TAMPA — On any given day at MacDill Air Force Base, web crawlers scour social media for potential Islamic State recruits. Then, in a high-stakes operation to counter the propaganda, language specialists employ fictitious identities and try to sway the targets from joining IS ranks.
At least that's how the multimillion-dollar initiative is being sold to the Defense Department.
Known as "WebOps," the program is part of a vast psychological operation the Pentagon says is countering an enemy that uses the Internet as a tool of propaganda. But an Associated Press investigation found WebOps is showing little impact, in the view of people with direct knowledge of the program, because its management is beset by incompetence, cronyism and flawed data.
A spokesman for U.S. Central Command, the MacDill-based headquarters running the program, told the Tampa Bay Times that the military has launched its own review of the program.
"We already had an investigation ongoing before the article came out," said Air Force Col. John Thomas, a CentCom spokesman.
An outside military agency that Thomas would not name is looking at whether the WebOps contract was properly administered, Thomas said. He would not elaborate. Meantime, the WebOps program is up and running, he said.
"There is no change in personnel," he told the Times. "Things are continuing as normal."
In the Associated Press investigation, current and former WebOps employees cited examples of civilian specialists in the Arabic language who have little experience in counter-propaganda, cannot speak Arabic fluently and have so little understanding of Islam they are no match for Islamic State online recruiters.
It's hard to establish rapport with a potential terror recruit when, as one former worker told the AP, translators repeatedly mix up the Arabic words for "salad" and "authority." That's led to open ridicule on social media about references to the "Palestinian salad."
The employees requested anonymity due to the sensitive nature of the work and because they weren't authorized to speak publicly.
Four of them told the AP they witnessed WebOps data being manipulated to create the appearance of success and that they discussed the problem with many other employees who saw the same thing. The companies carrying out the program for CentCom have dodged attempts to implement independent oversight and assessment of the data.
Central Command spokesman Andy Stephens declined repeated requests for information about WebOps and other counter-propaganda programs, which were launched under the Obama Administration. Stephens did not respond to detailed questions the AP sent Jan. 10.
The AP reviewed Defense Department and contractor documents, emails and photographs, and interviewed more than a dozen people closely involved with WebOps as well as nearly two dozen contractors.
Keep up with Tampa Bay’s top headlines
Subscribe to our free DayStarter newsletter
You’re all signed up!
Want more of our free, weekly newsletters in your inbox? Let’s get started.Explore all your options
The information operations division that runs WebOps is the command's epicenter for firing back at the Islamic State's online propaganda machine, using the Internet to sway public opinion in a swath of the globe that stretches from Central Asia to the Horn of Africa.
Early last year, the government opened the bidding on a new counter-propaganda contract — separate from WebOps— that is worth as much as $500 million. Months after the AP started reporting about the bidding process, the Naval Criminal Investigative Service told the AP that it had launched an investigation.
NCIS spokesman Ed Buice said the service is investigating a whistleblower's "allegations of corruption" stemming from how the contract was awarded.
The whistleblower's complaint alleges multiple conflicts of interest that include lavish dinners for division officers paid for by a contractor. The complaint also alleges routine drinking at the office where classified work is conducted. The drinking was confirmed by a number of contractors, who spoke to AP and described a frat house atmosphere where happy hour started at 3 p.m.
One of the most damning accusations leveled by the whistleblower is against Army Col. Victor Garcia, who led the information operations division until July 2016, when he moved to a new assignment at Special Operations Command, also in Tampa.
The whistleblower contended that Garcia successfully steered the contract to a team of vendors that included a close friend's firm. The whistleblower requested anonymity for fear of professional retribution.
The AP obtained a screen-grab from a Facebook page that shows Garcia and the friend at a tiki bar in Key Largo two weeks before the winning team was officially announced Sept. 30. The photo was also turned over to NCIS investigators by the whistleblower, who said the photo created a "clear impression and perception of impropriety."
Garcia, a West Point graduate and decorated officer, denied any wrongdoing and described the complaint as "character assassination." Garcia, who moved to his new post two months before the contract was decided, said he scrupulously avoided any discussions about the contract with both his friend and his former deputy. His former deputy served on the five-member panel that reviewed all of the bids.
"Because I was aware of these conflicts of interest, I intentionally kept myself out of that process — with any of these contract processes," Garcia said.
The whistleblower is a senior manager at a company that lost its bid for the work. He told AP that he was investigated for attempting to accept kickbacks on an unrelated government contract. He denied the allegations, which were made four years ago, and no charges have been filed in the case.
The problems with the WebOps operation and the personal bonds underpinning the new contract illustrate challenges awaiting President Donald Trump. He has promised to boost military spending by tens of billions of dollars while also cutting waste at the Defense Department and ensuring that contractors aren't getting sweetheart deals.
Charles Tiefer, a professor at the University of Baltimore's law school and a government contracting expert, reviewed AP's findings and called Central Command's lack of rigorous oversight inexcusable.
