A View from the CT Foxhole: Peter Edge, ICE Acting Deputy Director, and Wil van Gemert, Europol Deputy Director
January 23, 2017
Peter T. Edge was appointed Acting Deputy Director of U.S. Immigration and Customs Enforcement (ICE) on January 20, 2017. At the time of this interview, he was Executive Associate Director of Homeland Security Investigations (HSI). Prior to this position, Mr. Edge served as Deputy Executive Associate Director and the Special Agent in Charge in the HSI Newark, New Jersey, regional office. Mr. Edge has extensive experience conducting narcotics, money laundering, commercial fraud, and corruption investigations.
Wil van Gemert was appointed Deputy Director of Europol and Head of the Operations Department in May 2014. He previously filled several positions in the Dutch police and joined the Dutch National Intelligence Service in 2004. In 2012, he was Director of Cyber Security of the Dutch Government. In his current role at Europol, he manages a department of experts, specialists and analysts dealing with serious and organized crime as well as terrorism and cybercrime.
CTC: What role do your organizations play in identifying, tracking, and potentially interdicting foreign terrorist fighters who have traveled to Syria, Iraq, and other jihadi battlegrounds?
Edge: When it comes to foreign terrorist fighters, Homeland Security Investigations [HSI, a directorate within the U.S. Department of Homeland Security’s Immigration and Customs Enforcement (ICE) component] is a border security investigative agency that conducts transnational, criminal organization-related investigations around the world. We have a very vibrant investigative footprint here in the United States. We also have a very active intelligence program that processes a lot of human intelligence information through various means, and we have a significant international footprint. We’re in 47 countries, and we have 63 offices. We’ve leveraged that international connectivity to enhance our investigative efforts and to share information with our partners, not only on a bilateral but on a multilateral basis. And that’s where the relationship with Europol has been critical to our collective success.
Van Gemert: Europol is the European informational hub and fusion center for law enforcement. Unlike CBP [U.S. Customs and Border Patrol] or ICE HSI, we don’t have our own investigatory powers. But we have a threefold task: firstly, to build up and analyze the data and information available in the 28 E.U. member states in different fields of crime including terrorism; secondly, to be the center of expertise in those fields in which we are active—organized crime, terrorism, migration, and cyber crime—and finally, to coordinate the actions of the different member states so as to ensure that information is turned into operational actions and real time cross-border investigations. In recent years, we moved from not only collecting information but to connecting information. For the purpose of thorough analysis, we therefore centralize information from member states and international partners in what we call focal points, including on foreign fighters. The information flow from member states and international partners, including the U.S., has significantly increased since the emergence of the ISIS threat.
We have now in our headquarters in The Hague more than 210 liaison officers coming from 41 different countries and representing 74 different agencies. That gives us a huge opportunity to work together closely. After the attacks in Paris and Brussels, I was able also to call up all member states involved on very short notice to sit together and to exchange information, including also with U.S. partners like ICE, HSI, or CBP. We set up an emergency response team at Europol to make sure that we could deliver additional information to the ongoing law enforcement investigations. Directly after the Paris attacks, we had more than 60 people involved as part of an emergency response team. More than one year later, we have on a permanent basis still more than 10 people working on making sure that all information we receive on these cases is cross-checked, connected, assessed, and turned into new intelligence. As regards ICE HSI in particular, we have even increased the extraordinary cooperation we already had with HSI in making sure that all available financial information and cross-border information was brought to the attention of agencies in Europe and the United States, and it delivered a very rich view of those who were involved in and supporting this network. The data Europol has is, I think, our biggest added value. We have more than 30 million entities in our databases, and our data on organized crime is particularly valuable because we’ve seen a very strong relationship between organized crime and terrorism.
CTC: Can you elaborate on that link?
Van Gemert: If you look at the Paris and Brussels attackers and their backgrounds, there are a lot of criminal links. This is also a feature of the support networks behind ISIS terrorism in Europe. We see an increased interweaving of terrorism and criminal activities. They make use of the same crime service model as criminals do. And that can be an advantage to investigators. With the attacks in Brussels and Paris, it’s clear the attack network made use of a criminal service in providing them identification documents. And this means that through a normal criminal investigation on fraudulent documents, you could also find very important information on terrorism. The risk we face is, to a significant degree, a known risk that’s already in our systems because most of the foreign fighters from Europe had criminal backgrounds before they left for the battlefields.
