How To See Obama’s Challenge To Tech Differently
Did you catch this sentence in President Obama’s address from the Oval Office on Sunday?
“And that’s why I will urge high-tech and law enforcement leaders to make it harder for terrorists to use technology to escape from justice.”
The knee-jerk reaction is that Obama is potentially reversing his October decision not to seek legislation requiring companies to decode messages for law enforcement. The Atlantic even suggests that he “could ask Congress to propose legislation that would require tech companies to offer the government access to certain encrypted data, or implement a national encryption policy through an executive action.”
That’s unnerving, to say the least. But then the president said this:
“But the fact is that our intelligence and law enforcement agencies — no matter how effective they are — cannot identify every would-be mass shooter, whether that individual is motivated by ISIL or some other hateful ideology.”
In short: intelligence and law enforcement agencies are suffering from Too. Much. Information.
TMI Trumps Encryption
Turns out, TMI is a common thread in the coverage on the investigation of the Paris attacks. The Wall Street Journal reported that “French officials said they needed to better cooperate with allies while improving their capacity to process a welter of information.”
The Guardian points to François Heisbourg, a former member of a French presidential commission on defense and security, who said that it’s “less a failure of intelligence than the ability to follow through on the intelligence data.”
And Glyn Moody in Ars Technica hammers the point home by attributing the success of the Paris attacks to the fact that “the authorities had insufficient resources to follow up the knowledge that they had, and some important leads that they were given.”
The key phrase: insufficient resources.
Another way to see Obama’s statement about technology companies, then, is as a request to help solve the problem of TMI.
Technical expertise can help agencies connect the available dots. For example, as The Washington Post reported, three men linked to the Paris attacks “appeared on a list of 800 Belgians with suspected ties to terrorists groups.” According to The Guardian, various intelligence services had other bits of information:
- Salah Abdeslam, still at large as of this writing, had personal ties with ringleader Abdelhamid Abaaoud. He hired one of the cars used by the attackers, is the brother of one of the terrorists who blew himself up outside the Comptoir Voltaire cafe, and was stopped at the French-Belgian border a few hours after the attacks, questioned, and then released.
- An international arrest warrant for Sami Amimour, one of the gunman at the Bataclan, was issued after he broke his parole and traveled to Syria in 2013.
- French police have had an “S” file, denoting suspected radicalization, on Omar Ismaïl Mostefai, one of the Stade de France attackers, since 2010. And Turkish officials had warned French authorities of the threat posed by Mostefai in December 2014 and in June of this year.
Those dots, out in the open, weren’t connected until after the attacks, when there was an increase in resources to follow up, and then put them together.
Similar observations can be made about the San Bernardino shootings, from information posted to social media, to target practice at a gun range, to immigration applications and approval.
All of these dots got lost in the sea of information that is already collected. Technology companies need to hear Obama’s statement as an invitation to work together to leverage their knowledge and expertise to develop tools for law enforcement to better sift collected data.
The Real Opportunity For Tech Companies
Stop arguing over encryption, which we know is an important tool in the protection of privacy. The National Security Council has said that “the benefits to privacy, civil liberties and cybersecurity gained from encryption outweigh the broader risks” of weak encryption. Remember, too, how Apple CEO Tim Cook said that “you can’t have a back door that’s only for the good guys.”
Instead, focus on the real opportunity: developing tools to help intelligence agencies and law enforcement officials attack the key problem of TMI.
We know this expertise exists. Sifting TMI for actionable information is a business necessity for companies like Google, Facebook, IBM, and many others. Let’s leverage such expertise in the fight against terror.
We may not be able to prevent every attack, but collectively, we can do a better job of identifying connections that can help prevent more attacks.
The key is to leverage technical know-how and business expertise to help intelligence agencies and law enforcement develop better tools for sifting collected data.