Balancing Privacy With Security

In the investigation following the San Bernardino killings where fourteen people were murdered and twenty-two were left injured, authorities learned that one of the killers, Tashfeen Malik, had revealed violent inclinations in her social media activities. Since 2012, Malik had shown allegiance with radical jihad. CBS News made clear that Malik expressed her support in Facebook communications, which were initiated even before her arrival in the United States. At the time of the massacre, there was also a Facebook post on her page expressing her support for ISIL. However, it is unclear whether this message was a red flag of the forthcoming assault.[1]

 

Many individuals have utilized social media as a method to recruit and gain support for terrorist activity. Terrence McNeil was charged with “soliciting the killings of U.S. service members over social media, including Tumblr, Facebook and Twitter.” Also, Junaid Hussein used social media to gain followers, trying to influence them to engage in terrorist acts against United States and United Kingdom. Twitter closed both of these individuals’ accounts and reported the activity to authorities.[2]

 

Legislation was introduced on December 15th which required social media companies to “report to law enforcement if they became aware of terrorist activity such as attack planning, recruiting or distribution of terrorist material.”[3] The social media companies would not have to implement any new programs or policies in response to this legislation but would rather have to report any suspicious activity to law enforcement if any such terrorist activity was discovered.[4]

 

This legislation raises concerns of whether these social media sites should be forced to respond to any potentially dangerous communications revealed on these sites and, if so, what that response should entail.

 

There are several issues regarding such a policy. If Facebook or Twitter was forced to engage in a screening and reporting process involving possibly violent activity, privacy interests may be violated. Additionally, users may feel wary of engaging on these platforms for fear that their conversations will be provided to the government and less user activity would result in decreased business.[5]

 

This then is the challenge; balancing the competing interests of security and privacy. Even Twitter which champions the rights of privacy recognizes these competing interests when a Twitter spokesperson made this clear by saying “‘violent threats and the promotion of terrorism deserve no place on Twitter and our rules make that clear. We have teams around the world actively investigating reports of rule violations, and they work with law-enforcement entities around the world when appropriate.’”[6]

 

Furthermore, there is an exorbitant amount of information that social media sites would have to weed through which even though potentially helpful to the government in addressing homeland security concerns appear unwieldy and an almost impossible undertaking. Possibly, a simple statement by the social media platforms themselves encouraging the users to report any dangerous activity or threatening posts would be the most efficient.

 

Democratic Senator Ron Wyden of Oregon said “he opposes the bill because ‘terrorist activity’ isn’t defined and companies may perversely avoid looking for content to avoid breaking the law if they fail to report something. ‘It would create a perverse incentive for companies to avoid looking for terrorist content on their own networks, because if they saw something and failed to report it they would be breaking the law, but if they stuck their heads in the sand and avoided looking for terrorist content they would be absolved of responsibility.’”[7]

 

David Gewirtz, a cyber warfare expert, stated that from a technical viewpoint, threatening information on social media sites could be identified even though there would be “false positives.” It is important to recognize that there is a distinction between a “high-vitriol comment” and a “legitimate threat.” Gewirtz also mentioned a possible approach is not to consider all the posts from users on a site but rather to look at certain groups of users that may be more likely to threaten national security such as recent immigrants.[8]

 

In the past, social media companies have expressed concern about this type of legislation for the fear that if a post or tweet is not identified as potentially dangerous then they would be liable for a failure to conduct an adequate search.[9]

 

Despite concerns over privacy and chilling free speech in this legislation, social media screening and reports may be the most effective way to combat potential threats. Tyler Cohen Wood, a cyber security advisor said, “sometimes, social media can be a better representation of who a person is than anything else.” Also, since posts and tweets are viewable by an individual’s expansive network of friends and followers any virulent comments may be more easily detectable to prevent a future attack.[10]

 

Laura Kaye is a second-year law student at the Benjamin N. Cardozo School of Law and a Staff Editor of the Cardozo Arts & Entertainment Law Journal. She is looking forward to a career in employment and privacy law.

 

 

[1] Brian Mastroianni, Could Policing social media help prevent terrorist attacks?, CBS News (Dec. 15, 2015, 6:00 AM), http://www.cbsnews.com/news/could-policing-social-media-prevent-terrorist-attacks/.

[2] Tami Abdollah, Proposed law would have social media companies report ‘terrorist activity’ to law enforcement, U.S.News, (Dec. 8, 2015, 6:57 PM), http://www.usnews.com/news/politics/articles/2015/12/08/lawmakers-want-social-media-companies-to-report-terrorists.

[3] Id.

[4] Mastroianni, supra note 1.

[5] Id.

[6] Damian Paletta, Congress Eyes Social-Media Companies as Terror Fears Mount, Wall St. J., (Dec. 9, 2015, 8:17AM), http://www.wsj.com/articles/congress-eyes-social-media-companies-as-terror-fears-mount-1449667043.

[7] Bill Would Require Social Media Companies to Report Terrorist Activity, NBC News, (Dec. 8, 2015, 6:27 PM), http://www.nbcnews.com/tech/security/bill-would-require-social-media-companies-report-terrorist-activity-n476591.

[8] Mastroianni, supra note 1.

[9] Id.

[10] Id.