The phrase is negative references.
That is what the United States government, through Immigration and Customs Enforcement, wrote in a February 2025 procurement document when it asked private contractors to deliver weekly counts of online speech about the agency. Not threats. Not credible warnings. Not specific persons of interest. Negative references.
The document, first reported by Sam Biddle at The Intercept and reviewed by other outlets including Truthout, Common Dreams, Techdirt, and The Independent, asked private vendors to scrape social media platforms for "negative" discussion about ICE, score the authors' "proclivity for violence" using "social and behavioral sciences" and "psychological profiles," then assemble dossiers — Social Security numbers, addresses, photographs, family members, employers — on individuals whose only documented act may have been criticizing a federal agency on Facebook.
Project Censored put this story at number one on its fiftieth-anniversary list of the year's most underreported news. They were right to. Almost no corporate news outlet covered the solicitation in any depth. The Intercept did the hard reporting; a handful of independent outlets amplified it; the New York Times and the major networks looked away.
But Project Censored — generous as their framing was — captured only the visible layer. The bid solicitation is not the story. It is the surface ripple of a much older and much wider construction project, one that has been quietly assembled across three administrations and four decades of federal contracting, sits inside a procurement architecture built to evade public visibility, and runs on the same wiring that connects the formal Five Eyes intelligence-sharing alliance to the private analytical platforms that now target populations in Gaza, Manchester, Sydney, Toronto — and your social media feed.
The contractor named in the public record is a small Washington firm called Barbaricum, working through a procurement aggregator called Carahsoft, layered on top of a predecessor system called Giant Oak that has already cost taxpayers more than ten million dollars — and was originally tuned, in DHS's own internal documents released under court order, to "filter various Arabic naming conventions."
That is the story.
It is not the bid. It is the architecture.
This is Part One of seven.
What the procurement record actually shows
The Intercept's report focused, correctly, on what was novel about the February 2025 solicitation: that it explicitly proposed sentiment analysis against critics of the agency, that it asked vendors to assess "proclivity for violence" using black-box behavioral science, that it would assemble offline-identity dossiers including Social Security numbers on flagged authors. All true. All damning. All accurate as far as it goes.
What the report mentioned only in passing was that the procurement document was "nearly identical" to one from 2020 — a document that resulted in a $5.5 million contract with a Washington defense and intelligence firm called Barbaricum. The phrase nearly identical is doing more work in that sentence than any other phrase in the entire reporting cycle.
Because Barbaricum is not a generic vendor. It is a Service-Disabled Veteran-Owned Small Business headquartered in DC's Dupont Circle, founded in 2008 by partners Brandon Bloodworth and Scott Feldmayer, with corporate offices in Tampa, Florida — home of U.S. Special Operations Command — and Dayton, Ohio, the geographic anchor of Wright-Patterson Air Force Base. The firm's own public capabilities sheet describes deployments across five continents and contract performance in every U.S. combatant command area of responsibility: AFRICOM, INDOPACOM, CENTCOM, SOUTHCOM, NORTHCOM, USSOCOM, and EUCOM.
What is a firm with that footprint doing on an ICE social media surveillance contract?
It is a fair question. The answer is in the same capabilities document, which describes Barbaricum's flagship product as OSINT+ — open-source intelligence "fused" with "commercial data sources," providing "predictive analysis" and "mapping adversaries' behavioral patterns" for "national security risk deterrence" and "executive leadership protection." That is not customer support language. That is targeting language. Barbaricum sells the techniques that special-operations forces use to identify hostile actors in contested environments. Pointed at Iranian-backed militias in Iraq, it is a counterterrorism tool. Pointed at people who think ICE is too aggressive on Facebook, it is something else entirely.
And then, near the bottom of the same page, this sentence: "Currently, we proudly support Palantir as one of its official partners."
Hold that sentence. We will come back to it.
For now: a firm whose wholly-owned subsidiary, ODL Services, holds a prime position on a $950 million USSOCOM SOF Core Support Services indefinite-delivery contract — a contract that runs until May 2030 and touches every component of American special operations, from JSOC at Fort Liberty to Naval Special Warfare at Coronado — was asked, in 2020, to count negative references to a domestic immigration agency on the internet. They took the $5.5 million. The contract was renewed for the new administration in February 2025 in language nearly identical to the original.
This is not how the corporate press described it.
The system already in the building
The other thing Sam Biddle mentioned in passing, and that no follow-up coverage examined, was that ICE already has extensive social media surveillance capabilities provided by a different federal contractor: Giant Oak.
The Giant Oak story is not new. It was broken in October 2023 by Joseph Cox at 404 Media, working from a cache of documents released through an American Civil Liberties Union Freedom of Information Act lawsuit. According to public procurement records, ICE has paid Giant Oak Inc. more than ten million dollars since 2017 for a system called the Giant Oak Search Technology, or GOST.
