The other day, following the recent horrid events in Paris, linked to several temporally closely aligned similar attacks by Daesh, e.g., in Lebanon and Iraq, apparent intelligence on several other planned attacks throughout Europe, and specifically that a possible Daesh operative had entered Sweden to organise a large.scale attack of some sort, my country raised its official terrorist threat level from 3 to 4 on a scale that ends at 5. One named suspect of preparation of terrorist crime has now been apprehended, but the police and security organs apparently continue to search for others, and the government has been clear that this single factor will not by itself motivate downgrading the threat level. At the same time, several voices criticise the development either for coming much too late (claiming, among other things, that the knowledge of the presence of Daesh sympathisers in the country should have been enough), or for being misdirected, as actual terror attacks in Sweden (save one) tend mostly to be domestic extreme right wing nationalist/racist (targetting refugees and street begging EU migrants, people of visibly Muslim or Roma identity or Middle East or African descent, their living quarters, and so on), or is exaggerated and bound to create more problems than what it prevents or fixes. It struck me that many of these reactions seem based on ignoring or fixing on only selected aspects of what is technically known as a risk analysis. For this is basically what the assessment of the level of terrorist threat by a state is about: assessing certain risks and cost of events classified as terrorist attacks, as well as various actions possibly to take in response to various such levels of risk, and to evaluate on that basis what to do.
A disclaimer before I start: the putative facts about the seriousness of typical types of terrorist attacks, and the likelihood of different types of such attacks, are, of course, open to revision in the face of facts – although, as will become clear, less obviously according to what standard of evidence. All of the aspects described are part of the discussion of the ethical basis of environmental and technological risk policy that I undertake in my book The Price of Precaution and the Ethics of Risk.
First, there is the two main dimensions of the concept of risk itself: the probability and harm dimensions. A risk is always the possible (and to some extent likely) occurrence of some type of variably harmful event. In risk analysis, the magnitude of a risk is determined by a combination of these two dimensions, so that a low probability may be balanced by a serious harm-level, and the other way around. Already this simple analytical unpacking points to a factor that may seem to be at work in the reaction to the raised Swedish terror threat level. Some people focus mainly on the likelihood dimension, and then would hesitate to criticise that new evidence and circumstances changes the assessment, or would rather have seen an earlier raised level in view of the actual wave terror attacks in the form of typical "lone wolf" deeds, and thus a concentration on extreme right wing violence rather than its Islamistic sibbling. Others focus instead on the harm dimension, and then lets the demonstrated vastness of the damage of attacks such as the one in Paris dictate the risk assessment, also when the evidence of likelihood is very weak. This may then motivate the position that, knowing that Daesh and similar groups do have had attacks such as the one in Paris on its theoretical agenda for a long time (and carried out i the Iraq and Syrian theaters). With the notable exception of Anders Behring Breivik, although much more frequent and actually realised rather than merely theoretically imagined, the right-wing extremist deeds, while clearly terrorism in the sense of attempting to spread fear for political purposes through the use of violence against civilians, tend to be more restricted in its consequences than the large scale massacres that have now occurred and known to be on the Daesh agenda.
Second, there is the way in which different such combinations and magnitudes of risk are evaluated, or seen to support various courses of action. Here, a number of additional issues linked to the assessment of the risk magnitude is actualised, namely:
Third, how the constituents of the risk (its probability level and its harm level) are evaluated in terms of how much we should care about it. This gives another way in which we may get a similar output that was just described above, even if all agree of the risk magnitude. This since risks with the same magnitude may still be evaluated differently, e.g. due to being made up of very low probability, or very serious potential harm. here, one may also want to pay attention to the context, such as if one is making the assessment from the position of already being burdened by much risk of different kind. So if the potentially worst terror threat are the least likely, and the most likely ones the least serious (relatively speaking, of course), we may again get differences of opinion of a similar sort, but now more clearly based on differences of values rather than appraisal of fact.
Fourth, how the opportunity costs of different actions in response to a risk assessment are evaluated, that is, what is lost and risked by taking these various actions rather than other ones. Here we may spot a number of ways in which assessments may differ, although not basically disagreeing on the risk assessment (such disagreements may, of course, also be added to other disagreements). For instance, several argued against extensive action in face of the wave of apparently extreme right wing nationalist attacks against Swedish actual or in preparation asylum shelters that it would not be worth the costs it would mean to have effective guarding of each one of them. At the same time, there has been no or very little hesitance to mobilise extensive police and security forces to guard potential targets and just demonstrate the presence of the state organs to effect public calm in the wake of the new threat level. But there has been some criticism, for instance, from one of the country's most prominent terrorist experts, Magnus Norell, who claimed that even if there is a raised threat, the actions in response to it and the very act of public threat level raising itself mostly creates unnecessary worry and fear, that is the very effect aimed for by terrorists. One may also wonder how effective the guarding by police of places like train stations and main squares of large cities are, provided that combatants such as those responsible for the Beirut and Paris attacks are set on targeting them. In both cases, this would also mean that these resources are, in fact, wasted. In that light, posting armed guards outside every asylum shelter to guard against a wholly different kind of terrorists targeting these may suddenly seem as a more effective and less costly measure. This aspect, of course, has many more sides, but this only goes to show how the evaluation of options in response to a described threat, and the opportunity costs attached to them may be used to inject the issue with limitless complexity.
Fifth, there is the issue of the evaluation of evidence, underlying the probability estimates at work in all of the considerations pointed to above Here, we may see a number of differences on what type of evidence is to be given the most credence: Actual similar past events is one model, following the "frequentist" ideal in decision theory. That would, in the present case, probably speak in favour of a much higher probability for more extreme nationalist right wing terrorism against refugees, migrants and their quarters in Sweden, as this is what wa have mostly had in the past (especially the very close past). Another model is to instead trust qualified estimates, by appointed experts, who may then, if they so prefer, let other reasons than frequentist ones affect the probability estimate. For instance, even if there has been no, or relatively very few, attacks of the type known to be on the Al-Qaeda and Daesh agendas, the fact there are such attacks on this agenda combined with the presence of people who sympathise with these movements in the country, and maybe witness statements that some such person in the country has been mentioned to plan or want to plan such an attack, may be used as evidence. Some of that evidence may be broken down into an indirect frequentist argument, as it points to factors believed to have been active in relevantly similar past events elsewhere. But a substantial portion would also seem to be about subscribing to certain qualitative and evaluative assessments, such as choosing to trust certain bearers for information as credible, viewing certain events as relevantly similar in spite of notable dissimilarities, and so on. The point is that the more of this latter sort of probability grounding is used, the more room to assess as probable also events of which there have been no very similar precedent.
Sixth, there is the issue of the how much evidence (given some standard of its quality of the sort just described) should be required for a credible estimate, and for taking action. This factor is basically about how long we should wait and amass evidence to have a more well-founded risk assessment, in view of the potential costs of being to late to act effectively against the threat (if there is any). Also this aspect seems to be at work in the Swedish debate, as those who complain about the threat level not having been raised and associated action taken earlier seem to be prone to care less about the evidence of the threat, and rather have action on looser grounds to be "better safe than sorry", but the of course also downgrade or ignore the opportunity costs of this. Those who require more evidence will, on the other hand, want to wait longer even in the face of potential dangers such as the present ones, and some of these might be content with the balance made by Swedish authorities, while others would find the actions premature and would prefer more evidence to assess the raised level and the linked actions justified.
The idea that, inside this vastly variable complex of factors and possible positions on how to do a risk analysis and act on its results there exists one, simple and self-evident alternative is, of course, utterly ridiculous.