Facebook Cuts Off Cambridge Analytica, Promises Further Investigation

/120 Comments/in , , /by

As I noted in my post on Andrew McCabe’s firing, the far more important news of the weekend is that Facebook has suspended Cambridge Analytica’s access to its data.

As Facebook explained, back in 2015, Cambridge researcher Aleksandr Kogan harvested data on millions of Americans by getting them to willingly use his research app. When Facebook found out that he had handed the data off to two downstream companies (this detail is important), it made them delete the data based on developer user agreements.

In 2015, we learned that a psychology professor at the University of Cambridge named Dr. Aleksandr Kogan lied to us and violated our Platform Policies by passing data from an app that was using Facebook Login to SCL/Cambridge Analytica, a firm that does political, government and military work around the globe. He also passed that data to Christopher Wylie of Eunoia Technologies, Inc.

Like all app developers, Kogan requested and gained access to information from people after they chose to download his app. His app, “thisisyourdigitallife,” offered a personality prediction, and billed itself on Facebook as “a research app used by psychologists.” Approximately 270,000 people downloaded the app. In so doing, they gave their consent for Kogan to access information such as the city they set on their profile, or content they had liked, as well as more limited information about friends who had their privacy settings set to allow it.

Although Kogan gained access to this information in a legitimate way and through the proper channels that governed all developers on Facebook at that time, he did not subsequently abide by our rules. By passing information on to a third party, including SCL/Cambridge Analytica and Christopher Wylie of Eunoia Technologies, he violated our platform policies. When we learned of this violation in 2015, we removed his app from Facebook and demanded certifications from Kogan and all parties he had given data to that the information had been destroyed. Cambridge Analytica, Kogan and Wylie all certified to us that they destroyed the data.

They now claim to have new information that CA didn’t delete the data (I have firsthand knowledge that Facebook knew of this at least a year ago, and these pieces argue Facebook knew even earlier).

Several days ago, we received reports that, contrary to the certifications we were given, not all data was deleted. We are moving aggressively to determine the accuracy of these claims. If true, this is another unacceptable violation of trust and the commitments they made. We are suspending SCL/Cambridge Analytica, Wylie and Kogan from Facebook, pending further information.

We are committed to vigorously enforcing our policies to protect people’s information. We will take whatever steps are required to see that this happens. We will take legal action if necessary to hold them responsible and accountable for any unlawful behavior.

What changed is that the guy who operationalized all this data, Christopher Wylie, just came forward publicly. Here’s how Carole Cadwalladr, the Guardian reporter who has owned this story, describes Wylie.

Or, as Wylie describes it, he was the gay Canadian vegan who somehow ended up creating “Steve Bannon’s psychological warfare mindfuck tool”.

In 2014, Steve Bannon – then executive chairman of the “alt-right” news network Breitbart – was Wylie’s boss. And Robert Mercer, the secretive US hedge-fund billionaire and Republican donor, was Cambridge Analytica’s investor. And the idea they bought into was to bring big data and social media to an established military methodology – “information operations” – then turn it on the US electorate.

Wylie describes how he profiled Americans so they could tailor political ads.

[W]hile studying for a PhD in fashion trend forecasting, he came up with a plan to harvest the Facebook profiles of millions of people in the US, and to use their private and personal information to create sophisticated psychological and political profiles. And then target them with political ads designed to work on their particular psychological makeup.

“We ‘broke’ Facebook,” he says.

And he did it on behalf of his new boss, Steve Bannon.

Wylie is going on the record (and providing the records) to back this description of how, contrary to repeated claims made in parliamentary testimony, Alexsandr Kogan harvested data in the guise of doing research.

Kogan then set up GSR to do the work, and proposed to Wylie they use the data to set up an interdisciplinary institute working across the social sciences. “What happened to that idea,” I ask Wylie. “It never happened. I don’t know why. That’s one of the things that upsets me the most.”

It was Bannon’s interest in culture as war that ignited Wylie’s intellectual concept. But it was Robert Mercer’s millions that created a firestorm. Kogan was able to throw money at the hard problem of acquiring personal data: he advertised for people who were willing to be paid to take a personality quiz on Amazon’s Mechanical Turk and Qualtrics. At the end of which Kogan’s app, called thisismydigitallife, gave him permission to access their Facebook profiles. And not just theirs, but their friends’ too. On average, each “seeder” – the people who had taken the personality test, around 320,000 in total – unwittingly gave access to at least 160 other people’s profiles, none of whom would have known or had reason to suspect.

What the email correspondence between Cambridge Analytica employees and Kogan shows is that Kogan had collected millions of profiles in a matter of weeks. But neither Wylie nor anyone else at Cambridge Analytica had checked that it was legal. It certainly wasn’t authorised. Kogan did have permission to pull Facebook data, but for academic purposes only. What’s more, under British data protection laws, it’s illegal for personal data to be sold to a third party without consent.

“Facebook could see it was happening,” says Wylie. “Their security protocols were triggered because Kogan’s apps were pulling this enormous amount of data, but apparently Kogan told them it was for academic use. So they were like, ‘Fine’.” [my emphasis]

Here’s where the violation(s) come in. While participants in Kogan’s harvesting project willingly participated in the project (and in the process made their friends’ Facebook data accessible to Kogan as well), he told Facebook it was for research, and in spite of the fact that the harvesting was done in the UK, he didn’t get consent before he sold the data to CA.

Both Cadwalladr and NYT’s story are calling this a “breach” which in my opinion is counterproductive for a lot of reasons, not least that consumer recourse for “breaches” in the US is virtually nothing — as the recent experience of those exposed in Equifax’ breach has made clear.

Whereas the kinds of TOS violations that Kogan committed in the UK do provide consumers recourse, not just to demand transparency about what happened, but also financial fines. Facebook, in the EU, is similarly exposed (full disclosure: I believe I have a still running challenge in Ireland for my CA-related FB data).

Just as this story was breaking, David Carroll, who has been a key activist on this issue, filed a claim against CA in the UK.

In other words, with Wylie’s testimony, there are sticks to use in Europe to first gain transparency about what happened, and possibly fine the parties. Which is probably why Facebook finally suspended CA’s access to Facebook, without which it is far less dangerous.

There are other aspects of this story: shell companies, a pitch to Lukoil, and questions about the citizenship of those who worked for CA in the 2014 and 2016 elections, potentially raising questions about the involvement of foreign (British) actors in our elections. But here’s the detail in the NYT story I’m most interested in.

While the substance of Mr. Mueller’s interest is a closely guarded secret, documents viewed by The Times indicate that the firm’s British affiliate claims to have worked in Russia and Ukraine.

The Ukrainian side of Paul Manafort’s involvement in the Party of Regions — the American lobbying side of which is what got him charged with conspiracy to defraud the US — pertains to bringing American style politics to Ukraine.

