Report On UK Terrorist Murder: MI5 Absolved, Facebook Guilty

from the how-convenient dept

We’ve just written about new counter-terrorism measures announced by the UK Home Secretary. In her speech, she concluded with this clear statement of future intentions if the Conservatives win a majority in the UK’s General Election next year:

I must emphasise that these [new surveillance] powers are limited and they do not mandate the retention of and access to data that would in all cases identify a suspect who has, for example, been accessing servers hosting illegal content. The progress in this Bill is welcome — but we will still need to return to the Communications Data Bill in the next Parliament.

Of course, that would mean finding some way to win support for an intrusive Communications Data Bill, which provoked such a strong reaction the last time it was discussed. So it’s interesting coincidence that the day after that place-marker by the Home Secretary, a new report (pdf, and embedded below) has been published on a particularly brutal terrorist attack that took place on the streets of London last year. The report comes from the UK’s Intelligence and Security Committee (ISC), which was roundly condemned by a Parliamentary committee earlier this year for being out of touch and ineffectual. It was asked to examine what lessons could be learned from the failure to stop the attack, given that both the two men convicted of murdering the British soldier Fusilier Rigby were known to the UK intelligence service. Here’s a summary of the findings from the press release (pdf):

The two men appeared, between them, in seven different Agency investigations — for the most part as low-level Subjects of Interest. There were errors in these operations, where processes were not followed, decisions not recorded, or delays encountered. However we do not consider that any of these errors, taken individually, were significant enough to have made a difference.

We have also considered whether, taken together, these errors may have affected the outcome. We have concluded that, given what the Agencies knew at the time, they were not in a position to prevent the murder of Fusilier Rigby.

That is, despite tracking the two men responsible for the attack several times in earlier investigations, and despite making errors, the Agency — MI5 — is absolved of responsibility for what happened. But of course, for such a heinous crime — the soldier was hacked to death on a public street in broad daylight — a guilty party must be found. Here’s what the ISC came up with:

The one issue which we have learned of which, in our view, could have been decisive only came to light after the attack. This was an online exchange in December 2012 between Adebowale and an extremist overseas, in which Adebowale expressed his intent to murder a soldier in the most graphic and emotive manner. This was highly significant. Had MI5 had access to this exchange at the time, Adebowale would have become a top priority. There is then a significant possibility that MI5 would have been able to prevent the attack.

According to the Guardian, that online exchange took place on Facebook. The ISC it goes on:

We have examined whether the Agencies could have discovered this intelligence before the attack, had they had cause to do so: it is highly unlikely. What is clear is that the one party which could have made a difference was the company on whose system the exchange took place. However, this company does not regard themselves as under any obligation to ensure that they identify such threats, or to report them to the authorities. We find this unacceptable: however unintentionally, they are providing a safe haven for terrorists.

That “safe haven for terrorists” is, of course, precisely the rhetoric used by other senior intelligence officers, in what looks increasingly like a co-ordinated attack on Internet companies and the encryption technologies that are increasingly being deployed. The ISC is quite clear what is needed — more surveillance:

Our Report considers the wider relationship between law enforcement authorities and Communications Service Providers. None of the major US companies we approached proactively monitor and review suspicious content on their systems, largely relying on users to notify them of offensive or suspicious content.

Well, that’s because they are communications companies: they provide ways to communicate, just like phone companies or the post system. There’s no more reason they should be monitoring every piece of content on their systems than telephone companies should monitor the content of calls, or post offices the content of letters. It’s not their job, and would in any case be an extraordinary invasion of privacy.

We also found that none of them regard themselves as compelled to comply with UK warrants obtained under the Regulation of Investigatory Powers Act 2000.

That’s probably because they are generally US companies, subject to US law. If the UK were to insist that they complied with UK warrants as if they were UK companies, it will have to be prepared for UK companies providing services abroad to be subject to Russian and Chinese legal demands too. Is that really what it wants? The Commission then goes on to make its drift quite clear:

We note that the Government has already started to take action on these issues, through the Data Retention and Investigatory Powers Act 2014 and the appointment of the Special Envoy on intelligence and law enforcement data sharing. However, the problem is acute: until it is resolved the British public are exposed to a higher level of threat.

That is, far from letting considerations of privacy temper some of the more extreme counter-terrorism measures brought in recently, the ISC is hinting that the UK government should abrogate even more British freedoms — purely to protect British freedoms, you understand.

That the ISC’s report into the attack turns out to be a whitewash is no surprise. Earlier this month, the UK’s leading human rights groups decided to boycott another inquiry that it would be conducting, since they had “lost all trust in the committee?s ability to uncover the truth.” And just before the ISC report was published, it was claimed that the committee had “failed to speak to witnesses who say the plot’s leader was repeatedly contacted by the security services before the attack”:

Those making the allegations say they raise concerns about MI5?s conduct and offer a possible explanation of what contributed to his transformation from extremist into terrorist murderer.

Adebolajo has said he was repeatedly pressed by the security services to turn informant for three years before he and Adebowale murdered Rigby.

Here’s what the report says on this potentially crucial matter:

In relation to the allegations that MI5 had been trying to recruit Adebolajo as an agent, MI5 has argued that it would be damaging to national security to comment on such allegations. All allegations concerning MI5?s recruitment of agents — whether true or not — fall under their ?Neither Confirm Nor Deny? (NCND) policy.

How convenient. But it’s not the only thing that’s convenient in this story. As the above indicates, the existence of messages between one of the killers and an extremist overseas allowed the report to absolve the UK’s security services, and blame Facebook. But where exactly did that message come from? According to the Guardian:

David Cameron revealed that the messages only came to light after the attack “as a result of a retrospective review by the company”. Sir Malcolm Rifkind, chair of the ISC. said the information was given to GCHQ “by a third party” on a confidential basis.