GOST's corporate catchphrase, included in the user manual disclosed under court order, was:
We see the people behind the data.
The system ranks individuals on a 1-to-100 scale based on social media presence, communications metadata, and adjacent online behavior. It is searchable by name, address, email, or country of citizenship. It generates dossiers including images scraped from the subject's accounts, social-graph maps of associates and family, and a flagging recommendation: red light, deny entry, derogatory information found — or green light, clear.
It was rolled out, under the bureaucratic name "Homeland Security Investigations PATRIOT Social Media Pilot Program," in 2016. The phrasing of the original DHS document is worth reading in full. The system, the agency wrote, would track non-immigrants "from the time they file a visa application with the Department of State, to the time they enter the United States, and through the time when they either depart the United States, or until such time as they become an overstay or otherwise fail to comply with their terms of admission."
That is, by the federal government's own description, lifelong surveillance of legal visa holders.
And then there is this sentence, which the agency's own internal slides included — also disclosed by the ACLU's FOIA litigation: National Security Investigations Division was working with Giant Oak "to further fine tune the targeting algorithm and refine the system's ability to filter various Arabic naming conventions."
Two things are worth saying about that sentence.
The first is that it is in the public record. It was not leaked, hacked, or speculatively reconstructed. It is in a slide deck that the Department of Homeland Security produced internally and was forced to release under court order.
The second is what the sentence means in plain English. It means the federal government built an algorithmic search tool optimized to identify people whose names look Arabic. It means the criterion for surveillance was, in operational practice, ethnicity — not behavior, not conduct, not threat indicators, but the way a name is spelled.
The GOST contract has been used across at least seven federal agencies. The list will land in full in Part Five of this series, because what one of those agencies is doing on the list is a story by itself. For now: ICE, Customs and Border Protection, the Drug Enforcement Administration, the State Department, the Air Force, and two others. The DHS / Giant Oak contract ended in August 2022, eighteen months into the Biden administration. The successor was already in motion.
The trap that wasn't a metaphor
Two years before any of these contracts became public knowledge, ICE built a fake university.
The University of Farmington was located in the basement of an office complex at 30500 Northwestern Highway in Farmington Hills, Michigan. It had a website, instructional content, accreditation from two recognized boards, and a listing on the Department of Homeland Security's own approved-schools registry. It accepted tuition payments. It enrolled students. It did not, however, hold a single class, employ a single instructor, or grant a single legitimate degree. It was a federal sting operation, codenamed Paper Chase, and it operated under DHS oversight from 2015 to 2019.
In January 2019, the U.S. Attorney's Office for the Eastern District of Michigan announced the indictment of eight individuals on charges of conspiracy to commit visa fraud and harboring aliens for profit. They were the recruiters the fake university had hired — Indian nationals who had been bringing in students. By March, ICE announced that 161 students had been arrested in total. Of the 130 in the initial wave, 129 were from India. 127 of those 129 were specifically from the states of Andhra Pradesh and Telangana.
The students' attorneys argued, accurately, that the university had been listed as legitimate on the DHS website itself. The accreditation was real. The classes appeared on the schedule. The tuition cleared the bank. The only fraud in the room was the government's.
Several days after the local Detroit news broke the story, the University of Farmington Facebook page — which appears to have been operated by either an ICE agent or a contractor working for the agency, the answer to that question has never been resolved — posted a meme. It was the amphibious Star Wars alien Admiral Ackbar, mouth open, with the caption: It's a trap.
That image is, in a sense, the most honest document the federal government has produced about its own conduct in the last decade. The agency that built the trap, the agency that posted the meme, the agency that arrested 161 students based on enrollment in a credentialed institution it had itself credentialed, is the same agency that, in 2020, hired Barbaricum to count negative references on the internet — and in 2025, asked the same vendors to do it again.
In June 2024, the U.S. Court of Appeals for the Federal Circuit reinstated a breach-of-contract suit brought by the students, after the lower court had dismissed it for lack of jurisdiction. That case is still live.
The Project Censored bid solicitation story is not, in other words, a discrete event. It is one expression of an institutional practice. The same agency that constructed the University of Farmington — that registered the domain, that purchased the office space, that filed paperwork with two accreditation boards, that took student money for four years — is the agency that wrote the request for "behavioral and psychological profiles" of its critics.
What corporate media did and did not say
Compare three reporting records.
Independent press, on the ICE / Barbaricum bid solicitation (February 2025): The Intercept, Truthout, Common Dreams, Techdirt, The Independent, Latin Times.
Corporate press, on the same solicitation: Effectively silent. Forbes and the New York Times have written about ICE's investment in surveillance technology in general terms; neither covered this specific bid. The Wall Street Journal, in March 2024, reported on the broader practice of US intelligence agencies purchasing private data from brokers. None of the three majors connected the dots.
