The American Civil Liberties Union (ACLU) embeds tracking software in its emails to monitor the online activity of Capitol Hill staffers, an aide told The Daily Caller after receiving a warning sent to congressional offices.
The nonprofit civil liberties group uses a software system called “Capwiz” to insert cookies onto the computers of Capitol Hill staffers who click on links in the emails, multiple Capitol Hill offices recently discovered.
Ironically, the ACLU actually puts surveillance software into its emails campaigning against government surveillance.
The ACLU offers attached “vote recommendations” in its campaign emails to congressional staff, and inserts secretive tracking links in the recommendations. When staffers click on these links, the staffers are briefly redirected to a link that installs tracking “cookies” on the staffers computer. Once the staffers are infected with the cookies, the ACLU can personally identify each of them every time they click on a link in an ACLU email henceforth.
The tracking software is also sometimes included in footnotes provided on ACLU emails.
The ACLU’s method is similar to the practice of “spearfishing,” a tactic employed by the Chinese military.
The “CapWiz” software was developed by a now defunct company called Capitol Advantage, which is now owned by CQ Roll Call Group, the company that publishes the Capitol Hill newspapers “Roll Call” and “CQ.” The software is used by political advocacy organizations to track the people who click on the campaign emails that the organizations send out.
“CapWiz can take a constituent’s ZIP code, use that to figure out who that person’s legislator is, and then pre-fill the appropriate web form with a message tailored to that legislator’s voting record on the issue at hand — the ‘Thank You/Spank You’ approach, as some others call it,” according to a website for political technology professionals.
The ACLU’s use of the software is ironic considering the group’s Capitol Hill advocacy against government surveillance.
A recent ACLU email advocating to “prohibit the use of funds to require or request that United States persons and entities build security vulnerabilities into their products or services in order to facilitate government surveillance” includes an attached vote recommendation link.
The New York City-based ACLU did not respond to a request for comment by press time.