation targeting opponents of the Dakota Access Pipeline, illegally provided security and investigative services to the pipeline’s parent company, Energy Transfer Partners, despite being denied a license to do so, a new civil lawsuit alleges. Even after oil began to flow through the contested pipeline, and long after the crowded Dakota Access resistance camps gave way once again to empty prairie, TigerSwan continued its unlicensed security operations in North Dakota.
The allegations are part of a lawsuit the North Dakota Private Investigation and Security Board filed against TigerSwan and its founder James Reese on Tuesday. Violating the license law is a class B misdemeanor in North Dakota, though local prosecutors have not filed criminal charges.
The complaint against TigerSwan requests an injunction against the firm and its founder, which would prevent them from continuing to illegally operate as a security company in the state. At the time of the lawsuit, TigerSwan continued to deploy personnel “armed with semiautomatic rifles and sidearms” in North Dakota and was still monitoring “persons affiliated with the DAPL protests,” according to the court filing.
Two weeks prior to the initiation of the suit, The Intercept published a selection of more than 100 leaked situation reports prepared by TigerSwan for its client ETP, as well as additional documents obtained via public records request detailing the scale of TigerSwan’s security operation and its close collaboration with law enforcement. Communications to the security board obtained via public records requests show that as late as December, Reese, a former Army Delta Force commander, declared that TigerSwan was only “doing management and IT consulting for our client and doing no security work.” But internal company reports as well as an overview of TigerSwan’s operations that was shared with law enforcement show the company had been doing much more than that since September. Both sets of documents were included in the lawsuit.
The complaint describes invasive tactics used by TigerSwan, including “flyover photography,” “surveillance of social media accounts,” placing or attempting to place “undercover private security agents within the protest group,” and coordination with local law enforcement officials. The security operations overview obtained by The Intercept and cited in the suit states plainly, “All elements are engaged to provide security support to DAPL.”
According to the suit, the security board first notified TigerSwan on September 23 that it was illegally providing security services without a license. The company responded on October 4, stating, “TigerSwan is not conducting ‘private security services’ in North Dakota.” The company simultaneously submitted an application for a license “should such services, which are not present at the time, be required from TigerSwan.”
On December 19, the board notified Reese that it intended to deny his application for a license, citing “positive criminal history for one or more disqualifying offenses,” as well as failure to disclose all arrests and failure to provide sufficient information “for the Board to determine whether a reported offense or adjudication has a direct bearing on Reese’s fitness to serve the public.” Reese’s record shows numerous citations in various states, including several for traffic violations such as reckless driving and speeding, and an arrest for “assault on a female” in 2015, flagged as a domestic violence case and later dismissed. Reese’s wife, Niki, filed a restraining order against him in Florida in 2012, public records show.
On December 27, Reese requested an administrative review of the license denial. “I have never been convicted of any criminal crime in my life,” he wrote to the board. “If I failed to disclose on the application all arrests, this was an oversight by me and my apologies.” Reese went on to describe an incident leading to the assault charge, from July 2015, claiming that his “bipolar” wife had become “belligerent” during a “depression act” and called police on him. Reese also requested a copy of the criminal record reviewed by the board.
Reached by phone, Niki Reese categorically denied ever having been diagnosed with a mental health condition and refuted her husband’s account of the episode in the letter to the board.
“It’s false information. I don’t have any kind of diagnosis,” she told The Intercept. “His allegations that he wrote are completely false.”
The board denied James Reese’s application on January 6. Reached by phone, Reese asked The Intercept not to publish his letter to the board. “Why would you take a private letter like that and send it out to everybody in the world?” he asked. “I’d ask you to leave my family out of this.”
When reminded that he included the allegations about his wife in a letter to a public licensing board, making it part of the public record, he replied, “That was my mistake.”
Reese also claimed there were inaccuracies in a series of stories on TigerSwan reported by The Intercept. “I can’t even begin to start here which facts are wrong,” he said. The only example he pointed to was the investigation board’s allegation that TigerSwan staff were armed — an allegation that the Intercept has not actually made.
“We take our job seriously, we take our client seriously,” Reese added.
