In the wake of recent terrorist attacks in the United Kingdom, Prime Minister Theresa May publicly criticized “the Internet” and the “big companies that provide Internet-based services” as providing a safe space for terrorist ideologies to spread. She also called on democratic governments to “regulate cyberspace” by presumably passing laws to hold these companies accountable for communications spread through their services.
May did not, however, specifically identify the spaces or companies she views as problematic. While these kinds of all-encompassing, non-specific statements may be politically effective in the lead-up to this week’s general election in the UK, any serious attempts to address the spread of terrorism deserves significantly more nuance. Anything less is harmful to global discourse on such matters.
May’s stern but vague admonition of “the Internet” ignores the sheer magnitude of it. The size of the world wide web, which is the primary way most users connect to the Internet, is enormous. Statistics indicate that there are more than 1 billion active websites online. Laying blame for the spread of terrorist ideologies on the entire Internet inappropriately simplifies the medium and its vast array of uses. Treating the Internet as a single, unitary space could cause significant issues revolving around data, privacy, and safety in general.
In addition, calling out “big companies that provide Internet-based services” does not provide enough context to identify where terrorist ideologies are being spread or what, if anything, can be done about these spaces. There are a vast array of companies that offer Internet-based services, though two groups have been the primary focus of recent discussions about terrorist messaging online: large Internet companies and developers of encrypted messaging services.
May could have, on the one hand, been referring to a group of Internet behemoths like Facebook, Google, and Twitter. These services, including Google-owned YouTube, are often used by terrorist groups to publicly post propaganda. Google’s Gmail is also the most popular email application for terrorists.
In recent months, May’s Conservative Party has reportedly set its sights on Facebook and Google as the targets of a platform focused on controlling the spread of harmful messages online. This is likely because these two companies dominate the Internet. Facebook is the largest social network in most countries around the globe and boasts nearly 2 billion users (almost 30% of humans on the planet). Google is one of the world’s largest companies and maintains an 89% market share among search engines. Though Twitter has struggled in recent years, it is still one of the most popular social networks online. All three of these companies have been publicly condemned by British lawmakers as offering platforms for terrorism.
On the other hand, May could have also, or separately, been referring to the companies and developers behind apps like Telegram, Signal, and Wickr (a fourth, WhatsApp, is owned by Facebook). These offer encrypted messaging services that hide a user’s identity and their communications. They are popular among terrorists for instant messaging and chatting. Telegram, in particular, is the “app of choice” for coordinating terrorist attacks—recent terrorist events across Europe were planned using the service. Former FBI Director James Comey was quite vocal in his disapproval of such apps after terrorist attacks in the U.S., calling encryption a “significant public safety problem” and troublesome for law enforcement.
Identifying whether May was addressing problems associated with large Internet companies or smaller companies developing encrypted apps will drive any meaningful discussion about what, if anything, happens next.
Facebook, Google, and Twitter are powerful American corporations that wield significant influence over Internet policy. They have collaborated for several years with each other and with governments to eliminate harmful communications from their websites. Telegram, on the other hand, is a German-based company with a user base roughly one-eighth the size of Facebook’s. Similarly, Wickr has a team of roughly 40 employees—small compared to the likes of Facebook, Google, and Twitter—and a founder who is a staunch privacy advocate. Companies like these do not have the same motivations to collaborate. Telegram, for example, has been criticized by European Union officials for lagging behind other social media companies in addressing terrorism.
Both groups of companies, large and small, typically resist suggestions that more government regulation is needed for how they manage their Internet platforms and handle the communications that appear on them. Their concerns are legitimate; governments aren’t likely to be nimble enough to manage the rapidly changing dynamics of the Internet. And while public safety is a significant concern, companies using encryption technology are focused on protecting the privacy of law-abiding Internet users.
Time will tell who and what in cyberspace will be the focus of any domestic or international efforts to regulate terrorist content online. Until then, it is important to frame these discussions in a more nuanced way.
Shontavia Johnson serves as the Kern Family Chair in intellectual property law and directs the Intellectual Property Law Center at Drake University Law School.
