The families of five terrorist attack victims filed a lawsuit in U.S. District Court on Monday. The defendant: Facebook. The families, claiming that the social media giant enabled Palestinian militants to carry out deadly attacks in Israel, are suing for more than $1 billion, calling into question the responsibility of technology companies when it comes to security.
Weeding out the badness
Back in 2013 Facebook issued that it would “do more” to disallow objectionable content but also admitted that much work needed to be done when it came to flagging and/or removing content contrary to its standards. At present, the way most content is removed is though user policing rather than a dedicated effort by Facebook employees. Freedom of speech is a right afforded to U.S. citizens (the victims named in the aforementioned lawsuit), but where is the line? What role do tech companies play when it comes to free speech, and how responsible are social media companies for users’ actions?
There’s more than one side to this debate. On the one hand, technology companies are (or should be) responsible for the security and privacy of customer data when that data is given to them as part of a business dealing or transaction. When you get down to it, technology companies aren’t the only ones responsible for security and privacy of data. In this regard, all companies are tech companies; it’s incumbent upon data holders (businesses) to retain skilled staff who can ensure data doesn’t go flying out the window due to negligence or ineptitude.
How far is too far?
But now we’re talking about death and human suffering. This gets tricky because it’s not only lives on the line; it’s emotion and sentiment and morals and tightly held beliefs. What reasonable human being would not want to stop a terrorist act? Who, but the terrorists themselves, would say it’s OK to allow them to openly plan an attack? The goofy saying, “If you see something, say something” should always apply when violence, hatred, and threats are spewed. It’s everyone’s responsibility, but it’s not an information security issue. Facebook, Apple, and others have stood up before the Department of Justice vowing to give users the tools to protect themselves. This doesn’t mean these tech companies are shirking responsibility. In fact, it’s the opposite; most individuals and plenty of non-tech companies can’t provide the encryption or properly implement firewalls, IDS/IPS, or content filtering necessary to keep digital attacks at bay, so tech companies are stepping up to the plate and saying, “We’ll help.”
By not responding to the lawsuit, Facebook is in no way saying that the terrorists had any right to do what they did. Nor are they condoning use of Facebook as a platform for planning unspeakable acts such as the ones carried out. The Community Standards are very clear. When Facebook is eventually brought to court, it will fight the claims and use all resources necessary to be cleared of any wrongdoing. As a tech company providing an open forum for people all over the world to interact, its responsibility is to present a digitally secure environment, one where users can expect a certain level of privacy and from which information kept private cannot be accessed by prying eyes. Even Facebook’s. Facebook understands this, and even though over the years Facebook’s information security practices have been called into question, the company is seemingly taking greater steps to allow users to connect privately and securely.
Censorship vs. security
Should tech companies play a role in free speech? Are social media companies responsible for users’ actions? This is a censorship issue and not a technological one. Blaming a social media bulletin board for providing a bulletin board, then requiring it to not only keep users’ interactions secure and private and on “the up and up” is going too far. Information security is a massive battle, one which most legitimate businesses are losing. U.S. citizens’ right to privacy is difficult to protect as it as, much less adding a layer of censorship on top. The families of the victims have a right to be angry, distraught, and frustrated; these feelings, though, are misplaced. Let’s not start asking tech companies, in particular, social media companies, to now also police the digital communications we fight so hard to ask them to keep private and secure.