"These people should not be wasting the money consigned to defend us against terrorism," said Tiefer, who served on a bipartisan Commission on Wartime Contracting. The commission reported in 2011 that at least $31 billion was lost to waste and fraud in Iraq and Afghanistan.
• • •
In a large office room filled with cubicles at Central Command, about 120 people, many of them Arabic language specialists, are assigned to fight IS militants on their own turf: the Internet.
The WebOps contract is run by Colsa Corp., based in Huntsville, Ala. A major challenge for Colsa — and contractors working on other national security programs— is finding people who can speak Arabic fluently and can also get security clearances to handle classified material.
The problem, according to six current and former Colsa employees, is that to engage with operatives of the Islamic State, or their potential recruits, you need to be fluent in language, nuance and Islam — and while Colsa has some Arabic experts, those skills are not widely distributed.
"One of the things about jihadis: they are very good in Arabic," said one specialist who worked on WebOps.
Another former employee said common translation mistakes he personally witnessed, including the "Palestinian salad" example, were the result of the company hiring young people who were faking language abilities.
He mockingly described the conversations between managers and potential hires: "'Do you speak Arabic?'" he mimicked. "'Yes.' 'How do you say good morning? Oh, you can do that? You are an expert. You are hired.'"
A third specialist said she asked a colleague, who was assigned to analyze material written in Arabic, why he was discarding much of it. While watching a soap opera online, the colleague said the material was irrelevant because it was in Farsi or Urdu. But when she checked, it was indeed Arabic. She has since left WebOps to find more meaningful work, she said.
The WebOps Arabic program focuses on Syria, Iraq and Yemen, but for most of the time Colsa has been running it, it has had no Syrian or Yemeni staff, the AP was told in separate interviews with two current employees and one who left recently.
Engaging in theological discussions on social media with people who are well versed in the Quran is not for beginners. Iraq and Syria are riven with sectarian violence between Shiite and Sunni Muslims, who follow different interpretations of Islam. A number of workers said WebOps "experts" often trip up on language that is specific to one sect or region.
"People can tell whether you are local, or whether you are Sunni or Shia," said another former worker, so poorly crafted messages are not effective. He said he left WebOps because he was disgusted with the work.
A number of the workers complained to AP that a large group on staff from Morocco, in North Africa, were often ignorant of Middle Eastern history and culture — or even the difference between groups the U.S. considers terrorist organizations. The group was so dominant that colleagues jokingly referred to them as "the Moroccan mafia."
A lot of them "don't know the difference between Hezbollah and Hamas," said the employee, who left to find more meaningful work. Hezbollah is an Iran-backed Shiite group based in Lebanon. Hamas, based in the Gaza Strip and the West Bank, is the Palestinian branch of the Sunni Muslim Brotherhood.
Cathy Dickens, a vice president for business management and corporate ethics at Colsa Corp., referred questions to CentCom, which declined comment.
• • •
To determine whether WebOps actually dissuades people from becoming radicalized, Colsa's scoring team analyzes the interactions employees have online and tries to measure whether the subjects' comments reflect militant views or a more tolerant outlook.
Three former members of its scoring team told the AP they were encouraged by a manager to indicate progress against radicalism in their scoring reports even if they were not making any.
The employee who said she left to find meaningful work recalled approaching a Colsa manager to clarify how the scoring was done shortly after starting her job. She said he told her that the bottom line was "the bread we put on the table for our children."
The boss told her that the scoring reports should show progress, but not too much, so that the metrics would still indicate a dangerous level of militancy online to justify continued funding for WebOps, she said.
She was shocked. "Until my dying day, I will never forget that moment," she said.
She, like other former employees, spoke only on condition of anonymity for fear of retribution from Colsa that could affect future employment.
The manager she spoke to declined to comment. AP withheld his name because of security concerns.
Employees and managers routinely inflate counts of interactions with potential terrorist recruits, known as "engagements," according to a number of workers. Engagements are delivered in tweets or comments posted on social media to lists of people and can also be automated. That automation is at times used to inflate the actual number of engagements, said two former workers, including the one who talked about colleagues faking their language abilities.
The worker who left in disgust explained that a single tweet could be programmed to be sent out to all the followers of a target individually, multiple times. So the targets and their followers get the same tweets tagged to them over and over again.
"You send it like a blind copy. You program it to send a tweet every five minutes to the whole list individually from now until tomorrow," the former employee said. "Then you see the reports and it says yesterday we sent 5,000 engagements. Often that means one tweet on Twitter."
The person said that he saw managers printing out the skewed reports for weekly briefings with CentCom officers. But the volume made it look like the WebOps team's work was "wow, amazing," he said.
Garcia said Colsa has a done a good job under his watch, that the data is sufficiently scrutinized and the program is succeeding.