CTC: How are HSI and Europol cooperating, and what type of broader transatlantic cooperation are you engaged in?
Edge: Traditionally, our international connectivity with our foreign partners had been on a bilateral basis. Ever since we have assigned agents and analysts to Europol, we have enjoyed multilateral relationships, and we have been able to share the benefit of our combined experience and investigative expertise. That has resulted in greater information sharing.
Let me give you one example. What Wil mentioned with regard to the sharing of financial information is critical to every investigation and every crime that we enforce against. HSI has built very, very good relationships with other industries—both in the private sector and other law enforcement—which help us with financial investigations. In the instance of the horrific events in Brussels and in Paris, we were able to leverage those relationships and get that information quickly. As Wil mentioned, our strong links to Europol afforded us the opportunity to then share that information with the member states in a very timely fashion.
We have also become members of other focal points that have a nexus to our mission—including migrant smuggling. To have that connectivity in that multilateral environment has been very helpful. I like the way Wil put it—“from collecting to connecting.” For years, we’ve always collected information, but now thanks to enhanced information sharing, we’re connecting the dots. And that’s critical to the public safety of all of our countries.
Van Gemert: I would totally agree with Peter. At Europol, we have more than 200 liaison officers who know each other, work with each other, and speak one language—English. And we are also the go-to point for countries to reach out to. While we also see the value of bilateral relationships, the experience we have in cyber and now also in terrorism has shown it’s necessary not only to connect our information flows but to have operational meetings on a multilateral basis. The significant rise in the number of U.S. liaison officials stationed here at Europol headquarters, including very dedicated staff from ICE HSI, has really helped in this regard, as have regular visits and exchanges at the managerial and leadership levels. There are now 11 U.S. agencies represented over here, taking part in various focal points and high-priority cases. You don’t have to send a message via cable and wait for the answer. You just sit with each other and directly engage.
CTC: Western counterterrorism officials have sounded the alarm about the large cohort of foreign fighters from Europe and the West who have trained in Syria and Iraq. FBI Director James Comey has warned that this terrorist diaspora is going to be like “we’ve never seen before.”1 From your perspective, how can the United States and Europe work together to mitigate the threat?
Van Gemert: If you look at foreign fighters, there will be a window of risk coming up as the pressure increases on ISIS. There have been between 6,000 and 7,000 foreign fighters who have traveled from Europe. Only a third of them have so far returned, so there’s the possibility a lot more will return as ISIS loses territory. That said, in recent months, we’ve not yet seen a big exodus of European fighters returning home from the battlefield. Those recently fleeing back to Europe have mostly been women and children.
Moving forward, we need to interdict foreign fighters on their return to Europe and, when appropriate, charge them and put them on trial. With the coalition making advances and taking ISIS fighters into custody, we will probably get more people that can tell us something about those fighters who have been active over there and will find more forensic evidence to obtain convictions. We also have to increase our capability to detect document fraud and monitor travel to Europe. The European Counter Terrorism Center (ECTC) will need to be at the center of these efforts. We have deployed guest officers in Greece (and will do soon in Italy) that conduct secondary security checks on those immigrants that give us reason to double check. These persons are referred to us by the local authorities and border guards, which perform the first-line checks. We have set up diagnostic tools that can be used by our border patrol officers to look at connections that could indicate whether a person might have intentions other than claiming asylum.
But the threat is actually not just from foreign fighters, because ISIS has also tasked fighters who are from Syria, Iraq, and other non-Western countries to travel to launch attacks. We saw that in the November 2015 Paris attacks. At Europol, we refer to these as “tasked fighters.” These are not directly on our radar, and identifying them is difficult. And then there are those inspired to act as a result of ISIS social media or through contact with the group. We’ve seen examples of people becoming radicalized in a very short period, going from ‘zero to hero’ in six weeks or less, sometimes making themselves available for attacks to atone for past ‘un-Islamic’ behavior.
All this means the threat is very broad and is coming from very different angles. Over the long-term, I think ISIS will be defeated on the battlefield, and at least the existing caliphate will disappear. But something will replace it. ISIS already has a strategy to create a cyber caliphate, and more than 20 groups around the world have pledged loyalty to ISIS. We’re seeing that to a significant degree in Asia, including countries like the Philippines, so the threat is likely to come from there as well as the Middle East in the future. All this means we’re probably not going to see this threat going away for decades. It will just have a different appearance. It will be focused especially on reaching our communities through social media, which is why we really try to invest in counteracting them in this field.
