A new report from the British Parliament blames Facebook for allowing a terror attack, arguing that social media companies must monitor and report suspicious user activity to the government.
In May, 2013, a British Army soldier, Lee Rigby, was killed on a suburban London street by two Muslim British citizens, who said they were acting to avenge years of killings of innocent Muslims by the British military in, among other places, Afghanistan and Iraq. One of the attackers, Michael Adebolajo, had also been detained and tortured in 2010 in Kenya with the likely complicity of Her Majesty’s Government. The brutal attack on Rigby was instantly branded “terrorism” (despite its targeting of a soldier of a nation at war) and caused intense and virtually universal indignation in the UK.
In response, the British Parliament’s Intelligence and Security Committee resolved to investigate why the attack happened and whether it could have been prevented. Ensuring that nothing undesirable would occur, the investigation was led by the Committee’s chair, the long-time conservative government functionary Sir Malcolm Rifkind. Yesterday, Sir Malcolm’s Committee issued its findings in a 191-page report. It contains some highly predictable conclusions, but also some quite remarkable ones.
Predictably, the report, while offering some criticisms, completely cleared the British intelligence agencies of any responsibility for the attack. It concluded: “we do not consider that any of the Agencies’ errors, when taken individually, were significant enough to have affected the outcome,” and “we do not consider that, given what the Agencies knew at the time, they were in the position to prevent the murder.”
But while British intelligence agencies bear no blame, the Committee identified the real culprit, which it claimed could have – but culpably failed – to stop the attack: an unnamed U.S. social media company (now reported to be Facebook). The Committee noted that one of Rigby’s killers, Michael Adebowale, had an online conversation (presumably on Facebook) with an “individual overseas” in December, 2012, in which Adebowale said “that he intended to murder a soldier.”
Sir Malcolm’s Committee claimed that the British intelligence agencies such as GCHQ and MI5 – despite being among the most aggressive and unrestrained electronic surveillance forces on the planet – had no possible way to have accessed that exchange. But, the Committee said, the social media company not only had the ability – but also the duty – to monitor the communications of all its users and report anything suspicious to the UK Government. Its failure to do so in this case, claimed the report, was the proximate cause of why the attack was not stopped (had the British agencies had access to this exchange, “there is a significant possibility that MI5 would then have been able to prevent the attack”).
All of this, argued the report, underscores how social media companies have become terrorist-helpers due to their refusal to monitor and report their users’ communications to the British Government. Here is this warped blame-shifting in the Committee’s own words:
The report then goes on to lecture social media companies that they must conduct themselves differently in the future:
The companies should accept that they have a responsibility to notify the relevant authorities when an automatic trigger indicating terrorism is activated and allow the authorities, whether the US or UK, to take the next step.
And Sir Macolm’s Committee all but scoffs at the notion that having these companies monitor and report their users’ conversations might actually violate privacy and turn these companies into skulking spy agencies for the state. Sir Macolm’s Committee notes that “several of the companies attributed the lack of monitoring to the need to protect their users’ privacy,” but, it proclaimed, “that argument should not be allowed to prevail” when it comes to “terrorist atrocities.”
Also predictably, the report does far more than merely complain about this. Instead, it does what the U.S. and UK Governments have been doing for almost 15 years now: brazenly exploits the fears and emotions surrounding this attack to demand still more spying powers for itself. In particular, it demands changes to the legal obligations of U.S. social media companies “either through legislation” in the U.S. or “by a treaty with the UK which places an obligation on US companies to provide this information” – i.e., whatever is requested by the UK Government.
The irony of Her Majesty’s Government blaming others for its own intelligence failures is stark indeed. This is a government that indiscriminately collects so much of the world’s private communications that they literally don’t know what to do with it. Among the documents published in my book was a GCHQ slide boasting that it “has massive access to international internet communications” and “we receive upwards of 50 billion events per day (and growing)”.
In fact, Sir Macolm’s report itself makes clear that the intelligence agencies of Her Majesty’s Government already collect such massive quantities of private communications that they have no ability even to understand what they’ve collected: in other words, they can’t detect terror plotting because they’re overloaded with the communications of millions of innocent people around the world, or are too busy trying to figure out the identities of visitors to the WikiLeaks website or ensnare hactivists in “honey traps” and thus unable to monitor actual terrorists. From the report (redactions in original):
In fact, the UK Government had in its possession information that would have triggered suspicions about one of the attackers, but the report itself notes that “GCHQ’s failure to report an item of intelligence which revealed contact between an unknown individual (later identified as Adebowale) and the AQAP extremist CHARLIE was significant.” This is a government that collects so much of people’s private communications that they have no idea what they are collecting.
But it’s never enough. A single attack on a single soldier is instantly and brazenly exploited to demand even more spying powers, to insist on new laws and treaties giving them even more access to more private communications. Nobody – including al Qaeda or ISIS – so effectively terrorizes U.S. and British citizens as much as their own governments do.
