The Internet plays a positive role in our lives and societies, but the Internet is also used for illegal purposes. It is used for many forms of cybercrime, including attacks on critical infrastructures. The Internet is also used for terrorist purposes. The prevention of illegal activities, also when committed with help of the Internet, is of common interest to governments, security authorities, the Internet sector and Internet users.
Public private cooperation
Terrorist use of the Internet has been researched in the past, and attempts have been made to include the use of Internet in the fight against terrorism. None of these attempts, however, were based on a systematic dialogue with the private sector. Such government-only initiatives run the risk of resulting in legislation which is technically unfeasible, unworkable or insufficiently supported by end users.
The Internet is largely in private sector hands, and it is likewise there that most Internet expertise is concentrated. Law enforcement agencies and intelligence services posses most knowledge about terrorist activities. Public-private cooperation is therefore a logical approach in understanding terrorist use of the Internet, and it was an important rationale behind the initiation of Clean IT.
The Clean IT project comprises a process by which public and private sector parties engage in an open and constructive dialogue. In this dialogue, Internet related solutions that can improve the prevention of terrorist threats society faces are explored. The project team facilitates the dialogue. The project was started in June 2011 and will end in March 2013.
There are many views on terrorism and the ways in which terrorists make use of the Internet. A lot of research have been done and there are many publications on the matter. The Clean IT project started off, therefore, defining what participants understood by the term terrorism.
Jihadism, right-wing radicalism and separatist movements such as those in Northern Ireland and Spain can all be categorized as terrorism. As the greatest current threats on a European level come from the jihadist movement Al Qaïda, this movement has received most attention in the Clean IT project. Other forms of terrorism are not excluded, though a strict demarcation between the kinds would likely be of little relevance to the project outcomes.
Terrorist use of the Internet
The phenomenon of the use of Internet for terrorist purposes is not the medium as such. Terrorists use the Internet on a daily basis. From a technical perspective, terrorist use of the Internet is not substantially different from regular, legal use of the Internet. Terrorists use the same popular, easy to use Internet services as other users do, and they also use tools to conceal their identity and activities. Terrorists use the Internet mainly as a resource. Terrorist activities on the Internet can be found in the easy-accessible part of Internet where social media is used, and many forms of user-generated content is exchanged. This is also the place where violent propaganda material is spread, and the process of finding new recruits for terrorist acts and radicalization begins. On the Internet, ideological websites can be found that often contain illegal material (nevertheless the illegality of content may depend on how the material is presented and its context). These ideological websites often glorify and encourage violence, and are used to distribute training manuals and other information on how to commit terrorist acts. In addition, the Internet is used to plan and organize deadly attacks.
The objectives of the Clean IT project are as follows:
a) To start a constructive public-private dialogue about terrorist use of the Internet.
Because the Internet is a collective good, the ambition is to have an equal representation of public and private interests. It is vital, moreover, that all participants in the dialogue share the same perception of what is understood to be terrorist use of the Internet. The Clean IT meetings were set up to accommodate both these aims.
b) To draft a set of “general principles” that are supported by both public and private parties.
The project does not aim to find results in a legislative form. The “general principles” will have the status of a code of conduct, as encouraged for example by the European Commission in article 16 of the E-commerce guideline. The general principles must be supported by the parties involved and provide direction on how to deal with terrorist use of the Internet.
c) To identify “best practices” which, after possible modification, could in the opinion of the Clean IT participants contribute to asuccessful reduction of the impact of terrorist use of the Internet.
The actual implementation of any of the best practices is not a project objective. This is up to each party to consider voluntarily and upon its own responsibility. Any future implementation of best practices must comply with the general principles. The most basic one is: “Any action taken to reduce the terrorist use of the Internet must comply with national and European laws and regulation, and respect fundamental rights and freedoms, including access to the Internet, freedoms of assembly and expression, privacy and data protection”.
The Clean IT working method
Clean IT scheduled 6 meetings (in Amsterdam,Madrid,Brussels,Berlin,Utrecht,Vienna) and a final presentation. Discussions from each meeting are processed into a draft document. Each meeting results in a new version of the draft document, which is published on the Clean IT website and open for consultation to the public. The procedure followed entails five steps of drafting:
1. Public input on the draft document (open consultation)
2. Detailed expert discussions in small working groups (on invitation, 25-50 participants spread over 4 groups)
3. Plenary debate (same participants as working groups)
4. New version of the document drafted and checked with all participants (by project team)
5. Publication of new version of the draft document (open consultation).
And after each meeting this cycle begins again. Steps 2 and 3 are carried out in a Clean IT meeting, which takes place once every 2 to 3 months. In the end, the draft document will be the definitive end product of the project, containing both the general principles as well as the best practices.
The meeting participants are invited personally and selected with a balanced representation in mind of: Law enforcement agencies, policy makers, non-governmental organizations, academics, Internet industry, technological industry and end users. The Clean IT project team will respect the situation where participants do not want to make their attendance public. A list of participants agreeing to publication of their (company) name can be found on our Partners and Participants page.