So who gave that information to GCHQ? The statement above makes it clear it wasn’t Facebook itself but a “third party”. Who else had access to such private messages? Someone at the company? Maybe, although that seems very unlikely given the company’s awareness of how big an issue this would be.

Another obvious candidate is the NSA. Snowden has told us that it accesses and stores vast quantities of messages as they flow across the Internet; given the nature of the conversation, and the keywords it contains, it seems quite likely that it was added to a database somewhere, “just in case”. Perhaps it was dug out at the request of GCHQ, which then passed it on to the company concerned — in order to land it in hot water, and get MI5 off the hook. Just another benefit of being part of the Five Eyes club.

Follow me @glynmoody on Twitter or, and +glynmoody on Google+

Filed Under: , , , , , ,
Companies: facebook

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Report On UK Terrorist Murder: MI5 Absolved, Facebook Guilty”

Subscribe: RSS Leave a comment
Anonymous Coward says:

even an idiot could see this decision for what it is, a complete stitch up of the internet so as to be able to introduce even wider programs of public surveillance. as is usual in the UK, it’s always far behind other nations that have tried the various choices and found them to be ineffectual. then along comes the UK that thinks because it’s doing it, the results will be different!
how the hell anyone can exonerate the whole caboodle of security forces and lay the blame fully at the feet of a social network company, God only knows! more than anything, this surely shows the direction the present government is going in the UK and it dont look good!!

Anonymous Coward says:

It should be evident to all these security outfits that this doesn’t work as they have missed time and again the real terrorists. The working example of insanity.

I would think that the rest of these countries are going to get fed up with it and then you are going to start seeing that instead of a handful of countries spying on what others are doing you will have 20 or 30. When it reaches that point there will be no winding back of the clock. The internet will for all intents and purposes be dead.

Anonymous Coward says:

“However, this company does not regard themselves as under any obligation to ensure that they identify such threats, or to report them to the authorities. We find this unacceptable . . .”

Apparently, it’s not enough for a private company to give the government access to the haystacks–they must affirmatively comb them for the needles first. Hell, why do you even need an intelligence agency when private citizens should be doing all the work for you.

Anonymous Coward says:

Re: Re:

It will not be private citizens doing the work, but rather automatic algorithms. These suffer badly from lacking any context, especially if understanding of a message requires the context of several previous messages between two or more people. This becomes even more important as people use the Internet to co-operate on project like creating film. If the president is visiting Effingham Illinois, and a message “Tomorrow we shoot the president” is picked up, is it a cause for panic, or just someone telling a film crew that they are going to be filming the President a steam boat.

DocGerbil100 (profile) says:


Ehh, no. If memory serves, one of the things surveillance departments everywhere like to routinely engage in is keyword searches for particular words and phrases considered more likely to be used by terrorists and their supporters.

This revealing conversation held by Rigby’s murderers did not happen in isolation, there would have been a great deal of chatter identifying them as persons of interest. They were undoubtedly already under observation by anti-terrorism departments in the UK and elsewhere. No suggestion to the contrary is remotely plausible.

That nothing was done to prevent the murder shows – to my mind – one of four likely possibilities:

• the authorities were unable to respond quickly enough to prevent the attack, perhaps because the murderers moved too quickly, or quicker than expected, once they’d decided to go ahead with their plan;

• the authorities responsible for monitoring did not share the information with the authorities responsible for acting, or someone on the decision-making path sucked his thumb and dithered too long, like a stupid child who can’t decide which ice cream he wants;

• the authorities chose to do nothing out of a misguided, Americanesque, bureaucratic-religious belief that doing anything to confirm anything to do with surveillance automagically causes giant terrorist atrocities;

• the authorities were tactically unwilling to respond, preferring to pretend that their monitoring is more limited than it actually is, in the hope of convincing stupid terrorists elsewhere that a bigger plan has a chance of success – effectively sacrificing a soldier so they can perhaps catch a slightly bigger fish later;

• the authorities decided sacrificing a soldier was justified in order to use his death as a basis for legislation that could see them acquire more power and wealth than they have at present.

In the first case, it’s sad, but it’s the way things go sometimes. There are enough people on the internet making baseless threats that arresting them all would be an impossible task – and one which would bring nothing but harm without leaving anyone the slightest bit safer.

I can’t blame the authorities if they genuinely didn’t have enough warning of something actually about to take place.

In the second and third cases, incompetence is all too plausible. Our government has always been full of petty fiefdoms run by interfering, cock-blocking imbeciles and I’m sure our intelligence-gathering infrastructure is no exception.

In the last two cases, empire-builders looking to profit at the expense of others are also all too common. The loss of a life represents no inconvenience at all in the face of such selfish and greedy people.

In any event, if the failure to act was deliberate, it’s a strong indictment of our surveillance community. They have been given deep-reaching powers of surveillance and action precisely so they can save lives.

If they chose to ignore that responsibility to make a profit – whether by way of a better catch or more laws in their favour – then the powers we’ve given them are a total loss to the rest of society: there will always be a bigger terrorist waiting in the wings, there will always be stronger laws that they don’t yet have.

I know almost nothing of Lee Rigby beyond media reports, but I’m sure he didn’t deserve to die – and certainly not so some half-arsed government bureaucrat can puff up his department like a stupid dog who can’t stop eating.

Lee Rigby and the people of Britain and the Armed Forces he served all deserve better than that.

Zonker says:

So in this post 9/11 world, the simple murder of a single person in uniform is a terrorist act, but the murders of many people because the colour of their skin makes people in uniform afraid for their lives is somehow not even a crime worthy of indictment. Makes me scared to go near a person in uniform now when I used to see them as paragons of justice, boy was I naive.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...