The Guardian‘s coverage of Sir Malcolm’s report is superb. Beyond the comprehensive reporting, they have an article detailing the (justifiable) indignation of tech companies over the blame-shifting report, the comments of a former British terrorism official on the stupidity of imposing such obligations on social media companies, an editorial and an op-ed arguing that British intelligence agencies have primary responsibility to stop such attacks yet failed to connect the ample “dots” they had, and, best of all, a piece from the paper’s home affairs editor Alan Travis denouncing the report’s conclusions “as outrageous as it is wrong-headed” as “a case of shooting the messenger.”
But there’s something else significant going on here that I want to highlight. All of this is part of a clear and definitely coordinated campaign by the U.S. and UK Governments to demonize social media companies as terrorist-helpers in order to force them to act as (even more) obedient snooping agents for the National Security State.
It is well-established that, prior to the Snowden reporting, Silicon Valley companies were secret, eager and vital participants in the growing Surveillance State. Once their role was revealed, and they perceived those disclosures threatening to their future profit-making, they instantly adopted a PR tactic of presenting themselves as Guardians of Privacy. Much of that is simply self-serving re-branding, but some of it, as I described last week, are genuine improvements in the technological means of protecting user privacy, such as the encryption products now being offered by Apple and Google, motivated by the belief that, post-Snowden, parading around as privacy protectors is necessary to stay competitive.
The U.S. and UK surveillance agencies are genuinely petrified of encryption, because, although not perfect, it presents a serious impediment to their ability to spy on the internet. But these governments have a problem: they function in what is effectively an oligarchy, which means that tech giants like Google – which fund and thus control political officials – are far too rich and powerful to be meaningfully controlled. Even in the 1990s, the tech sector was able to prevent the Clinton administration – exploiting the Oklahoma City bombing – from enacting legislation to require backdoors into all encryption. These companies are vastly more powerful now, and there is almost no prospect that meaningful legislation could be enacted to limit their product choices.
Instead, the U.S. and UK Governments are trying to pressure these companies to do what they had been doing – limitlessly cooperating with the Surveillance State – through a PR pressure campaign. Right now, in a post-Snowden world, the PR incentive framework for these companies pushes them to demonstrate a commitment to privacy. As Sir Malcom’s report noted:
Encryption is also becoming a market differentiator, particularly after the NSA leaks, as individuals have become more concerned about the privacy of their communications. MI5: “one of the effects of the Snowden disclosures has been to accelerate the use of default encryption by the internet companies.”
That is the incentive formula the National Security State is desperate to change. And the strategy for doing so is to depict these companies as Friends of the Terrorists, endangering public safety, every time they refuse dictates to help spy.
FBI Director James Comey in September said at a Press Conference about ISIS: “What concerns me about this is companies marketing something expressly to allow people to hold themselves beyond the law,” while the New York Times printed this: “‘Terrorists will figure this out,’ along with savvy criminals and paranoid dictators, one senior official predicted.” True to form, British security officials were even more unhinged, as the newly appointed GCHQ chief accused social media companies of becoming the “command-and-control networks of choice for terrorists and criminals.”
Just yesterday, Lord West, “a former admiral who served as UK security minister until 2010″ said that Snowden revelations have killed people due to increased encryption use: “Since the revelations of the traitor Snowden, terrorist groups, in particular Isil (Islamic State), have changed their methods of communications and shifted to other ways of talking to each other. Consequently there are people dying who actually would now be alive.” Meanwhile, former NYPD Commissioner Raymond Kelly called the Snowden disclosures “the worst leak” because “we see major corporations having difficulty doing business outside the US and, as a result, putting impenetrable encryption in their products which ultimately hurts the whole law enforcement effort.”
The plan, quite obviously, is to make it untenable for these companies ever to offer privacy protections or market encryption products by demonizing them as Allies of the Terrorists when they do. Just behold the blatant fear-mongering near the end of Sir Malcolm’s report:
The irony here is obvious, as even post-Snowden, these tech companies – despite their newly minted PR campaign – continue to play a vital, cooperative role in the Surveillance State. Sir Malcolm’s report itself recognizes that “the companies we contacted all confirmed that, if UK authorities requested information in an emergency situation, they would provide that information.” And Google, Facebook, Yahoo, Microsoft and the like continue to be in bed with the U.S. and UK National Security State in all sorts of untoward ways. It’s stunning that anyone could maintain a straight face while depicting Facebook, of all companies, as some sort of excessive privacy guardian. As the Guardian‘s Travis noted, “Facebook even has a team in Dublin handling standard British requests and another dedicated team in California dealing with emergencies.”
Still, even the smallest gestures of defiance, symbolic protection of user privacy, and minimal responsiveness to user demand, cannot be tolerated by “Collect it All” snooping agencies. And thus every “terror” attack, no matter how limited in scope, is instantly seized upon to manipulate public emotions into acquiescing to more surveillance powers, while the message is simultaneously sent that anyone who resists the Surveillance State is a friend and ally of terrorists, pedophiles, and all other sorts of menacing criminals. That is the campaign which Sir Malcolm’s odious little report was clearly designed to advance.
Photo by Peter Macdiarmid/Getty Images
Correction: This article originally and erroneously referred to the knighted Chairman of the Parliamentary Committee as “Sir Rifkind” rather than his proper medieval title: “Sir Malcolm.” The Intercept sincerely apologizes for this gauche breach of aristocratic protocol.