He also directed Yanukovych’s party to harp on a single theme each week—say, the sorry condition of pensioners. These were not the most-sophisticated techniques, but they had never been deployed in Ukraine. Yanukovych was proud of his American turn. After he hired Manafort, he invited U.S. Ambassador John Herbst to his office, placed a binder containing Manafort’s strategy in front of him, and announced, “I’m going with Washington.”

Manafort often justified his work in Ukraine by arguing that he hoped to guide the country toward Europe and the West. But his polling data suggested that Yanukovych should accentuate cultural divisions in the country, playing to the sense of victimization felt by Russian speakers in eastern Ukraine. And sure enough, his clients railed against nato expansion. When a U.S. diplomat discovered a rabidly anti-American speech on the Party of Regions’ website, Manafort told him, “But it isn’t on the English version.”

Yanukovych’s party succeeded in the parliamentary elections beyond all expectations, and the oligarchs who’d funded it came to regard Manafort with immense respect.

There are Americans doing this overseas more and more of late, and Manafort’s efforts for Yanukovych precede the foundation of CA (and Manafort’s involvement in the Trump campaign largely precedes Bannon and Cambridge Analytica’s). But that’s the basis for his relationships in the region.

There’s a lot of implications of the Wylie testimony, assuming law enforcement, parliament, and Congress find his underlying documents as compelling as the journalists have. For starters, this significantly limits what CA (and its intelligence contractor SCL) will be able to do, which neutralizes a powerful tool Bannon and the Mercers have been holding. I believe that both CA and FB are both already at significant legal exposure. I suspect this will finally force FB to get a lot more attentive to what app developers do with FB user data. I’ve been saying for a while that at some point US tech companies may want to harmonize with Europe’s General Data Protection Regulation (GDPR), which starts being enforced in May. Certainly, it would provide a solution to some of the political problems they’re already facing and harmonization would make compliance easier. That would provide even more teeth to prevent this illicit kind of downstream data usage.

But there also may be aspects of this story that expose CA and their clients, including the Trump campaign, to legal concerns that piggy back on any conspiracy with Russia.

In Two So-Called Fact Checks of Facebook, NYT Forgets Everything It Knows about Indictments

/62 Comments/in , , /by

In both this Scott Shane article and this “fact check” of Facebook VP Rob Goldman’s recent tweets on Russian trolls’ use of Facebook (which President Trump then picked up), the NYT has twice forgotten everything it knows about indictments, and in the process failed to properly analyze last week’s Internet Research Agency indictment.

In Shane’s article, he attempts to fact check Goldman using the indictment.

Facebook’s vice president for advertising, Rob Goldman, said on Twitter on Friday, “I have seen all of the Russian ads and I can say very definitively that swaying the election was *NOT* the main goal” — a statement that President Trump retweeted.

But Mr. Mueller’s indictment repeatedly states that the Russian operation was designed not just to provoke division among Americans but also to denigrate Hillary Clinton and support her rivals, mainly Mr. Trump. The hashtags the Russian operation used included #Trump2016, #TrumpTrain, #MAGA and #Hillary4Prison, and one Russian operative was reprimanded for “a low number of posts dedicated to criticizing Hillary Clinton,” the indictment says.

On Twitter, Shane even suggested Goldman hadn’t read the indictment.

Wonder if Rob Goldman has read the indictment. Mueller appears to disagree.

Then, Sheera Frenkel extends the purported fact check.

“I have seen all of the Russian ads and I can say very definitively that swaying the election was *NOT* the main goal.” Tweet #2

Not according to the indictment.

The grand jury indictment secured by Mr. Mueller asserts that the goal of Russian operatives was to influence the 2016 election, particularly by criticizing Hillary Clinton and supporting Mr. Trump and Bernie Sanders, Mrs. Clinton’s chief rival for the Democratic nomination.

The Russians “engaged in operations primarily intended to communicate derogatory information about Hillary Clinton, to denigrate other candidates such as Ted Cruz and Marco Rubio, and to support Bernie Sanders and then-candidate Donald Trump,” the indictment said.

Mr. Goldman later wrote in another tweet that “the Russian campaign was certainly in favor of Trump.”

Both Shane and Frenkel don’t consider what I laid out here:

[T]here are hints that Mueller is using this indictment to set up a more important point.

For example, the indictment (perhaps because of Mueller’s mandate) focuses on political activities supporting or opposing one or another 2016 candidate. Even where topics (immigration, Muslim religion, race) are not necessarily tied to the election, they’re presented here as such. Unless Facebook’s public reports are wrong, this is a very different emphasis than what Facebook has said the IRA focused on. Which is to say that Mueller’s team are focusing on a subset of the known IRA trolling, the subset that involves the 2016 contest between Trump and Hillary.

Goldman was addressing all of IRA’s activity on Facebook, which it described this way in September:

  • The vast majority of ads run by these accounts didn’t specifically reference the US presidential election, voting or a particular candidate.
  • Rather, the ads and accounts appeared to focus on amplifying divisive social and political messages across the ideological spectrum — touching on topics from LGBT matters to race issues to immigration to gun rights.
  • About one-quarter of these ads were geographically targeted, and of those, more ran in 2015 than 2016.
  • The behavior displayed by these accounts to amplify divisive messages was consistent with the techniques mentioned in the white paper we released in April about information operations.

Nowhere in the indictment does Mueller describe the scope of what IRA activity his team investigated, though it does describe how “over time” the IRA activity came to focus on the 2016 election.

These groups and pages, which addressed divisive U.S. political and social issues, falsely claimed to be controlled by U.S. activists when, in fact, they were controlled by Defendants. Defendants also used the stolen identities of real U.S. persons to post on ORGANIZATION-controlled social media accounts. Over time, these social media accounts became Defendants’ means to reach significant numbers of Americans for purposes of interfering with the U.S. political system, including the presidential election of 2016.

Indeed, the indictment makes it clear that the universe of IRA activity is larger than the election-related activity, in part by tying two counts of identity theft to crimes that happened after the election, as recent as May 2017.

Eight of the usages of fake credentials described in ¶92 also postdate the election. That’s presumably part of what Goldman was pointing to when he tweeted,

The majority of the Russian ad spend happened AFTER the election. We shared that fact, but very few outlets have covered it because it doesn’t align with the main media narrative of Tump and the election.

Even as they, a mainstream media outlet, ignored how Goldman’s invocation of this spending detail and the inclusion of 2017 activities in the indictment is proof that not all of the IRA activities Mueller investigated did pertain to the election, NYT deemed that claim lacking in context.

According to figures published by Facebook last October, 44 percent of the Russian-bought ads were displayed before the 2016 election, while 56 percent were shown afterward. Mr. Goldman asserted that those figures were not published by the “mainstream media” — however, many mainstream news outlets did print those numbers, including CNN, Reuters and The Wall Street Journal.

