• No se han encontrado resultados

In this section, I will assess whether a coherent system that is based on a co-regulatory approach using the NTD procedure would meet the criteria described in Chapter 1.5. Such a centralised system exists only in theoretical assumptions, but it could be established on practices from the field of fighting child pornography online. If the system fulfils the criteria of effectiveness outlined in Chapter 1.5, it would obtain an optimal status in combating terrorist propaganda. ‘Optimal status’ means as close to an ideal system as possible.

Criterion #1: Authority

Every EU member state would create a local centre, and the centres would be connected with each other in order to transfer information between each centre. At present, the EU IRU is part of Europol and is restrained by the willingness of member states’ law enforcement agencies to share knowledge and information. In an optimal scenario, the centres would share information in an unrestrained way, and a good example of unrestricted sharing was described in Chapter 3.3.4 with how INHOPE combats child pornography. By analogy, centres fighting terrorist propaganda should work as follows: if a centre receives notification about radical content that is not located in the centre’s country of residence or is not covered by the host country’s legislation, the centre informs the central institution, which then analyses which state or which specific centre should handle the notice. After passing this information to the appropriate centre, the relevant centre would take further action.

A development of a consistent organisational structure would also include appropriately trained specialists. In other words, there would be a specialised and trained unit, whose task will be to conduct a quick and accurate analysis of incoming NTD notices. In addition, such a unit would not rely solely on NTD reports from third parties or institutions but would also actively search on their own to look for illegal content on social media. In other words, the unit would be a so- called watchdog (Frydman, Hennebel, & Lewkowicz, 2009). The search for illegal content should take place in two steps and at the same time, in two ways. Unit specialists should use an automated means of searching for jihadist content in cooperation with ISPs and direct the content to human analysts. Because of the experience and expertise of people working in this

type of specialised unit, it would be possible to send additional notifications to ISPs. Due to the restrictions that exist in the automatic search of content in social media, people working in such a unit should also rely on a manual search of websites. Professionals who undergo proper training will be able to maintain the principle of freedom of speech, and when necessary, notifications from the unit may be sent to the court to assess their validity.

In my view, the sharing of information would be a very relevant aspect for a coherent NTD system. Table 1 shows areas of public-private interactions for cybersecurity and was prepared by Raphael Bossong and Ben Wagner. For them, the term ‘co-regulation’ refers to the general policy coordination and shared rule-setting between public and private sector for combating online threats. Bossong and Wagner distinguished the following tasks: the provision of Internet access, the co-regulation of technical and data security, the exchange of information on threats and cooperation in addressing these threats (Bossong & Wagner, 2018). Institutions with similar tasks and experiences working closely together and exchanging information will allow much more efficient operation and increased effectiveness so techniques used in one country can be adopted and quickly implemented in other states.

In summary, a network of centres located in different states would ensure proper information sharing about possible terrorist threats in different geographical areas and could determine which jurisdiction should handle the notice. Moreover, specialists working in these units would actively search for radical content, thus supplementing NTD reports and increasing the system’s overall effectiveness. Close cooperation of different stakeholders could possibly result in some prosecutions of the persons who disseminate radical content. The above analysis shows that the co-regulatory approach has the potential to fulfil the authority criterion.

Table 1: A heuristic typology of public-private partnerships (PPPs) for cybersecurity (Bossong & Wagner, 2018).

Criterion #2: Time of removal

In order to respond appropriately and quickly, there must be close cooperation with the prosecutor's office, the courts and ISPs. Hence, the co-regulatory approach is the most suitable (Frydman, Hennebel, & Lewkowicz, 2009). The amount of content and the effectiveness of organisations like IS at replacing content deleted by ISPs require a timely and effective response. Real-time analysis for a large number of incoming cases would not be possible. For this reason, the NTD unit should analyse only requests in which ISPs would not comply and then send them to the relevant institutions such as the police or prosecutor’s office. Dohmen has stated that the central NTD system in the Netherlands should be able to handle notifications within three working days (Dohmen, 2008).