In 2014, a group of more than 40 Defense Department data specialists came to Tampa to evaluate the program. Their unclassified report, obtained by AP, identified what one of the authors called "serious design flaws." For instance, the report found that any two analysts were only 69 percent likely to agree on how to score a particular engagement. The author said a rate of 90 percent or higher is required to draw useful conclusions.
The report found that computers would be as accurate or better than analysts, and could evaluate effectiveness more quickly — and cheaply.
What Central Command really needed, the report said, was outside oversight.
"You shouldn't grade your own homework," said the author, a former U.S. military officer and data specialist once stationed at Central Command. The author, one of many people who signed off on the report, spoke on condition of anonymity for fear of professional retribution.
He said the report was given to officers, including Garcia, and to Colsa. The author said the suggestions were not implemented and WebOps managers resisted attempts at oversight. The author said that when he directly appealed to Garcia for outside assessment, an officer under Garcia said the effort would cloud the mission.
"The argument was that WebOps was the only program at Central Command directly engaging the enemy and that it couldn't function if its staff was constantly distracted by assessment," he said. The argument worked, he said, and Colsa was not forced or instructed to accept outside oversight.
Garcia disputed that account but would not elaborate on what steps were taken to address the Defense Department data specialists' concerns. The Government Accountability Office issued a report in 2015 on WebOps oversight, but it is classified.
• • •
Despite the problems behind the scenes at WebOps, Central Command will play a key role in the new $500 million psychological operations campaign against the Islamic State and other groups. The five-year contract was a hefty commitment to "degrade and ultimately defeat extremist organizations," according to a document detailing the scope of the work. It would run parallel to WebOps.
The request for bids was announced in April. Four teams of companies competed for the contract, including one led by defense giant Northrop Grumman.
From the start, competitors complained among themselves that Simon Bergman, an executive with the British advertising firm M&C Saatchi, had an advantage because he was friends with Garcia. Bergman was working with Northrop to prepare the bid.
A former British officer, Bergman was deployed to Iraq while Garcia was there working on psychological operations during the Iraq war. It was well known that the two men were close, and in recent years, contractors often saw Bergman at CentCom offices.
In April, defense contractor CACI International held a meeting in Tampa to discuss the bid. Three contractors on the team said a CACI manager warned a roomful of people that Garcia had already told him that he would decide who got the contract. The manager said that Garcia indicated having Bergman on the team would help.
So in mid-September, when a photo appeared on Facebook showing Garcia and Bergman together in the Florida Keys, it did not look good in the eyes of many contractors. Garcia's girlfriend captured the old friends inside the Tiki Bar at Gilbert's Resort in Key Largo. They were on her Facebook page, shoulder-to-shoulder, smiling and giving the thumbs up.
Within days, the photos had been taken down from her page.
Two weeks later, the government announced Northrop had won the contract. Its team included M&C Saatchi, Bergman's firm.
A panel led by the U.S. General Services Administration chose the winner of the contract. Chris Hamm, a senior GSA acquisition executive, said a five-member team scrutinized the technical merits of the proposals for the contract. That team was led by two GSA officials and included three military officers — one of whom was Marine Corps Lt. Col. Matt Coughlin, who reported directly to Garcia before Garcia left his post. Coughlin is the information operations' liaison with contractors.
In an interview with AP, Hamm said the contract award was handled properly.
"The process is designed to avoid bias," Hamm said.
But several other contractors on losing teams said Coughlin would clearly have been the person on the panel with the most sway, because of both his technical expertise and the fact that he represented CentCom. And given Coughlin's ties with Garcia, they found that troubling.
Garcia said that while the bids were being considered, he stayed away from any discussions of it with Coughlin, his deputy. So he didn't even realize the award announcement was imminent when he went with Bergman to the Keys.
"I wasn't involved with the contracting process at all," Garcia said. "So I had no idea what the timing of the contract was."
When asked why the photo with Bergman was taken off Facebook, Garcia declined to comment.
Bergman said his friendship with Garcia, one of many he has with military officers, is irrelevant. He noted that M&C Saatchi was only a subcontractor.
"I don't see why my relationship with somebody in the military would have any influence over anything," he said.
The whistleblower complaint however, filed in December with Central Command's inspector general, contended the photo of Garcia and Bergman created a "clear impression and perception of impropriety."
The four-page complaint, now under investigation by NCIS, said the atmosphere at the CentCom division, with routine drinking at the office and a number of conflicts of interest, led to an "air of untouchable invincibility."
Several contractors who spoke to AP, among the nearly two dozen either bidding for work or involved in CentCom information operations, said they suspected undue influence in the decision for the $500 million contract. In his complaint, the whistleblower alleges that Garcia told him directly at one point that "any team must include Simon Bergman."
All the contractors asked for anonymity to discuss sensitive work because they feared repercussions for their companies.
Colsa, the primary WebOps contractor, was not involved in Northrop's bid. However, nothing prevents Northrop from bringing the company in as a subcontractor.
That's the plan, said several contractors who have been briefed by Northrop. Such a move would provide ample funding to keep WebOps running for up to five more years.