In the wake of last week's deadly terrorist attack in San Bernardino, California, two powerful United States senators have introduced legislation that would require Internet companies to report "online terrorist activity" to law enforcement.
The bill, "Requiring Reporting of Online Terrorist Activity Act," is sponsored by Senators Dianne Feinstein, D-California, and Richard Burr, R-North Carolina, the vice chairwoman and chair of the Senate Intelligence Committee. Feinstein and Burr said their bill was identical to the law that makes it a legal obligation for Internet companies to report instances of online child pornography to law enforcement. Their new bill would force Internet companies to report to law enforcement any instance in which they learned about the planning of an attack, the recruitment of individuals into a terrorist organization or the distribution of terrorist material.
According to the text of the three-page bill:
Whoever, while engaged in providing an electronic communication service or a remote computing service to the public through a facility or means of interstate or foreign commerce, obtains actual knowledge of any terrorist activity … shall, as soon as reasonably possible, provide to the appropriate authorities the facts or circumstances of the alleged terrorist activities.
But critics of the bill say it would turn Internet companies into de facto government watchdogs, encroach upon constitutionally-protected speech and would actually hinder law enforcement from identifying genuine terrorist threats.
"This proposal creates a vague and unworkable standard for reporting and a massive new liability regime that could chill free speech and innovation online, without any appreciable national security benefits," said Michael Beckerman, the president and chief executive of The Internet Association, an industry group whose members include Facebook, Twitter and LinkedIn. "The legislation incentivizes Internet platforms to over report, even poor quality information, to authorities, making it more difficult to find credible threats."
The proposal had initially been inserted into an annual intelligence authorization bill during a secret, closed door committee process last summer. But Democratic Senator Ron Wyden placed a hold on the legislation over objections to the terrorist activity reporting provision, which was later removed so the spending bill could pass. What's in the Feinstein-Burr bill is identical to the provision.
Wyden, a member of the Intelligence Committee, said he remains opposed to the proposal. The bill contained overly broad and vague language that did not clearly define what constitutes online terrorist activity, he said, and did not say what penalties an Internet company would face to if they failed to report such activity.
"I'm opposed to [Feinstein-Burr] proposal because I believe it will … lead to less reporting of terrorist activity, not more," he said in a statement, in which he added the emphasis. "It would create a perverse incentive for companies to avoid looking for terrorist content on their own networks, because if they saw something and failed to report it they would be breaking the law, but if they stuck their heads in the sand and avoided looking for terrorist content they would be absolved of responsibility."
Marin Reardon, a former FBI counterterrorism agent who headed the bureau's 24/7 Terrorist Screening Operations Center, noted that "being radicalized is not a crime."
"You can't be prosecuted for that," Reardon, vice president of the New York City-based security intelligence firm The Soufan Group, told VICE News. "You're prosecuted once you get to the point where you are planning an attack or you've been radicalized and now you are making overt or covert plans to travel to Syria to fight with ISIS or to travel to Yemen to fight with AQAP [Al Qaeda in the Arabian Peninsula]. That's the overt act," he said. "Spewing hate in a chat room is protected by the First Amendment."
With reports that one of the shooters, Tashfeen Malik, had posted a message to Facebook immediately after the massacre, which claimed the lives of 14 people and wounded 21 others, pledging allegiance to the self-proclaimed leader of the Islamic State, Feinstein and Burr said it's time for tech companies to step up and help identify potential terrorist plots. In a joint statement, both lawmakers cited Malik's Facebook post.
"We're in a new age where terrorist groups like ISIL are using social media to reinvent how they recruit and plot attacks," Senator Feinstein said, referring to one of the acronyms to describe the Islamic State. "That information can be the key to identifying and stopping terrorist recruitment or a terrorist attack, but we need help from technology companies."
In the case of Malik and her husband, Syed Rizwan Farook, identified as the second shooter in last week's terrorist attack, the reporting requirement would not have prevented the terrorist attack since Malik is said to have posted the Facebook message, which was swiftly removed by the social media company, after the shooting took place and subsequently turned over to the FBI. The bureau said the shooters had been discussing attack plans online for at least two years. In what forum, however, is still unknown.
A spokesperson for Facebook did not respond to VICE News' queries for comment about the new bill.
In an Oval Office address to the nation Sunday night in which he discussed the San Bernardino shooting and terrorist threats, President Barack Obama said tech companies must do more.
"I will urge high-tech and law enforcement leaders to make it harder for terrorists to use technology to escape from justice," he said.
Burr agreed. "Terror groups have become adept at taking advantage of social media platforms to spread their message," he said. "Social media is one part of a large puzzle that law enforcement and intelligence officials must piece together to prevent future attacks."
Feinstein said the bill would not require Internet companies to "take any additional actions to discover terrorist activity, it merely requires them to report such activity to law enforcement when they come across it."
"Congress needs to do everything we can to help intelligence and law enforcement agencies identify and prevent terrorist attacks, and this bill is a step in the right direction," she said.
Beckerman, The Internet Association president, said Feinstein was wrong. In a letter he sent to Senate Majority and Minority leaders Mitch McConnell and Harry Reid last August, when the provision was still part of the intelligence authorization bill, Beckerman said it "creates a dangerously broad and vague reporting requirement that would subject millions of innocent users to unreasonable government surveillance."
Emma Llanso, the director of the Free Expression Project at the Center for Democracy and Technology, said it was even worse than that.
"Turning all communications intermediaries, who are today's stewards of our electronic papers and effects, into informants for the government flies in the face of Fourth Amendment protections," she wrote in a harshly critical analysis of the provision last July. "And the knowledge that US-based internet companies have been co-opted in this way by the US government will chill the protected expression of ideas and opinions for millions of Americans, while driving all internet users to use online services that have no connection to US jurisdiction."
Nu Wexler, a public policy spokesman for Twitter, told VICE News that the social media platform — how the Islamic State disseminates its messages and recruits followers — would not comment about the Feinstein-Burr proposal.
However, Wexler offered a more general statement, noting, "Violent threats and the promotion of terrorism deserve no place on Twitter and our rules make that clear."
"We have teams around the world actively investigating reports of rule violations, and they work with law enforcement entities when appropriate," Wexler said.
Additionally, Wexler said Twitter's policies, which are consistent with other tech companies, stated "users may not make threats of violence or promote violence, including threatening or promoting terrorism."
Indeed, in the case of Junaid Hussein, a hacker for the Islamic State who radicalized individuals using social media and tried to get them to attacks the US, Twitter shut down various handles he used to disseminate messages to his followers.
According to a study by the Brookings Institution, there were about 46,000 Twitter accounts associated with the Islamic State between October and November 2014 and Twitter suspended thousands.
In testimony before Congress last summer, FBI Director James Comey said social media companies did a "pretty good about telling us what they see."
Follow Jason Leopold on Twitter: @JasonLeopold