Edge: At HSI, we have 6,700 special agents, and they are encouraged to identify the threat streams and smuggling routes. They look for document fraud day-to-day. We have seen more special-interest alien travel through non-traditional smuggling routes, and just being able to identify those routes is going to be critical. The capturing of biographical information on these actors through our BITMAP program is also going to be very important.a
We have charged our personnel to prioritize focusing on illicit travel, including document and benefit fraud that is utilized to facilitate foreign fighter travel. We are actively acquiring information on fraudulent passports and travel documents. We have a forensic document lab that analyzes and processes this information and maintains a repository of hundreds of thousands of false passports and other travel documents. I think terrorists traveling with false papers will be a big problem in the future, and it’s going to be critical to identify them and share that information because these actors typically go all over the world.
As well as looking at non-traditional smuggling routes, we are continuing to work to identify those individuals attempting to come though the prevailing smuggling routes. We have a joint task force model in the Department of Homeland Security that focuses primarily on our southwest border, the gateway into the United States for almost all illicit trade, travel, and commerce. We are working very closely with our international partners in South and Central America to encourage their law enforcement to work with us. And to that end, we’ve created transnational criminal investigative units in certain countries that have helped us identify threat streams and smuggling routes where people are using false documents to try to transit into the U.S.
Peter Edge (right) is pictured with an HSI colleague. (HSI ICE)
CTC: More than half the members of the Islamic State terrorist cell dispatched from Syria that attacked Paris in November 2015 and Brussels in March 2016 were already on the radar screen of Western intelligence agencies. Yet they succeeded in infiltrating Europe undetected in the fall of 2015 by exploiting refugee flows, several by using doctored Syrian passports.2 What lessons have been learned since the Paris and Brussels attacks?
Van Gemert: A lot of lessons have already been identified. One has to bear in mind that this was part of a huge immigration flow of more than one million people, in which the systems were simply not able to function as they should. If you have 5,000 people coming every day to a Greek island as you had in the autumn of 2015, it’s nearly impossible to control it completely. Since then, the European Union has made political agreements to control the flow.
We’re working to identify indicators that can be used in training and guiding our border patrol officers to check identity papers better. As mentioned earlier, we’re doing secondary security checks and have set up “hotspot teams” at various entry points in the Mediterranean. This means Europol staff and guest officers from E.U. member states coordinated by Europol are present in refugee camps on 5 Greek islands identified as “hotspots” on the migration routes to Europe. All migrants arriving on these islands are taken to these camps after arriving onshore. Within the camps, additional security checks take place against our databases if there is some form of suspicion regarding a migrant’s background or motivation.
All these activities are part of Europol’s European Counter Terrorism Center, which was set up after the Paris attacks. It brings together in one place all of Europol’s CT tools in order to enhance our role as the E.U. information hub on CT matters and to deliver operational support and analysis to E.U. member states’ CT investigations, drawing on Europol’s unique capabilities relating for example to terrorist financing, firearms, or online propaganda. At the heart of ECTC is a Joint Liaison Team with dedicated CT investigators from E.U. member states and selected international partners such as the U.S. These CT experts are specifically deployed to Europol for the purpose of enhancing European cooperation in counterterrorism matters. Enhancing information exchange on Foreign Terrorist Fighters or on the criminal support networks for terrorist structures are just some of the specific projects currently on the operational agenda in the fight against terrorism on the European level.
Wil van Gemert (Europol)
CTC: Just to follow up, Europol Director Wainwright recently stated, “ISIL are in the business of getting their people back into Europe in increasingly sophisticated ways,” which includes obtaining high-quality, false travel documents.3 As early as 2015, HSI raised concerns about the Islamic State acquiring blank passports and passport-printing machines in Syria.4 Given that the Islamic State has been able to create identity papers for its operatives from real Syrian passports,b how are security agencies working to verify those claiming asylum in Europe are who they say they are?
