Tech firms push back on 'reactionary' politics following terror attacks
As lawmakers and presidential candidates advocate for mandates on tech companies to fight terrorism, Internet companies warn against policies they say could jeopardize their users’ civil liberties and stifle innovation.
Brian Snyder/Reuters
Disturbed by hostility emerging from Washington and the campaign trail, tech companies are beginning to push back against rhetoric that portrays Internet companies as enabling terrorism.
In the wake of the Paris and San Bernardino attacks, Democrats and Republicans have joined together to condemn the use of encryption, social media, and other communications technologies by terrorists – and demand Silicon Valley to do more to thwart violent extremism online.
Democratic frontrunner Hillary Clinton insists, for example, "We need to put the great disruptors to work in disrupting ISIS." Republican candidates hammered this home in Tuesday’s debate. Donald Trump would go so far as to consider “closing that Internet up in some way” to prevent militants from recruiting online.
But Michael Beckerman, president and chief executive officer of the Internet Association, the lobbying organization representing the country’s biggest Internet companies including Google, Facebook, and Yahoo, is urging lawmakers not to make rash decisions that could profoundly change the free and open nature of the Internet.
"The Internet has been the greatest tool for democracy and free speech … maybe since the printing press," says Mr. Beckerman. "Unfortunately, the bad guys are able to use the same microphone."
But shutting down parts of the Web, or layering on government mandates, isn’t going to solve the terrorism issue, he says. "The rise of terrorism comes from the offline world.... If you turned off the Internet today, it is an unfortunate fact that terrorists would still exist."
Stressing they are already working hard to boot terrorists off their sites and services, tech companies are urging policymakers to take the long view – and quash the urge to enact mandates they say would jeopardize their users’ civil liberties, make their users less secure, and stifle innovation.
"Internet companies have zero tolerance policies for violent and terrorist content on their platforms," Beckerman says. "We are especially concerned that reactionary legislative proposals could make it more difficult to find credible threats."
Tension between Silicon Valley and Washington over terrorism is just the latest flashpoint in an increasingly fraught relationship between social media, software, and other large tech companies and the government since Edward Snowden’s leaks exposing widespread National Security Agency surveillance.
But unlike the spy agency revelations, many individual companies are reluctant to speak out publicly against recent calls from Washington in the wake of the attacks, and some of the biggest – including Twitter and Google – did not respond to requests for comment for this story.
Even though there have been numerous erroneous reports of the technology that attackers used prior to San Bernardino and Paris, national security hawks have seized the recent terrorism incidents to renew calls to undo surveillance reform and downgrade encryption technologies so authorities can pursue terrorists and criminals.
This has technologists on guard. "It’s very easy for a politician to say, 'Well, somebody ought to do something' – then follow up to say, 'the tech people ought to do something,' " says Jon Callas, chief technology officer at encrypted communications company Silent Circle. "Sure, maybe the tech people should. But what is it that we should do? Because the calls are, at present, completely displaced. They are focusing on an image of what the attackers are doing – what [cryptologist] Bruce Schneier calls ‘movie plot security threats’ – and not what they are really doing."
Mr. Callas points to the encryption debate as an example: Even though there has been no concrete evidence yet that attackers in either case relied on secure communications to plan their attacks, FBI Director James Comey on Capitol Hill last week renewed his call for tech companies to give law enforcement a way to access encryption.
"There’s no doubt that use of encryption is part of terrorist tradecraft now," Mr. Comey said. Solving this obstacle "is really not a technological problem" for the companies, Comey said, "it’s a business model problem."
Beckerman disagrees with that characterization. "I think that just misses the point…. It’s not an issue of profit," he says. "It’s an issue of where our networks are safe and secure. It’s not just about sending pictures to friends and loved ones. It’s our banking, our health information. If stuff like that got hacked into because we created a vulnerability in the system, I think people would be pretty upset about that."
The Internet companies Beckerman represents are also against a proposal Sen. Dianne Feinstein (D) of California, the top Democrat on the Intelligence Committee, wants to revive in the wake of the latest attacks. The bill, requiring social media companies report potential terrorist chatter to law enforcement, failed to move forward over the summer amid heavy opposition from tech companies and privacy advocates, but gained new attention amid reports that San Bernardino shooter Tashfeen Malik’s posted radical Islamist missives on Facebook.
Comey clarified on Wednesday that, contrary to those news reports, Ms. Malik did not actually post public social media messages advocating terrorism. Still, the Feinstein bill remains on the table. Several days before Comey’s comments, the Internet Association joined forces with other industry groups to pen a letter insisting Feinstein’s bill would lead to companies over-reporting activity on their sites to the government and law enforcement. What’s more, the groups said, such monitoring could implicate potentially innocent people trying to speak out against terrorism.
Politicians should not assume tech companies can determine what is offensive speech and what's not, says Silent Circle’s Mr. Callas. "We said in public we would not tolerate bad people subscribing to our service," he said. "We also know that what that really means is really kind of squishy. Let me give you an example: Let’s take the Dalai Lama. We supply communications services to the government of Tibet. Is the government of Tibet good guys or bad guys? We made the decision the Dalai Lama is a good guy, but if you ask the Chinese, they’re bad guys."
But Silent Circle, a Switzerland-based company geared toward business clients, can more easily determine the identity of its users since they pay to use their products – and often run background and credit checks before making a sale. Companies with billions of users, who can access the site or apps for free around the world, have a tougher challenge to monitor their platforms. Even as Twitter shuts down pro-Islamic State accounts, for instance, the militants are quick to pop back up with new accounts.
It can resemble a game of whack-a-mole, but companies say they are trying. Facebook says it has "zero tolerance" for terrorists, their propaganda, or praising of terrorist activity. "We work aggressively to remove it as soon as we become aware of it," a spokesperson said. "If we become aware of a threat of imminent harm or a planned terror attack, our terms permit us to provide that information to law enforcement and we do."
As the political discussion heats up, many are looking to the White House to clarify the government’s position on the debate over the role American tech companies should play in the fight against terrorism. After San Bernardino, President Obama promised he would urge high-tech and law enforcement leaders to make it harder for terrorists to use technology to escape from justice.
White House officials, says Kevin Bankston, director of New America's Open Technology Institute, "are under pressure from law enforcement and intelligence agencies – but that pressure has increased 1,000-fold since the terror attacks in Paris and San Bernardino."
The officials, according to Mr. Bankston, who met with them last week to discuss a way forward on the encryption issue, are hopeful Mr. Obama will have a concrete position to announce by the holidays. The White House backed away from calling for legislation requiring companies give law enforcement access to encrypted data back earlier this year, and Bankston and other privacy advocates want Obama to decisively side with the tech companies to help both sides move forward.
"There’s no indication yet encryption played direct role in the attacks, but I will say, the fact that terrorists might use encryption is no more notable than perhaps your mom does," he said. "It is becoming a fact of life. Over a billion people have apps that encrypt end to end. Nothing that Congress, or even US companies, can do will stop that." (The encryption apps most favored by the Islamic State, for instance, Bankston found, are either based overseas or open source.)
Instead, Bankston says, "we need to start talking more about how law enforcement and intelligence can adapt to a world where encryption is common – rather than trying to make encryption adapt to law enforcement and intelligence investigations. The technology is out there. The cat is out of the bag."