Tuesday, November 24, 2015

The Paris Terrorists: “A Bunch of Killers with Good Social Media”

In the aftermath of 9/11, Congress passed the USA PATRIOT Act of 2001, a 10-letter acronym for Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism. The public was ready for and supportive of enhanced government surveillance and efforts to monitor communications necessary to uncover potential terrorist activities.

With the 2013 Snowden revelations of how broad and widespread these government activities have become, the pendulum appeared to swing the other way. In June 2015 Congress passed the USA Freedom Act to curtail the bulk collection of metadata. 

And now there is Paris

The political stampede to introduce more tools for law enforcement to gather intelligence and monitor communications has begun. David Cameron, the British Prime Minister, told Parliament that he wants to “ensure that terrorists do not have a safe place to communicate.”

In the United States, politicians are calling upon technology companies to lessen encryption and allow so-called “backdoors” to access their devices. Encryption is a means of scrambling data to make it undecipherable to anyone but the recipient. Mandatory “backdoors” allow law enforcement to unlock encryption programs and more easily monitor communications. John McCain (R-AZ) has introduced federal legislation mandating ”backdoors” to encrypted apps.

Tech companies such as Apple, Google, and Microsoft loath “backdoors” on devices and see them as weakening global demand for US products. They also argue that lesser encryption and “backdoors” will provide easier access to cyber criminals. If government can access these unencrypted devices, so can the bad guys. 

It’s not clear how much this actually would help in the fight against terror. President Obama has described the Paris terrorists as “a bunch of killers with good social media.” ISIS has cleverly used social media to stage horrific beheadings, display propaganda recruitment films, and cleverly use digital media as a powerful weapon. While politicians argue over “boots on the ground” and other military options to challenge ISIS, the communication strategy of terrorists is taking center stage, raising such questions as: 

  • Can we effectively monitor their communications and possibly thwart attacks before they are carried out?
  • Is it possible to shut down ISIS’s access to social media?  .
  • Will increased surveillance of email and phone calls help us catch the bad guys before they attack and kill innocent people?
  • How do these terrorists actually communicate with each other?  

The Paris terrorists likely used encryption technology to shield their communications.  Some have suggested that they may have communicated through Sony Play station gaming systems, which have private chat rooms and may not be monitored as closely as smartphones and other computer devices. By using game weapons to spray digital bullets onto a wall, gamer/terrorists can spell out sentences to other gamer/terrorists. In one case an Austrian teen, in communication with ISIS, downloaded bomb plans on to his Play Station game system.

While some argue that enhanced surveillance of electronic communications or meta-data collection would likely not have prevented these attacks (the Paris terrorists were all living within the same home in Paris), the recent attacks have led to increased demands for more aggressive government surveillance.

It may be difficult for privacy advocates to argue now against restrictions on encryption and more intrusive government surveillance. These voices for privacy, made popular by Snowden, will likely be diminished as security and catching the bad guys take precedence.

In an earlier post, I discussed the recent decision by the European Court to invalidate the US-EU Safe Harbor Agreement allowing the transfer of personal data from the EU to the US. This blockbuster decision was based in large part upon the European Court’s perception that government surveillance activities permitted under US law failed to protect data privacy for individuals. Would this decision have been the same post-Paris?

Security concerns now appear to be trumping an individual’s right to privacy. I hope the political debate and resulting legislative initiatives will recognize the need to remain sensitive to privacy issues when designing legal and appropriate surveillance activities. 

No comments :

Post a Comment