Since Oct. 10, the Islamic State and its sympathizers around the world have killed at least 525 people in six countries outside of their self-proclaimed caliphate.
That figure includes the 14 innocent people slaughtered at a holiday gathering in San Bernardino, Calif., by a couple whose radicalization went undetected by U.S. authorities. While President Obama did his best to reassure Americans that the Islamic State will ultimately be defeated, the California, Paris and Beirut tragedies clearly point to an enemy that is complex, resourceful and has mastered the digital tools necessary to market a medieval ideology around the world.
[Other perspectives: A key under the doormat isn’t safe. Neither is an encryption backdoor.]
Whatever consensus the administration and Congress reach in terms of prosecuting the fight against the Islamic State on the ground, our battle online — disabling the group’s ability to freely propagandize, recruit and plan attacks and disrupting the group’s online terror propaganda and the technology it uses to communicate — may be the most decisive.
The evidence of the power of the Internet to radicalize and encourage violence is clear: 30,000 people, an estimated 250 from the United States alone, have joined the group in Iraq and Syria from countries around the world since June 2014. The Counter Extremism Project has profiled 90 Americans who are now foreign fighters or supporters. They are a diverse group, but their one shared characteristic appears to be social media exposure. With more than 40,000 pro-Islamic State Twitter accounts sending at least 90,000 messages a day, and with the dissemination of hundreds of videos glorifying murder, rape and brutality, combating the weaponization of social media platforms by extremist groups has become one of the most pressing national security threats we face.
More than 15 months ago, the Counter Extremism Project (CEP) launched #CEPDigitalDisruption — an ongoing campaign and research effort that has exposed and begun to quantify the Islamic State’s weaponization of social media, particularly Twitter, where vulnerable individuals are first exposed to propaganda and radical content. A team of CEP researchers meticulously identifies and tracks extremists and their supporters tweeting in English, Arabic, Turkish, French, German and Italian. CEP has reported hundreds of instances of direct threats and incitement to violence, and although Twitter has modified its terms of service, it still does not proactively take down violent pro-Islamic State messages. Even when Twitter removes misused accounts, CEP and others report, they can return in minutes. An account that sent messages celebrating the San Bernardino attacks, for example, the pro-Islamic State group known as Asawitiri Media, has reappeared on Twitter 335 times and counting.
While Twitter can be the entry point into the dark world of violent extremism, other technologies, especially encrypted devices and applications, are playing an ever more significant role in helping terrorists evade detection while planning and carrying out attacks. According to intelligence officials, there is strong evidence that points to the use of encryption technology by the planners of the Paris massacre, which killed 130 people.
The FBI readily acknowledges the challenge posed by the encryption of communications by criminals and terrorists. A growing number of email providers, search engines and online commerce sites use encryption to protect against hackers. Tech giants Apple and Google can ensure that the only people who can read a message are the person who sent it and the person who received it. On encrypted devices, only the device owner has access to the data, and often the companies themselves lack a way to decode or decrypt the data even when served with search warrants or intercept orders by law enforcement.
To underscore the importance of encryption and the significant national security issues the technology poses, consider this: The Islamic State has built a whole division of commanders who issue tutorials to sympathizers about the most secure and least expensive ways of communicating. They even rank applications based on their level of security.
After months of deliberation, the Obama administration decided this year that it would not call for legislation that would require companies to decrypt messages for law enforcement. Instead, the administration will continue to try to persuade companies that have moved to encrypt their customers’ data to find compromises that can accommodate criminal or terrorism investigations.
The issue was clearly referenced by President Obama in his Oval Office address after the San Bernardino shooting: “And that’s why I will urge high-tech and law enforcement leaders to make it harder for terrorists to use technology to escape from justice.”
It is easy to understand why technology organizations are averse to being seen as government collaborators. But there is no doubt that the companies that have transformed the way everyday people communicate have also created tools that make terrorists more lethal, more difficult to detect and more capable of prying into neighborhoods around the world, in search of vulnerable individuals who they can transform into killers.
As, Americans, we have never shied away from robust discussions about balancing the rights of free speech, privacy and safety. It is one we must have about encryption, if we are to have a chance of preventing the next slaughter of innocent people.
Explore these other perspectives: