» ISP News » 

UPD Commons Intelligence and Security Committee Blames ISPs for Murder

Tuesday, November 25th, 2014 (5:46 pm) - Score 580

It’s probably fair to say that most politicians can be a bit naïve when it comes to matters that require an understanding of ISPs and Internet communications. Sadly this also appears to be true of today’s report from the Commons Intelligence and Security Committee that effectively accused ISPs of failing to help stop the murder Fusilier Lee Rigby by not handing over key communications data.

The report covered a wide variety of areas as part of its investigation, yet by far one of the most interesting is the accusation that it levels towards ISPs and Internet content providers for failing to provide the content of a vital communication between the convicted murderer / terrorist Adebowale and an individual overseas (aka – FOXTROT).

It’s important not to selectively quote from this report as the context is paramount, thus we’ve pasted the key piece of text in full below and it’s well worth reading in its entirety.

Extract – Intelligence and Security Committee Report

Whilst our primary concern throughout the Inquiry was whether the Agencies acted appropriately given what they knew at the time, we have also considered material that has come to light after the attack. We have found only one issue which could have been decisive. This was the exchange – not seen until after the attack – between Adebowale and an individual overseas (FOXTROT) in December 2012. In this exchange, Adebowale told FOXTROT that he intended to murder a soldier. Had MI5 had access to this exchange, their investigation into Adebowale would have become a top priority. It is difficult to speculate on the outcome but there is a significant possibility that MI5 would then have been able to prevent the attack.

Given how significant this exchange could have proved, we have examined whether MI5 could have obtained access to it before the attack – had they had cause to do so (Adebowale was not under active investigation at the time the exchange took place). We consider it highly unlikely that the Agencies could have obtained it on their own. It would have required a particular chain of events: if GCHQ had issued the report linking an unknown individual (later identified as Adebowale) to another Subject of Interest (CHARLIE), or if MI5 had discovered Adebowale’s contact with another individual (ECHO), then MI5 might have sought to increase their intrusive coverage of Adebowale sooner. However, even then there may have been only a very slim chance that MI5 would have had sight of the FOXTROT exchange.

The party which could have made a difference was the company on whose platform the exchange took place. However, this company does not appear to regard itself as under any obligation to ensure that its systems identify such exchanges, or to take action or notify the authorities when its communications services appear to be used by terrorists. There is therefore a risk that, however unintentionally, it provides a safe haven for terrorists to communicate within.

Naturally today’s newspapers were full of similar regurgitated comments and quotes, such as this piece in The Guardian and another on Sky News, with almost none of the reports even bothering to consider the wider ramifications of what has been said. Incidentally the communications provider was apparently Facebook, although the post-report criticism appears to be focused on the whole industry from access to content providers.

Meanwhile certain politicians, such as the Prime Minister (David Cameron), were also quick to use the report as a tool to support their on-going calls for greater powers in order to snoop on everybody’s Internet communications, which somewhat overlooks the key failings of the MI5 and wider security services that are also expressed by the report.

PM David Cameron said:

In December 2012, 5 months before the attack, Michael Adebowale had a crucial online exchange in which he wrote about his desire to kill a soldier. But the automated systems in the internet company concerned did not identify this exchange. And further, when they automatically shut down other accounts used by Michael Adebowale on the grounds of terrorism there was no mechanism to notify the authorities.

So this information only came to light several weeks after the attack as a result of a retrospective review by the company. The Committee conclude that “this is the single issue which – had it been known at the time – might have enabled MI5 to prevent the attack.”

We are already having detailed discussions with internet companies on the new steps they can take. And we expect the companies to report back on progress in the New Year. Mr Speaker, terrorists are using the internet to communicate with each other.

We must not accept that these communications are beyond the reach of the authorities or the internet companies themselves. We have taken action. And we expect the internet companies to do all they can too. Their networks are being used to plot murder and mayhem. It is their social responsibility to act on this.”

In summary, the report and PM complain that because an ISP/content provider didn’t or couldn’t provide the seeming content of a communication in which “Adebowale told FOXTROT that he intended to murder a soldier” then they are effectively complicit in the failure to stop it. It’s easy to see the logic in this unless you take a step back to consider the wider ramifications of what is being said.

Firstly current laws, including those that have twice previously been proposed as part of an expansion of Internet snooping powers (both of with have failed due to significant opposition and public concerns), only reflect basic access logs and do not include the content of your communication.

In fact it would be patently ridiculous to extend the blame to Internet access providers for being unable to identify such content as terrorist material, how could they even be seriously expected to do that? Short perhaps of hiring an extra member of staff for every ten customers or so just to read through all your private messages, or perhaps allowing security services unfettered access to everything you do or say online.

Lest we not forget how easy it is to encrypt communications and the sheer cost of logging and processing all that data (who pays?). In either case ISPs aren’t trained police officers and nor, as commercial companies with their own self-interests at heart, should they really be relied upon to make such judgments. On top of that we must always consider context (e.g. two brothers threatening to nuke New York might look suspicious, unless you understand the real-life chat they joked about earlier while off-line).

A Spokesperson for the ISPA UK said:

There are existing legal processes for law enforcement to access communications data so it is wrong to suggest that the Internet is a “safe haven for terrorists”. It is for the intelligence agencies and not service providers to identify potential subjects, and when identified by the authorities CSPs can and do assist in providing communications data under a clear legal process.

The proposal that companies should monitor all communications online runs counter to the legal framework that underpins the Internet, which forbids unwarranted monitoring of customers’ communications. ISPA and its members are in active discussions around communications data capabilities, including the current Anderson Review, and the ISC’s report adds to the ongoing discussions.”

As the MD of ISP Andrews & Arnold (AAISP), Adrian Kennard, put it this morning, “Yes, if every communication is scrutinized, and every letter that is sent opened and checked, I am sure lots and lots of crimes could be prevented. Heck, if everyone was kept under house arrest, or locking in a prison for their own safety, we’d make this a much safer place. This report is nonsense.”

On top of all that the report also questioned why none of the major ISPs in the USA “regard themselves as compelled to comply with UK warrants obtained under the Regulation of Investigatory Powers Act 2000 (RIPA).” Procedures exists between the USA and UK that can facilitate the exchange of information for security purposes, yet outside of those we can see no reason why an ISP in the USA would regard themselves as needing to comply with the domestic laws of another country.

Security is always important but a truly open and fair democracy must also respect personal privacy and freedom of speech as a founding principal. The further away we get from that, the smaller those freedoms become until they are but a passing illusion in the wind.

UPDATE 26th Nov 2014

Added below an interesting comment from an expert in Internet security.

Professor Mike Jackson, Cyber-Security Expert at Birmingham City University, said:

The inquiry into why UK security organisations were unable to prevent the tragic death of Lee Rigby has highlighted a number of shortcomings in the way those organisations operate. The focus of political attention however seems to be on the issue of an Internet interaction carried out by one of the killers.

The Prime Minister echoing the words of Director of GCHQ is characterising the Internet as place used by terrorists to plan their acts of violence. He is of course right, terrorists do use the Internet, we all do, it’s the major communication channel for the majority of people in the UK.

What Mr Cameron would like is for overseas Internet companies to do the work of the British security services. To sift through the many millions of postings made each day and notify the UK government about any concerns.

The size of the task seems to be daunting even if clever technological scanning solutions are employed. It looks even larger if you take the view that providing this information to the UK government presumably carries with it the duty to provide all governments with similar information. And how does Mr Cameron feel about these companies supplying information to the governments we recognise as repressive and antidemocratic?”

Share with Twitter
Share with Linkedin
Share with Facebook
Share with Reddit
Share with Pinterest
By Mark Jackson
Mark is a professional technology writer, IT consultant and computer engineer from Dorset (England), he also founded ISPreview in 1999 and enjoys analysing the latest telecoms and broadband developments. Find me on Twitter, , Facebook and Linkedin.
Leave a Comment
14 Responses
  1. Bob2002 says:

    Adrian Kennard was also on BBC news(though I wonder whether they’ll use his interview in other bulletins), he pointed out that even if a warrant is issued for an ISP to intercept the Facebook interaction between terrorists Facebook connections are encrypted.

    Our political class is producing Internet policy based on wilful ignorance and lazy journalism from the British media, even the most tech friendly MPs like Julian Huppert sometimes sound a bit “clumsy” when discussing the Internet(not his fault really MPs can’t be experts at everything, but at least he makes an effort). How I wish we had an episode of Brass Eye to skewer our manipulative politicians and compliant media.

  2. Nick says:

    Hmmm.. how come GCHQ’s TEMPORA system didn’t catch this conversation?

    1. No Clue says:

      TEMPORA… TEMPUR…… Both stodgy bits of overpriced foam 😉

  3. timeless says:

    to be honest, intercepting internet communications has never been about terrorism, its about controlling information. in fact l recently saw a speech by cameron calling for what he calls “9/11 truthers” to be labelled as terrorists.. and thats a worrying precedent when one can be called a terrorist for purely questioning events..

    after all many seem to forget that these current terrorist organisations (al-queda(sp?) ISIS) were originally trained and or working for western governments yet now they are used to take away our privacy and freedoms previous generations fought for.. and every time a new law creeps in somehow another imminent threat seems to come to light, all l can say is if we didnt arm them and train them then we wouldnt have these issues.

    1. No Clue says:

      “…if we didnt arm them and train them then we wouldnt have these issues.”

      They say a gun in one persons hands makes them a freedom fighter. They also say the same gun in another’s hands make them a terrorist.

      In both case the “they” are brain dead tards.

