ShareThis Page

Ease of hiding terror plots online intensifies Web debate

| Saturday, Dec. 12, 2015, 10:20 p.m.
A U.S. Customs and Border Protection photo from July 2014 shows Tashfeen Malik and her husband, Syed Rizwan Farook, as they passed through O'Hare International Airport in Chicago. The husband and wife died Dec. 2 in a gun battle with authorities after an earlier terrorist attack in San Bernardino, Calif.
A U.S. Customs and Border Protection photo from July 2014 shows Tashfeen Malik and her husband, Syed Rizwan Farook, as they passed through O'Hare International Airport in Chicago. The husband and wife died Dec. 2 in a gun battle with authorities after an earlier terrorist attack in San Bernardino, Calif.
Lee Rowland, senior attorney for the AMerican Civil Liberties Union's Speech, Privacy and Technology project
Lee Rowland, senior attorney for the AMerican Civil Liberties Union's Speech, Privacy and Technology project
Brian Nussbaum, a cybersecurity professor at the University of Albany, State University of New York, was a senior intelligence analyst with New York State's Division of Homeland Security and Emergency Services.
Brian Nussbaum, a cybersecurity professor at the University of Albany, State University of New York, was a senior intelligence analyst with New York State's Division of Homeland Security and Emergency Services.
Rhea Siers, a former policy director with the National Security Agency who is a scholar in residence at George
Rhea Siers, a former policy director with the National Security Agency who is a scholar in residence at George

Inside the galaxy of ones and zeros ferrying the world's information through the Web, the words of a young man and a young woman crossed the oceans and continents between them so fast, it was as if the distance didn't exist.

They spoke of a holy struggle, of dying for a god who wanted them to kill. Two years would pass before the world learned of the conversations between Syed Farook and Tashfeen Malik, who realized their violent dreams on Dec. 2 at a holiday party in San Bernardino, Calif.

America's colossal intelligence apparatus, built with hundreds of billions of dollars and honed by 14 years of war, knew nothing of them until after they opened fire, the Obama administration said. The bloody consequence of their anonymity has reinvigorated debate over the legitimate reach of intelligence gathering and proper limits on the core freedoms of speech and privacy.

Those competing demands force technology companies to balance customers' confidence in their products, fears of censorship stoked by presidential candidates advocating tighter control of the Internet and government concerns that consumer technology is being weaponized. Mark Zuckerberg, the founder and CEO of Facebook, wrote a post Wednesday assuring that adherents of the Muslim faith “are always welcome (on Facebook) and that we will fight to protect your rights and create a peaceful and safe environment for you.”

Because their livelihoods depend on it, technology companies are developing more secure encryption, which safeguards the lawful and unlawful alike, said Brian Nussbaum, a former senior intelligence analyst with the New York state homeland security office and now a professor at the University of Albany, State University of New York.

“The technology is only moving in one direction,” Nussbaum said. “Encryption is only becoming more widely available, less expensive, more effective and — the really important driver is — easier to use.”

Disclosures by Edward Snowden, the former contractor, on the information sweep of the National Security Agency's spy programs helped create a market for encryption, FBI Director James Comey told the Senate Judiciary Committee on Wednesday.

One of the jihadists who opened fire in May at an anti-Muslim event in Garland, Texas, traded 109 messages with “an overseas terrorist” on the morning before the shooting, Comey said.

“We have no idea what he said because those messages were encrypted,” Comey said. “And to this day, I can't tell you what he said with that terrorist 109 times the morning of that attack. That is a big problem.”

Laws to let law look?

The Nov. 13 terrorist attacks in Paris — and fears of future attacks elsewhere — might be reversing that trend toward stronger and easier encryption, said Sen. Dianne Feinstein, D-Calif. She said she's working with Sen. Richard Burr, R-N.C., on legislation that would force technology companies to include a way for law enforcement to break their encryption.

“I'm very concerned about it,” Feinstein said, noting that her unease extends beyond terrorism.

“I have concerns about a PlayStation, which my grandchildren might use, and a predator getting on the other end and talking to them and it's all encrypted,” she said. “I think there really is reason to have the ability, with a court order ... to be able to get into that. I think this world real-ly is changing, in terms of people wanting the protection and wanting law enforcement. If there is conspiracy going on over the Internet, that encryption ought to be able to be pierced.”

Perhaps no one pays closer attention to the debate over online access than jihadists looking to wage war on the West, said Steven Stalinsky, executive director of The Middle East Media Research Institute, a Washington nonprofit that tracks the issue.

Radical Islamic terrorists have used the Internet, and increasingly social media, over the past decade to communicate, spread their messages and recruit followers, Stalinsky said. They hope Americans will continue to demand increased privacy, making it harder for law enforcement to track their communications, he said.

