As terrorist groups like Al-Qaeda turn to the Internet to broadcasts their messages, recruit members, and raise money, law enforcement officers are honing their own technical skills to trace offending websites and computer users.
James Kirkhope is the research director for the Washington-based Terrorism Research Center, which examines links between terrorism and technology. He said that once a suspected terrorist website appears, law enforcement officers around the world begin the hunt to find it and, if warranted, close it down.
"One of the main steps law enforcement agencies do is to identify [the] web server of a particular website, and that's usually the source that law enforcement will go to to pull the plug on terrorist websites," Kirkhope said.
But the task is not so easy. While each server and personal computer on the Internet has a unique address, locating an offending website is not as simple as -- for example -- tracing a telephone call.
One of the main obstacles is the nature of the Internet itself -- relatively open and unregulated, yet highly interconnected. Kirkhope said one of the tricks terrorist groups use is to link a website from server to server -- to "bounce" it, as the practice is known. This, in effect, conceals the identity of the original server and the site's author.
"[The terrorists] will have the site bouncing off through two or three other sites," Kirkhope said. "You'll go to an Al-Qaeda sympathizer site, but it will be bounced to two or three other sites. The ability to locate who's putting it up is going to be difficult. [Essentially,] anyone can put up [a website]."
Even when a host computer or user is found, the problems are just starting. Relatively few countries have effective laws on the books that recognize as crimes the words and images typically found on militants' websites.
"The technology is expanding exponentially year to year, and the legal framework has yet to catch up in many [countries],” Kirkhope said. “Oftentimes, it's not illegal to post anything on the [Internet], depending on what the countries are. Sometimes, they will have decency rules and laws, but they will not have any of the [anti]-incitement to riot or [anti]-incitement [to violence] rules against this kind of thing on the Internet."
Even in the United States, where the recently enacted Patriot Act gives law enforcement officers expanded powers to combat terrorism, convicting the authors of suspected terrorist sites has proven difficult.
The USA PATRIOT Act, passed in the wake of the 11 September 2001 terrorist attacks, makes it illegal to advise or assist terrorists -- such as through an Internet website. Yet in a closely watched case in Idaho, a Saudi Arabian student attending school there was recently acquitted of charges that a website he was running was raising funds for terrorist groups.
The student, Sami Omar Al-Hussayen, argued he was merely hosting the information -- that he was not the author -- and that the site was protected by free speech provisions of the U.S. Constitution. The main charges were dismissed for lack of evidence identifying him specifically as a terrorist.
To fill the technical and legal void, a new breed of amateur terrorist hunter is emerging. These Internet "vigilantes" typically operate anonymously in small numbers -- often from their own homes. They use a variety of methods to identify possible terrorists, including relatively simple things like engaging suspected militants in online chat rooms. They then pass on to law enforcement officials any information they get.
One of these groups, called 7 Seas Global Intelligence, recently claimed success in identifying a U.S. soldier in the state of Washington who was suspected of passing information to Al-Qaeda. The National Guardsman is now under investigation.
But these groups frequently skirt the line between legality and illegality. Inviting a suspected terrorist to incriminate himself in a chat room could be viewed as entrapment. Then there's the ever-present danger that innocent people will be unjustly accused.
Kirkhope said such vigilante groups -- if they go too far -- risk arrest themselves. "The legal community and law enforcement community do not want to have people running around the Internet doing vigilante work just in the name of patriotism or things like that," Kirkhope said. "Even as [recently] as six weeks ago, there was a case of an anti-terrorist patriot hacker who was convicted in the United States for violating privacy codes and those types of things."