Posts

What Fake French News Looks Like (to a British Consulting Company)

Along with reports that APT 28 targeted Emmanuel Macron that don’t prominently reveal that Macron believes he withstood the efforts to phish his campaign, the post-mortem on the first round of the French election has also focused on the fake news that supported Marine Le Pen.

As a result, this study — the headline from which claimed 25% of links shared during the French election pointed to fake news — has gotten a lot of attention.

The study, completed by a British consulting firm (though the lead on the study is a former French journalist) and released in full only in English, is as interesting for its assumptions as anything else.

Engagement studies aren’t clear what they’re showing, but this one is aware of that

Before I explain why, let me stipulate that accept the report’s conclusion that a ton of Le Pen supporters (though it doesn’t approach it from that direction) relied on fake news and/or Russian sources. The methodology appears to suffer from the same problem some of BuzzFeed’s reporting on fake news does, in that it doesn’t measure the value of shared news, but at least it admits that methodological problem (and promises to discuss it at more length in a follow-up).

Sharing is the overt act of taking an article or video or image that one sees in social media and, literally, sharing it digitally with one’s own followers or even into the public domain. Sharing therefore implies an elevated level of interest: people share articles that they feel others should see. While there are tools that help us track and quantify how many articles are shared, they cannot explain the sharer’s intention. It seems plausible, particularly in a political context, that sharing implies endorsement, yet even this is problematic as sharing can often imply shock and disagreement. In the third instalment [sic] of this study, Bakamo will explore in depth the extent to which people agree or disagree with what they share, but for this report (and the second, updated version), the simple act of sharing—whatever the intention—is nonetheless highly relevant. It provides a way of gauging activity and engagement.

[snip]

These are the “likes” or “shares” in Facebook, or “favourites” or “retweets” in Twitter. While these can be counted, we do not know whether the person has actually clicked through to read the content being shared before they like or retweet. This information is only available to the account owner. One of the questions that is often raised about social media is whether users do indeed read the article or respond simply to the headlines that appear in their newsfeed. We are unable to comment on this.

In real word terms, engagement can be two things. It can be agreement—whether reflexive or reflective—with the content shared. It can also, however, be disagreement: Facebook’s nuanced “like” system (in which anger is a valid form of engagement) or Twitter’s citations that enable a user to comment on the link while sharing it both permit these negative expressions.

The study is perhaps most interesting for what it shows about the differing sharing habits from different parts of its media economy, with no overlap between those who share what it deems “traditional” media and those who share what I’d deem conspiracist media. That finding, more than almost any other one, suggests what might be needed to engage in a dialogue across these clusters. Ultimately, what the study shows is increased media polarization not on partisan grounds, but on response to globalization.

Russian media looks very important when you only track Russian media

As I noted, one of the headlines that has been taken away from this study is that Le Pen voters shared a lot of Russian news sources — and I don’t contest that.

But there are two interesting details about how that finding came to be that important to this study.

First, the study defines everything in contradistinction from what it calls “traditional” media.

There are broad five sections of the Media Map. They are defined by their editorial distance from traditional media narratives. The less accepting a source is of traditional media narratives, the farther away it is (spatially) on the Map.

In the section defining traditional media, the study focuses on establishment and commercialism (including advertising), even while pointing to — but not proving — that all traditional media “adher[e] to journalistic standards” (which is perhaps a fairer assumption still in France than in the US or UK, but nevertheless it is an assumption).

This section of the Media Map is populated by media sources that belong to the established commercial and conventional media landscape, such as websites of national and regional newspapers, TV and radio stations, online portals adhering to journalistic standards, and news aggregators.

It does this, but insists that this structure that privileges “traditional” media without proving that it merits that privilege is not meant to “pass moral judgement or to define what is ‘good’ or ‘evil’.”

Most interesting of all, the study includes — without detail or interrogation — international media sources “exhibiting these same characteristics” in its traditional media category.

These are principally France-based sources; however, French-speaking international media sources exhibiting these same characteristics were also placed into the Traditional Media section.

But, having defined some international news sources as “traditional,” the study then uses Russian influence as a measure of whether a media cluster was non-traditional.

