In early August, Chris Vickery, the director of risk research at the cybersecurity firm UpGuard, was browsing GitHub, an open-source software repository, for references to Cambridge Analytica. Vickery, in March of 2018, had discovered that an obscure Canadian data firm called Aggregate IQ had developed election software that Cambridge Analytica sold to political campaigns—most notably Donald Trump’s. In that case, Vickery found hundreds of pages of code. His August find was less substantial: a read.me file, written in plain English, that said, “Useful, revenue-producing data applications that Cambridge Analytica won’t suggest to you.” Its author, a California-based political operative named Ron Robinson, claimed to have worked on nearly a hundred campaigns, including efforts for Mitch McConnell, Joe (the Plumber) Wurzelbacher, and Newt Gingrich. His post, which went on to say that the actual code has been removed “for NDA privacy,” was hashtagged “#Social Engineering”, “#MAGA,” and “#Hacks.”

After some more digging, Vickery found a series of advertisements, posted by Robinson, selling what he was calling “subpoena resistant” e-mail accounts with the domain name NSAmail.us. Robinson was also offering a second e-mail service, with the domain name innoc.us, for “those who don’t want to taunt the NSA every time they send an email.” The accounts, which were intended to be beyond the reach of U.S. law enforcement, had been hosted in Russia by a company called Mir Telematiki. (In fact, the National Security Agency had been surveilling Mir Telematiki’s servers since 2009.) Coincidentally, perhaps, this was the same hosting service used by WikiLeaks. On August 16th, Vickery contacted the F.B.I. “I have reason to believe that [Robinson] provided email and other online services to US political campaigns, political action committees, and related entities through servers physically located in Moscow, Russia,” Vickery wrote on the F.B.I.’s online tip portal. “It is reasonable to assume [he] knew, or should have known, the in-depth level of access Russian intelligence agencies would have to emails, files, and other data passing through servers located in Moscow.” (Robinson declined to comment for this story.)

On social media, the unmasking of Robinson quickly fed various conspiracy theories, some elaborate, some prosaic. But all of them included a suggestion that Ron Robinson was, in the words of one of Vickery’s Twitter followers, “a Kremlin asset.” All of the dots seemed to connect. Robinson, a Tea Party activist, is Facebook friends with Rhonda Rohrabacher, who is the wife of former Representative Dana Rohrabacher, popularly known as Putin’s favorite congressman. Robinson was also connected on Facebook to David Bossie, Trump’s deputy campaign manager, in 2016, as well as to a number of other prominent right-wing power brokers, including Ned Ryun, the founder and C.E.O. of American Majority, an organization that trains “liberty-minded” candidates and activists. In addition to offering “subpoena resistant” e-mails, he had been recommending that his clients forgo Google for Yandex, the Russian e-mail and search-engine company, because “it is much harder to subpoena from a foreign entity.” “Don’t ever change, Yandex,” Robinson wrote, in June, in a Facebook post that also tagged two California Tea Party officials. “Some of us trust you more than we trust certain agencies on this side of the pond. Thanks for keeping our stuff safe. We knew we made the right choice.”

There was more. Vickery discovered that Robinson had uploaded a screen shot of his digital-activist-training work files, which included mentions of a popular hacking tool called Metasploit, as well as a cryptocurrency tracker. (Cryptocurrency can be an untraceable way to move money.) Screenshots taken by Vickery showed that Robinson had provided e-mail services for the National Draft Ben Carson for President Committee, leading Vickery to wonder if those services—or the ones he provided for numerous down-ballot Tea Party and Republican candidates—were being routed through or stored in Russia. (McConnell’s campaign, for its part, said that Robinson “doesn’t work for us.”) As Twitter sleuths mined the Internet for other nuggets of evidence proving that Robinson, a computer programmer in his sixties with an affection for guns and an abiding distrust of the government, was working for the Russians, they seemed to have missed the central irony: Robinson was promoting Yandex and other offshore services because, he said in a YouTube video from April, 2018, “I’m a conservative and we know that conservatives are under attack from all directions online.”

