New legislation is taking aim at the use of social media networks for terrorist activity.
In the wake of recent attacks in Europe and the United States and a new focus on how the Internet is being used to coordinate among radical groups, lawmakers have introduced a bill to require the reporting of terrorist activities.
The Requiring Reporting of Online Terrorist Activity Act, introduced Tuesday, Dec. 8, by Sen. Dianne Feinstein (D- Calif.) and Sen. Richard Burr (R-N.C.), would effectively require technology companies to notify law enforcement agencies of suspicious activity should they become aware of it.
“We’re in a new age where terrorist groups like [Islamic State of Iraq and the Levant] are using social media to reinvent how they recruit and plot attacks,” Feinstein said in a press release. “That information can be the key to identifying and stopping terrorist recruitment or a terrorist attack, but we need help from technology companies. This bill doesn’t require companies to take any additional actions to discover terrorist activity, it merely requires them to report such activity to law enforcement when they come across it. Congress needs to do everything we can to help intelligence and law enforcement agencies identify and prevent terrorist attacks, and this bill is a step in the right direction.”
As with much of the debate over what technology companies should be required to do to aide law enforcement, the industry has remained largely apprehensive about any legislation they feel could compromise customer privacy rights or add legal requirements.
Federal agencies and policy makers have been forward about their desire to gain “front door” access to social media platforms – especially those featuring end to end encryption – but industry has maintained a guarded stance.
In July FBI Director James Comey outlined the challenges facing the counter terrorism and intelligence community during testimony before the Senate Committee on Intelligence. Comey said end-to-end encryption is unbreakable for the FBI.
The Software and Information Industry Association (SIIA), a trade group representing software and digital content industries, said in a release that the legislation could hamper ongoing cooperative efforts between the government and private industry.
“The desire to do something, particularly in the wake of recent attacks, should not lead Congress to put more innocent people under government surveillance, without any evidence it would make us safer," said SIIA Senior VP for Public Policy Mark MacCarthy. "The private sector is already working closely with law enforcement to keep Americans safe, but that goal could actually be undermined by mandatory private sector reporting requirements.”
He went on to say the companies represented by SIIA maintain evolving policies to prevent terror groups from using their platforms, and are “diligent in disclosing relevant information to law enforcement.”
“This approach is far more effective than a broad government mandate," MacCarthy added, "because it gives each company the flexibility to craft the most effective policy, ensuring that it works best for its users and for the public and can adapt to different types of speech or conduct."
The group argued that the bill's language is too vague and would require companies to simply hand over information without following established legal processes.
While MacCarthy wrote in a SIIA blog that the concerns centered on terror groups and social media are legitimate, he also wrote that companies like Facebook and Twitter have already taken steps to combat the use of their platform by bad actors.