The analysis only identified foreign influence connected with Russia. No other foreign source of influence was detected.

It did this — measuring Russian influence as a measure of non-traditional status — even though the study showed this was true primarily on the hard right and among conspiracists.

Syria as a measure of journalistic standards

Among the other kinds of content that this study measures, it repeatedly describes how those outlets it has clustered as non-traditional (primarily those it calls reframing outlets) deal with Syria.

It asserts that those who treat Bashar al-Assad as a “protagonist” in the Syrian civil war as being influenced by Russian sources.

A dominant theme reflected by sources where Russian influence is detected is the war in Syria, the various actors involved, and the refugee crisis. In these articles, Bachar Assad becomes the protagonist, a perspective opposite to that which is reported by traditional media. Articles touching on refugees and migrants tend to reinforce anti-Islam and anti-migrant positions.

The anti-imperialists focus on Trump’s ineffectual missile strike on Syria which — the study concludes — must derive from Russian influence.

Trump’s “téléréalité” attack on Syria is a more recent example of content in this cluster. This is not surprising, however, as Russian influence is detectable on a number of sites in this cluster.

It defines conspiracists as such because they say the US supports terrorist groups (and also because they portray Assad as trustworthy).

Syria is an important theme in this cluster. Per these sources, and contrary to reports in traditional media, the Western powers are supporting the terrorist, while Bashar Assad is trustworthy and tolerant leader, as witness reports prove.

The pro-Islam non-traditional (!!) cluster is defined not because of its distance from “traditional” news (which the study finds it generally is not) but in part because its outlets suggest the US has been supporting Assad.

American imperialism is another dominant theme in this cluster, driven by the belief that the US has been secretly supporting the Assad regime.

You can see, now, the problem here. It is a demonstrable fact that America’s covert funding did, for some time, support rebel groups that worked alongside Al Qaeda affiliates (and predictably and with the involvement of America’s Sunni allies saw supplies funneled to al Qaeda or ISIS as a result). It is also the case that both historically (when the US was rendering Maher Arar to Syria to be tortured) and as an interim measure to forestall the complete collapse of Syria under Obama, the US’ opposition to Assad has been half-hearted, which may not be support but certainly stopped short of condemnation for his atrocities.

And while we’re not supposed to talk about these things — and don’t, in part, because they are an openly acknowledged aspect of our covert operations — they are a better representation of the complex clusterfuck of American intervention in Syria than one might get — say — from the French edition of the BBC. They are, of course, similar to the American “traditional” news insistence that Obama has done “nothing” in Syria, long after Chuck Hagel confirmed our “covert” operations there. Both because the reality is too complex to discuss easily, and because there is a “tradition” of not reporting on even the most obvious covert actions if done by the US, Syria is a subject on which almost no one is providing an adequately complex picture of what is going on.

On both sides of the Atlantic, the measure of truth on Syria has become the simplified narrative you’re supposed to believe, not what the complexity of the facts show. And that’s before you get to where we are now, pretending to be allied with both Turkey and the Kurds they’re shooting at.

The shock at the breakdown of the left-right distinction

What’s most fascinating about the study, however, is the seeming distress with which it observes that “reframing” media — outlets it claims is reinterpreting the real news — doesn’t break down into a neat left-right axis.

Media sources in the Reframe section share the motivation to counter the Traditional Media narrative. The media sources see themselves as part of a struggle to “reinform” readers of the real contexts and meanings hidden from them when they are informed by Traditional Media sources. This section breaks with the traditions of journalism, expresses radical opinions, and refers to both traditional and alternative sources to craft a disruptive narrative. While there is still a left-right distinction in this section, a new narrative frame emerges where content is positioned as being for or against globalisation and not in left-right terms. Indeed, the further away media sources are from the Traditional section, the less a conventional left-right attribution is possible.