Robinson has spent most of his career as a digital Jack-of-all-trades. According to his LinkedIn profile, he has worked for the Los Angeles Times, the Universal Music Group, and the California Power Exchange, in addition to his political work; he claims to have created one of the earliest online payment portals, in 1993, used by more than ten thousand merchants. Robinson was later the digital director of the National Draft Ben Carson for President Committee, a super PAC that was run by John Philip Sousa IV, the great-grandson of the composer. It has since morphed into the Stars & Stripes Forever super PAC, and now targets people of color with radio ads aimed at persuading them not to vote for Democrats. One ad claims that Planned Parenthood is “an organization set up to exterminate black people” and that abortion-rights advocates promote black genocide. (Sousa said he did not know whether Robinson used Russian servers for the Draft Ben Carson committee’s e-mail services.) More recently, Robinson has been driving for Uber.

“Ron Robinson is a nice guy whose politics are profoundly different than mine,” Adriel Hampton told me. Hampton, a progressive activist, was part of the founding team for NationBuilder, a powerful suite of online campaign tools that enables candidates and advocacy groups to build Web sites, create fund-raisers, send e-mails, and measure engagement. When it launched, in 2011, it was heralded as a way to democratize campaigning by providing a cheap, sophisticated way for anyone with a message to reach and cultivate supporters. Bernie Sanders, Mitch McConnell, Andrew Yang, Theresa May, Amnesty International, the N.A.A.C.P., and Donald Trump have all used NationBuilder. Ron Robinson, who was one of the first developers to achieve the status of NationBuilder “expert,”used it on behalf of scores of “non-urban” Republican county committees, selling a complete NationBuilder package for two hundred and fifty dollars, with the aim of “[equipping] every GOP county in the US with an advanced NationBuilder victory solution.” He also paired it with a get-out-the-vote Web site he created called Procinct, which, among other things, provided users a thumb drive with a program to browse the Internet anonymously. Together, NationBuilder and Procinct combine what appear to be Robinson’s dual preoccupations: foiling government surveillance and seeding right-wing campaigns with the latest digital tools.

NationBuilder supplies campaigns with voter files and voter histories. While those files are also typically available from public and party officials, NationBuilder’s voter files are free and easy to use. What makes the platform especially powerful, though, is that those files can be “enhanced” with data from commercial brokers such as Aristotle International, which claims to have demographic, consumer, and contact information on more than two hundred and eleven million Americans. That data can be integrated in NationBuilder, along with information pulled from social-media platforms like Twitter and Facebook. “The must-know campaign strategy of 2016,” the former NationBuilder vice-president Michael Moschella wrote on the company’s blog, was the ability “to pull the entire following of any Twitter account into your database for prospecting.”

Ian Patrick Hines, a Republican strategist who used NationBuilder on Evan McMullin’s 2016 Presidential bid, told me that social-media integration also allows a campaign to match an e-mail address to a face. NationBuilder imports profile pictures into the file, as well as the names of “anyone who mentions you or retweets you on Twitter,” he said, all of which can then “queue up with Facebook ad targeting down the line.” The difference between NationBuilder and an outfit like Cambridge Analytica, which used the ill-gotten data of eighty-seven million Facebook users to target voters, Hines said, is that Cambridge Analytica “was in the business of harvesting your data without your consent.” NationBuilder, on the other hand, “is in the business of allowing organizations to manage the data that people have opted to give them.” Still, this may be a debaters’ point since NationBuilder takes it on faith that campaigns and their third-party data brokers are following the rules. (Internal Facebook memos from 2015 and 2016 indicate that the company was concerned that NationBuilder’s social-matching feature, which linked e-mails to social-media profiles, might be violating Facebook’s third-party data rules. While the memos clear NationBuilder of impropriety, they indicate that a company called Full Contact, a NationBuilder data provider, was violating Facebook’s policies.)