Twitter has sparked debate among cyber-security experts with its decision to stop US intelligence agencies getting real-time data that could help them react to terrorist attacks.
According to Sunday's Wall Street Journal, Twitter recently blocked the security services from receiving the Dataminr alert service, the only one based on real-time access to Twitter's entire stream of public tweets.
Dataminr provides early warning of events like terror attacks, natural disasters and political unrest by detecting patterns in hundreds of millions of tweets, new wires and other data streams.
An intelligence source calls it “an extremely valuable tool” - Dataminr reportedly alerted users to the Paris terror attacks shortly after they began, and the Brussels attacks 10 minutes ahead of the news media.
In a pilot programme, Dataminr gave the US intelligence services an API enabling them to download the data in real-time and do mass analysis. But while it will continue offering this service to the corporate security, financial and other industries, it has now turned away the spooks.
Twitter, which owns around five percent of Dataminr, was behind the move reportedly because “it didn't want to seem too close to the American intelligence services”.
The decision has sparked debate in the cyber-security community, with Twitter variously praised for avoiding facilitating mass surveillance, and damned for preventing intelligence agents from receiving data that is open-source anyway and could help them react quicker to “bad things”.
In a statement emailed to SCMagazineUK.com, Twitter said: “Dataminr uses public tweets to sell breaking news alerts for non-surveillance purposes. We have never authorised Dataminr or any third party to sell data to a government or intelligence agency for surveillance purposes. This is a long-standing policy, not a new development.”
But UK security expert Professor Alan Woodward of Surrey University, an adviser to Europol, branded the decision as “odd” and “illogical”.
He told SC: “To me it seems a step too far. This isn't surveillance. Dataminr are broadcasting the data, they're just being selective about who they're giving it to. They're happy to collect it and sell it for other purposes. But one of the purposes you might imagine is a good one – if somebody is publicly saying they're going to do something bad and it helps stop it – it's odd to withdraw that facility. I don't understand the logic.”
Woodward added: “It's the post-Snowden effect. They are concerned that their customers are going to be worried that the Government are somehow misusing the information. So they want to be seen to be not co-operating with the Government.
“it's a legitimate concern in many situations. But in this case it's just so odd because it's all public information anyway. It's open-source intelligence that anybody can access and indeed they're still quite happy to sell it to other people.”
But BH Consulting's Brian Honan, head of Ireland's CSIRT and a cyber-security advisor to Europol, broadly supported the move by Twitter and Dataminr as protecting their customers' interests.
He told SC: “All technology companies have obligations to their customers. They have to be careful how they are perceived to be facilitating mass surveillance. They need to work with law enforcement with the appropriate oversight and transparency in place; and where that transparency and oversight is not in place, then they need to make sure they protect the interests of their customers.”
Honan pointed out that Dataminr is just one tool and mines public data. “So while this may be inconvenient for the security forces it's not going to hinder their capabilities as I'm sure they can develop their own tools, or there would be other tools available.”
It's the latest clash between tech companies and intelligence services, after Edward Snowden's revelations about secret mass surveillance focused people on the need to protect their data privacy.
The row comes shortly after the battle between the FBI and Apple over unlocking a terrorist's iPhone, and pressure on tech companies to weaken encryption to help law enforcement and security agencies more easily monitor terror suspects.
In the UK, Parliament is currently debating the Investigatory Powers Bill – sometimes called The Snoopers' Charter – which aims to clarify the surveillance powers of GCHQ and MI5, and the oversight placed on them.
In a related move, data privacy rights group Privacy International has just launched a High Court challenge to the Government's right “to use of general warrants to hack broad classes of people and computers”.