Showing scant respect for the many victims of the Paris attacks, government officials and pundits have been quick to exploit public anger and fear to advance their own agendas. As Ars reported, a favourite target has been Edward Snowden. The logic, such as it is, seems to be that Snowden’s leaks alerted criminals to the mass surveillance being conducted by Western intelligence agencies, allowing would-be terrorists to take measures to avoid discovery before they carried out their murderous assaults. As a result, so this argument goes, Snowden bears a heavy moral responsibility for the suffering that has been caused in Paris and elsewhere.
Soon after these latest attempts to blame Snowden started appearing, Glenn Greenwald, who has been writing about surveillance and terrorism extensively, and who enjoys a unique access to the Snowden leaks, wrote a thorough rebuttal to this line of thinking. For example, he points out: “One key premise here seems to be that prior to the Snowden reporting, The Terrorists helpfully and stupidly used telephones and unencrypted emails to plot, so Western governments were able to track their plotting and disrupt at least large-scale attacks.” Except, of course, that governments did notstop the carnage of Bali (2002), Madrid (2004), London (2005), Mumbai (2008), and at the Boston Marathon (April 2013, before the first Snowden documents were revealed.)
In fact, the claim that it was Snowden who encouraged terrorists to use encrypted communications is easily disproved. Greenwald quotes several mainstream articles from 2001—over a decade before Snowden hit the world’s headlines—including the following memorable quotation from USA Today: “‘Uncrackable encryption is allowing terrorists—Hamas, Hezbollah, al-Qaida and others—to communicate about their criminal intentions without fear of outside intrusion,’ FBI Director Louis Freeh said last March during closed-door testimony on terrorism before a Senate panel. ‘They’re thwarting the efforts of law enforcement to detect, prevent and investigate illegal activities.'”
If those words seem familiar, it’s because variations on them are continually being wheeled out by senior intelligence officers today, not least in the wake of the Paris attacks. Indeed, since the smears against Snowden are so transparently false, most criticism is now levelled at encryption in general, and at the companies like Google and Facebook that have started to deploy it more widely in their services.
But the new narrative—that the terrorists in Paris used encryption communications to escape detection—soon started to disintegrate. As Ars noted, French police found an unencrypted, unlocked phone in a rubbish bin outside the Bataclan concert hall in Paris, which contained an SMS sent in the clear. It is believed the same device may have led the French authorities to the flat where a gun battle with suspects later took place.
It also emerged that at least five of the Paris attackers were known to have travelled to fight in Syria, and had then returned to France or Belgium. As The Guardian writes: “One of the attackers at the Stade de France, Omar Ismaïl Mostefai, had a French police ‘S’ file, denoted suspected radicalisation, since 2010.” In addition, “Sami Amimour, one of the gunmen at the Bataclan, had been detained in October 2012 on suspicion of terrorist links, and had an international arrest warrant out on him after he broke his parole the following year and travelled to Syria. Yet he returned in mid-October 2014, and was able to remain at large until the attacks.” One of the bombers even had a Facebook page where it is reported he called for attacks on the West.
The Washington Post reveals that there were similar missed chances in Belgium: “Over the past year, Belgian security forces tapped at least one bomber’s telephone and briefly detained and interviewed at least two other suspects—one for his travels to Syria and the other for his radical views, according to law enforcement officials here.” In fact: “Not only were police suspicious of the men tied to the Paris attacks, but Belgian researchers and even journalists also were tracking their posts on social media.” The terrorist links of four of the men were obvious enough to put them on a US counter-terrorism database.
Were the terrorists just lucky? Or is mass surveillance deeply flawed?
It might be argued that this was just an unfortunate one-off lapse, and that the terrorists were simply lucky on this occasion. But an important analysis by Ryan Gallagher in The Intercept shows that in ten of the most notorious terrorist attacks in recent years, some or all of the perpetrators were known to the authorities. That includes the murder of Fusilier Lee Rigby by Michael Adebolajo and Michael Adebowale in Woolwich, London in 2013:
According to a U.K. parliamentary report published following the attack, Adebolajo was investigated under five separate police and security service operations. He was believed to have links to several extremist networks and was suspected of having tried to travel overseas to join a terrorist organization. Adebowale was investigated by British spies after he was identified as having viewed extremist material online. London counterterrorism police also received an uncorroborated tip that Adebowale was affiliated with al Qaeda. Investigators reviewed Adebowale’s cellphone records and apparently did not find anything of interest. But they did not check his landline call records, which if they had would have revealed that he had been in contact with an individual in Yemen linked to al Qaeda. Covert surveillance of both Adebolajo and Adebowale had ceased prior to their attack in London in May 2013, though Adebowale was still the subject of a terrorism-related investigation at the time.
The UK parliamentary investigation into the murder of Lee Rigby was undertaken “to establish whether mistakes have been made and to ensure that any lessons are learned.” First among the eight “issues” raised by the report was the following: “MI5 has limited resources, and must continuously prioritise its investigations in order to allocate those resources.”
Stretched resources were also mentioned in the wake of the Paris attacks. The Guardian wrote: “French intelligence and police have only an estimated 500-600 staff whose task is to physically follow people. But the agencies have about 11,000 people on their books classified as potential threats to national security.”
These comments confirm points made by an FBI whistleblower, Coleen Rowley, in an article that appeared just after the parliamentary report was published in 2014. She wrote: “I fear that terrorists will succeed in carrying out future attacks—not despite the massive collect-it-all, dragnet approach to intelligence implemented since 9/11, but because of it. This approach has made terrorist activity more difficult to spot and prevent.” As she put it: “After Edward Snowden described just how massive and irrelevant the US and UK monitoring had become, people started to grasp the significance of the saying: ‘If you’re looking for a needle in a haystack, how does it help to add hay?'”
Rowley’s crucial point, about adding more hay to the haystack, is particularly pertinent today as politicians again cry out for encryption to be backdoored, and for even more intrusive mass surveillance to be carried out, in order to “fight terrorism.” The attacks in Paris did not take place because the terrorists used encryption to keep their communications secret. People died or suffered terrible injuries not because the terrorists had somehow managed to slip through the surveillance net. In fact, it seems that they were known to multiple intelligence agencies around the world.
The reason the attacks were successful and people died was largely because the authorities had insufficient resources to follow up the knowledge that they had, and some important leads that they were given. It was not because they had too little information about the terrorists, but because they had too much for the human resources they could bring to bear upon them.
Mass surveillance is not the solution to these attacks; it is the problem that makes them more likely. The belief that gathering yet more undifferentiated data from everyone, whoever they are, and whatever they are doing, will somehow make it easier to spot and stop attacks is contradicted by the painful events of the last decade or so. It is time to stop trying to shift the blame to Edward Snowden or encryption for the serious intelligence failures that have occurred. It is time to recognise that the current approach based on mass surveillance simply does not work, and must be replaced by a more targeted, more intelligent, and thus more effective approach.