The big Silicon Valley tech companies like Google, Apple and Facebook have an obligation to protect their users’ privacy and security – that much most of us can agree on.
But what moral and legal obligations do they have to help stop criminals and terrorists from using their technology?
As the bad guys “go dark” through use of encryption, and coordinate operations and spread propaganda via social media, tech companies are under increasing pressure to cooperate with governments in the fight against terrorism.
There are some things governments want from the Silicon Valley companies – such as encryption backdoors – that the tech companies seem entirely unwilling to concede.
The tech companies have also fought hard against some surveillance legislation.
A proposed bill in the UK known as the Investigatory Powers Bill, which would give police and intelligence agencies wide-ranging authority to hack devices and compel technology companies to turn over vast quantities of data, has come under fire from Apple CEO Tim Cook.
In a letter to parliament, Apple said it was concerned that the bill could force it to “weaken security for hundreds of millions of law-abiding customers,” in order to allow security services to eavesdrop on encrypted communications such as iMessage.
Facebook, Google, Microsoft, Twitter and Yahoo have also come out in strong opposition to the bill, which they indicated in comments submitted jointly to the bill’s oversight committee.
The US-based tech giants said the Investigatory Powers Bill could “undermine users’ trust” in the security of their products.
And the companies expressed concern that some language in the bill could be interpreted as an obligation to weaken encryption, despite assurance from Home Secretary Theresa May that the bill would not mandate any backdoors in encryption.
Encryption is “a fundamental security tool,” and the companies “reject any proposals” for encryption backdoors or compelled decryption of data, the tech companies’ letter said:
The companies believe that encryption is a fundamental security tool, important to the security of the digital economy as well as crucial to ensuring the safety of web users worldwide. We reject any proposals that would require companies to deliberately weaken the security of their products via backdoors, forced decryption, or any other means.
That is perhaps the strongest pro-encryption statement yet from those companies, all of which are members of a group called Reform Government Surveillance that came together in the wake of revelations of massive spying by the NSA in the US and GCHQ in the UK.
The tech companies are certainly wary of “extrajudicial” laws passed by foreign nations that might contradict US laws.
However, there is still room for cooperation between Silicon Valley and Washington, as evidenced by a closed-door meeting on Friday (8 January) between technology executives and US government figures.
One area where the US government thinks Silicon Valley might help in the fight against terrorism is in detecting “radicalization” of users on social media, and countering terrorist propaganda.
During Friday’s meeting, Facebook COO Sheryl Sandberg explained how Facebook allows users to flag people posting suicidal thoughts; government officials wondered if the same kind of system could be used to flag terrorist content and users who appear to be radicalizing, The Guardian reported.
Facebook has previously opposed passage of any laws requiring it to report “terrorist activity” on social networks.
Of course, the US government monitoring of speech on social media raises a lot of First Amendment issues, as White House spokesman Josh Earnest acknowledged at a press conference on Friday, but if the social media companies were to do it for the government … would that be OK?
If this recent meeting is a step towards an agreement over counterterrorism between Silicon Valley and the US government, let’s hope there is transparency about what that cooperation might look like, and what it means for everyone’s privacy and security.