Edge: The 2015 report illustrates the need for our continued efforts to identify and address potential vulnerabilities as they pertain to terrorist travel. The acquisition of documents through fraudulent means is what worries me the most, and we are going to have to continue to address it by working with our European counterparts on the Turkey, Greece, and Balkan routes. HSI collects relevant information within our core mission spaces of document and benefit fraud, and we share that information through our investigative and liaison activities to ensure our partners are aware of the potential threats we identify. HSI works with the Department of State and other federal agencies to share biometric and biographical information on potential travelers. Visa and other applicants to the U.S. are vetted both biometrically and biographically. Individuals denied nonimmigrant visas based on severe derogatory information are watch-listed. Lost or stolen passports are flagged and checked across various datasets to include asylum information. Finally, the HSI Forensic Laboratory conducts forensic examinations of Syrian passports to determine authenticity. The laboratory has produced a document alert and Syrian document reference guide to assist law enforcement and border control authorities in the identification of fraudulent Syrian passports. This information is disseminated to partners worldwide, including to European counterparts. These reference products are based on information developed from forensic examinations of Syrian passports and received through law enforcement channels, but the lack of reliable information from the issuing government limits what can be disseminated to field officers.
Also, from the U.S. perspective, we’ve got to do more in the continent of Africa. We need to work closer with our law enforcement partners in Africa to identify places where these folks will go for training and then will begin their illicit travel from. At HSI, leveraging our intelligence portfolio and our international partnerships is going to be critical to identify the smuggling and document forgery networks used by foreign fighters. They’re ever-evolving. It’s going to take cooperation again through the law enforcement partners we have around the world to identify those smuggling routes, share that information, and connect the dots of the biometric information and the biographical information available to us.
Van Gemert: And I should add we can certainly learn from one another across the Atlantic when it comes to improving vetting procedures. When it comes to identifying document fraud, information is key, including extracting information from documents recovered from the battlefield. They could provide the key informational links in identifying travelers that were unknown or give indications on travel documents that could be used by returnees and attackers.
In identifying document fraud and other efforts to track foreign fighters, one thing we need to do better in Europe is connect the dots between information developed by law enforcement agencies in criminal investigations and by intelligence agencies in national security investigations. This is the discussion we are now having in Europe: how do we do this in a proper way, how to make sure that we have the right watch list that is fed not only by intelligence services but also by law enforcement, and how to make sure information is flowing between the two. And that’s still something that we are getting better at but have not solved.
CTC: There has been concern that the visa waiver program between the United States and Europe could be exploited by European extremists or terrorist recruits to enter the United States.c How are the United States and Europe working together to mitigate risk in this area?
Edge: One of the things that is going to be critical is being able to identify asylum fraud, a pervasive problem. Smuggling networks are using false documents to transport special-interest aliens from Europe into countries in the Western Hemisphere on a routine basis. But there is actually a technological fix to the whole issue of document fraud. Key to clamping down on illicit travel will be greater use of biometrics, and we are already moving in this direction. More widespread use of biometric passports will make our visa security program much more comprehensive. It will help us verify exactly who we’re dealing with and then share and cross-check that information with our counterparts at Europol.
CTC: Given the potentially significant economic costs and logistical challenges, how far away are we from the biometric fix?
Edge: At present, neither Syria nor Iraq issues electronic passports.d While technical solutions have enhanced the ability to recognize document fraud, there are also inherent limitations. The lack of interoperability, resources, funding, and technological limitations have presented challenges for implementation. In addition, these solutions do not address the ability of persons obtaining genuinely issued documents via fraudulent means.
Technological solutions are an important component in verifying the integrity of the traveler and his/her associated legitimate travel document. To date, through DHS’ Secure Real-Time Platform, we have vetted over 300,000 immigration applications for international partners, helping them to identify potential travel by known or suspected terrorists. We have also recently begun to compare select refugee applications and enforcement cases against foreign data.
However, revisiting themes I referenced earlier, we have seen situations where this is still only a partial solution. For technological solutions to be effective, any country that could be used to further illicit travel must have the capability to scan biometric passports and identity cards. Deploying the feature in travel documents and having the interoperable capacity to use them are two different things. For example, we have seen smuggling networks use authentic documents acquired through theft or purchase to enter the Western Hemisphere. The networks will push use of legitimate travel systems to the fullest extent possible to realize efficiencies, but will incorporate smuggling and fake documents as necessary to evade screening and border controls until finally approaching the U.S. southwest border and declaring asylum.
