科技企業須與情報機構攜手反恐

The Islamic State of Iraq and the Levant (Isis) is the first terrorist group whose members have grown up on the internet. They are exploiting the power of the web to create a jihadi threat with near-global reach. The challenge to governments and their intelligence agencies is huge – and it can only be met with greater co-operation from technology companies.

“伊拉克和黎凡特伊斯蘭國”(ISIS)是第一個成員在網絡時代長大的恐怖組織。利用網絡的力量，他們幾乎在全球範圍內製造聖戰威脅。各國政府和情報機構面對的挑戰是巨大的，只有與科技企業展開更深入的合作，才能解決這個挑戰。

Terrorists have long made use of the internet. But Isis’s approach is different in two important areas. Where al-Qaeda and its affiliates saw the internet as a place to disseminate material anonymously or meet in “dark spaces”, Isis has embraced the web as a noisy channel in which to promote itself, intimidate people, and radicalise new recruits.

恐怖分子早就會利用網絡了。但在兩個重要的方面，ISIS的策略和此前的恐怖組織不同。基地組織(al-Qaeda)及其附屬組織將網絡看成匿名散播材料或者暗中集會的場所，而ISIS把網絡當成傳播大量消息的渠道，藉助它宣傳自身、恐嚇民眾、讓新成員變得更為激進。

The extremists of Isis use messaging and social media services such as Twitter, Facebook and WhatsApp, and a language their peers understand. The videos they post of themselves attacking towns, firing weapons or detonating explosives have a self-conscious online gaming quality. Their use of the World Cup and Ebola hashtags to insert the Isis message into a wider news feed, and their ability to send 40,000 tweets a day during the advance on Mosul without triggering spam controls, illustrates their ease with new media. There is no need for today’s would-be jihadis to seek out restricted websites with secret passwords: they can follow other young people posting their adventures in Syria as they would anywhere else.

ISIS的極端分子使用Twitter、Facebook和WhatsApp等消息和社交媒體服務，並且使用他們的同齡人理解的語言。他們發佈視頻，展示他們攻擊城鎮、射擊或者引爆炸彈的畫面，並刻意把視頻製作成網絡遊戲的樣子。他們使用世界盃(World Cup)和埃博拉(Ebola)作為話題標籤，將ISIS的訊息嵌入範圍更廣的消息源中。在向摩蘇爾城進發的途中，ISIS成員每天發送4萬條tweet消息，並且沒有觸發垃圾消息管控，這表明他們能自如地運用新媒體。今天，想成為聖戰分子的人無需尋找訪問受限、需要密碼的網站：他們可以關注ISIS分子，像任何其他地方的年輕人那樣，ISIS分子也會發布自己在敍利亞的“冒險”經歷。

The Isis leadership understands the power this gives them with a new generation. The grotesque videos of beheadings were remarkable not just for their merciless brutality, which we have seen before from al-Qaeda in Iraq, but for what Isis has learnt from that experience. This time the “production values” were high and the videos stopped short of showing the actual beheading. They have realised that too much graphic violence can be counter-productive in their target audience and that by self-censoring they can stay just the right side of the rules of social media sites, capitalising on western freedom of expression.

ISIS的領導層瞭解，在新一代恐怖分子身上，網絡賦予他們什麼力量。ISIS發佈的可怕斬首視頻之所以不同尋常，不僅是因為內容殘忍無情（我們在伊拉克的基地組織中也看到過這種殘忍無情），還因為ISIS吸取了基地組織的經驗。這一次，視頻的“生產價值”很高，在展現真正的斬首畫面前就停止了。他們已經意識到，太多暴力畫面可能對他們的目標受眾產生反效果。通過自我審查，他們能夠恰巧保證不觸犯社交媒體網站的規則，利用西方的言論自由。

Isis also differs from its predecessors in the security of its communications. This presents an even greater challenge to agencies such as GCHQ. Terrorists have always found ways of hiding their operations. But today mobile technology and smartphones have increased the options available exponentially. Techniques for encrypting messages or making them anonymous which were once the preserve of the most sophisticated criminals or nation states now come as standard. These are supplemented by freely available programs and apps adding extra layers of security, many of them proudly advertising that they are “Snowden approved”. There is no doubt that young foreign fighters have learnt and benefited from the leaks of the past two years.

