Earlier this week, 17-year-old Matin Azizi Yarand was arrested in Texas and charged with plotting an ISIS-inspired mass shooting. Authorities say he learned about the Islamic extremist terrorist group on the Internet ..where he studied guides for making bombs. The case highlights the fact that today most anything can be bought anonymous online. When it comes to terrorists building homemade bombs, Scott Thuman reports--e-commerce is a game changer.
Scott: Sometimes all that separates an ordinary day from a deadly one is luck. Times Square, May 1st 2010, smoke comes from a parked car, police discover a homemade bomb. Firecrackers, gasoline, propane and fertilizer designed to devastate one of the nation's busiest public spaces. It smolders but doesn't go off; disaster averted. Good luck stops only a handful of attacks. More often, it's dedicated police work that breaking plots. But an increase in online commerce over the last few years is making law enforcement's job much harder. Especially when someone wants to build a homemade bomb using online stores to gather lethal ingredients.
Ron Hosko: The internet makes things much more complicated. The internet, in a way, is an enabler.
Scott: Ron Hosko is a former assistant director with the FBI.
Ron Hosko: We have to know, we have to recognize, that the FBI is at different places in the internet. They are looking at different locations, they're looking at websites and chat rooms, where they have the right predication. But it makes it harder, because we're talking about millions and millions of transactions. What stands out? What sets off a flag? What raises a flag? That makes it harder for the FBI to do its job.
Scott: It's also a concern across the Atlantic in Britain, a country with long history of attacks.
Chris Phillips: I think we need to get real, you know. If you want to go and buy all the equipment for a bomb, I think the police need to know that.
Scott: Chris Phillips, the former head of Britain's counter-terrorism security office, to halt bombings by the Irish Republican groups, helped create a system called 'Know Your Buyer' for retailers to report suspicious people who came to stores looking for chemicals.
Chris Phillips: The bombs that went off in London 15 years ago actually came from a hairdressing salon - the basic components. And we ran a campaign with them to make sure that they were prepared to come forward to the police if they had suspicious purchases. Shouldn't we do that with Amazon? Shouldn't we do that with the companies that are selling online? Because nowadays, you don't need to go into a hairdressing salon to buy your peroxides, you can do it online. So surely, when unusual purchases are made, then those companies should be informing the police.
Scott: He suggests, when a customer buys multiple products that, even only in theory, 'could' be combined into bomb, that retailers should alert authorities. But certainly you are going to have people who are going to say, 'You shouldn't be monitoring what I purchase on Amazon.' This is a violation of my privacy.
Chris: Of course it is. But all security is some form of violation of privacy and it, and it's deciding where that pendulum is going to sit. Now at the moment, I would suggest it's probably sitting quite firmly in the freedom's side, but let me tell you, if you have 1,000 people killed in New York City, or Washington, or one of your big cities, the pendulum will swing the other way.
FBI video: He said "no, I want the one with hydrogen peroxide," I said that is the one with hydrogen peroxide.
Scott: Back in the U.S., the FBI has set up a system of so-called 'tripwires'- partnerships with merchants to flag suspicious buys. They're taught, for example, to look for customers paying only with cash, using out-of-state ID, or unable to explain the reason for their purchase. And vehicle rentals too. Like the one allegedly made last year by Sayfullo Saipov who's now on trial after he rented a home depot truck. The accused jihadist from Uzbekistan was charged with plowing through a new york city bike path, killing 8. And sometimes, companies don't want to cooperate. After the San Bernardino attack at an office holiday party that killed 14 people, Apple cited customer privacy, refusing the FBI access to the suspect's iPhone. Eventually they had to hack into it. A position Hosko says, companies may come to regret.
Ron Hosko: Corporate America will know, if I saw these indicators and I did nothing, what's the risk to me of that? What's the risk of doing nothing? What's the risk of ignoring what are clear indicators standing in front of me in my shop, someone who wants to rent, someone who wants to purchase, someone who is acting strangely in a deeply troubling way, what's the risk to my corporate brand then if I do nothing?
Postscript: As America's largest e-commerce retailer, we reached out to Amazon for comment. They wouldn't discuss whether they have any policies to monitor certain purchases but they did say:
“Compliance is a top priority for Amazon, and all products sold on Amazon must comply with all applicable laws and adhere to our selling guidelines. We regularly work with law enforcement in responding to properly issued legal process.” – Amazon spokesperson.