The point is that there are two universes of IRA Facebook activities: the entire universe, for which Goldman’s claims are generally true, and the activities that Mueller has chosen to focus on, which Shane and Frenkel mistake as the entire universe, and in the process blow their fact checks.

This disjunct continues to the citation of real life events planned using Facebook. Goldman pointed to two May 21, 2016 Houston events, where an Islamophobic event was planned on the same day as a United Muslims event, as the quintessential example of how Russia was trying to pit Americans against each other.

The single best demonstration of Russia’s true motives is the Houston anti-islamic protest. Americans were literally puppeted into the streets by trolls who organized both the sides of protest.

Frenkel doesn’t even get Goldman’s reference correct, in spite of his link to a story on it, and instead apparently takes the citation to be a reference to this passage from the indictment.

By in or around early November 2016, Defendants and their co-conspirators used the ORGANIZATION-controlled “United Muslims of America” social media accounts to post anti-vote messages such as: “American Muslims [are] boycotting elections today, most of the American Muslim voters refuse to vote for Hillary Clinton because she wants to continue the war on Muslims in the middle east and voted yes for invading Iraq.”

From which she concludes,

The protests in Houston in November 2017 were among many rallies organized by Russian operatives through Facebook. While the Houston protest was anti-Islamic, as Mr. Goldman said, he failed to note that the goal in promoting the demonstration was to link Mrs. Clinton’s campaign with a pro-Islamic message.

Again, the indictment is focusing on a particular subset of the IRA activity, whereas Goldman is commenting on the larger universe, arguably to say the indictment understates the threat.

With NYT’s mad, repeated rush to fact check Facebook using an indictment that never claims to be addressing the same universe of IRA activity Goldman was commenting on, they commit some pretty significant analytical errors, errors that extend to their ability to understand what Mueller is doing with the indictment.

I can’t say for certain why Mueller focused on certain kinds of IRA activity, but I can think of three likely possibilities:

  • Since his mandate is to investigate Russian tampering in the 2016 election, he is focusing on that subset of the IRA activity
  • Because it is tied to election law, the conspiracy to defraud the US charge in the indictment depends on activity that violates election law, and much of the IRA Facebook trolling does not
  • The events on which Mueller does focus — notably, twin events at key times in NYC and activities in FL that involve three identified Trump campaign officials — may hint at further crimes or more sophisticated cooperation between the campaign and Russian agents

The last possibility is (as I noted in my earlier post) one of the most intriguing parts of the indictment. But the NYT won’t see it because they’re so busy fact checking claims made about different sets of data.

I get the urge to beat up Facebook. They’ve got a lot to pay for in permitting Russia to abuse their platform. But (I suspect entirely because Trump used Goldman’s tweet to try to exonerate himself) in doing so, NYT has missed Goldman’s larger point, which isn’t an apology at all. Indeed, Goldman was saying that the problem is far bigger than what Mueller lays out in the indictment, and that our continued divisions are a vulnerability Russia continues to exploit.

As Mueller moves forward, we’re likely to see similar kinds of confusion between the specific crimes he addresses in indictments and pleas and the larger toxins that hurt our democracy. So long as we confuse Mueller’s investigation for the larger, still vulnerable whole, we’re never going to do the things as a society we need to prevent this from happening again.

Update: My apologies to Frenkel for misspelling her name originally in this.

Update: On the limits of what is and is not illegal for foreigners to engage in see this Rick Hasen post.

Update: I had an exchange on Twitter with Frenkel about this, and the so-called article has what purports to be a correction.

Because of an editing error, an earlier version of this article misstated the month when protests organized by Russian operatives were held in Houston. It was March 2016, not November 2017.

Except that as corrected (by me, though I got no attribution), the piece compounds its error.

The protests in Houston in May 2016 were among many rallies organized by Russian operatives through Facebook. While the Houston protest was anti-Islamic, as Mr. Goldman said, he failed to note that the goal in promoting the demonstration was to link Mrs. Clinton’s campaign with a pro-Islamic message.

According to the indictment secured by Mr. Mueller, there were many other examples of Russian operatives using Facebook and Instagram to organize pro-Trump rallies. At one protest, the Russian operatives paid for a cage to be built, in which an actress dressed as Mrs. Clinton posed in a prison uniform.

None of the materials or contemporary coverage associated with the anti-Islamic side of the protest associated it with Clinton’s campaign. On the contrary. the protest was about a local Islamic center.

A group calling themselves Heart of Texas called for the rally to protest what they consider “Islamization” of Texas – sparked in part by the recent opening of a privately funded library inside the downtown center. The group had also encouraged followers to bring legal firearms.

Although the Heart of Texas group never showed, about 10 people bearing flags of the United States, Texas and the Confederacy were there. “This is America. We have the right to speak out and protest,” said Ken Reed, who wore a T-shirt emblazoned with the phrase “White Lives Matter.” “We feel Texas, our great state and the United States is being threatened by the influx of Islam.”

Again, I agree that Facebook is a shitty company. But a newspaper doubling down on its errors to attack Facebook’s errors is … doing what it is complaining about.

A New Kind of Fake News Assault: 47 Sites (Including Zero Hedge) Steal an emptywheel Post

/34 Comments/in , /by

Update: Zero Hedge says the piece was sent in via their tips line, which led them to believe it was fair for reposting. They have agreed to take it down.

Update: I’ve taken off one more site.

A little over a week ago, emptywheel was damaged by a kind of fake news attack I hadn’t heard of before.

First, Zero Hedge stole my post, “On Disinformation and the Dossier,” reposting it without permission almost in its entirety.

From there, the 47 other dodgy sites listed below, mostly but not all Forex Trading sites, stole it.

The mass theft is all the more interesting given the topic of the post, arguing that it is increasingly likely Russia inserted disinformation into the Steele dossier to make it harder for the Democrats (and, perhaps, the FBI) to respond to Russia’s attack. Not even Zero Hedge, however, seems to have understood the post itself doesn’t support the either the pro-Trump or the FBI-abuse narrative.

We don’t have the bandwidth to chase down all these dodgy sites to issue takedown notices (and a goodly number of these sites are hosted in Europe), though we did try with ZH itself. But we are posting the following takedown language to make it clear we consider this theft, and to make public what happened.

Takedown language

It has come to our attention the websites listed below have made unauthorized use of copyrighted and protected work entitled “On Disinformation and the Dossier” (the “Work”). All rights have been reserved to the Work, first published on January 29, 2018. The protection so described has been actively and affirmatively asserted and noticed to the public for years.

The websites’ reposting is essentially identical, if not in fact identical and copied in whole, to the Work, and clearly used the Work as its basis, if not the entirety. A word-for-word comparison between the Work and your work reveals no difference between the two articles. That is telling.

As you neither asked for, nor received, permission to use the Work as the basis for your reprint, nor to make or distribute copies, including electronic copies, of same, we believe you have willfully infringed our rights under 17 U.S.C. Section 101 et seq. and could be liable for statutory damages as high as $150,000 as set forth in Section 504(c)(2) therein.