TigerSwan did not respond to a request for comment. A spokesperson for Energy Transfer Partners declined to comment, referring questions to TigerSwan and the security board. Keegan Pieper, a counsel for ETP, wrote in an email to The Intercept that he was “not aware of this lawsuit.”
TigerSwan is also facing pressure in Illinois, where the environmental group Food & Water Watch is demanding that the state’s attorney general, Lisa Madigan, launch an investigation into the company’s activities after The Intercept revealed that TigerSwan had infiltrated local activist groups, including some that had little to do with the Dakota Access fight. Food & Water Watch, which worked to highlight the financial interests behind the pipeline, was mentioned repeatedly in the leaked reports.
“We strongly believe that TigerSwan engaged in illegal surveillance activities against me and other employees and supporters of Food & Water Watch (FWW) in a manner that is violates [sic] our state constitutional and statutory rights, including our rights of privacy,” Jessica Fujan, the group’s Midwest director, wrote in the letter. “We now have reason to believe that these infiltrators were recording our conversations, photographing participants and FWW staff and perhaps making videos of our meetings.”
The attorney general’s office did not respond to a request for comment. Fujan said that the group had been tipped off about the presence of an undercover agent and that “paid infiltrators are easy enough to detect, but create distraction and even fear among volunteer activists.”
“Hundreds of leaders, many of them volunteers, are working long hours on outstanding campaigns, well within the letter of the law, and winning victories for the environment,” she wrote in an email to The Intercept. “These leaders are owed our constitutional right to privacy, at the very least.”
Back in North Dakota, TigerSwan is just one of several security companies hired to monitor the Dakota Access Pipeline that have been targeted by the North Dakota Private Investigation and Security Board for failing to obtain licenses.
In February, the board launched an administrative action against EH Investigations and its head Jeremie Meisel, threatening to revoke or suspend the company’s license. The board alleged that EH conspired with another company, Leighton Security Services, to hire and deploy unlicensed or unregistered Leighton personnel to provide private investigative services for DAPL in the state. Meisel, EH, and Leighton did not respond to requests for comment.
The board also launched an investigation last fall into the reportedly unlicensed company Frost Kennels after personnel sicced dogs on pipeline opponents who were attempting to stop workers from disturbing land that the area tribe had identified as burial grounds. The board’s lawyer, Monte Rogneby, told The Intercept that the Frost Kennels case “is still ongoing.” Frost Kennels did not respond to a request for comment. Rogneby declined to comment on whether the board is investigating any of at least six other security companies that worked on the pipeline.
In its administrative complaint against EH Investigations, the security board stated that Leighton Security Services employed “a project manager, two deputy project managers, three intel analysts, and three evidence technicians,” none of whom “were properly licensed or registered to provide private security services in North Dakota.” EH allegedly conspired to facilitate the unlicensed work. Administrative complaints are decided by the board itself rather than a court, and the board’s lawyer said the matter is ongoing.
A yearlong investigation into the national landscape of private security licensure in December 2014 by the Center for Investigative Reporting and CNN described “a haphazard system of lax laws, minimal oversight and almost no accountability.”
Kevin Ingram, president of the International Association of Security and Investigative Regulators, noted in an email to The Intercept that “Several states have no regulation at all. Among those that do, it could be the company or the individual or both that require licensure, and the criteria could be vastly different for armed or unarmed security.”
Yet the industry continues to grow. According to a 2014 report by Frost & Sullivan, a marketing research and consulting company, the oil and gas industry spent $19.6 billion globally on infrastructure security in 2013 and was expected to reach nearly $25 billion by 2021.
Simultaneously, law enforcement agencies have established an unprecedented range of formal collaborations with oil and gas corporations in the name of preventing threats to so-called “critical infrastructure,” which in the parlance of national security agencies refers to installations that are important to the domestic economy — a category that includes oil pipelines that have yet to be fully permitted.
“Environmental campaigns are always difficult, given that our opponents are global profiteers like Big Oil & Gas,” wrote Fujan, of Food & Water Watch. “I take our infiltration as a clear sign that polluters in the energy industry know they’re losing public opinion, and the fight for the future of energy.”
Documents published with this story:
To search all TigerSwan documents published by The Intercept, go to the TigerSwan project page on DocumentCloud.