Last week’s terrorist attack in London shook British government nerves.
Not so much for what occurred – fortunately, only four innocents were killed – but for what might have happened.
Because just prior to his attack, the perpetrator, Khalid Masood, sent an encrypted message via the cell phone app, WhatsApp. The British government wants to know what he said, but encryption prevents that. Still, it worries authorities that if Masood used WhatsApp to encrypt his message, other terrorists – perhaps a larger group – might also operationalize a far bloodier attack.
So this week, the British government minister for counter-terrorism, Amber Rudd, will meet with major social media and messaging companies. Facebook, WhatsApp, Google, and Twitter are likely to have front row seats. Rudd will demand that these companies provide a so-called “backdoor” into their software to allow investigators to stop terrorists.
It will be a very tough sell.
For a start, these American companies view their user privacy as the paramount value of their intellectual property. If they provide a backdoor to governments, even under warrants from courts, their users may simply choose another competitor. This profit incentive is one that will be very hard to dislodge.
More problematic, at least for the U.K., is the fact that many British surveillance warrants are authorized by the Home Secretary (Rudd) rather than a judge. American companies are averse to this deference of legal authority to the executive. Again, the appearance of subjugation to the executive, especially in the era of Trump, is one to which many social media companies are resistant.
Another problem for Rudd is the fact that British hate-speech and terrorism laws are different than those in America. Violent speech is illegal in the United States only if it is intended to and likely to cause imminent unlawful violence. In the U.K., however, even possession of terrorist materials (such as al Qaeda handbooks etc.) is unlawful. Rudd’s problem is that Google and others do not restrict such material for reasons of free speech. Removing those websites from U.K. access would be a time consuming and expensive task.
Even then, what happens if they miss something? What happens if a terrorist is found to have read a guide, perhaps via Google, and then commits an attack? Would the U.K. government then prosecute Google?
This is now on the cards. As a panel of British journalists outlined on Sunday, there is a constituency for tougher action against social media companies. Facing that real concern, U.S. companies may simply tell Rudd, “Okay, we’re stopping U.K. operations due to the liability issue.”
That speaks to the U.S. companies’ distinct advantage. They know Britons are unlikely to react sympathetically to their government if it takes a hardline. Twitter and Facebook, for example, have many dedicated British users. As a democratic government, Britain cannot afford to alienate its population. The U.S. companies are banking on this.
Nevertheless, the British government does have an incentive to keep trying. As I’ve explained before, if government authorities fail to provide a means to decrypt encrypted data, they leave themselves open to huge criticism in the aftermath of the next attack.
Correspondingly, I assume that what will happen here is that a U.S. federal judge will ultimately authorize the intelligence community to find a way to crack encrypted apps. At that point, they will share that information with the U.K. while preserving software firms in their pretense of data-inviolability. It will be a muddy solution, and an imperfect one. But it is necessary.
Regardless, we’re witnessing a key moment in the governance of social media.
Tom Rogan (@TomRtweets) is a contributor to the Washington Examiner’s Beltway Confidential blog. He is a foreign policy columnist for National Review, a domestic policy columnist for Opportunity Lives, a former panelist on The McLaughlin Group and a senior fellow at the Steamboat Institute.
If you would like to write an op-ed for the Washington Examiner, please read our guidelines on submissions here.
