Explainer: How AdTech Doubles as an Intelligence Platform
The Dossiers About Us Are More Detailed than the Stasi Could Have Imagined
Low on time? Listen to the podcast:
When a visitor loads a news website, their browser initiates a complex cascade of events that would make any intelligence agency envious. Within 50 milliseconds—faster than a human blink—their device broadcasts intimate details about their digital life to hundreds of servers across the globe.
This process, known as real-time bidding (RTB), forms the backbone of modern digital advertising. It also represents one of the most sophisticated surveillance systems ever created, hiding in plain sight within the commercial internet.
What makes RTB remarkable is its perfect duality. Every feature that makes it effective for advertising also makes it ideal for intelligence gathering. It's like discovering that the world's highway system was inadvertently designed to be perfect for military logistics.
When a webpage loads, the RTB system generates a bid request—a detailed digital dossier containing everything from device fingerprints to behavioral patterns. This data packet includes over 100 standardized fields, plus unlimited custom parameters. Each request reveals precise location data accurate to within meters, device specifications including screen resolution and battery level, browser history, network information, and temporal patterns showing when and where a device appears online.
While RTB's surveillance capabilities exist across all digital advertising, certain companies merit closer examination based on their unique position in the advertising ecosystem. Of particular interest are organizations that combine three concerning elements: extensive advertising infrastructure, close ties to state security services, and beneficial owners who maintain controversial political connections or promote harmful agendas.
In these cases, the same systems that process billions of commercial bid requests could potentially serve a dual purpose: one commercial, one intelligence-focused. When technical infrastructure overlaps with politically connected figures who have demonstrated willingness to cause social harm, the risk of misuse increases substantially.
Imagine an intricate web of connections that spans three continents. At its center is Armand Thiberge, an entrepreneur who has established a network of companies across India and France.

His original creation, Dual Technologies Services—recently rebranded (again) from Sendinblue to Brevo—appears on the surface to be a legitimate email marketing platform. But examining the company's infrastructure and connections reveals a more complex picture.
In India, Thiberge founded Silver Line It Solutions in Uttar Pradesh.

Within its list of directors appears Nupur Sharma, who served as the National Spokesperson for India's ruling BJP party starting in 2020 until her anti-Muslim rhetoric sparked international diplomatic incidents and violent protests in 2022, including the beheading of one of her supporters—in the same region where Silver Line operates.
Indian publication ThePrint wrote a story back in October suggesting onetime politician Sharma appears to be staging a comeback, and could be considered a promising candidate in future elections should the BJP’s top leadership approve her return.
Meanwhile, Sharma continues to engage in harmful rhetoric, claiming at a public event in July that there is a conspiracy to wipe out Hindus in India.

In France, Thiberge established Dual Technologies Services (now Brevo, previously Sendinblue), which maintains a sophisticated network of domains that superficially appear to typosquat IBM—sendibm1.com, sendibm2.com, sendibm3.com, and other variations thereof. These domains, some of which are listed in spam blacklists, serve an interesting mix of clients. Among them is former U.S. National Security Advisor Michael Flynn, a pardoned criminal with direct connections to Vladimir Putin, who uses these domains for his public communications—which also appear rather frequently on political conspiracy theorist Jim Watkins’ website, 8kun.


Email marketing platforms don't just send messages—they attempt to track who opens them, when, on what devices, and from where. Each opened email triggers a tracking pixel, and every link in the email contains unique identifiers that can help trace who clicked what, and when. This granular tracking infrastructure complements RTB systems in a powerful way. While RTB provides a real-time stream of user behavior across the web, email tracking adds persistent identifiers and precise interaction patterns—down to the second when someone opens an email or clicks a specific link in it.
When the same company operates both systems, the surveillance potential multiplies. Each email interaction can be correlated with RTB data about that user's browsing patterns, creating richer profiles than either system could generate alone. For intelligence services, this combination is particularly valuable because email communications often reveal organizational structures and professional networks, while RTB data reveals individual behavior and movement patterns.
Most notably, Brevo appears to maintain some type of relationship with Rambler, a major Russian internet company majority-owned by state-backed Sberbank. Numerous seemingly dormant domains resembling official Russian government formats can be observed beaconing out from within Rambler's advertising platform infrastructure—such as '48ros-gov.ru' and '32russ-gov.ru'—intermingled with commercial advertising infrastructure.
Sberbank itself, which controls Rambler, is majority-owned by Russia's central bank, effectively putting it under Kremlin control. Under the leadership of Herman Gref, a close Putin ally and former Minister of Economics and Trade, Sberbank has transformed from a traditional bank into a technology powerhouse with deep ties to Russia's security services.
This creates a fascinating pattern: a single founder has built legitimate business infrastructure that connects controversial political figures across three continents, all while operating sophisticated technical systems that could potentially serve dual purposes. Its effectiveness lies in its multi-layered legitimacy: each piece of data collected has a valid commercial purpose, every suspicious domain can be explained as standard marketing infrastructure, and every political connection can be dismissed as routine business networking.
If you're tracking a user across websites to serve better ads, how can anyone prove you're aren’t also using that data for intelligence gathering?
The math behind RTB systems further obscures their dual use. The algorithms that determine ad placement use many of the same principles as intelligence analysis: pattern matching, behavioral prediction, and network mapping. The same machine learning model that predicts if you'll click an ad can predict if you're a person of interest; it's just a matter of how you interpret the output.
This convergence reveals a fundamental shift in how surveillance technology evolves. Traditional intelligence gathering required building specialized systems and hiding them from view. Modern approaches instead are able to build surveillance capability into commercial infrastructure, hiding it through legitimacy rather than secrecy.
Consider the case of cross-device tracking, a standard advertising technology feature that links a person's devices together. For advertisers, this helps deliver consistent marketing messages. For intelligence services, it provides comprehensive device graphs showing how targets move between phones, computers, and tablets. The same technology serves both masters equally well.
The implications extend beyond individual privacy. RTB systems process billions of bid requests daily, creating real-time maps of human behavior at population scale. This data flow generates what intelligence professionals call “patterns of life”—detailed pictures of how people and organizations operate over time. We're witnessing the emergence of what you might call “surveillance capitalism++”. The commercial surveillance infrastructure is so comprehensive that intelligence services don't need to build their own systems—they only need to gain access to existing ones.
Understanding this dual-use nature of advertising technology becomes crucial not just for cybersecurity experts and privacy advocates, but for anyone interested in the future of digital society.
In the end, what the Stasi achieved through networks of human informants, modern advertising technology accomplishes automatically, invisibly, and at a planetary scale. The line between commercial data collection and intelligence gathering has not merely blurred—it has fundamentally dissolved. We live in an era where surveillance isn't just built into the fabric of the digital economy; it is the fabric itself, weaving together our every click, scroll, and pause into dossiers that would fill entire warehouses if printed on paper.
The greatest trick of this system isn't its comprehensiveness—it is that it operates in plain sight, accepted as the mundane price of digital convenience.