We simply cannot, and will not, allow our work to be so converted without knowledge, permission, control and consent by emptywheel.net and therefore affirmatively demand you immediately cease the use and distribution of all infringing works derived from any and all Emptywheel.net works as described herein, and all copies, including electronic copies, of same, that you deliver to us, if applicable, all unused, undistributed copies of same, or destroy such copies immediately and that you desist from this or any other infringement of our rights in the future.

Sites stealing the Disinformation post

Note: I don’t recommend you click through on any of these links, as I can’t vouch for the safety of any of these sites.

  1. URL: https :// www.zerohedge. com/news/2018-01-30/disinformation-dossier — Site: Zero Hedge
  2. URL: http :// earthsfinalcountdown. com/wp/2018/01/30/on-disinformation-the-dossier/ — Site: Earth’s Final Countdown
  3. URL: http :// ifttt.itbehere. com/2018/01/31/on-disinformation-the-dossier/ — Site: iftttwall
  4. URL: http :// www.tradebuddy. online/on-disinformation-the-dossier/ — Site: tradebuddy.online
  5. URL: http :// thedeplorablepatriots. com/2018/01/on-disinformation-the-dossier/ — Site: thedeplorablepatriots
  6. URL: https :// newzsentinel. com/2018/01/31/on-disinformation-the-dossier/ — Site: newzsentinel
  7. URL: http :// protradingresearch. com/2018/01/30/on-disinformation-the-dossier/ — Site: ProTradingResearch
  8. URL: http :// telzilla. com/zero-hedge/on-disinformation-the-dossier/ — Site: telzilla
  9. URL: https :// www.investingdailynews. net/on-disinformation-the-dossier/ — Site: Investing Daily News
  10. URL: http :// independentnews. media/on-disinformation-the-dossier/ — Site: independentnews.media
  11. URL: https :// www.wallstreetkarma. com/2018/01/30/on-disinformation-the-dossier/ — Site: Wall Street Karma
  12. URL: http :// stocktalkjournal. com/on-disinformation-the-dossier/ — Site: StockTalk Journal
  13. URL: https :// www.realpatriot.news/2018/01/30/on-disinformation-the-dossier/ — Site: Real Patriot News
  14. URL: http :// forex-enligne-fr. com/on-disinformation-the-dossier/ — Site: forex enligne
  15. URL: http :// forexshaft. com/on-disinformation-the-dossier/ — Site: Forexshaft
  16. URL: http :// wallstreetsectorselector. info/on-disinformation-the-dossier/ — Site: wallstreet selector info
  17. URL: http :// theforexcenter. info/on-disinformation-the-dossier/ — Site: theforexcenter.info
  18. URL: http :// forexnewstoday. net/on-disinformation-the-dossier/ — Site: forexnewstoday
  19. URL: http :// eforexblog. com/on-disinformation-the-dossier/ — Site: eforexblog
  20. URL: http :// options168. com/on-disinformation-the-dossier/ — Site: options168
  21. URL: http :// mypees. com/on-disinformation-the-dossier/ — Site: mypees
  22. URL: http :// top10brokersbinaryoptions. com/on-disinformation-the-dossier/ — Site: top10brokersbinaryoptions
  23. URL: http :// binaryoption. cz/on-disinformation-the-dossier/ — Site: binary option
  24. URL: http :// opinionforex-oficial. com/on-disinformation-the-dossier/ — Site: opinion forex
  25. URL: http :// entertainment-ask. com/on-disinformation-the-dossier/ — Site: entertainment ask
  26. URL: http :// binarybrokersblog. com/on-disinformation-the-dossier/ — Site: binary brokers blog
  27. URL: http :// forex-trading-profits. com/on-disinformation-the-dossier/ — Site: forex trading profits
  28. URL: http :// leaveeunow.co. uk/todays-news-31st-january-2018/ — Site: The One Hundredth Monkey
  29. URL: http :// uroptions. net/on-disinformation-the-dossier/ — Site: uroptions
  30. URL: http :// forexpic. com/on-disinformation-the-dossier/ — Site: forexpic
  31. URL: http :// costamesalibraryfoundation. org/on-disinformation-the-dossier/ — Site: costamesalibraryfoundation
  32. URL: http :// secretsforex. com/on-disinformation-the-dossier/ — Site: secretsforex
  33. URL: http :// forexrogue. com/on-disinformation-the-dossier/ — Site: forexrogue
  34. URL: http :// whatisaforex. com/on-disinformation-the-dossier/ — Site: whatisaforex
  35. URL: http :// megaprojectfx-forex. com/on-disinformation-the-dossier/ — Site: megaprojeectfx
  36. URL: http :// construction24h. com/on-disinformation-the-dossier/ — Site: construction24h
  37. URL: http :// forex-4you. com/2018/01/31/on-disinformation-the-dossier/ — Site: forex4u
  38. URL: http :// binar-experten. de/on-disinformation-the-dossier/ — Site: binarexperten
  39. URL: http :// tradingbinaryinfo. com/on-disinformation-the-dossier/ — Site: tradingbinaryinfo
  40. URL: http :// comparforex. com/on-disinformation-the-dossier/ — Site: comparforex
  41. URL: http :// forexoperate. com/on-disinformation-the-dossier/ — Site: forexoperate
  42. URL: http :// pustakaforex. com/on-disinformation-the-dossier/ — Site: pustakaforex
  43. URL: http :// forexdemoaccountfree. com/on-disinformation-the-dossier/ — Site: forexdemoaccountfree
  44. URL: http :// wordforex. net/on-disinformation-the-dossier/ — Site: wordforex
  45. URL: http :// forex518. com/on-disinformation-the-dossier/ — Site: forex518
  46. URL: http :// 4-forex. info/on-disinformation-the-dossier/ — Site: 4 forex
  47. URL: http :// fastforexprofit. com/2018/01/31/on-disinformation-the-dossier/ — Site: fastforex

The Gizmo™: Correlation Doesn’t Equal Adversary Nation

/67 Comments/in /by

For days, reporters have been mis-using The Gizmo™ (the name I use for the “disinformation dashboard” from the German Marshall Fund, a black box that purports to show “Russian propaganda efforts on Twitter in near-real time”) to claim that Russian-linked accounts are pushing the #ReleaseTheMemo campaign calling for the public release of Devin Nunes’ politicized memo attacking the FBI.

As the effort lead by some Republicans to curtail special counsel Robert S. Mueller III’s investigation into the election meddling has heated up, Russian-linked accounts helped amplify a Twitter hashtag calling for the release of a memo the group hopes will help discredit Mueller’s work, according to Hamilton 68, a research firm that tracks the malicious accounts. The #releasethememo hashtag was tweeted by these accounts nearly 4,000 times in the last couple of days, the firm said.

