Opinion: Are operators doing enough to keep the UK safe?


Facebook took a battering in the press last week after failing to act upon messages posted online ahead of the murder of Fusilier Lee Rigby. But what if they had used SMS? 

Last week, the media was in uproar after the the Intelligence and Security Committee investigation into the shocking murder of Fusilier Lee Rigby revealed an unnamed social media site had deleted content that could have warned of the attack.

The site, understood to be Facebook ,  removed comments made by Lee Rigby’s killers discussing their plans to kill a soldier in “the most graphic and emotive manner”. Facebook is accused of not warning the authorities about these posts.

The ISC report accused internet companies and providers of “providing a safe haven for terrorists” because of a continued lack of cooperation with UK authorities.

It raises a fascinating debate about security concerns balanced against worries about privacy. Should ISPs breach users privacy to warn security services about potential terrorism risks? If that is acceptable, then how far do they go?

I spoke with the big four mobile operators to find out what steps they take to work with police and MI5/MI6 in regards to counter-terrorism. Their answers were all fairly standard: We comply with all legal obligations, co-operate with all relevant bodies etc.

So what are those legal obligations? The operators told me that under a RIPA (Regulation of Investigatory Powers Act) request, they could be forced to give up any existing data they have on customers, including call records, data history and text messages.

This raised a major question about what kind of text message data was kept on file. Can the networks, and in turn the police, see what I’ve written if I’m texting friends or family? How long does that stay on file for? Surely the messages can’t be kept indefinitely if only because of problems maintaining storage of millions of messages per day.

Screen Shot 2014-12-01 at 10.30.51

Itemised billing

O2 told me that it doesn’t keep text content on file, whilst Three and EE both confirmed the data is kept for a small amount of time in case messages are lost. Vodafone declined to comment at all on its policies.

Itemised billing which will show when and to whom a call was made is legally required to be kept by the networks for a full year before it is deleted.

Both Three and EE confirmed they have a specific department who deals directly with the police or other bodies about data. Three’s is called an Information Disclosure Unit. The other networks didn’t share that information.

What if Michael Adebolajo and Michael Adebowale had discussed their plans to murder Lee Rigby over text messages or calls? Would the networks have known about it and would they have acted?

There is no system that can detect specific terminology in a text or call. Typing the word “bomb” when you’re messaging friends won’t suddenly lead to Blackhawk helicopters above your house, .

Should there be?  The ISC report criticised Facebook for failing to report discussions about terrorism.  But if it became public knowledge that such posts were being reported, criminals would use text messaging instead?

Maybe it would be a huge technological hurdle to put a keyword logging software into texts.  SMS has been standard for almost two decades. It would also raise concerns about privacy. A quick trip to any operator’s Facebook page shows how much the public already mistrusts networks.

It’s reassuring that the operators work alongside the security services to protect the public from terrorist threats but, as one network source said, it’s not their job to police users. Privacy is a key component of a network agreement.

Just like Facebook, it is the operators’ role to provide a service and if a tiny minority of people choose to abuse that service to commit despicable acts, can we really blame the service provider?