Privacy SOS

FEMA website, US Trademark Office contradict Cubic’s TrapWire denial

One of the most peculiar events in the ongoing TrapWire surveillance saga was an August 13, 2012 Cubic Corporation press release distancing the company from TrapWire Inc. and its parent, Abraxas Applications. The Cubic statement came amidst growing talk online among privacy researchers and journalists about the possibility that connections remained between the defense and transportation services giant and TrapWire, the Abraxas Corporation spin-off.

Researchers and journalists were worried about such a connection because Cubic oversees firms and services that manage and process extremely private information about millions of people — information a law enforcement and corporate surveillance system like TrapWire would no doubt appreciate direct access to. Unproven allegations started flying online, among them an RT article which stated without evidence that the companies were linked in a "global surveillance network."

But there is information suggesting that Cubic's August 13 denial of an Abraxas connection to TrapWire Inc., and its parent company Abraxas Applications, was false.

Here is the exact claim Cubic made in its August 13, 2012 press release:

Cubic Corporation (NYSE: CUB) acquired Abraxas Corporation on December 20, 2010. Abraxas Corporation then and now has no affiliation with Abraxas Applications now known as Trapwire, Inc. Erroneous reports have linked the company with Trapwire, Inc….

Government websites and documents don't agree at all.

A FEMA website for law enforcement and first responder technology and equipment purchases lists TrapWire as a DHS approved product:

Abraxas Applications of McLean, VA is listed as the contact information for potential buyers at the very bottom of the product page. But the email address the company provided reads: "xxxxxx@abraxascorp.com" and the website for information, www.abraxascorp.com. If you visit that website, you'll see it is the Abraxas Corporation website, a subsidiary of Cubic. The section in which TrapWire appears on the FEMA website states: "The Products Section includes commercially available product information that has been uploaded directly and voluntarily by the manufacturer."

The company was still listed on the FEMA website as the contact for TrapWire purchases on Feburary 3, 2011, well after December 20, 2010 when Cubic says Abraxas Corporation totally severed from TrapWire Inc..

Furthermore, the US Patent and Trademark Office website shows that the Abraxas Corporation retained the trademark for TrapWire until June 23, 2011, a full six months after Cubic purchased Abraxas Corp.. 

If this sounds like so much conspiracy you are probably asking yourself, as I did: Why would anybody care if the companies are or were connected?

Cubic's transportation arm runs the backend passenger data systems for transport systems in a number of US cities, including Los Angeles and Atlanta. The "Enterprise Systems for Transit" page on Cubic's website describes its data management systems for public transportation networks:

Nextfare delivers a customizable business management system of software modules to form a complete set of managerial tools for the operation and administration of a regional fare payments network.
 
Access control, operational management, data acquisition and data enhancement, transit application management, data summarization, reports framework, card production management, key management, system monitoring, fraud analysis, revenue management, web ticketing and credit/debit switch are among the software modules that agencies can choose from to meet their unique requirements.
 
Examples of regional systems where Cubic’s Nextfare smart card systems are in use are the greater Los Angeles area, Atlanta, and Brisbane, Australia.
Both the Department of Homeland Security website and the US Trademark Office directly contradict Cubic's denial of any association with Abraxas Applications or TrapWire. If the government's facts are correct, the Abraxas Corporation was managing sales for the TrapWire system at least as recently as February 2011 — meaning Cubic had its hands on both highly sensitive private information on millions of ordinary people and a networked surveillance system sold to governments.
 
We don't know whether that's the case or not, but the discrepancy between Cubic's claims and the government's data shows that something is amiss. Cubic's aggressive denial of what was then a minor story regarding TrapWire seemed to come out of nowhere, and if the DHS and Trademark office are to be believed, the denial was inaccurate. 
 
Since the government's intelligence and data management contracting operations are so secretive and opaque, we may never know what's really going on — whether Cubic in fact operates transit data systems and surveillance systems sold to governments. But as I wrote in a piece for The Nation as the TrapWire story first broke onto the scene, it doesn't really matter in the grand scheme of things. That's because we know more than enough to be convinced that we need a mass movement for privacy in the United States, whether or not these connections are real.
 
So instead of focusing on TrapWire and Cubic as if they are novel, discrete problems in an otherwise harmonious system, let these revelations just add more fuel to that movement — against government secrecy and the unaccountability of widespread spying more broadly, and for the right to be let alone.

© 2024 ACLU of Massachusetts.