Nineteen days after the rehearing window closed on the Barbaricum bid solicitation, while the independent press was still digesting it and the corporate press was still ignoring it, Immigration and Customs Enforcement signed a different contract for a different platform through a different procurement vehicle.
It did not require a public bid. It did not require a competition. It did not require a press release. It required only that ICE select a product from an existing federal purchase agreement and sign a task order against an indefinite-delivery contract held by a private reseller in Reston, Virginia. The reseller charged a margin. The vendor delivered the software. The cycle took less than three weeks from internal request to contract execution.
The contract was for five years and $5.7 million. The vendor was Zignal Labs. The reseller was Carahsoft Technology Corporation. The capabilities procured were, in operational terms, an order of magnitude beyond what the February 2025 Barbaricum bid had even attempted to describe.
The Lever reported it in October 2025. The Intercept noted it in passing. No major American newspaper covered the contract in any detail. By the close of 2025, the Barbaricum bid was a dormant procurement document. The Zignal contract was running.
That is the structural pattern of the surveillance state Project Censored named as their top underreported story. There is no front door. The front door is for the press cycle. The architecture is built through side doors and back doors and through procurement vehicles that have names like GSA Multiple Award Schedule 70 and SEWP V and OASIS+, which no editor will ever put on a magazine cover and which no reader will ever search for.
This is Part Two. We are going to walk you through the side doors.
The pipe
Carahsoft Technology Corporation is headquartered at 11493 Sunset Hills Road in Reston, Virginia, a few miles outside the Beltway. It is privately held. It does not file public earnings. It does not run advertising campaigns. The average American citizen has never heard of it. The firm employs, by its own count, more than two thousand people.
It is, by self-description, "The Trusted Government IT Solutions Provider®" — a trademark Carahsoft has registered with the U.S. Patent and Trademark Office. The firm's other registered tag line is "Master Government Aggregator®." That second phrase is, in fact, the more accurate description of what Carahsoft does.
Carahsoft does not write software. Carahsoft does not, in any meaningful sense, deliver services. What Carahsoft does is sit between commercial software vendors and federal agency buyers, holding what the procurement community calls Indefinite Delivery / Indefinite Quantity contract vehicles — pre-negotiated master agreements that let agencies order from a catalog without running a fresh competition for each purchase. When ICE wanted Zignal Labs licenses, it did not contract with Zignal Labs. It issued a task order against Carahsoft's existing IDIQ. Carahsoft kept its margin. Zignal Labs got the rest.
The scale of Carahsoft's federal footprint is difficult to overstate. The Department of Defense alone awarded Carahsoft approximately $80 million in 2016, $270 million in 2017, and $131 million in 2018. In 2019, the U.S. Navy added Carahsoft to a 10-year, $975 million Blanket Purchase Agreement covering software licensing across the service. Federal procurement databases place Carahsoft's annual government revenue, conservatively, in the multiple billions of dollars.
That is the volume. The composition is the part the public never sees. Carahsoft's vendor partners — the firms whose software flows through the Carahsoft pipe into the federal government — include nearly every name in the contemporary intelligence-and-targeting ecosystem. Salesforce. ServiceNow. Adobe. VMware. Symantec. SAP. Splunk. Veritas. Tenable. CrowdStrike. Snowflake. Palantir. Zignal Labs. ShadowDragon. Babel Street.
If a federal agency wants to surveil, profile, target, store data on, or generate dossiers about any individual or group, the software that performs the function is, with very high probability, sitting on a Carahsoft contract vehicle.
Carahsoft also markets itself, in its own materials, to "the Five Eyes nations" — the term appears on the firm's partner pages. It is not an external label. It is how Carahsoft describes its own customer base.
There is one more fact about Carahsoft that has not, to date, appeared in any corporate American newspaper of record. Since at least 2022, the United States Department of Justice has been investigating Carahsoft — together with the German software vendor SAP — for alleged price-fixing on more than two billion dollars in federal software contracts dating back to 2014. In September 2024, federal agents conducted a search of Carahsoft's Reston offices. The investigation is ongoing. Federal prosecutors have stated publicly that they are "examining the role of other software resellers in potential market manipulation."
In January 2026, Carahsoft announced a new master partnership with Janes — the British defense and intelligence reference publisher whose threat assessments and equipment databases are used across the entire Five Eyes ecosystem and most of the world's professional militaries. The deal made Carahsoft the principal federal reseller of Janes intelligence products to U.S. Government agencies. The press release used the words "trusted IT solutions provider" and "Master Government Aggregator" in the same paragraph.