Van Gemert: I agree greater introduction of biometrics will really help us in identifying who is really traveling. In Europe, all Schengen countries are obliged to include biometrics in all new passports since 2006 (facial image) and 2009 (fingerprints). But it will take a long transition time, of course, until all passport holders have new passports with these features. Just to put it in perspective, the E.U. has 500 million inhabitants and 28 member states.
In the meantime, we need to make better use of the tools already in place, and we need to work to create a legal architecture better equipped to deal with the threat. Data protection requirements at the time of the November 2015 Paris attacks created separations between the different European systems we were using such as the Schengen Information System and the Visa Information System and systems we use at Europol. And when politicians ask us, “Why are these systems not aligned with each other? Why is this not happening?” the answer is “that’s because there was a conscious political decision in the past not to align these systems, which were built for different purposes.” I think there’s a common political understanding now in the European Union on the need to remove such legal barriers and to create better interoperability between the different information systems.
CTC: Concerns have been expressed that the Islamic State operatives may seek to gain entry into the United States by exploiting refugee flows from Syria and elsewhere.e What is being done by DHS to mitigate risk in this area?
Edge: DHS is certainly doing its part to address the Syrian refugee crisis. Citizenship and Immigration Services in conjunction with the Department of State is doing most of the work in that space. They’ve admitted more than 10,000 Syrian refugees in this fiscal year alone. All these refugees, including the Syrians, have been admitted only after completing a series of stringent security and screening and vetting processes. Security checks have been implemented, as well as categorizing them as frequent travelers or infrequent travelers. HSI has been included in the vetting process from a criminal investigative perspective and has provided all the information we have acquired to the lead agencies.
CTC: The numbers of irregular migrants entering Europe through the Turkey-Greece-Balkan route sharply dropped this year. Given the Islamic State was able to exploit the fall 2015 migrant crisis to infiltrate operatives into Europe, what kind of contingency planning has been done to prevent a reoccurrence of this infiltration in case there is a future surge in the numbers?
Van Gemert: With everything in place now, with the E.U.’s coordinated efforts in the migration hotspots, with the support we are delivering to frontline countries like Greece and Italy, and with improvements in our capability to quickly react, I think that even if there were an opening of the borders again, there would be a better response than in late 2015 and early 2016 because we’re better prepared. But still, this would be a big issue for us, and it would be something that would need to be solved on the political level rather than just by police or law enforcement.
CTC: How useful have the thousands of registration documents and other documents recovered from the Islamic State5 been in identifying Westerners who have joined the Islamic State and other terrorist groups in Syria and Iraq?
Edge: The registration documents have been critical to our ability to analyze the travel of the Westerners who have joined the Islamic State. So that has been something that has been very, very important to us. From the perspective of HSI, it’s also important to note that ISIS has demonstrated the capability to exploit a lot of travel-related vulnerabilities, which means we need to continue to leverage our resources to acquire information, including information obtained by the United States from the battlefield, and share it through Europol. One of the things that has been critically helpful to us and something that we’re earnestly investing in is analyzing social media linked to foreign fighters to see what they’re saying to each other and what sources of information they’re accessing so that we can stay two steps ahead of them as they are traveling the world and can make the appropriate notifications to our partners.
Van Gemert: I agree that the registration documents and other battlefield intelligence has been critical. Convictions in criminal trials for returning fighters require proof and these kinds of documents are essential in that regard.
I have the same view on the importance of social media analysis as Peter. The biggest innovation I’ve seen in the last year at Europol was our emphasis on social media and open source monitoring. This has resulted in a better understanding of foreign fighters and the smuggling and financial networks they are accessing. The biggest added value in my view is improving understanding of how ISIS uses social media and being able to analyze the social media presence of a target including identifying his network and, in that way, being able to create a cyber profile next to the target’s regular real-life profile, which generally delivers very useful new information to investigators.
Another important tool for us is Europol’s internet referral unit,6 which detects terrorist and violent extremist online content, flags and refers such content to internet providers, and asks for its removal. The referrals are made to platforms like Twitter or Facebook notifying them that particular content is in conflict with their own terms of service, after which, in 90 percent of the cases, the content is removed by the company itself. CTC
[a] Biometric Identification Transnational Migration Alert Program (BITMAP) is an HSI-led initiative that fills biometric databases with data collected from special interest aliens, violent criminals, fugitives, and confirmed or suspected terrorists encountered within illicit pathways. This data helps HSI form strategic pictures of the trends, networks, and individuals connected with these pathways.