As always with such reporting, the articles don’t provide even the nuance the project’s most responsible contributor, JM Berger, lays out on their methodology page.

  1. Not all content in this network is “created” by Russia. A significant amount—probably a majority—of content is created by third parties and then amplified by the network because it is relevant to Russian messaging themes.
  2. Not all content amplified by this network is pro-Russian. The network frequently mobilizes to criticize or attack individuals or news reports that it wishes to discredit.
  3. Because of the two points above, we emphasize it is NOT CORRECT to describe sites linked by this network as Russian propaganda sites. We are not claiming that content producers linked by this network are Russian propaganda sites. Rather, content linked by this network is RELEVANT to Russian messaging themes.

Such reports certainly don’t consider the validity of drawing conclusions from such analysis that the authors have refused to have vetted by a third party. What does it mean to openly profess to be pro-Russian, for example? Do non-consensus views on Syria or Ukraine count? Does skepticism about Russian involvement in the election count?

And the reports don’t note the serial false positives, such as the time Jim Lankford used The Gizmo™ to claim Russia was stoking tensions around NFL players taking a knee during the anthem. More responsible analysis showed that,

[B]oth #TakeAKnee and #BoycottNFL were genuinely viral movements, generating high volumes of traffic from large numbers of accounts, but both received an additional boost from bots.

The bots which amplified #TakeAKnee were primarily non-political; they appear to be bots for hire, repurposed to amplify specific posts. Of these, the most significant group is that which retweeted @DianneLogic, given its previous use in online harassment campaigns in the context of Russia and the far right. However, the evidence of its prior behavior is suggestive but not conclusive. It cannot be taken as proving Senator Lankford’s claim.

The accounts which amplifed #BoycottNFL are a different breed. They are largely cyborgs, rather than bots, posting authored content in between slews of retweets. They are also political, rather than commercial. Their sole purpose appears to be boosting far-right American posts.

In both cases, the bots were functionally anonymous, providing no verifiable information on the identity of the user behind them. There is thus no independent information which would allow us to say definitively whether they were American, linked somehow to Russia, or managed from another country entirely.

In short, in spite of this thing being shown to measure something entirely different from what reporters continue to report — correlated traffic (and that, based on unpublished criteria) rather than causal traffic — nevertheless Russia got credit for a campaign clearly driven by right wing Americans backed by a far more extensive propaganda infrastructure.

And then, even as Twitter started leaking initial analysis saying just that — that Russia wasn’t to blame …

[A] knowledgeable source says that Twitter’s internal analysis has thus far found that authentic American accounts, and not Russian imposters or automated bots, are driving #ReleaseTheMemo. There are no preliminary indications that the Twitter activity either driving the hashtag or engaging with it is either predominantly Russian.

In short, according to this source, who would not speak to The Daily Beast for attribution, the retweets are coming from inside the country.

… Two members of Congress from California, Adam Schiff and Dianne Feinstein, called on two California companies, Twitter and Facebook, to confess further manipulation by Russia.

We understand Facebook and Twitter have developed significant expertise in identifying inauthentic and malicious accounts.  Further, your forensic investigations into Russian government exploitation of your platforms during the 2016 U.S. election have helped expose to the American public the vast extent of Russia’s covert influence efforts. We therefore request that your companies conduct an in-depth forensic examination of this real-time activity on your platforms to determine:

  1. Whether and how many accounts linked to Russian influence operations are involved in this campaign;
  2. The frequency and volume of their postings on this topic; and
  3. How many legitimate Twitter and Facebook account holders have been exposed to this campaign.

Given the urgency of this matter, we ask that you provide a public report to Congress and the American public by January 26, 2018.  In addition, we urge your companies to immediately take necessary steps to expose and deactivate accounts involved in this influence operation that violate your respective user policies.

Nothing in this letter explains why Facebook should have to do this work, as The Gizmo™, the sole piece of evidence Schiff and Feinstein rely on, doesn’t track Facebook.

But even the demand to Twitter was based on yet another misreading of what The Gizmo™ actually measures. And, having never asked The Gizmo™ to explain the methodology behind its serial panics, a Senator representing both Facebook and Twitter demanded that they check its work, rather than vice versa.

If I were a forewoman in a Russian troll factory, there would be no easier way to boost my career prospects than to use a few of my bots to manipulate The Gizmo™’s sloppy methodology to claim credit for an obviously American-generated hoax. “Ивана! Давайте претендовать на последнюю республиканскую пропаганду!” Doing so would set off a self-fulfilling prophecy, precisely the kind of thing The Gizmo™’s authors claim to want to prevent, boosting Russia’s ability to sow discord with virtually no effort.

Mark Warner’s Inconsistent Social Media Law-Mongering

/4 Comments/in , , /by

Remember when, three weeks ago, people were shooting off their baby cannons because two reports kind of sort of claimed that Robert Mueller used a criminal search warrant to obtain details on Facebook’s ad sales to the Internet Research Association? I noted at the time that the logic behind those stories — that Facebook would have needed a warrant (as opposed to a 2703(d) order or a 702 directive) to obtain that information — was faulty. I’ve since become more certain that a D order was used in this case.

But since the stories were so dodgy, I assumed then they weren’t actually reporting about the investigation, but rather pressure on the part of Mark Warner to force Facebook to share the same data with Congress, including leaving (rather than just showing) ads.

And it worked! Last week and this week, Facebook did share those ads, with all the more leaks about them.

Unsurprisingly, Mark Warner is back, now insisting that Facebook should release all those ads that he or someone close to him just weeks ago was suggesting could only be released with a criminal search warrant, but now wants released with neither legal process nor a congressional oversight claim to force it.

I get why he wants that to happen. Even on top of informing the public about what happened in last year’s election, Warner would like to embarrass Facebook into accepting more sweeping regulation of political ads, which is a totally respectable goal.

But I find it amusing that the same people who, weeks ago, were certain that such materials were so private they could only be released with a search warrant are now arguing they should be released with no process whatsoever.

And whatever the beneficial goal here, there’s also the precedent of protection for private data. Do we really want it to be possible for (say) Russia to force Facebook to release all the information on the NGOs that target Russian users? Do we want Jeff Sessions’ DOJ to be able to force Facebook to release the details of those who oppose Trump without legal process?

I don’t expect Warner to be bound by those considerations — he’s trying to win a political battle (and doing a remarkably effective job). But I’d expect those reporting on this story to show some awareness of the claims they made about the sensitivity of this data just weeks ago.

In Praise of Day Two

/7 Comments/in /by

I know everybody is looking at that thing right now on social media. Hang back — don’t tell me what’s happening with the active shooter. Don’t tell me about the flood in progress. I don’t need to know about the skewed path of the car or the janky homemade bomb that might have gone off a thousand miles from me. I don’t even need to know the path of the plume that might be spreading into that community, far from me.

I can wait for these stories. In fact, there’s nothing else I can do in the vast, truly vast, majority of cases.