Encryption makes it even harder for government agencies to discover and disrupt terrorist plots, he said.

“It's one of the most important debates of our time, and people are going to have to make some hard decisions,” Stalinsky said. “Because if the technology is made to where there's no access to the information, terrorists are already using it for multiple purposes, and it will just increase. It will definitely help them.”

More privacy options

Jihadist groups over the past year started using Telegram, SureSpot, Wickr, Kik and other encryption services that make it easy to privately converse online, security experts said.

“This idea that we are so technologically omnipotent that we're never going to meet a system we can't break? I'm sure NSA doesn't want to discuss that, but it's a little unrealistic,” said Rhea Siers, a former policy director with the National Security Agency who is a scholar in residence at George Washington University in Washington.

“Not to mention the fact that in a critical national security situation, what if it takes you six months to do it? I think you've got to be a little more realistic about the threat you're facing here,” Siers said.

Even if you're able to break the encryption, that does not solve all of the problems, she noted. Intelligence analysts then need time to figure out what the targets are saying or how they are communicating.

“They, obviously, don't come out and say, ‘We're going to attack the theater at this time,' ” Siers said. “If you listen to them for a few years, then you understand the nature of the language they use for attack.”

Much of the discussion happens in plain sight on social media platforms such as Twitter, providing a platform for radical Islamists to spread propaganda, recruit followers and inspire lone-wolf attacks.

Twitter regularly removes accounts and content related to the Islamic State and other radical groups, but the company does not report those accounts to law enforcement or counterterrorism agencies, Feinstein said. The hacker group Anonymous recently announced a campaign to try to disable terrorist-related Twitter accounts.

Counterterrorism officials sometimes describe the stream of pro-jihadist rhetoric as “the devil on the shoulder” of isolated, troubled people around the world.

The Internet has changed the model for terrorism recruiting and operations, allowing radical Islamists to carry on intimate conversations with people around the globe without leaving safe havens in Syria and elsewhere.

Calls to shut down extremist speech online have come from across the political spectrum, including the presidential campaigns of Republican front-runner Donald Trump and Democratic front-runner Hillary Clinton.

“We must deny them virtual territory just as we deny them actual territory,” Clinton said in a November speech.

Trump echoed her on Tuesday: “We have to talk to (tech company executives) about, maybe in some areas, closing that Internet up in some way.”

Both forms of censorship — government-induced or voluntary on the part of tech companies — “are problematic, both from a values standpoint and because they are probably considerably less effective than those seeking them could hope,” said Lee Rowland, senior attorney in the American Civil Liberties Union's Speech, Privacy and Technology project.

“Companies should resist calls to be pressured into becoming a wing of the national security state,” Rowland said, noting that social media can counter extremist propaganda as well as it is used to spread it.

“Ultimately, increased censorship does not make us safer,” Rowland said. “... Censoring speech only puts it out of sight, not out of mind, and that makes it all the more dangerous because we lose our most powerful tool in combating those evil ideas.”

Mike Wereschagin and Andrew Conte are investigative reporters for Trib Total Media. Reach Wereschagin at 412-320-7900 or mwereschagin@tribweb.com. Reach Conte at 412-320-7835 or andrewconte@tribweb.com.

TribLIVE commenting policy

You are solely responsible for your comments and by using TribLive.com you agree to our Terms of Service.

We moderate comments. Our goal is to provide substantive commentary for a general readership. By screening submissions, we provide a space where readers can share intelligent and informed commentary that enhances the quality of our news and information.

While most comments will be posted if they are on-topic and not abusive, moderating decisions are subjective. We will make them as carefully and consistently as we can. Because of the volume of reader comments, we cannot review individual moderation decisions with readers.

We value thoughtful comments representing a range of views that make their point quickly and politely. We make an effort to protect discussions from repeated comments either by the same reader or different readers

We follow the same standards for taste as the daily newspaper. A few things we won't tolerate: personal attacks, obscenity, vulgarity, profanity (including expletives and letters followed by dashes), commercial promotion, impersonations, incoherence, proselytizing and SHOUTING. Don't include URLs to Web sites.

We do not edit comments. They are either approved or deleted. We reserve the right to edit a comment that is quoted or excerpted in an article. In this case, we may fix spelling and punctuation.

We welcome strong opinions and criticism of our work, but we don't want comments to become bogged down with discussions of our policies and we will moderate accordingly.

We appreciate it when readers and people quoted in articles or blog posts point out errors of fact or emphasis and will investigate all assertions. But these suggestions should be sent via e-mail. To avoid distracting other readers, we won't publish comments that suggest a correction. Instead, corrections will be made in a blog post or in an article.