在通信安全方面，ISIS和以前的恐怖組織也不同。這給英國政府通信總部(GCHQ)這樣的機構造成了更大的挑戰。恐怖分子總是有各種方法來隱蔽自己的行動。但今天的移動科技和智能手機讓可供選擇的方法成倍增加。一度只有最老練的犯罪分子或者國家才能掌握給信息加密或者使信息匿名的技術，如今這些技術已成家常便飯。還有一些免費程序和應用可為他們提供額外的安全保護，其中許多在廣告中自豪地宣稱獲得“斯諾登認證”。毫無疑問，這些年輕的外國戰鬥人員已從過去一年多的斯諾登爆料中學習並受益。

GCHQ and its sister agencies, MI5 and the Secret Intelligence Service, cannot tackle these challenges at scale without greater support from the private sector, including the largest US technology companies which dominate the web. I understand why they have an uneasy relationship with governments. They aspire to be neutral conduits of data and to sit outside or above politics. But increasingly their services not only host the material of violent extremism or child exploitation, but are the routes for the facilitation of crime and terrorism. However much they may dislike it, they have become the command-and-control networks of choice for terrorists and criminals, who find their services as transformational as the rest of us. If they are to meet this challenge, it means coming up with better arrangements for facilitating lawful investigation by security and law enforcement agencies than we have now.

GCHQ及其姊妹機構軍情五處(MI5)和祕密情報局（SIS，英國國內及海外情報機構）如果得不到私營部門更大的支持，包括從主導互聯網的美國各大科技公司得到這樣的支持，就無法大規模地應對這些挑戰。我理解為什麼這些公司與政府的關係比較緊張。它們希望成為中立的數據中轉站，立於政治之外、或者政治之上。但它們的服務不僅日益成為暴力極端主義或者兒童剝削相關材料傳播的温牀，也成為向犯罪和恐怖主義提供便利的渠道。無論它們多麼不願意承認，它們都已成為恐怖分子和犯罪分子首選的指揮和控制網絡。就像我們其餘人一樣，那些不法分子也發現它們的服務可以帶來巨大改變。如果這些企業要應對這些挑戰，就應該做出比現在更好的安排，為安全和執法機構進行合法調查提供便利。

For our part, intelligence agencies such as GCHQ need to enter the public debate about privacy. I think we have a good story to tell. We need to show how we are accountable for the data we use to protect people, just as the private sector is increasingly under pressure to show how it filters and sells its customers’ data. GCHQ is happy to be part of a mature debate on privacy in the digital age. But privacy has never been an absolute right and the debate about this should not become a reason for postponing urgent and difficult decisions.

就我們自身而言，GCHQ這樣的情報機構需要參與公眾對隱私的辯論。我認為我們有一些合情合理的事情可以告訴公眾。我們需要展現，在調用數據以保護民眾時，我們如何對所用數據負責，正如私營部門也面臨越來越大的壓力，展示它們如何過濾和出售用户數據那樣。GCHQ樂於參與關於數字時代隱私的成熟辯論。但隱私從來都不是一項絕對的權利，相關的辯論也不應成為推遲一些緊迫而且困難的抉擇的理由。

To those of us who have to tackle the depressing end of human behaviour on the internet, it can seem that some technology companies are in denial about its misuse. I suspect most ordinary users of the internet are ahead of them: they have strong views on the ethics of companies, whether on taxation, child protection or privacy; they do not want the media platforms they use with their friends and families to facilitate murder or child abuse. They know the internet grew out of the values of western democracy, not vice versa. I think those customers would be comfortable with a better, more sustainable relationship between the agencies and the technology companies. As we celebrate the 25th anniversary of the spectacular creation that is the world wide web, we need a new deal between democratic governments and the technology companies in the area of protecting our citizens. It should be a deal rooted in the democratic values we share. That means addressing some uncomfortable truths. Better to do it now than in the aftermath of greater violence.

我們這些人有責任應對互聯網上的一些令人沮喪的行為，在我們看來，一些科技企業似乎在否認互聯網存在被濫用的情況。我懷疑，絕大多數普通的互聯網用户已經走在了它們的前面：他們對企業道德有鮮明的看法，無論是在税務、兒童保護或者隱私方面；他們不希望他們和他們的家人朋友使用的媒體平台為謀殺或者虐待兒童提供便利。他們知道互聯網源於西方民主價值，而不是相反。我認為，這些互聯網用户對情報機構與科技企業之間保持更好、更可持續的關係不會有意見。當我們慶祝萬維網(World Wide Web)這個偉大的創造誕生25週年時，民主政府和科技企業需要在公民保護領域達成新的協議。這項協議應該基於我們共同的民主價值觀。這意味着面對一些令人不安的實情。我們最好現在就採取行動，而不是等到更嚴重的暴力事件發生以後。