I am not saying I want to be ignorant, I’m not for shutting off all the news. I would like to be aware, expand and deepen my understanding of the world. I would like to be able to position myself to act constructively, where I can. I would like to be in a position to inform and contextualize events for myself and others. But right now, the way we consume the news does the opposite. And that’s on you, dear reader. It’s understandable, and it’s natural, but it’s on you.

About a year into my journalism career my old editor sent me off to cover the launch of a very difficult to understand piece of technology. The specifics aren’t germane, but I had kept an eye on this for six months, and I was eager to cover it. I also had to get someone home from the hospital that day, so I knew filing on time wasn’t going to be easy. Still, I made the event, and hung around doing on and off the record interviews, looking at how everyone from schools to defense contractors were thinking about using this tech. I never got to publish my story. I was too late to file and my frustrated editor said we’d turn it into a day two story. We ran a wire story instead of mine. When I got up the next morning and read through everyone else’s coverage, I felt mightily vindicated. Nearly everyone had misunderstood the tech, just about every story was wrong. The ones that weren’t were just uninformative. I went and triumphantly pointed this out to my editor, and he said something that would shape my career ever after: “It doesn’t matter if you’re right, if no one reads you.”

It was true, and it hit me hard, harder than I think he realized. I could chase the scoop, I could evolve into the hot take, the fast and consolidated posts of tech news, with the occasional in-depth reporting as a reward for other work. But I was pretty sure I would not only be bad at all of those things, I would be miserable. But that was also the path to a staff job, benefits, something tangible for a resume. That was the career path, and I was on it.

I decided that if I couldn’t write the first story, then I’d try to write the last. I turned down a contract and said I’d stick with piecework. I decided that I could write slow, and build a mutual trust with my readers: I will put in the work, and you will click the link, after you’ve waited, because you know I’ve put in the work.

This has gone remarkably well for my career. Maybe not in money, but in every other way. I did work that was defining, work that came back to me in other art and media, in forms I never expected. I got to bring a depth into my writing that I’m proud of. Some pieces took a few days, or weeks, and some, I’ve been working on for years.

Looking at this way of producing information for you, and how much richer it’s been, sent me back to thinking about how I consume information, back to thinking about that day two story that sent my career in such a different direction. Those stories were still all wrong, and that was a fucking product launch. If that was so bad, what the hell was happening with wars and disasters and complex geopolitics? It was pretty clear by the 2000s we were getting all those wrong too. It’s only gotten worse from there. We all know it’s a disaster, and surely it’s Facebook’s fault, but I saw this starting before Facebook was a thing. I saw this before I was a journalist—back in the days of cable news. Facebook made it worse, but only because we wanted them to make it worse.

Right now we are swamped in news that is ultravioletly hyperemotional. You can actually feel media fritzing out your nervous system, and it’s not a metaphor. Media is an exhausting physical experience of fight or flight. I can watch and listen and read things delivered to me all day that make me feel like I’m dying, or like I want to die, from this quiet flat in this sedate neighborhood of Luxembourg*. It switches up, changes from one life ending moment to the next, a constant feed of urgency and importance we are addicted to like junkies who never even got to chase a high.

We chase lows. Lows feel important. But are they? For the people on the scene, they certainly are. But news is rarely written for the people who are being directly affected by events. They’re using direct and localized communications. The eviction, the hurricane, the shelter-in-place order, where your children are. The cancer diagnosis, the suicide, the kid who just OD’d. No one thinks you should read the news when these things are going on in your own life. You are the news, you are the statistic, but at the moment you’re the only one allowed to prioritize for action rather than emotion.

When it’s not about you, when you’re not there, all you do is respond with emotion. Rarely does our immediate emotional response help anyone, anywhere. Our informed awareness can help people, it can help the whole damn world, but there’s little academically, and even less in recent global results, to show that grabbing emotions creates informed awareness that people act on productively.

Here’s what I propose: Slow it down. If you’re hundreds of miles away, and not trying to find your family, wait for Day Two. Look for stories with depth and context that may not stimulate you, make you want to run and smash things or rip out your wallet at once. Maybe even wait for that news source trying to write the last story, outlets like Reveal and ProPublica are good for this. Consider the usefulness of you knowing something and where it fits into your ability to see the world and act before you decide to spend some of your precious time on Earth and limited mental space. Construct what you know out of quality information, don’t just consume everything and try to make something meaningful out of it later. That’s not your job. Let me, and my colleagues in the slow news business do our jobs, and give you something healthier for you, for us, for the whole damn planet. Day two stories, and the slow news they represent have always been what lets the body politic think and act like a better creature. It’s also hard in this environment of constant urgency and heightened emotionality, and stress makes it worse. But when we slow it down, when we take responsibility for how we construct our knowledge, we don’t make as many mistakes and we don’t get played so easily by bad actors.

Day one is always feelings, and day one feels like the story you need. Day two is when we can start to get it right. Wait for day two. Wait for next week, wait for the story that needs you.

 

 

*All the neighborhoods of Luxembourg are sedate.

My work for Emptywheel is supported by my wonderful patrons on Patreon. You can find out more, and support my work, at Patreon.

Facebook Anonymously Admits It IDed Guccifer 2.0 in Real Time

/24 Comments/in , /by

The headline of this story focuses on how Obama, in the weeks after the election, nine days before the White House declared the election, “free and fair from a cybersecurity perspective,” begged Mark Zuckerberg to take the threat of fake news seriously.

Now huddled in a private room on the sidelines of a meeting of world leaders in Lima, Peru, two months before Trump’s inauguration, Obama made a personal appeal to Zuckerberg to take the threat of fake news and political disinformation seriously. Unless Facebook and the government did more to address the threat, Obama warned, it would only get worse in the next presidential race.

But 26 paragraphs later, WaPo reveals a detail that should totally change the spin of the article: in June, Facebook not only detected APT 28’s involvement in the operation (which I heard at the time), but also informed the FBI about it (which, along with the further details, I didn’t).

It turned out that Facebook, without realizing it, had stumbled into the Russian operation as it was getting underway in June 2016.

At the time, cybersecurity experts at the company were tracking a Russian hacker group known as APT28, or Fancy Bear, which U.S. intelligence officials considered an arm of the Russian military intelligence service, the GRU, according to people familiar with Facebook’s activities.

Members of the Russian hacker group were best known for stealing military plans and data from political targets, so the security experts assumed that they were planning some sort of espionage operation — not a far-reaching disinformation campaign designed to shape the outcome of the U.S. presidential race.

Facebook executives shared with the FBI their suspicions that a Russian espionage operation was in the works, a person familiar with the matter said. An FBI spokesperson had no immediate comment.

Soon thereafter, Facebook’s cyber experts found evidence that members of APT28 were setting up a series of shadowy accounts — including a persona known as Guccifer 2.0 and a Facebook page called DCLeaks — to promote stolen emails and other documents during the presidential race. Facebook officials once again contacted the FBI to share what they had seen.