[b] Editor’s note: Interpol has data on 250,000 lost or stolen Syrian and Iraqi passports, including blanks. The Paris attack cell and a trio of Syrians arrested in Germany in September 2016 appear to have been supplied with doctored Syrian passports by the same forger, according to German officials. A significant number of the Islamic State operatives who have infiltrated Europe have come in using doctored Syrian passports. At least two of the Paris attack network reportedly had adulterated Syrian passports, which were part of a batch of 3,800 blank Syrian passports obtained by the Islamic State in Raqqa and Deir-ez-Zour. These were reportedly flagged to Interpol by the Syrian regime well before the Paris attacks: Giulia Paravicini, “EU’s passport fraud ‘epidemic,’” Politico, January 28, 2016; Euan McKirdy, Stephanie Halasz, and Jason Hanna, “Germany: 3 alleged ISIS members arrested in Paris attacks probe,” CNN, September 13, 2016; Manuel Bewarder and Florian Flade, “Die geheimen Reisen des BND nach Damaskus,” Die Welt, May 29, 2016.
[c] Editor’s note: In the more than 25-year period of the visa waiver program, there have been around 300 million entries into the United States, but according to RAND terrorism researcher Brian Jenkins, only three Islamist terrorists have reached the United States by plane from the countries concerned. Brian Michael Jenkins, “Inspiration, Not Infiltration: Jihadist Conspirators in the United States,” testimony presented before the House Oversight and Governmental Reform Committee, December 10, 2015, pp. 5-6; Jenkins email to CTC Sentinel, January 2017.
[d] Editor’s note: Electronic passports (also known as e-passports) issued by the United States and countries belonging to the Visa Waiver Program contain a “biometric identifier,” with the United States requiring that the chip contain a digital photograph of the holder. The United States requires that travelers entering the United States under the Visa Waiver Program have an e-passport if their passport was issued on or after October 26, 2006. British e-passports contain the holder’s “facial biometric,” and facial recognition software is deployed at e-passport gates at all major airports in the United Kingdom. See Department of Homeland Security, “E-Passports;” HM Passport Office, “Guidance: Biometric passports and passport readers,” August 8, 2016; NIDirect, “Using ePassport gates at airport border control.”
[e] Editor’s note: In 2015, the National Counterterrorism Center (NCTC) informed Congress that it had identified “individuals with ties to terrorist groups in Syria attempting to gain entry to the U.S. through the U.S. refugee program.” The U.S. government has resettled about 12,000 Syrian refugees in the United States since the Syrian civil war began, around 80 percent of whom are women and children. Some American law enforcement and intelligence officials have said there are informational black holes creating challenges in screening such refugees. There have been no publicly identified cases of refugees from the Syrian civil war charged with terrorism offenses in the United States. Haeyoun Park and Rudy Omri, “U.S. Reaches Goal of Admitting 10,000 Syrian Refugees. Here’s Where They Went,” New York Times, August 31, 2016. “McCaul Statement on Concerns Regarding Syrian Refugee Program,” Homeland Security Committee, December 7, 2015; Jared Goyette, “Most Syrian refugees coming to U.S. are women, children,” USA Today, August 9, 2016; “The ISIS Terror Threat in America,” Majority Staff, Homeland Security Committee, November 2016; “Nation’s Top Security Officials’ Concerns on Refugee Vetting,” Majority Staff, Homeland Security Committee, November 19, 2015.
 Josh Gerstein and Jennifer Scholtes, “Comey warns of post-ISIL terrorist ‘diaspora,’” Politico, September 27, 2016.
 Jean Charles Brisard and Kevin Jackson, “The Islamic State’s External Operations and the Belgian-French Nexus,” CTC Sentinel 9:11 (2016).
 Michael Birnbaum, “E.U. authorities brace for wave of Islamic State fighters after Mosul assault,” Washington Post, October 23, 2016.
 Michele McPhee and Brian Ross, “US Intel: ISIS May Have Passport Printing Machine, Blank Passports,” ABC News, December 10, 2015.
 Brian Dodwell, Daniel Milton, and Don Rassler, The Caliphate’s Global Workforce: An Inside Look at the Islamic State’s Foreign Fighter Paper Trail (West Point, NY: Combating Terrorism Center, 2016).
 For more on Europol’s Internet Referral Unit, see Europol, “Europol Internet Referral Unit One Year On,” July 22, 2016.