  4. FibreFred says:

    I don’t think they are blaming ISP’s more like Facebook

    1. FibreFred says:

      Its a total blame shift, the security services missed opportunities 5 or 6 times, but let’s blame Facebook 🙂

      Can you imagine asking social media services to report stuff like this? I doubt they’d be acted on even if reported

    2. Ignitionnet says:

      Why don’t Facebook, just for say an hour, run a simple regular expression check and report each and every instance of a number of key words written by people in the UK to our security services?

      Should soon put paid to this nonsense.

    3. No Clue says:

      “Its a total blame shift, the security services missed opportunities 5 or 6 times, but let’s blame Facebook 🙂

      Can you imagine asking social media services to report stuff like this? I doubt they’d be acted on even if reported.”

      Not often i agree with you Fred but well said in this case. I wonder if they would even have a clue the amount of man power which would be needed to investigate every “DIE” threat on social media.

  5. dragoneast says:

    We all like to speculate, don’t we? When I was a kid I read cartoons. Now I’m living in one.

    1. dragoneast says:

      I seem to recall it comes around this time every year: the political pantomime season.

    2. No Clue says:

      Ohhh no it doesn’t….. 😉

  6. Claire says:

    If you read spycatcher (Banned by Mrs Thatcher, but available in Ireland ;)) you’ll read that the reason that the Govt investigate people is to see what they can ‘get on them’ so that they can be blackmailed ‘in the future’ — You may be doing nothing now, but in 20 or 30 years you may be an MP, a CEO, etc. –> that is when this data will be used against you.

    In northern Ireland they have been recently caught going one step further and actually getting terrorists, politicians and other top people to abuse young boys in care homes back in the 70s so that they could blackmail them in the future (Just look up the KINCORA scandal on the Internet).

  7. Web Dude says:

    “newspapers were full of similar regurgitated comments and quotes”

    in fairness to the Grauniad, their home affairs editor, Alan Travis, wrote a piece about 45 minutes later, saying that it’s dangerous to ‘blame’ internet firms… See http://is.gd/IdiotPoliticians

Comments are closed.

Comments RSS Feed

Javascript must be enabled to post (most browsers do this automatically)

Privacy Notice: Please note that news comments are anonymous, which means that we do NOT require you to enter any real personal details to post a message. By clicking to submit a post you agree to storing your comment content, display name, IP, email and / or website details in our database, for as long as the post remains live.

Only the submitted name and comment will be displayed in public, while the rest will be kept private (we will never share this outside of ISPreview, regardless of whether the data is real or fake). This comment system uses submitted IP, email and website address data to spot abuse and spammers. All data is transferred via an encrypted (https secure) session.

NOTE 1: Sometimes your comment might not appear immediately due to site cache (this is cleared every few hours) or it may be caught by automated moderation / anti-spam.

NOTE 2: Comments that break our rules, spam, troll or post via known fake IP/proxy servers may be blocked or removed.
Cheapest Superfast ISPs
  • Vodafone £19.50 (*22.50)
    Speed 38Mbps, Unlimited
    Gift: None
  • NOW £20.00 (*32.00)
    Speed 36Mbps, Unlimited
    Gift: None
  • Hyperoptic £20.00 (*25.00)
    Speed 50Mbps, Unlimited
    Gift: Promo Code: HYPERFALL21
  • Shell Energy £21.99 (*30.99)
    Speed 35Mbps, Unlimited
    Gift: None
  • Plusnet £22.00 (*38.20)
    Speed 36Mbps, Unlimited
    Gift: £70 Reward Card
Large Availability | View All
New Forum Topics
Cheapest Ultrafast ISPs
  • Gigaclear £24.00 (*49.00)
    Speed: 300Mbps, Unlimited
    Gift: None
  • Vodafone £24.00 (*27.00)
    Speed: 100Mbps, Unlimited
    Gift: None
  • Community Fibre £25.00 (*27.50)
    Speed: 200Mbps, Unlimited
    Gift: None
  • Hyperoptic £25.00 (*35.00)
    Speed: 150Mbps, Unlimited
    Gift: Promo Code: HYPERFALL21
  • Virgin Media £28.00 (*52.00)
    Speed: 108Mbps, Unlimited
    Gift: None
Large Availability | View All
The Top 20 Category Tags
  1. FTTP (3576)
  2. BT (3027)
  3. Politics (1946)
  4. Building Digital UK (1929)
  5. FTTC (1888)
  6. Openreach (1839)
  7. Business (1697)
  8. Mobile Broadband (1481)
  9. Statistics (1410)
  10. FTTH (1365)
  11. 4G (1279)
  12. Fibre Optic (1176)
  13. Virgin Media (1176)
  14. Wireless Internet (1164)
  15. Ofcom Regulation (1151)
  16. Vodafone (848)
  17. EE (839)
  18. 5G (772)
  19. TalkTalk (770)
  20. Sky Broadband (748)
Helpful ISP Guides and Tips

Copyright © 1999 to Present - ISPreview.co.uk - All Rights Reserved - Terms , Privacy and Cookie Policy , Links , Website Rules , Contact