Like the U.S. government, Facebook didn’t foresee the wave of disinformation that was coming and the political pressure that followed. The company then grappled with a series of hard choices designed to shore up its own systems without impinging on free discourse for its users around the world. [my emphasis]

But the story doesn’t provide the details you would expect from such disclosures.

For example, where did Facebook see Guccifer 2.0? Did Guccifer 2.0 try to set up a Facebook account? Or, as sounds more likely given the description, did he/they use Facebook as a signup for the WordPress site?

More significantly, what did Facebook do with the DC Leaks account, described explicitly?

It seems Facebook identified, and — at least in the case of the DC Leaks case — shut down an APT 28 attempt to use its infrastructure. And it told FBI about it, at a time when the DNC was withholding its server from the FBI.

This puts this passage from Facebook’s April report, which I’ve pointed to repeatedly, in very different context.

Facebook is not in a position to make definitive attribution to the actors sponsoring this activity. It is important to emphasize that this example case comprises only a subset of overall activities tracked and addressed by our organization during this time period; however our data does not contradict the attribution provided by the U.S. Director of National Intelligence in the report dated January 6, 2017.

In other words, Facebook had reached this conclusion back in June 2016, and told FBI about it, twice.

And then what happened?

Again, I’m sympathetic to the urge to blame Facebook for this election. But this article describes Facebook’s heavy handed efforts to serve as a wing of the government to police terrorist content, without revealing that sometimes Facebook has erred in censoring content that shouldn’t have been. Then, it reveals Facebook reported Guccifer 2.0 and DC Leaks to FBI, twice, with no further description of what FBI did with those leads.

Yet from all that, it headlines Facebook’s insufficient efforts to track down other abuses of the platform.

I’m not sure what the answer is. But it sounds like Facebook was more forthcoming with the FBI about APT 28’s efforts than the DNC was.

Amid Promises to Share Ads with Congress, Some Other Interesting Promises

/25 Comments/in , , /by

DC is atwitter with Facebook’s announcement that it can, after all, voluntarily share the same information it shared with Robert Mueller with Congress. As part of that announcement, it released a statement from their General Counsel, a Q&A addressing some of the questions that had been generating bad PR, and some promises of additional things Facebook will do to support democracy from Mark Zuckerberg.

I’m most interested in two details in Zuck’s statement. For example, this paragraph says Facebook will continue to look at what happened closely.

 We will continue our investigation into what happened on Facebook in this election. We may find more, and if we do, we will continue to work with the government. We are looking into foreign actors, including additional Russian groups and other former Soviet states, as well as organizations like the campaigns, to further our understanding of how they used our tools. These investigations will take some time, but we will continue our thorough review. [my emphasis]

While the frenzy responding to this announcement has focused on Russian ads, Zuck just revealed that Facebook is also looking at what the campaigns did.

That would permit Facebook to look for any apparently similar activity from campaigns and Russian actors, as we have reason to believe there was. It also might suggest Facebook is reviewing to see whether Republican dark marketing served to suppress turnout, and if so in coordination with what other actors.

I’d really love to have this information, but note that it is a substantially different thing for Facebook to review Russian actions and for Facebook to review Democratic or Republican actions.

Then there’s the promise to work even more closely with other tech companies.

We will increase sharing of threat information with other tech and security companies. We already share information on bad actors on the internet through programs like ThreatExchange, and now we’re exploring ways we can share more information about anyone attempting to interfere with elections. It is important that tech companies collaborate on this because it’s almost certain that any actor trying to misuse Facebook will also be trying to abuse other internet platforms too.

I think I’m okay with this (and they’re legally permitted to do this in any case). But given my newfound obsession with the fact that with any of these global tech companies, you’re dealing with intelligence resources that might rival nation-state intelligence, I’m interested in Facebook’s efforts to expand the sharing.

Facebook, by itself, may not rival the NSA. But when you put together Facebook, Microsoft, Google, Twitter, and others, then you’re beginning to talk really powerful intelligence capabilities.

It’s good, I suppose, that that much technical power is going to hunt down Russians. But it might be worth pausing to imagine what else they might cooperate to hunt down.

Facebook Troll Account Events Happen in Wake of Guccifer 2.0 Released Targeting Data

/8 Comments/in , /by

In this post, I noted that the Russian troll Facebook events identified to date — including an event that drew four people in Idaho — weren’t exactly a smoking gun showing the troll accounts had intervened meaningfully in the election.

The Daily Beast has found an account — which it assumes must be tied to Internet Research Agency because it was shut down the same time as the other IRA accounts were, which seems a fair assumption — that does appear to be more legitimately tied to the election.

The demonstrations—at least one of which was promoted online by local pro-Trump activists— brought dozens of supporters together in real life. They appear to be the first case of Russian provocateurs successfully mobilizing Americans over Facebook in direct support of Donald Trump.

The Aug. 20, 2016, events were collectively called “Florida Goes Trump!” and they were billed as a “patriotic state-wide flash mob,” unfolding simultaneously in 17 different cities and towns in the battleground state. It’s difficult to determine how many of those locations actually witnessed any turnout, in part because Facebook’s recent deletion of hundreds of Russian accounts hid much of the evidence. But videos and photos from two of the locations—Fort Lauderdale and Coral Springs—were reposted to a Facebook page run by the local Trump campaign chair, where they remain to this day.

“On August 20, we want to gather patriots on the streets of Floridian towns and cities and march to unite America and support Donald Trump!” read the Facebook event page for the demonstrations. “Our flash mob will occur in several places at the same time; more details about locations will be added later. Go Donald!”

The Florida flash mob was one of at least four pro-Trump or anti-Hillary Clinton demonstrations conceived and organized over a Facebook page called “Being Patriotic,” and a related Twitter account called “march_for_trump.”  (The Daily Beast identified the accounts in a software-assisted review of politically themed social-media profiles.)

Being Patriotic had 200,000 followers and the strongest activist bent of any of the suspected Russian Facebook election pages that have so far emerged.

Unlike the previously reported events, the Florida ones took place in a swing state. And the numbers represent more significant turnout than other reported events.

I’m also interested that these events happened in FL — and happened in late August — for another reason. Florida was the first of the swing states for which Guccifer 2.0 publicly released DCCC data, including targeting information. He released that information via his website on August 15, admittedly too close to the rallies to do much good, but early enough to know they were available before the rallies. But by that point, HelloFLA already had (and had released) documents.

As I have said, we don’t have to prove that Republicans helped the IRA target ads, because we already know that Russians obtained targeting information by stealing it from the Democrats. It just so happens that this first instance where Facebook events might affect the Presidential came in the wake of targeting information for key congressional districts became publicly available (and therefore deniable for entities more closely with with Russia).

Can Congress — or Robert Mueller — Order Facebook to Direct Its Machine Learning?