[snip]

The other narrative frame detectable through content analysis is the more recent development referred to in this study as the global versus local narrative frame. Content published in this narrative frame is positioned as being for or against globalisation and not in left-right terms. Indeed, the further away media sources are from the Traditional section, the less a conventional left-right attribution is possible. While there are media sources in the Reframe section on both on the hard right and hard left sides, they converge in the global versus local narrative frame. They take concepts from both left and right, but reframe them in a global-local context. One can find left or right leanings of media sources located in the middle of Reframe section, but this mainly relates to attitudes about Islam and migrants. Otherwise, left and right leaning media sources in the Reframe section share one common enemy: globalisation and the liberal economics that is associated with it.

Now, I think some of the study’s clustering is artificial to create this split (for example, in the way it treats environmentalism as an extend rather than reframe cluster).

But even more, I find the confusion fascinating. Particularly in the absence of — as it did for Syria coverage — any indication of what is considered the “true” or “false” news about globalization. Opposition to globalization, as such, is the marker, not a measure of whether an outlet is reporting in factual manner on the status and impact and success at delivering the goals of globalization.

And if the patterns of sharing in the study are in fact accurate, what the study actually shows is that the ideologies of globalization and nationalism have become completely incoherent to each other. And purveyors of globalization as the “traditional” view do not, here, consider the status of globalization (on either side) as a matter of truth or falseness, as a measure whether the media outlet taking a side in favor of or against globalization adheres to the truth.

I’ve written a fair amount of the failure of American ideology — and of the confusion among priests of that ideology as it no longer exacts unquestioning sway.

This study on fake news in France completed by a British consulting company in English is very much a symptom of that process.

But the Cold War is outdated!

Which brings me to the funniest part of the paper. As noted above, the paper claims that anti-imperialists are influenced by Russian sources, which it explains for criticism of Trump’s Patriot missile strike on Syria. But it’s actually talking about what it calls a rump Communist Cold War ideology.

This cluster contains the remains of the traditional Communist groupings. They publish articles on the imperialist system. They concentrate on foreign politics and ex-Third World countries. They frame their worldview through a Cold War logic: they see the West (mainly the US) versus the East, embodied by Russia. Russia is idolised, hence these sites have a visible anti-American and antiZionist stance. The antiquated nature of a Cold War frame given the geo-political transformations of the last 25 years means these sources are often forced to borrow ideas from the extreme right.

Whatever the merit in its analysis here, consider what it means for a study the assumptions of which treat Russian influence as a special kind of international influence, even while conducting no reflection on whether the globalization/nationalization polarization it finds so striking can be measured in terms of fact claims.

The new Cold War seems unaware that the old Cold War isn’t so out of fashion after all.

NSA’s Spying on Le Pen Is Probably Working Better than GRU’s Spying on Macron

In advance of this report on APT 28 (the hacking group presumed to be tied to Russia’s military intelligence, GRU, blamed for the DNC hack-and-leak), Trend Micro got a lot of publicity for its report that APT 28 had targeted Emmanuel Macron, who just won the most votes in France’s presidential election and will face a run-off against Marine Le Pen in a few weeks.

At least according to Macron’s campaign, the attempts to phish his campaign were unsuccessful.

Mounir Mahjoubi, digital director of Mr. Macron’s campaign, confirmed the attempted hacking, saying that several staffers had received emails leading to the fake websites. The phishing emails were quickly identified and blocked, and it was unlikely others went undetected, Mr. Mahjoubi said.

“We can’t be 100% sure,” he said, “but as soon as we saw the intrusion attempts, we took measures to block access.”

The timing of all this is all rather interesting. Back in early February, France’s Le Canard Enchaîné exclusively reported that France’s security officials worried that Macron would be hacked, a vague report that was picked up really broadly without confirmation. Shortly thereafter, Macron claimed that his campaign had been the target of thousands of attacks from entities within Russia’s border, including a DDOS attack that took down his website for nine minutes. According to the sole mention of Macron in the Trend Micro report, the OneDrive-based phish targeting Macron took place a month later, on March 15.

These hacking attempts accompanied a great deal of fake news (and leaked gossip) targeting Macron. But at least if Macron’s own campaign is to believed, APT 28 never succeeded in its attempt to hack the favorite to be France’s next president, and so presumably has not yet succeeded in stealing emails that Russia might use to attack Macron during the run-off.