However, according to Cohen-Almagor, self-regulation is currently more efficient than government regulation in addressing terrorism because law enforcement reacts slowly to online threats. Orders of a government took down dozens of improper websites and social network accounts. In comparison, the private sector handled thousands of illegal sites and accounts (Cohen-Almagor, 2017). The author quotes the United Kingdom Home Affairs Committee report, stating, ‘[Social media] companies have teams of only a few hundred employees to monitor networks of billions of accounts and that Twitter does not even proactively report extremist content to law enforcement agencies’ (Cohen-Almagor, 2017). Moreover, in many cases, ISPs are not sure whether and when to take action, and so they prefer to remain neutral. These issues prove that private sector may need encouragement and clear rules on handling illegal content on their platforms.

In the case of INHOPE, ISPs were obliged to react quickly to notifications. In UK, self- regulatory regime relating to child sexual abuse content proved to be quicker than governmental regulation, although it lacked consistency and transparency (Wei, 2011). However, the example of INHOPE shows the possibility of implementing special 24-hour hotlines in each of the member countries to serve as contact points for international cooperation.

Based on already existing jurisprudence, a specialised unit could create a knowledge base and decide on future cases with more expertise. In addition, a knowledge base and the collection of information on all jihadist content for ISP operators, where a unit would become one of the nodes of a bigger, coherent system, would allow for faster capturing of illicit content.

To summarise, on the one hand, private actors are more efficient at handling illegal content, but on the other hand, they need encouragement and regulations from public institutions to do so. If the same rules for combating child pornography could be transferred to the counterterrorism domain, the EU should impose the obligation that each local centre act as quickly as possible through the appropriate security services. The co-regulatory approach brings the promise of providing faster reactions to notices than do governmental regulations in the case of terrorist propaganda.

Criterion #3: Independence

A coherent system should operate on the basis of government funding. Government financing fosters the independence of specific intermediaries like a centre and disallows influence from

individual actors. The system will have independence as a criminal content analysis system and at the same time, will not be pressured by Internet Service Providers in any way. Based on the previous sections regarding civil and criminal matters, we can see that Internet companies may be reluctant to address the issue of rating or verifying the content hosted on their servers. This also applies to situations in which the content is criminal in nature. Internet Service Providers prefer to leave such inquiries to the courts, and even government agencies such as

the prosecutor may struggle with the noncompliance of online businesses (Deutsche Bahn vs.

XS4ALL).

Furthermore, in order to preserve the rule of law in a democratic state, the transparency of such an centre is required (National Coordinator for Security and Counterterrorism of the Netherlnads, 2014). While not all requests could be disclosed due to their nature, the data and general statistics on the activities of the centre should be available to the public and interested parties. Providing information about the nature and details contained in such data can be risky and allow terrorist organisations to learn or develop new and more sophisticated techniques for encrypting or hiding their content. Ultimately, however, the desired effect would be achieved, i.e., the presence of jihadist content on the open Internet and social media would be reduced, which would be the main focus of the unit.

Each country is traditionally responsible for providing security to its citizens, especially because the state can use legitimate violence. Yet the threat of terrorism is currently networked and transnational, and more actors therefore need to be involved in fighting online propaganda. According to Bossong and Wagner, ‘networks of security governance can be considered a functional adaptation to increasingly networked and transnational risks and threats, such as terrorism or critical infrastructure failure, while also balancing some of the problematic tendencies of state security apparatus by including a wider range of voices and perspectives’ (Bossong & Wagner, 2018). At the same time, when each state brings its own perspective, it may be challenging to keep a consistent and transparent system. Therefore, maintaining high levels of cooperation between different parties is needed.

Another condition is the release of an ISP from liability in the case of full compliance with the NTD notification sent to the unit. For an online business, such warranty would be an incentive to act, and the company would probably be more inclined to work with the central helpline. Even if the unit made an incorrect decision that was later challenged in court, compliance with the centre’s notification would free the ISP from any future liability.

In summary, the creation of a coherent system to fight terrorism should ensure independence from specific local governments and from private actors. A knowledge base and best practices would become part of the system to safeguard the system’s objectivity. The co-regulatory approach has the potential to be more transparent than the self-regulatory approach while simultaneously protecting the rights of ISPs.

Documento similar