Dr Tine Munk, Lecturer in Criminology (Cybercrime), explains why we need to take a coordinated approach to removing online extremism that looks beyond big internet companies.
In a response to the terror attack in London on 3 June 2017, UK prime minister Theresa May commented on new trends in the threats faced by the UK. May said, “Terrorism breeds terrorism and perpetrators are inspired to attack, not only on the basis of carefully constructed plots after years of planning and training, and not even as lone attackers radicalised online, but by copying one another and often using the crudest of means of attack”.
The three attacks in the UK from March to June in 2017 share similarities with European terrorist attacks following the Charlie Hebdo attack in 2015. These attacks are visibly inspired by each other and there is a strong link between them and the use of the internet to spread propaganda and extremist material. Moreover the intensive global media coverage of these events has generated more ‘lone-wolf’ attacks as seen in recent attacks including Paris, Copenhagen, Brussels, Nice and Berlin.
These attacks will have a long-term effect. It is difficult to claim that citizens will carry on as usual and thereby deny terrorists an easy victory. It is possible to get a sense of changes to come from Theresa May’s speech in Downing Street immediately after the most recent attack in London. May highlighted the link to online cyber security and called for international agreements to remove online “safe space extremism” provided by big internet companies. However, online extremism is as important to prevent as offline extremism. May also stated that, “We need to work with allied democratic governments to reach international agreements to regulate cyberspace to prevent the spread of extremist and terrorism planning.” Setting up international cooperation and harmonising national legislation are not easy tasks. So far, it has not been possible to develop an international agreement beyond the Council of Europe’s Convention on Cybercrime from 2001 which has a limited number of signatory states.
I believe that changes are needed to prevent online extremist propaganda and recruitment from accelerating further. But should this only be a job for big online companies and is the world-wide web the only place where the problem is developing? Online propaganda, extremism and radicalisation are not unfamiliar problems which suddenly have developed as a result of the UK attacks. These are problems which have been calling for attention for years and governments, law enforcement, online businesses and Internet Service Providers (ISPs) have had time to act on them. The initiatives launched so far appear fragmented and reviews of the different measures, forms of cooperation and networks are long overdue.
There is a demand to develop a more comprehensive framework that works on multiple levels which involves different organisations including businesses taking action to target both online and offline extremism. In 2014, Saltman and Russell argued in their white paper The Role of Prevent in Countering Online Extremism that we need to recognise that initial processes of radicalisation mostly occur offline. The internet is a secondary socialiser and potential catalyst for radicalisation and online counter-extremism measures must be seen in the light of the successes and failures of offline counter-extremism. This means that new initiatives need to be coordinated with offline efforts (1).
Europol highlights a crucial point that the role of the Internet, as well as social media, have become one of the biggest challenges in the radicalisation debate. Nevertheless, there are no convincing findings that suggest that the internet is the main factor for driving people into extremism or that an individual can become radicalised only from the Internet without any offline influence (2).
The Internet is not the only area which needs focus. There are other significant challenges beyond the reach of regulators, law enforcement and ISPs – including big internet companies. The Darknet or Deep Web creates an essential platform for terrorist and cyber criminals to communicate, however this area was not addressed in May’s speech. The Darknet/Deep Web offer a crime-as-a-service business model from the entry level and upwards with easy access to tools and services needed to communicate (2). Encryption of data is also becoming more commonplace. Encryption and anonymising tools that are useful to private online users are widely used by terrorists to protect their data and keep their identities hidden while they communicate, plan attacks, buy illegal materials and perform financial transactions (2). I argue that we should include the Darknet/Deep Web and encryption tools in future security debates about the scope and limitations of online security.
It is true that internet companies and ISPs need to join the fight against extremism and radicalisation. I believe that the current legal framework for the removal of terrorist and extremist online content should be reviewed. The removal of referred or identified terrorist and extremist online content is decided by ISPs and this removal or deferral does not constitute an enforceable act. But ISPs cannot do this alone and new measures must be more wide reaching. We need a global legislative approach, closer communication and increased cooperation between governments, law enforcements and Internet businesses. Existing forums should be improved to manage internet security on multiple levels – both ad hoc and permanently. We are experiencing problems responding to the current threat because existing frameworks, programmes and tools lack flexibility and are often are too slow and bureaucratic to adapt to new threats (2).
No regulation, practices or security measures offer 100% security. Content will spread online and offline despite enhanced monitoring of the internet. I find that there always are problems with technical regulation which tends to filter or block online content either too much or too little. Automatic technical regulation can lead to extremist material being distributed and innocent material being censored. However an important group is widely overlooked in discussions about enhancing cyber security. Internet users have a significant role to play in monitoring and reporting online extremism and propaganda. Unfortunately there is not enough awareness and education available for this group of individual users and their ability to monitor the internet is underestimated. Internet users have first-hand experience of extremist online activities across social media and other online platforms and they need to be informed better to stop online extremism.
In my opinion, an umbrella approach is needed in future that includes multiple initiatives, sources of knowledge and public and private organisations. We shouldn’t only single out big internet companies as the bad guys who have not secured the internet from extremist material. Online activities are entwined with offline activities in such a way that it is no longer possible to separate them. Initiatives should be developed in synergy between online and offline measures and regulations. There is a requirement for a variety of groups worldwide, ISPs and internet businesses to pool resources and capabilities and exchange knowledge in a transnational and cross-sectoral way. Securing the internet and preventing online extremism and radicalisation calls for diverse types of initiatives coordinated with offline measures. This framework should also include the challenge introduced by the Darknet and encryption – but this is largely overlooked in the current debate. Another area which needs to be addressed is the role of internet users which has not been addressed so far. More awareness and education is needed to mobilise this group.
Find out more about the Department of Criminology and Sociology at Middlesex University.
1. Saltman, E. M. & Russells, J., 2014. White Paper – The Role of Prevent in Countering Online Extremism, s.l.: Quilliam.
2. Europol, 2017. OCTA 2016 Internet Organised Crime Threat Assessment, s.l.: European Police Office (Europol).