NAT SEC

Scanning Social Media Could Stop The Next Terror Attack

Sifting through millions of Facebook and Twitter accounts would be a daunting, expensive task. But U.S. lawmakers are desperate to try

Dec 14, 2015 at 5:27 PM ET

U.S. lawmakers pushing for increased monitoring and surveillance of social media accounts as a way to combat possible terror threats may not realize the mountains of data—including encrypted messages—that would need to be analyzed.

Mounting fears in the wake of the terror attack in San Bernardino prompted senior members of Congress last week to re-introduce a bill that would require companies like Facebook and Twitter to report so-called “terrorist activity” online, setting the stage for a potential showdown between Silicon Valley and Washington.

On Monday, ABC News reported that the Obama administration had kept a little-known policy that prohibits immigration officials from reviewing social media posts of foreigners applying for U.S. visas. The revelation was met with a torrent of criticism because one of the San Bernardino shooters, Tashfeen Malik, had talked openly on social media about waging ‘jihad’ prior to applying for a U.S. visa. The posts went undetected and she was able to enter the country. 

More How The Feds Could Force Facebook, Twitter To Spy On Their Users

The prospect of turning to millions upon millions of social media accounts in search of terror threats is rekindling the debate about how the U.S. can balance its dual concerns about privacy and national security. But it also underscores the daunting task as well as the limitations that the government and private companies may face should they even try. Here are three reasons why.

Information Overload
Privacy concerns aside, there’s a practical reason  why immigration officials and social media companies don’t regularly vet online content for terror threats: sheer volume. Facebook users worldwide share nearly 5 billion pieces of content a day. Users on Twitter post nearly 6,000 tweets per second. And U.S. officials review more than 10 million visa applications a year. “Even a cursory look at the social media accounts belonging to the millions of visa applicants would bring the entire system to a halt,” wrote the Soufan Group, a security consulting firm on Monday. “Accessing, reading, translating, and assessing specific social media postings is an enormous undertaking.” 

Parsing Credible Threats
Those skeptical of heightened social media monitoring also warn that determining credible threats online is no easy task. It’s one thing for a Facebook user to show explicit support for a terror group or make repeated calls for violence like Malik did. But accurately assessing posts that are less explicit could prove to be a far greater challenge.  “Social media companies aren’t qualified to judge which posts amount to ‘terrorist activity,’ and they shouldn’t be forced against their will to create a Facebook Bureau of Investigations to police their users’ speech,” said Ron Wyden, a U.S. senator from Oregon. 

Remaining Undetected
Efforts to detect terror threats online are further complicated by the relative ease with which someone can hide them. It would not be hard for a would-be jihadist to scrub his or her social media profiles before applying for a U.S. visa, or to delete them entirely. Another way to avoid scrutiny, as Malik demonstrated, is to operate online under a pseudonym. Moving away from social media and toward encrypted devices is a scenario that’s increasingly worrisome to some law enforcement officials, including the director FBI. As the Soufan Group indicated: “Not all terrorists flout their intentions online.”