from the ineffective-noise dept
Victims of terrorist attacks are busy suing Facebook, Twitter, and YouTube for supposedly providing material support for terrorism by not shutting down ISIS-related accounts fast enough. Twitter has gathered more negative attention than most, thanks to its inconsistent application of the "Twitter Rules." Not only has it fielded lots of complaints from so-called "alt-right" figureheads, but non alt-righter Senator John McCain tends to use the service as a national security punching bag during periodic
bitchfests hearings on phone encryption.
End-to-end encryption is also the bane of several governments' existence, but even all this concern about unintercepted criminal communications has yet to tip the scale towards mandated backdoors. Instead, pressure is being applied in other ways. Twitter recently killed off a few hundred thousand terrorist-linked accounts, so those looking for a new terrorist support network d/b/a a social media service have begun sniping at secure messaging service Telegram.
Telegram has been the recipient of periodic signup surges, thanks to government action around the globe. WhatsApp, which recently added end-to-end encryption, has been routinely blocked by a handful of national governments, with Brazil denying access to its citizens most frequently. Every time WhatsApp is blocked, other encrypted messaging services see their user bases grow.
The same will happen with alternatives to Telegram, which is now being labeled as ISIS's favorite chat app. The recent addition of a desktop version means encrypted communications aren't limited to terrorists with cellphones. That's apparently problematic, at least according to a few US legislators.
Just three days before the assault on the Berlin Christmas market, senior members of the House Foreign Affairs Committee urged Durov to immediately take steps to block content from the Islamic State, warning that terrorists were using the platform not only to spread propaganda but also to coordinate actual attacks.
“No private company should allow its services to be used to promote terrorism and plan out attacks that spill innocent blood,” stated the letter, signed by Rep. Ted Poe (R-Tex.), the chairman of the panel’s subcommittee on terrorism and nonproliferation, and Rep. Brad Sherman (Calif.), the ranking Democrat on the subcommittee on Asia and the Pacific.
There's a big difference between "allow" and "encourage," but Rep. Ted Poe seems to think those terms are synonymous. Pavel Durov, the ousted founder of Russia's Facebook, VKontakte, is the person behind Telegram, which recently added end-to-end encryption. Durov pushed back against what he felt were unlawful demands for information by the Russian government while helming VKontakte. He fled the country and now lives in "self-imposed exile," stating that living in Russia is "incompatible" with running an internet-based communications platform.
So it's unsurprising his next project has focused on secure messaging with social media trappings. One of the few effective tools against government interference is "invisible" communications, which is why dissidents, journalists, and activists embrace encrypted communications platforms. (Politicians use it too, because they love obliterating FOIA-able paper trails.) Obviously, this also works out well for criminals and terrorists, who are no more fans of government interference than those with more altruistic aims.
The Washington Post article is largely based on a report by the Middle East Media Research Institute (MEMRI), which actively monitors Telegram for ISIS activity. MEMRI has observed a large number of terrorist communications on the platform and says terrorists are migrating there from Twitter in large numbers. This is to be expected considering recent efforts by Twitter to purge more of these accounts.
However, the report -- while pointing at the encryption and secret, invitation-only chat rooms provided by Telegram -- also highlights the fact (inadvertently, perhaps) that terrorists aren't nearly as security-focused as their new love for Telegram would suggest. Its post summarizing the report notes that terrorists are also using Tumblr blogs for communications and uploading content to the Internet Archive. (This might explain some of the NSLs the Internet Archive's been receiving...) So, terrorists haven't "gone dark," at least not completely, and there are still open communications that can be scooped up and other metadata generated during Telegram use that might be instructive.Also, the Washington Post's coverage appears to buy into the silly moral panic here, using ridiculous terms like "military grade encryption," which proves that whoever wrote the article doesn't know what they're talking about.
The problem with holding Telegram up as a villain is that efforts to kill or throttle the service are also going to harm thousands or millions of innocent people who are trying to keep their own oppressive governments from intercepting their communications. As Durov himself pointed out last year, any communications system like his is going to be used by bad guys as well. That's just the nature of any communications platform.
It's unclear at this point if US legislators are actually going after Telegram. At this point, they can't do much more than sign letters and release statements of disapproval. Telegram isn't an American company. If the US government decides US-based companies aren't doing enough to fight terrorism, any pressure applied to those platforms that results in greater censorship or increased demands for user data will simply push users to services that haven't been tampered with yet. This generally means communications sought by law enforcement will now be even further out of reach, controlled by providers located outside US borders.
The same goes for terrorists and criminals. No one's going to sit around and wait to get swept up. Getting into a panic about an encrypted chat app does little more than advertise its effectiveness and send more users its way. And once it becomes a favorite target of governments, users will migrate to other platforms, starting the whole cycle over again.