• United States



Facebook posts can land Americans on watchlists

Jul 27, 20144 mins
Data and Information SecurityMicrosoftSecurity

Concrete evidence of being a suspected terrorist is not necessary before nominating people to watchlists; leaked "guidance" states that uncorroborated posts on social networking sites are sufficient grounds for the government to add people to watchlist databases.

As we’ve seen in the past, there’s nothing reasonable about supposedly suspicious activities as numerous you-might-be-a-terrorist-if lists are often filled with harmless behaviors. You know there are “hot” keywords monitored by government agencies and that anything you might say on social media could come back and bite you at a later date; those facts were again highlighted in the 166-page document issued by the National Counterterrorism Center to give “watchlisting guidance.”

Although this guidance includes advice on determining whether or not there is reasonable suspicion that someone is a terrorist and should be nominated to watchlists, the more worrying aspects involve getting around reasonable suspicion. According to “March 2013 Watchlisting Guidance” published by The Intercept:

In determining whether a reasonable suspicion exists, due weight should be given to the specific reasonable inferences that a nominator is entitled to draw from the facts in light of his/her experience and not on unfounded suspicions or hunches. Although irrefutable evidence or concrete facts are not necessary, to be reasonable, suspicion should be as clear and as fully developed as circumstances permit.

Americans are protected by the First Amendment; the guidelines do say that constitutionally-protected activities cannot be the basis for nominating a person to be added to watchlists, yet how many times has that proven to be untrue? Way before Snowden spilled the beans on NSA surveillance, back in 2010, the ACLU reported that FBI spying on free speech was nearly at Cold War levels.

It has been said that law enforcement considers not having a Facebook account to be suspicious, but it turns out that if someone were to setup a fake Facebook account pretending to be a specific person, the government doesn’t even need to confirm account ownership before flagging that person to be added to a watch list.

While the guidelines nominally prohibit nominations based on unreliable information, they explicitly regard “uncorroborated” Facebook or Twitter posts as sufficient grounds for putting an individual on one of the watchlists. “Single source information,” the guidelines state, “including but not limited to ‘walk-in,’ ‘write-in,’ or postings on social media sites, however, should not automatically be discounted … the NOMINATING AGENCY should evaluate the credibility of the source, as well as the nature and specificity of the information, and nominate even if that source is uncorroborated.”

It’s left to the nominator’s discretion to determine what is or is not suspicious. As we’ve seen in the past, sometimes being concerned about privacy or security is considered a “suspicious activity.” Below is a portion from a Communities Against Terrorism flyer designed by the FBI and the DOJ to promote suspicious activity reporting at Internet Cafes.

Privacy and security as suspicious activities

If a person on a watchlist were to travel, then airport or border officials are told what type of information should be targeted for collection during such encounters. Nominators are encouraged to include miscellaneous item information such as from “social networking accounts (e.g., Facebook, Twitter, MySpace, LinkedIn, ICQ), titles of books, DVD/CD, brochures being carried and their condition such as new, dog-eared, annotated, unopened, professional journals.”

Examples of electronic media/devices that are also to be observed or copied include “cellphone list and speed dial numbers, laptop images, GPS, thumb drives, disks, iPod or MP3, PDAs, Kindle or iPad (electronic books), cameras, video and/or voice recorders, pagers and any electronic storage media.”

Let’s say government officials snagged and copied a watchlisted individual’s cellphone. If you were listed in that person’s contacts, then that could be enough “reasonable suspicion” to add your name to a watchlist. “Because you appear on a telephone list of somebody doesn’t make you a terrorist. That’s the kind of information that gets put in there,” explained former FBI special agent David Gomez. “If reasonable suspicion is the only standard you need to label somebody, then it’s a slippery slope we’re sliding down here, because then you can label anybody anything.”

ms smith

Ms. Smith (not her real name) is a freelance writer and programmer with a special and somewhat personal interest in IT privacy and security issues. She focuses on the unique challenges of maintaining privacy and security, both for individuals and enterprises. She has worked as a journalist and has also penned many technical papers and guides covering various technologies. Smith is herself a self-described privacy and security freak.