It took less than 12 hours from the time that the FBI arrested Cesar Sayoc and information about his past inclinations was being dug up and presented. We knew about his arrest record, the threats he’d already made, and people he’d made uncomfortable were chiming in about how they thought he might be a problem someday.
We can also be sure that the FBI had all of his tweets and Facebook activity, as well as his cell phone text messages and probably his locations over the last few months. All of that would be pulled from the retro-scope. And all of it would be useless. It’s worse than useless, it reveals the helplessness of law enforcement surveillance – it’s pretty good for determining, in retrospect, when someone did snap, but unless the person can be trapped into telling an FBI confidential informant that they’re doing their attack tomorrow, so what?
Robert Bowers posted “screw your optics, I’m going in” seventeen days before he “went in.” So much for the value of surveillance. Now that he’s killed 11 people, the retro-scope can dig through his past communications and location and clearly identify him as a threat, seventeen days too late. More than seventeen, really: Sayoc and Bowers had both been acting up for a long time; the way our society is set up that’s what people are allowed to do. We have a problem: we have 20/20 hindsight.
Sayoc was given probation after a 2002 threat against Florida Power and Light, “worse than September 11.” The court determined that he was not a real danger. Well, I don’t think that the bombs he sent were a real threat, either, but they did a great deal of damage anyway – in political terms, in stress, disruption, fear, and response costs.
Robert Bowers is another story: he was “unknown to law enforcement” prior to the morning when he killed people.
The official reason the retro-scope was put in place was to stop terrorism after 9/11. That was the excuse, I’m afraid, because anyone who thinks about surveillance systems knows that they are very seldom useful as alarms that alert us to an event in progress. All of the money spent was spent for a different purpose, and that’s figuring out who a guilty party’s associates were, or trolling through someone’s past for dirt. If I were one of the people Bowers regularly communicated with, I’d be pretty worried right about now.
It’s heading toward becoming an open secret: [mj]
In early January, Roger Stone, the longtime Republican operative and adviser to Donald Trump, sent a text message to an associate stating that he was actively seeking a presidential pardon for WikiLeaks founder Julian Assange – and felt optimistic about his chances. “I am working with others to get JA a blanket pardon,” Stone wrote, in a January 6 exchange of text messages obtained by Mother Jones. “It’s very real and very possible. Don’t fuck it up.” Thirty-five minutes later, Stone added, “Something very big about to go down.”
So, the Mueller investigation was able to retrieve the exact contents of Stone’s texts, including send/read-times. Remember when they were trying to tell you that they were only capturing “meta-data”? Not only was the Mueller investigation able to retrieve that kind of information, someone selectively leaked it to the media.
You should assume that anything you send in a text or email, or post on an online forum, could be dug up and slapped down on a table in front of you.
Pierce R. Butler says
Robert Bowers posted “screw your optics, I’m going in” seventeen days before he “went in.”
Source, please? All other reports I’ve seen of this assertion describe it as [t]wo hours (or minutes) before he started squeezing trigger.
Marcus Ranum says
Pierce R. Butler:
You are correct. I saw on newsweek where it described him making other anti-semitic postings 17 days prior, but the “I’m going in” was variously reported as 2hr prior or 4hr prior. I brain-farted.
Still, an automated anti-terror monitoring system that was able to catch this stuff (if such a thing existed) would be too slow at 2hr to do much good.
Pierce R. Butler says
Marcus Ranum @ # 2: … an automated anti-terror monitoring system that was able to catch this stuff (if such a thing existed) would be too slow at 2hr to do much good.
Has anybody
donepublished an analysis of how many false positives such an alert system would report?kestrel says
I’m not sure but it seems to me that if this had been black men saying they were going to, I don’t know, bomb Dick Cheney or something, that we just might have seen action taken prior to the carrying out of the threat. I think part of this issue is that if someone is perceived as “white” (whatever that means; Sayoc’s ancestors were from the Philippines as I recall) then everything is all okey-dokey. Pretty positive that’s why Bowers was still alive to surrender, despite having just shot some cops.