Which gives the hype about APT 28’s attempted hack a really curious character. It is treated as if Russia is the only state actor that might be spying on French presidential candidates.

Does anyone honestly believe that the United States is not spying on Le Pen, for example, given that the CIA and NSA have a history of spying on candidates with whom the US is even friendlier than Le Pen? Indeed, earlier this year, WikiLeaks published a tasking order for CIA to collect HUMINT and open source intelligence on all the parties in the 2012 French election, though without any cyber element specified. In 2010, the incumbent Pakistan People’s Party was included in NSA’s foreign government Section 702 certificate by name. And in 2012, CIA and NSA partnered to target Enrique Peña Nieto and nine of his closest associates in the weeks leading up to his victory. With both the PPP and EPN, these were nominally political parties friendly to US interests.

By comparison, it would seem that targeting Le Pen, at a time when the intelligence community has a very public concern about collusion between Russia and populist parties in Europe to destabilize Europe, would be a no-brainer.

And here’s what else gets left out of the coverage of GRU’s attempts to spy on Macron: how much easier a job the NSA might have than GRU, even ignoring NSA’s greater capabilities.

Many (though not all) of the phishing attempts detailed in the Trend Micro report pretend to be the email log-ins for US-based email providers: with virtually all the most detailed attention on Yahoo, Gmail, and Microsoft. The attempted Macron targeting exploited his campaign’s use of OneDrive. That means all the entities GRU targeted with phishes pretending to be US providers are available to NSA via Section 702, or PRISM.

In other words, to collect on the very same targets that GRU is targeting via phishing attacks that users continue to be better informed about (and that Macron claims to have withstood entirely), the NSA could just add LePen’s email address to the list over 93,000 targets being targeted under Section 702 (as they presumably did with PPP in 2010). And unlike a phishing campaign, which can be made more difficult with the use of two factor authentication, Le Pen would have no defense against collection targeting her or her campaign’s PRISM provider accounts, beyond encrypting everything that resided in an American-owned cloud (and even there, there would be a great deal of interesting metadata available). If she or key aides uses any of the major American tech providers, stealing their emails would be as easy as providing a foreign intelligence justification (one that would be bolstered by her close ties with Russia) and tracking to make sure her accounts are detasked when she comes to the US to visit Trump Tower.

All that’s on top of any more sophisticated targeting of Le Pen akin to what CIA and NSA did against EPN.

And therein lies the rub, the reason you shouldn’t be saying, “So what? We should spy on that fascist Le Pen, she’s a menace to civilization” (though I agree she is).

The NSA’s spying on Marine Le Pen is likely having more success than GRU’s spying on Emmanuel Macron. But is there any reason to believe — particularly given CIA’s targeting of all French parties in 2012 and given Trump’s stated preference for Le Pen — to think that NSA is not also targeting Macron, targeting his OneDrive in a way that would be immune from whatever defenses he is using against phishing attacks?

Here’s where folks will say, “but we don’t leak stolen communications,” in spite of some evidence that we have in the past, albeit perhaps not in a democratic election. (On that note, this Politico story exposing Mike Flynn’s ties, via his Turkish lobbying client, to Russia, relies on a WikiLeaks-released email, which is a notable instance where evidence made available by WikiLeaks may help those investigating Russia’s influence on the Trump administration.). Of course, GRU can only leak what it can steal, and Macron believes that GRU hasn’t succeeded in stealing anything.

Furthermore, we have no visibility what US policymakers in the past have done with intelligence collected on political parties. We certainly have no current limits on what Trump can do with it, aside from limits on the dissemination of that actual raw emails. We’ve always given the President great discretion on such issues, in the name of ensuring a unified foreign policy. And there are plenty of ways Trump’s administration could intervene to help Le Pen beyond just leaking any derogatory information on Macron.

All this is not to say that GRU’s reported continued attempts to hack democratic targets is not a concern (indeed, I’m at least as worried that FSB is conducting similar intelligence collection without the same easily identifiable tracks).

But it is to say that, particularly in the era where Donald Trump sets this country’s foreign policy, we need to be a lot more mindful of NSA’s own far more considerable ability to steal information on democratic candidates.