The firm currently under federal investigation for rigging the prices on the software that the federal surveillance state is built upon now also sells the federal government its threat-assessment encyclopedia. The corporate press has not, to date, connected those two sentences.
The platform
The product that ICE acquired through Carahsoft in September 2025 is called Zignal Labs, named for its founding company. It was, when ICE bought it, fourteen years old. It had been built for a different purpose entirely.
Zignal was founded in 2011 in San Francisco by three executives — Josh Ginsberg, Adam Beaugh, and Jim Hornthal. The original use case, as the firm's own founding materials describe it, was "real-time media monitoring for political campaign war rooms." Zignal's first customers were not federal agencies. They were presidential campaigns and major political action committees. The platform was designed to ingest news coverage, social media discussion, and broadcast transcripts in real time, surface emerging narratives about a candidate, and feed them to the war room within minutes of appearing online.
That is the architectural origin of the system that ICE has now licensed to identify deportation targets.
The capability has grown. By 2025, Zignal's published technical documentation describes the platform as ingesting and analyzing over eight billion social media posts per day — a volume that exceeds the entire daily content output of the United States, China, and the European Union combined. The system uses machine learning, computer vision, and optical character recognition. It generates what Zignal's customer-facing literature calls "curated detection feeds" — automatically assembled streams of flagged posts, filtered to match a customer's targeting profile, delivered to operators in near real time.
The customer roster Zignal publishes in its own 2025 marketing materials is the part that should give every reader pause. It includes the U.S. Marines. The U.S. State Department. The U.S. Secret Service. The Department of Defense. The National Oceanic and Atmospheric Administration, of all entities. ICE Homeland Security Investigations. And, listed alongside the others, the Israel Defense Forces.
The pamphlet does not stop at listing the IDF as a customer. It describes the operational integration in some detail. Zignal's platform, the document states, provided "tactical intelligence" to "operators on the ground" in the Gaza Strip during the war that began in October 2023. The pamphlet includes a specific marketing case study: the platform ingested a Telegram video posted from inside Gaza, used its computer-vision module to identify environmental details, geolocated "the precise location of an ongoing operation," and used facial recognition to identify "specific operators" visible in the frame.
Let us name this in plain English. The software ICE acquired through Carahsoft in September 2025 is, by its own manufacturer's marketing description, a real-time targeting system. It was used by a foreign military, in an active combat theater, to identify and locate individuals appearing in social-media-posted video, who were then subject to operations on the ground. The same software is now under federal contract to identify "leads for enforcement raids" on U.S. soil.
There is one more piece of corporate history about Zignal worth knowing. In 2022, the firm entered exploratory discussions with a Virginia-based location-data broker called Anomaly Six about a potential partnership. Anomaly Six had drawn brief public scrutiny that year after a leaked sales presentation revealed the firm had offered prospective customers the capability to track the cell phones of U.S. intelligence officers and Department of Defense personnel as they traveled the world. Zignal and Anomaly Six ultimately did not consummate the partnership. The exploratory conversation tells you what kind of integrations Zignal's leadership considered to be on-brand for the firm.
The Carahsoft pipe carries the Zignal platform. The Zignal platform carries the targeting feed. The targeting feed flows to ICE Homeland Security Investigations, and to the Israel Defense Forces, and to the Marines, and to the Secret Service. These are not separate channels. They are licenses of the same software.
The workaround
The legal architecture that permits this arrangement to operate, in a country with constitutional and statutory protections against domestic surveillance, is the formal Five Eyes intelligence-sharing alliance — and the workaround it has institutionalized over six decades.
The Five Eyes is the codename for the signals intelligence alliance binding the United States, the United Kingdom, Canada, Australia, and New Zealand. Its formal basis is the UKUSA Agreement, originally signed in 1946 and updated continuously since. The alliance is, in formal terms, a treaty arrangement that obligates each member to share signals intelligence with each of the others and to coordinate collection priorities so that the partners do not duplicate effort.
In practical operation, FVEY is something more specific. As Shami Chakrabarti, the former director of the British civil-liberties organization Liberty, has written, the alliance allows member states to "subcontract their dirty work" to each other. The mechanism is the structural fact that each FVEY service is constitutionally and statutorily prohibited from spying on its own citizens — and is, with very few restrictions, permitted to spy on everyone else's.
Britain's GCHQ can lawfully surveil any individual on the planet except a British national. The American NSA can lawfully surveil any individual on the planet except a United States person. Germany's BND, which sits in the broader Fourteen Eyes structure around FVEY, can lawfully surveil any individual on the planet except a German citizen. The Canadian Communications Security Establishment, the Australian Signals Directorate, and New Zealand's Government Communications Security Bureau operate under analogous restrictions.
