Delay, Deny and Deflect: How Facebook’s Leaders Fought Through Crisis

The New York Times has published a bombshell report: An in-depth account of Facebook’s repeated struggles over the past two years to clean up mess after mess, from Russian election interference to privacy breaches and data leaks. 

The story leaves one wondering: Will someone be fired for Facebook’s role in all of this? And if so, who? And, if not, why not?

That’s because it includes a number of bizarre details, like that Facebook “employed a Republican opposition-research firm to discredit activist protesters, in part by linking them to the liberal financier George Soros.” Or that Facebook was guilty of “persuading a Jewish civil rights group to cast some criticism of the company as anti-Semitic.”

Those are odd enough, but more damning is the focus on poor decision-making of Facebook’s top two executives, CEO Mark Zuckerberg and COO Sheryl Sandberg (pictured). They both are depicted in the piece as underestimating or misjudging the company’s problems at every turn, and perhaps even actively ignoring them.

Sheryl Sandberg Facebook’s chief operating officer was seething.

Inside Facebook’s Menlo Park, Calif., headquarters, top executives gathered in the glass-walled conference room of its founder, Mark Zuckerberg. 

It was September 2017, more than a year after Facebook engineers discovered suspicious Russia-linked activity on its site, an early warning of the Kremlin campaign to disrupt the 2016 American election. 

Congressional and federal investigators were closing in on evidence that would implicate the company.

But it wasn’t the looming disaster at Facebook that angered Ms. Sandberg. It was the social network’s security chief, Alex Stamos, who had informed company board members the day before that Facebook had yet to contain the Russian infestation. 

Mr. Stamos’s briefing had prompted a humiliating boardroom interrogation of Ms. Sandberg, and her billionaire boss. She appeared to regard the admission as a betrayal.

“You threw us under the bus!” she yelled at Mr. Stamos, according to people who were present.

The clash that day would set off a reckoning, for Mr. Zuckerberg, for Ms. Sandberg and for the business they had built together. In just over a decade, Facebook has connected more than 2.2 billion people, a global nation unto itself that reshaped political campaigns, the advertising business and daily life around the world. 

Along the way, Facebook accumulated one of the largest-ever repositories of personal data, a treasure trove of photos, messages and likes that propelled the company into the Fortune 500.

But as evidence accumulated that Facebook’s power could also be exploited to disrupt elections, broadcast viral propaganda and inspire deadly campaigns of hate around the globe, Mr. Zuckerberg and Ms. Sandberg stumbled. 

When Facebook users learned last spring that the company had compromised their privacy in its rush to expand, allowing access to the personal information of tens of millions of people to a political data firm linked to President Trump, Facebook sought to deflect blame and mask the extent of the problem.

And when that failed, as the company’s stock price plummeted and it faced a consumer backlash, Facebook went on the attack.

While Mr. Zuckerberg has conducted a public apology tour in the last year, Ms. Sandberg has overseen an aggressive lobbying campaign to combat Facebook’s critics, shift public anger toward rival companies and ward off damaging regulation. 

Facebook employed a Republican opposition-research firm to discredit activist protesters, in part by linking them to the liberal financier George Soros. It also tapped its business relationships, lobbying a Jewish civil rights group to cast some criticism of the company as anti-Semitic.

In Washington, allies of Facebook, including Senator Chuck Schumer, the Democratic Senate leader, intervened on its behalf. And Ms. Sandberg wooed or cajoled hostile lawmakers, while trying to dispel Facebook’s reputation as a bastion of Bay Area liberalism.

This account of how Mr. Zuckerberg and Ms. Sandberg navigated Facebook’s cascading crises, much of which has not been previously reported, is based on interviews with more than 50 people. Most spoke on the condition of anonymity because they had signed confidentiality agreements, we’re not authorised to speak to reporters or feared retaliation.

Facebook declined to make Mr. Zuckerberg and Ms. Sandberg available for comment. In a statement, a spokesman acknowledged that Facebook had been slow to address its challenges but had since made progress fixing the platform.

“This has been a tough time at Facebook and our entire management team has been focused on tackling the issues we face,” the statement said. “While these are hard problems we are working hard to ensure that people find our products useful and that we protect our community from bad actors.”

Even so, trust in the social network has sunk, while its pell-mell growth has slowed. Regulators and law enforcement officials in the United States and Europe are investigating Facebook’s conduct with Cambridge Analytica, a political data firm that worked with Mr. Trump’s 2016 campaign, opening up the company to fines and other liability. Both the Trump administration and lawmakers have begun crafting proposals for a national privacy law, setting up a year’s long struggle over the future of Facebook’s data-hungry business model.