/7 Comments/in , , , , /by

The other day I pointed out that two articles (WSJ, CNN) — both of which infer that Robert Mueller obtained a probable cause search warrant on Facebook based off an interpretation that under Facebook’s privacy policy a warrant would be required — actually ignored two other possibilities. Without something stronger than inference, then, these articles do not prove Mueller got a search warrant (particularly given that both miss the logical step of proving that the things Facebook shared with Mueller count as content and not business records).

In response to that and to this column arguing that Facebook should provide more information, some of the smartest surveillance lawyers in the country discussed what kind of legal process would be required, but were unable to come to any conclusions.

Last night, WaPo published a story that made it clear Congress wanted far more than WSJ and CNN had suggested (which largely fell under the category of business records and the ads posted to targets, the latter of which Congress had been able to see but not keep). What Congress is really after is details about the machine learning Facebook used to identify the malicious activity identified in April and the ads described in its most recent report, to test whether Facebook’s study was thorough enough.

A 13-page “white paper” that Facebook published in April drew from this fuller internal report but left out critical details about how the Russian operation worked and how Facebook discovered it, according to people briefed on its contents.

Investigators believe the company has not fully examined all potential ways that Russians could have manipulated Facebook’s sprawling social media platform.

[snip]

Congressional investigators are questioning whether the Facebook review that yielded those findings was sufficiently thorough.

They said some of the ad purchases that Facebook has unearthed so far had obvious Russian fingerprints, including Russian addresses and payments made in rubles, the Russian currency.

Investigators are pushing Facebook to use its powerful data-crunching ability to track relationships among accounts and ad purchases that may not be as obvious, with the goal of potentially detecting subtle patterns of behavior and content shared by several Facebook users or advertisers.

Such connections — if they exist and can be discovered — might make clear the nature and reach of the Russian propaganda campaign and whether there was collusion between foreign and domestic political actors. Investigators also are pushing for fuller answers from Google and Twitter, both of which may have been targets of Russian propaganda efforts during the 2016 campaign, according to several independent researchers and Hill investigators.

“The internal analysis Facebook has done [on Russian ads] has been very helpful, but we need to know if it’s complete,” Schiff said. “I don’t think Facebook fully knows the answer yet.”

[snip]

In the white paper, Facebook noted new techniques the company had adopted to trace propaganda and disinformation.

Facebook said it was using a data-mining technique known as machine learning to detect patterns of suspicious behavior. The company said its systems could detect “repeated posting of the same content” or huge spikes in the volume of content created as signals of attempts to manipulate the platform.

The push to do more — led largely by Adam Schiff and Mark Warner (both of whom have gotten ahead of the evidence at times in their respective studies) — is totally understandable. We need to know how malicious foreign actors manipulate the social media headquartered in Schiff’s home state to sway elections. That’s presumably why Facebook voluntarily conducted the study of ads in response to cajoling from Warner.

But the demands they’re making are also fairly breathtaking. They’re demanding that Facebook use its own intelligence resources to respond to the questions posed by Congress. They’re also demanding that Facebook reveal those resources to the public.

Now, I’d be surprised (pleasantly) if either Schiff or Warner made such detailed demands of the NSA. Hell, Congress can’t even get NSA to count how many Americans are swept up under Section 702, and that takes far less bulk analysis than Facebook appears to have conducted. And Schiff and Warner surely would never demand that NSA reveal the extent of machine learning techniques that it uses on bulk data, even though that, too, has implications for privacy and democracy (America’s and other countries’). And yet they’re asking Facebook to do just that.

And consider how two laws might offer guidelines, but (in my opinion) fall far short of authorizing such a request.

There’s Section 702, which permits the government to oblige providers to provide certain data on foreign intelligence targets. Section 702’s minimization procedures even permit Congress to obtain data collected by the NSA for their oversight purposes.

Certainly, the Russian (and now Macedonian and Belarus) troll farms Congress wants investigated fall squarely under the definition of permissible targets under the Foreign Government certificate. But there’s no public record of NSA making a request as breathtaking as this one, that Facebook (or any other provider) use its own intelligence resources to answer questions the government wants answered. While the NSA does draw from far more data than most people understand (including, probably, providers’ own algorithms about individually targeted accounts), the most sweeping request we know of involves Yahoo scanning all its email servers for a signature.

Then there’s CISA, which permits providers to voluntarily share cyber threat indicators with the federal government, using these definitions:

(A) IN GENERAL.—Except as provided in subparagraph (B), the term “cybersecurity threat” means an action, not protected by the First Amendment to the Constitution of the United States, on or through an information system that may result in an unauthorized effort to adversely impact the security, availability, confidentiality, or integrity of an information system or information that is stored on, processed by, or transiting an information system.

(B) EXCLUSION.—The term “cybersecurity threat” does not include any action that solely involves a violation of a consumer term of service or a consumer licensing agreement.

(6) CYBER THREAT INDICATOR.—The term “cyber threat indicator” means information that is necessary to describe or identify—

(A) malicious reconnaissance, including anomalous patterns of communications that appear to be transmitted for the purpose of gathering technical information related to a cybersecurity threat or security vulnerability;

(B) a method of defeating a security control or exploitation of a security vulnerability;

(C) a security vulnerability, including anomalous activity that appears to indicate the existence of a security vulnerability;

(D) a method of causing a user with legitimate access to an information system or information that is stored on, processed by, or transiting an information system to unwittingly enable the defeat of a security control or exploitation of a security vulnerability;

(E) malicious cyber command and control;

(F) the actual or potential harm caused by an incident, including a description of the information exfiltrated as a result of a particular cybersecurity threat;

(G) any other attribute of a cybersecurity threat, if disclosure of such attribute is not otherwise prohibited by law; or

(H) any combination thereof.

Since January, discussions of Russian tampering have certainly collapsed Russia’s efforts on social media with their various hacks. Certainly, Russian abuse of social media has been treated as exploiting a vulnerability. But none of this language defining a cyber threat indicator envisions the malicious use of legitimate ad systems.

Plus, CISA is entirely voluntary. While Facebook thus far has seemed willing to be cajoled into doing these studies, that willingness might change quickly if they had to expose their sources and methods, just as NSA clams up every time you ask about their sources and methods.

Moreover, unlike the sharing provisions in 702 minimization procedures, I’m aware of no language in CISA that permits sharing of this information with Congress.

Mind you, part of the problem may be that we’ve got global companies that have sources and methods that are as sophisticated as those of most nation-states. And, inadequate as they are, Facebook is hypothetically subject to more controls than nation-state intelligence agencies because of Europe’s data privacy laws.

All that said, let’s be aware of what Schiff and Warner are asking for, however justified it may be from a investigative standpoint. They’re asking for things from Facebook that they, NSA’s overseers, have been unable to ask from NSA.

If we’re going to demand transparency on sources and methods, perhaps we should demand it all around?

image_print