We need (as a nation) to get over the idea that white people are somehow perfect and never do anything wrong. We need for LE to grasp the fact that yes, white people CAN be and indeed are terrorists when they commit terrorist acts. So far it seems to elude them.
komarov says
Re: Kestrel (#4):
Sorry, it’s a bit off-topic, but if I take this bit,
add this bit,
and then consider the track record of US cops with people of colour, I conclude that if the this lesson were to sink in, all that would change would be that the cops would shoot a lot more white people as well. I’m not sure where the flaw is in my logic. Does excessive cynicism count as a flaw?
kestrel says
@komarov, #5: yeah… I feel pretty cynical about the whole thing too. I would like to think that if LE actually grasped that white people can be terrorists, maybe they would stop shooting unarmed black teenagers for the hell of it. But could be you are right and they would simply start shooting unarmed white teenagers for the hell of it along with ALSO shooting black teenagers for the hell of it.
timgueguen says
Sayoc is Filipino on his father’s side and of Italian descent on his mother’s side. Yet weirdly he claimed to be a member of Florida’s Seminole tribe, despite believing in various hard right ideas.
sonofrojblake says
Indeed. If I knew someone I thought was anything like Bowers, I’d be cutting them loose in three, two…
Wider society needs to educated to socially isolate these people and not to engage with them online or in person, for fear of later association via the Retroscope. That’ll help. /s
Marcus Ranum says
Pierce R.. Butler@#3:
Has anybody done published an analysis of how many false positives such an alert system would report?
I’m not even sure what such a thing would look like. I’d guess no.
Back in the “intrusion detection” market, we had a big problem with false positives and negatives, and there were people worrying about the base rate fallacy kicking in (which is legit) – but the broader problem was that it turned out that “false positives” were often perfectly legitimate detections of things that shouldn’t happen, but as a matter of policy the customer wanted to ignore it. Put that in terms of a social media site, and you could train an AI to be 99% accurate at flagging threatening sounding speech and … so what? If it’s Twitter, they’ll say “that’s acceptable” and basically override the AI until it’s trained to ignore everything (like Twitter mostly does) – a predictive system would be useless anyway because the FBI would just hit the snooze alarm because there’s nothing they can do anyway.
Another problem is the “masked alerts” – what if you detect something, send a field agent out to talk to the gomer, and the alert turns out to be legit – and gomer just reschedules their attack back 3 months? Sayoc could be a case of this: he was sanctioned for making threats, once; perhaps that put back his bomb-making effort and even Sayoc didn’t realize it.
Marcus Ranum says
timgueguen@#7:
Sayoc is Filipino on his father’s side and of Italian descent on his mother’s side. Yet weirdly he claimed to be a member of Florida’s Seminole tribe, despite believing in various hard right ideas.
I wonder if he uses an ethnic slur for Elizabeth Warren?
The guy does not sound very bright at all.
komarov says
Re: Marcus Ranum (#8):
Useless in general but not useless to the FBI maybe, as standards and expectations are lowered to fit the situation. Every so often when attacks happen it turns out, that local / national agencies knew about the attacker. And I get the impression that this is meant to be seen as a good thing.
“It’s a total nightmare, but look, we already have a file on the guy who did it. Just imagine how much quicker the paperwork will be, and how much more details we can give to the press!”
And maybe that can also be used to argue that, oh, if only national agencies were allowed to do more, we’d live in a better world. Because that hasn’t happened before, and if it has it must have been a complete success. Well, maybe it wasn’t but at least it becomes easier for agents to do their work and maybe abuse that power on the side – just a bit.
lumipuna says
timgueguen: The way he phrased that Seminole thing sounds to me exactly like “sovereign citizen” pseudolegal spell-casting.