Project Censored noted, in their write-up for the fiftieth-anniversary edition, that as of February 14, 2025, corporate media had yet to report on ICE's proposed surveillance of its critics on social media.
Why?
The conventional answer — corporate-media consolidation, advertiser dependence, access journalism, ideological priors — is correct but incomplete. The more specific answer is that this story does not fit any single beat. It is not a homeland security story, because the contract is not classified and the targets are domestic. It is not a tech story, because the vendor is not a Silicon Valley brand. It is not an immigration story, because the immediate target population includes American citizens posting on Facebook. It is not a national security story, because the agency conducting it is a law enforcement entity, not an intelligence agency. It falls between the cracks of every newsroom organizational chart in America, which is why it appears only in the independent press that does not maintain those organizational charts.
It is also a procurement story, and procurement stories are dull. The names of the firms — Barbaricum, Carahsoft, Giant Oak — are unmemorable. The dollar figures, while real, are small relative to the topline DHS budget. The legal instruments are obscure: Service-Disabled Veteran-Owned Small Business set-asides, GSA OASIS+ IDIQ vehicles, MAC Pool prime contracts. No mainstream editor wants to put a chart of contract vehicle numbers on the front page. No mainstream reader wants to read it.
This is exactly the kind of story the Project Censored research model exists to surface — and exactly the kind of story the corporate press is structurally incapable of covering, regardless of which administration is in power.
But naming the story as underreported, while necessary, is not the same as telling it.
The next two parts of this series will do the rest.
What's coming
The remaining six parts of this series build the map.
Part Two — The Aggregator
The procurement pipe. Carahsoft Technology Corporation, the privately held Reston, Virginia firm that trademarks itself as the "Master Government Aggregator," sells to "the Five Eyes nations" by name on its own partner pages, is under active Department of Justice investigation for price-fixing on more than two billion dollars of federal software, and just became the master federal reseller for Janes — the British defense and intelligence reference publisher used across the entire FVEY ecosystem. And the $5.7 million ICE contract Carahsoft routed in September 2025, while the press was still focused on Barbaricum, for a real-time targeting platform whose other operational customer is the Israel Defense Forces in Gaza.
Part Three — The Layer
Palantir. From In-Q-Tel's 2005 seed investment to fifteen international offices to the £330 million NHS Federated Data Platform contract to the IDF in Gaza to the $145 million ICE ImmigrationOS deal to the ELITE system that, in May 2026, gives ICE agents access to the Medicaid records of seventy-nine million Americans. The analytical substrate beneath the contracts. The reason the Fifth Eye is a category of vendor, not a country.
Part Four — The Template
Where the model was established. The 2003–2013 origin story of how federally chartered watchlisting work was first run through a foreign-controlled corporate structure: John Brennan, The Analysis Corporation, Global Strategies Group, the Luxembourg holding company, the British Royal Marine, the 2008 passport breach, the special ethics waiver, and the rotation back into the Central Intelligence Agency. Every model in this series operates on the template laid down in those ten years.
Part Five — The Seam
The story that resolves the agency list above. Where the DHS surveillance pipeline meets the Treasury financial-intelligence regime. The CBP Chief of Staff who became a DARPA Afghan war-zone counterinsurgency researcher who founded Giant Oak. The first-ever Assistant Secretary of the Treasury for Terrorist Financing, the architect of the Office of Terrorism and Financial Intelligence, the man who supervised FinCEN and OFAC for the Bush administration, who left government and co-founded the fintech sitting on top of the same algorithmic technology that ICE now uses on American Facebook posts. The "federated learning" model. The Coinbase loop. The Vatican Financial Authority. The seam is where the architecture is the most exposed and the least reported.
Part Six — The Identity Layer
Sam Altman. Stargate, the $500 billion Abu-Dhabi-sovereign-wealth-backed AI infrastructure buildout. The OpenAI Pentagon classified-network contract signed in February 2026 — the same week Anthropic was designated a federal supply-chain risk for refusing the terms. World, formerly Worldcoin, the iris-scanning biometric identity primitive that has been banned, suspended, or investigated in nine countries and is now in partnership with Tinder, Zoom, Visa, and Docusign. One man. Three layers of the architecture. The compute. The inference. The identity.
Part Seven — The Inheritance
What no corporate outlet wants to say out loud. This architecture was not built by one administration. It was not built by one party. It was built by career federal officials and political appointees of both major American political traditions, scaled across the Bush, Obama, first Trump, and Biden administrations, and is now operated by the second Trump administration through the same procurement vehicles, against new target populations. The contractor-leak record — Snowden, Harold Martin's fifty terabytes of NSA documents, Reality Winner, Joshua Schulte's Vault 7 catastrophe — should make the privatization of these functions a bipartisan emergency. It will not. Part Seven says why.