Public procurement portals are a goldmine for investigative journalists. In addition to holding critical data that can help reveal corruption, money laundering, or suspicious tenders, they are an ideal resource for detecting the purchase of invasive technology — devices like IMSI catchers, cameras and GPS trackers, as well as facial recognition and automated profiling software — all of which can seriously threaten citizens’ privacy.
Most jurisdictions — countries, provinces, states, or even cities — likely will have a procurement system, with varying levels of transparency, searchability, and data accessibility. The EU has TED; the U.S. has SAM; Germany has DTVP and Turkey has EKAP, to name a few.
There are universal methods and tools that journalists can leverage to uncover crucial information in these portals, regardless of language, format or structure.
Where to start
The first thing to understand is that equipment specifications aren’t always easy to find. Some portals allow full-text search across all documentation, while others limit search to tender titles, or restrict access to technical documents entirely. That is, unless you are a registered vendor, legal entity, or meet other specific criteria.
Many portals allow filtering by supplier, contracting authority, or type of equipment, and some allow downloading of structured data in CSV or Excel formats. This enables deeper analysis of procurement trends, institutional behavior, and spending patterns — an excellent foundation for data journalism.
Numerical codes: The first filter
Procurement portals will have numerical codes attached to entries, to categorize the type of goods or services involved. The EU uses a CPV, or Common Procurement Vocabulary, code. Australia, Canada and the U.S. rely on the UNSPSC (United Nations Standard Products and Services Code) system. Brazil uses its own national classification systems, CATMAT for goods and CATSER for services.
In the EU, CPV codes may pertain to the following types of procurements:
- 35120000 – Surveillance and security systems
- 32330000 – Video surveillance equipment
- 72200000 – Software services (including surveillance software)
- 79710000 – Private investigation and security services
These numerical codes are a good, but not perfect, starting point. I’ve come across tenders labeled under surveillance codes that turned out to be for something as mundane as school holiday gift packages, and vice versa.
Some CPV codes, such as “357 – Military electronic systems, electronic intelligence systems,” are more explicit and may signal the procurement of invasive technology. These should be treated as high-priority flags during your initial filtering process.
Understanding the contracting authority
Learning about the nature and behavior of the contracting authority is crucial. Patterns in procurement, the types of equipment purchased, suppliers, as well as partnerships with external vendors or states, official visits, or international cooperation agreements can all indicate whether an institution is engaging in surveillance-related activities.
The backgrounds of those leading the institution can provide additional context — especially when individuals have ties to intelligence services, past espionage scandals, or surveillance-oriented foreign actors.
Institutional overreach is not uncommon, especially when the institutions hold sensitive data, manage IT systems, and possess surveillance technology. Any public body that handles data and invests in technology has the potential to infringe on privacy, often in the name of protecting assets or ensuring operational security.
The size of the institution matters, too. Those with large staffs or significant geographic reach may justify internal monitoring; this also opens the door to intrusive practices targeting both employees and the general public.
Even institutions that are legally allowed to intercept communications, such as police or secret service, should be investigated. “Lawful interception” is only lawful up to a point. Modern surveillance equipment has far outpaced regulatory frameworks, and what’s permissible in one jurisdiction may be illegal in another.
“Panopticon effect”
Keep in mind the "Panopticon effect" — a situation in which surveillance is omnipresent, but the public can’t see who’s watching. State bodies that use encrypted phones or specialized communication tools might justify it as protection, but if these same bodies are involved in secretive procurement, it’s worth digging deeper.
In one investigation at BIRN Serbia, we discovered a tender for 20 highly encrypted mobile phones — not by a national security agency, but by the country’s main energy provider. This led us to uncover an illegal surveillance unit embedded within the company, where these devices were being used by its members for covert operations.
Keyword search: Getting to the core
Many procurement portals offer keyword search functionality, but typically only in the titles of tenders. These often are vague and uninformative, using generic terms like “IT Equipment,” “Video Surveillance,” or “Communications System.”
Occasionally, a title may provide real insight, especially when the name of a specific software or product is mentioned directly. That’s how we discovered a Swedish facial recognition software procured by the national police, as well as tools for profiling and monitoring activity across social media platforms and the wider internet.
However, invasive technologies and other controversial or questionable procurements rarely name the specific tools being purchased in the tender title. That’s why deeper digging into the technical documentation is essential.
If you're lucky, the search engine combs through full documents. More advanced portals allow full-text search across procurement documents, including technical specifications, annexes, and price breakdowns. This is where real discoveries happen. For example, facial recognition features or spy equipment capabilities may only appear deep inside technical specification documents.
Leverage AI and scrapers
If the portal doesn’t support full-text search, building a scraper for deep search, or working with a developer to create one, can be a game-changer.
This kind of deep search requires strong familiarity with official jargon, equipment features, model names, and more. Using this method — combining keyword searches, synonyms, and model names within scraped technical documentation — we identified over 30 institutions in Serbia that had procured facial recognition technology between 2015 and 2019, often hidden behind generic titles like “video surveillance” or “security cameras,” including in schools and kindergartens.
Don’t forget to look for synonyms in your searches. While researching drone procurement in Serbia, I found that the term “drone” was rarely used — instead, tenders referred to “unmanned aerial vehicles” or “quadcopters.”
Depending on the amount and type of data you’ve scraped, you can open the door to powerful data journalism. Patterns in spending, vendor recurrence, and institutional behavior may reveal signs of corruption or favoritism. With larger data sets, journalists can collaborate with data analysts or use AI models to detect anomalies and map systemic procurement trends.
Follow the vendors
When diving into individual procurements, it’s useful to map out local companies involved in selling surveillance and intrusive technologies. Start with basic due diligence: search national business registries, check their listed partners or suppliers (often published on company websites), review past media coverage, consult dual-use export control lists, and explore cybersecurity or defense expos — where these companies often exhibit or get listed in catalogs.
Be aware that many of these companies maintain little to no online presence, especially in countries with limited transparency. This is where public procurement portals can be invaluable. A vendor that has never been mentioned in the media might appear frequently as a supplier of specialized surveillance equipment. In these cases, the technical specifications in tender documents can give clues about the company’s actual expertise.
Some may appear to be selling harmless IT services while in fact they are dealing in offensive cyber capabilities. Take the NSO Group as an example, the infamous maker of the Pegasus spyware. The company describes itself as a cybersecurity outfit, with no mention of offensive tools.
And importantly: if a company specializes exclusively — or primarily — in intelligence, surveillance, or tactical espionage equipment, then nearly every procurement involving that vendor should raise red flags for journalists. Their presence in a tender is often a signal that the procurement may involve invasive capabilities, even if the language used is intentionally vague or misleading.
Final thoughts
Procurement portals can reveal far more than just who received the best price for a good or service. With the right strategy, a few filters, and some investigative instincts, journalists can uncover patterns that point to surveillance overreach, misuse of public funds, or even illegal spying.
The key is context. If a public library buys forensic tools from a company linked to foreign intelligence services, that's not just a strange choice — it could be the start of a major investigation.
This same investigative approach can be applied across sectors, not just surveillance. Whether it's military procurement, pharmaceutical spending, or IT infrastructure deals, the methods of digging through procurement portals, analyzing vendors, and tracking institutional behavior remain the same.
As a byproduct of investigating invasive technologies, journalists may also uncover signs of corruption, such as recurring no-bid contracts, consistently favored vendors, or inflated prices — all visible through simple analysis of spending patterns in Excel.
Image by Pete Linforth from Pixabay.