Tech groups try to kill terrorist reporting mandate in spy bill

Trade groups backing major technology companies are pressing Senate leaders to kill a proposal that would require social media and other tech companies to report terrorist activity on their services. 

Tech groups argue the provision tucked into the 2016 Intelligence Authorization Act is overly broad and would likely be ineffective. More importantly, they said, it raises First Amendment concerns for Internet users. 

{mosads}“This hastily written provision is unworkable, and goes well beyond U.S. law and 20 years of federal Internet policy,” the groups wrote in a letter to leadership in both parties. 

The letter was signed by the Internet Association, the Internet Infrastructure Coalition and Reform Government Surveillance. Together they represent some of the biggest names in Silicon Valley, including Google, Microsoft, Facebook, Twitter, Yahoo and others. 

A series of more than 30 privacy, civil liberties and tech groups sent a similar letter to leadership earlier this week warning of potential First and Fourth Amendment violations if the provision is approved. 

Tech companies are not eager to be seen as complicit in any new reporting requirements on their customers after their brands were damaged following the surveillance revelations from Edward Snowden in 2013. 

The authorization bill was unanimously passed out of committee in June, but Sen. Ron Wyden (D-Ore.) put a hold on the bill last week after finding out leadership planned to approve the bill on the floor with unanimous consent. 

The provision would require Internet companies to report to the government when it obtained actual knowledge of “terrorist activity” on their platform, but it would not require new monitoring. 

Sen. Dianne Feinstein (Calif.), the ranking Democrat on the Intelligence Committee, who backs the provision, said it is modeled off existing law that requires companies to report child pornography when it is spotted. 

But the trade groups argue child pornography and “terrorist activity” are fundamentally different. While child pornography is identifiable and illegal on its face, “terrorist activity” is a vague term that is harder to detect and could thus lead to over-reporting, they say. 

“The core term that triggers the reporting mandate, any ‘terrorist activity,’ is infeasible due to its breadth,” according to the letter. “It is not a legal term of art nor is it ever defined in the legislative text.”

They added: “As such, the provision will lead to reporting of items that are not of material concern to public safety, creating a ‘needle in the haystack’ problem for law enforcement.”

They also argued the number of Internet platforms covered by the law would be too broad, potentially hitting “social media companies, search engines, Internet service providers, blogs, community bulletin boards, and universities.” They even warned it could touch email providers or cloud storage companies. 

While the tech groups were “sympathetic to the motivations” of the provision, they said they already comply with law enforcement requests and take steps to ensure their users are operating legally.