The five agencies share the resulting intelligence with each other.
The cumulative effect is that an American citizen who cannot lawfully be surveilled by the NSA can be, and routinely is, surveilled by GCHQ — and the resulting intelligence is then transmitted to the NSA, which receives it not as the product of its own collection but as a foreign liaison report. A British citizen who cannot lawfully be surveilled by GCHQ can be surveilled by the NSA, and the intelligence flows back to GCHQ through the same channel. The constitutional protection in each jurisdiction remains formally intact. The surveillance happens anyway.
In 2013, the Canadian Federal Court issued a 51-page ruling, written by Justice Richard Mosley, rebuking the Canadian Security Intelligence Service for what the court found to be the systematic outsourcing of surveillance against Canadians to FVEY partner agencies, in violation of Canadian law, while keeping the Federal Court itself in the dark about the practice.
Edward Snowden, who had access to the operational documentation of the alliance during his time as a contractor at the NSA, has described FVEY as "a supra-national intelligence organisation that does not answer to the known laws of its own countries."
The architecture mapped in Part Two of this series — Carahsoft as the aggregator, Zignal as the platform, and the wider vendor ecosystem the rest of the series will unpack — is what the FVEY workaround looks like when it is reproduced inside one country, across agency boundaries rather than national ones.
ICE Homeland Security Investigations is not the National Security Agency. The constitutional restrictions that apply to NSA surveillance of Americans do not apply, in the same form, to ICE-HSI's procurement of social media monitoring tools, integration of commercial data, or generation of dossiers on individuals not formally under criminal investigation. A Service-Disabled Veteran-Owned Small Business with a Special Operations Command IDIQ is not, formally, an intelligence-community contractor. A campaign-war-room media monitoring tool licensed through a procurement reseller is not, formally, a signals intelligence platform.
The customer label changes. The constitutional designation changes. The capabilities do not change. The data flows do not change. The targeting methodology, as Zignal's marketing pamphlet itself makes explicit, is identical to what the formal Five Eyes services use against foreign adversaries. The only thing that changes is who the system is being pointed at.
In October 2023, the directors of all five Five Eyes intelligence services made their first-ever joint public appearance, traveling to the United States at the invitation of FBI Director Christopher Wray. The summit was hosted at the Hoover Institution in Palo Alto, California — Silicon Valley. The opening fireside chat was moderated by former Secretary of State Condoleezza Rice, who had joined the Hoover Institution as a fellow following her time in the Bush administration. Following the chat, the five intelligence directors met privately with leaders from Silicon Valley technology companies. The published purpose of the summit, in the FBI's own press materials, was to "strengthen private-public partnerships" between the FVEY agencies and the U.S. technology sector.
The summit received approximately one news cycle of coverage. No major American outlet has, since, published a follow-up examination of which private-sector entities were present, which agreements were discussed, or what operational integrations resulted. The five most powerful signals intelligence agencies on earth held a publicly announced joint meeting with the leadership of the firms that build the analytical platforms those agencies use, on the campus of an institution whose senior fellows include multiple former senior national security officials of both parties — and the corporate press, having reported the photo opportunity, moved on.
Project Censored would have a word for that.
The map (so far)
Barbaricum is the bidder. Carahsoft is the pipe. Zignal Labs is the platform. Giant Oak was the predecessor. The Five Eyes is the framework that justifies the techniques.
Five names. None of them on any American front page this week. None of them next week, either. All of them in the federal procurement record. Five names is not the whole map. The next five parts of this series will fill it in.
The phrase, in the ICE bid solicitation of February 2025, was negative references.
It is not a bureaucratic euphemism. It is a technical specification — a query, to be sent through a Carahsoft pipe, into a Zignal feed, against an analytical layer that the next part of this series will name, executed by a SOCOM-portfolio contractor like Barbaricum, using a methodology that the Five Eyes have spent two-thirds of a century refining for use against foreign hostile actors.
The agency has simply changed the targeting designator. The system underneath it does not know the difference.
What's coming
Part Three — The Layer
The next part of this series names the analytical platform that sits underneath every contract mapped so far. Palantir Technologies. From In-Q-Tel's 2005 seed investment to fifteen international offices to the £330 million NHS Federated Data Platform to the IDF in Gaza to the $145 million ICE ImmigrationOS contract to the ELITE system that, in May 2026, gives ICE agents access to the personal records of seventy-nine million Medicaid patients to generate deportation leads. Palantir is the substrate. It is the reason the Fifth Eye is a category of vendor, not a country. And it is, by its own corporate filings, accelerating in scale.