Could technology companies have monitored ominous messages made by a gunman who Texas authorities say massacred 19 children and two teachers at an elementary school? Could they have warned the authorities?
Answers to these questions remain unclear, in part because official descriptions of the shooting and the gunman’s social media activity have continued to evolve. For instance, on Thursday Texas officials made significant revisions to their timeline of events for the shooting.
But if nothing else, the shooting in Uvalde, Texas, seems highly likely to focus additional attention on how social platforms monitor what users are saying to and showing each other.
A day after the Tuesday shooting, Texas Gov. Greg Abbott said this: “There was no meaningful forewarning of this crime other than what I’m about to tell you: As of this time the only information that was known in advance was posted by the gunman on Facebook approximately 30 minutes before reaching the school.”
Facebook posts are typically distributed to a wide audience. Shortly thereafter, Facebook stepped in to note that the gunman sent one-to-one direct messages, not public posts, and that they weren’t discovered until “after the terrible tragedy.”
How was social media used?
By Thursday, new questions arose as to which and how many tech platforms the gunman used in the days before the shooting. The governor’s office referred questions about the gunman’s online messages to the Texas Department of Public Safety, which didn’t respond to emailed requests for comment.
Some reports appear to show that at least some of the gunman’s communications used Apple’s encrypted iPhone messaging services, which makes messages almost impossible for anyone else to read when sent to another iPhone user. Facebook parent company Meta, which also owns Instagram, says it is working with law enforcement but declined to provide details. Apple didn’t respond to requests for comment.
The latest mass shootings in the U.S. by active social-media users may bring more pressure on technology companies to heighten their scrutiny of online communications, even though conservative politicians — Abbott among them — are also pushing social platforms to relax their restrictions on some speech.
Could tech companies caught the messages
It would depend on which services Salvador Ramos used. A series of posts appeared on his Instagram in the days leading up to the shooting, including photos of a gun magazine in hand and two AR-style semi-automatic rifles. An Instagram user who was tagged in one post shared parts of what appears to be a chilling exchange on Instagram with Ramos, asking her to share his gun pictures with her more than 10,000 followers.
Meta has said it monitors people’s private messages for some kinds of harmful content, such as links to malware or images of child sexual exploitation. But copied images can be detected using unique identifiers — a kind of digital signature — which makes them relatively easy for computer systems to flag. Trying to interpret a string of threatening words — which can resemble a joke, satire or song lyrics — is a far more difficult task for artificial intelligence systems.
Facebook could, for instance, flag certain phrases such as “going to kill” or “going to shoot,” but without context — something AI in general has a lot of trouble with — there would be too many false positives for the company to analyze. So Facebook and other platforms rely on user reports to catch threats, harassment and other violations of the law or their own policies.
Platforms lock up their messages
Even this kind of monitoring could soon be obsolete, since Meta plans to roll out end-to-end-encryption on its Facebook and Instagram messaging systems next year. Such encryption means that no one other than the sender and the recipient — not even Meta — can decipher people’s messages. WhatsApp, also owned by Meta, already uses such encryption.
A recent Meta-commissioned report emphasized the benefits of such privacy but also noted some risks — including users who could abuse the encryption to sexually exploit children, facilitate human trafficking and spread hate speech.
Apple has long had end-to-end encryption on its messaging system. That has brought the iPhone maker into conflict with the Justice Department over messaging privacy. After the deadly shooting of three U.S. sailors at a Navy installation in December 2019, the Justice Department insisted that investigators needed access to data from two locked and encrypted iPhones that belonged to the alleged gunman, a Saudi aviation student.
Security experts say this could be done if Apple were to engineer a “backdoor” to allow access to messages sent by alleged criminals. Such a secret key would let them decipher encrypted information with a court order.
But the same experts warned that such backdoors into encryption systems make them inherently insecure. Just knowing that a backdoor exists is enough to focus the world’s spies and criminals on discovering the mathematical keys that could unlock it. And when they do, everyone’s information is essentially vulnerable to anyone with the secret key.