Sen. Dianne Feinstein, D-Calif., on Tuesday reintroduced a bill that would require technology companies to alert law enforcement of certain activities that might be related to terrorist threats.
Cosponsored by Sen. Richard Burr, R-N.C., the Requiring Reporting of Online Terrorist Activity Act would mandate that technology companies notify authorities of communications regarding attack planning, recruitment, or distribution of information relating to explosives if they should become aware of that activity. The bill would not require active monitoring or force them to actively search for such activity.
Feinstein earlier this year failed to attach a similar bill to the Senate Intelligence Authorization Act. However, because the current version is modeled on existing legislation that requires the reporting of online child pornography, it might have a better chance of success.
The Child Porn Connection
Terrorist organizations like ISIL are using social media to reinvent how they recruit and plot attacks, Feinstein said, and the government needs help from technology companies to thwart them.
“This bill doesn’t require companies to take any additional actions to discover terrorist activity,” Feinstein emphasized. “It merely requires them to report such activity to law enforcement when they come across it. Congress needs to do everything we can to help intelligence and law enforcement agencies identify and prevent terrorist attacks, and this bill is a step in the right direction.”
The act is not limited to social media companies; it applies to any operation that provides an “electronic communication service or remote computing service” to the public. That arguably could include libraries, cafes and other places that provide technology services.
The current bill is the same as the one that was approved by the Senate Intelligence Committee in June, which was removed in order to secure passage of the more comprehensive Senate Intelligence Authorization Act.
Sen. Ron Wyden, D-Ore., one of the earlier bill’s chief critics, on Tuesday tweeted that he would oppose the reintroduced version, because it would make technology companies reluctant to cooperate.
“I’m opposed to this proposal because I believe it will undermine that collaboration and lead to less reporting of terrorist activity, not more,” he said.
FBI Director James Comey earlier this year testified that social media companies were “pretty good at telling us what they see,” Wyden noted.
Feinstein reintroduced the bill following last week’s mass shooting in San Bernardino. Tashfeen Malik, one of the suspects, reportedly posted her allegiance to ISIS on her Facebook page before the attack.
Facebook deleted the posts, as per policy, according to Feinstein’s office.
In another case, British citizen Junaid Hussein, a recruiter and hacker for ISIS, contacted several individuals in the U.S. and UK through multiple Twitter accounts, inciting several attempted attacks prior to his death in a U.S. drone strike earlier this year.
An official familiar with Google’s policy, who requested anonymity, said the company was on board with a strong effort to combat terrorism, but said “we aren’t confident this is the best approach,” as the term ‘terrorist activity” in the legislation is overly broad.
Twitter did not address the Feinstein legislation directly but did confirm that it has teams around the world actively investigating reports of rule violations, and noting that it works with law enforcement entities around the world when appropriate.
Tech, Privacy Advocates Not Having It
The proposed bill will do more harm than good to the privacy rights of ordinary citizens engaged in political speech, according to privacy advocates, who have argued that it would put tech companies in an uncomfortable position and open the process to government abuse.
“This proposal is identical to the one last summer that was roundly criticized by tech companies, Internet advocates and politicians alike before it died a natural death,” said Michael McCloud Ball, chief of staff at the ACLU’s Washington office.
The bill is so vaguely worded that “innocent social media users” would feel the most impact after being “swept up in an overzealous attempt to comply” with the mandate, he told the E-Commerce Times.
The policy would lead some companies to be overzealous, while others would stick their heads in the sand, warned Emma Llans, director of the Free Expression Project at the Center for Democracy & Technology.
“Some would decide to significantly over-report their customers’ information and private communications to the U.S. government to ensure that the company stays on the right side of the law,” she reasoned. “Others would refuse to review any content that was flagged to them, for fear that doing so would mean they obtain the ‘actual knowledge of any terrorist activity’ that triggers the reporting obligation.”