Mr. Zuckerberg, 34, and Ms. Sandberg, 49, remain at the company’s helm, while Mr. Stamos and other high-profile executives have left after disputes over Facebook’s priorities. Mr. Zuckerberg, who controls the social network with 60 percent of the voting shares and who approved many of its directors, has been asked repeatedly in the last year whether he should step down as chief executive.

Three years ago, Mr. Zuckerberg, who founded Facebook in 2004 while attending Harvard, was celebrated for the company’s extraordinary success. Ms. Sandberg, a former Clinton administration official and Google veteran, had become a feminist icon with the publication of her empowerment manifesto, “Lean In,” in 2013.

Like other technology executives, Mr. Zuckerberg and Ms. Sandberg cast their company as a force for social good. Facebook’s lofty aims were emblazoned even on securities filings: “Our mission is to make the world more open and connected.”

But as Facebook grew, so did the hate speech, bullying and other toxic content on the platform. When researchers and activists in Myanmar, India, Germany and elsewhere warned that Facebook had become an instrument of government propaganda and ethnic cleansing, the company largely ignored them. 

Facebook had positioned itself as a platform, not a publisher. Taking responsibility for what users posted, or acting to censor it, was expensive and complicated. Many Facebook executives worried that any such efforts would backfire.

Then Donald J. Trump ran for president. He described Muslim immigrants and refugees as a danger to America, and in December 2015 posted a statement on Facebook calling for a “total and complete shutdown” on Muslims entering the United States. Mr. Trump’s call to arms, widely condemned by Democrats and some prominent Republicans, was shared more than 15,000 times on Facebook, an illustration of the site’s power to spread racist sentiment.

New York Times:

Recode:

You Might Also Read:

Facebook & Google Are ‘A Menace to Society’

« Japanese Cybersecurity Minister Does Not Use Computers
AI For Cyber - You Don’t Need To Know The Threat, Just The Network »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

National Trading Standards eCrime Team (NTSeCT)

National Trading Standards eCrime Team (NTSeCT)

The National Trading Standards eCrime Team tackles online consumer scams, rip-offs and fraud, as well as those committed by text or email.

Libraesva

Libraesva

Libraesva specialize in Email Security. From Email Security, Phishing Awareness and Email Archiver. We can assist you with any email issues you may have.

Telefonica Tech

Telefonica Tech

Telefónica Cyber Security Tech is focused on the prevention, detection and appropriate response to security incidents aimed at protecting your digital services.

SecureWorks

SecureWorks

SecureWorks provides intelligence-driven security solutions for organizations to prevent, detect, rapidly respond and predict cyberattacks.

Preempt Security

Preempt Security

The Preempt Platform delivers adaptive threat prevention that continuously preempts threats based on identity, behavior and risk.

Medigate

Medigate

Medigate is a dedicated medical device security platform protecting all of the connected medical devices on health care provider networks.

Institute for Cybersecurity & Privacy (ICSP) -  University of Georgia

Institute for Cybersecurity & Privacy (ICSP) - University of Georgia

The goal of ICSP is to become a state hub for cybersecurity research and education, including multidisciplinary programs and research opportunities, outreach activities, and industry partnership.

EVOLEO Technologies

EVOLEO Technologies

EVOLEO provides engineering services covering a wide range of needs in the electronics design, embedded and systems engineering.

Innosphere Ventures

Innosphere Ventures

Innosphere Ventures is Colorado’s leading science and technology incubator, accelerating the success of high-impact startup and scaleup companies.

Kentik

Kentik

Kentik - one platform for Network Visibility, Performance, and Security.

Axitea

Axitea

Axitea designs, implements and develops the solutions best suited to its customers’ needs and their physical and cyber security requirements.

Nigerian Communications Commission (NCC)

Nigerian Communications Commission (NCC)

NCC has established a CSIRT for the telecommunication industry to provide services and support for the prevention and management of potential cyber security related emergencies.

All About Cookies

All About Cookies

All About Cookies is an informational website that provides tips, advice, and recommendations to help you with Online Privacy, Identity Theft Prevention, Antivirus Protection, and Digital Security.

MiDO Technologies

MiDO Technologies

MiDO Technologies has a mission to change the narrative around digital enabling tools on the continent of Africa and prepare African youth.

AuthenticID

AuthenticID

Our mission at AuthenticID is to combat fraud worldwide and help businesses protect their enterprise and valuable data assets.

Black Duck Software

Black Duck Software

Black Duck (formerly the Synopsys Software Integrity Group) is the market leader in application security testing (AST).