Tech Giants Face US Congress Over Russia Election

A showdown is looming in Washington between Congress and the powerful social media companies that have helped define the current unsettled age in western democracies.

The immediate issue before the Senate and the House intelligence committees, which first summoned representatives from Facebook, Twitter and Google to appear on 1 November to determine the extent the companies were used in a multi-pronged Russian operation to influence the 2016 presidential election.

All three companies have admitted that Russian entities bought ads on their sites in an effort to skew the vote. In Facebook’s case, ads pushing divisive messages were bought by fake American accounts and focused on swing states.

On Twitter, vast armies of automated user accounts, “bots”, and fake users helped promote fake news stories, damaging to Hillary Clinton and favourable to Donald Trump. Russian-funded accounts spread bogus stories across the Google search engine and its subsidiary YouTube.

The wider question hovering over the committee hearings on 1 November is whether these organisations, which once seemed to encapsulate the spirit of free speech and communication in the 21st century, have become Trojan horses used by foreign autocracies and domestic extremists to subvert democracies from the inside, exploiting openness, blurring fact and fiction and fuelling civil conflict.

“What should alarm the American people is the brazen exploitation and distortion of popular opinion by a hostile foreign power amounting really to an attack on our democracy,” Richard Blumenthal, Democratic senator for Connecticut, told the Guardian.

“This attempt to disrupt our elections by surreptitiously targeting voters in certain places with certain backgrounds and views is clear threat to our democratic process, so Americans should be as alarmed about it as they would be an act of war.”

Facebook, Twitter and Google will send their general counsels to testify before the congressional panels. They will face unprecedented questions about how the companies plan to police themselves.

With those hearings looming, Trump sought to downplay the importance of Russian ads and fake news during the election. “Keep hearing about “tiny” amount of money spent on Facebook ads,” the president tweeted. “What about the billions of dollars of Fake News on CNN, ABC, NBC & CBS?”

“Crooked Hillary Clinton spent hundreds of millions of dollars more on Presidential Election than I did,” the president wrote in another tweet. “Facebook was on her side, not mine!”

Nonetheless, momentum is building in Congress to start regulating and patrolling the open plains of social media. On Thursday, a bipartisan bid was launched in the Senate to exercise some control over online political advertising.

“The Honest Ads Act”, sponsored by Democrats Amy Klobuchar and Mark Warner and Republican John McCain, is aimed at preventing foreign influence on elections by subjecting political ads sold online to the same rules and transparency that applies to TV and radio.

“Unfortunately, US laws requiring transparency in political campaigns have not kept pace with rapid advances in technology, allowing our adversaries to take advantage of these loopholes to deceive millions of American voters with impunity,” McCain said on the bill’s launch.

Social media companies have fought off such attempts at regulation for years, but a tech company employee who requested anonymity to speak about candidly about internal industry discussions suggested Silicon Valley might now be open to narrowly tailored regulation on political ads.

“In 2011, when political advertising on social media were more of a fledgling industry, companies were more concerned that a disclaimer would be problematic and hurt the industry,” the employee said. “The social and political ad space is so established now that it’s hard to see campaigns pulling out of the market based on that.”

However, it is not clear how much support the bill will attract from the Republican leadership, which has resisted efforts to restrict anything it sees as related to campaign finance.

Totally Divisive Material

The climate in which the legislation is debated will be determined to a great extent by the outcome of the 1 November hearings. Social media executives are going to be asked what they knew about Russian subversion of their platforms and when they knew it.

There will be also be sharp questioning over whether the precise targeting of divisive ads and fake news in areas that proved critical to Trump’s victory showed any evidence of collusion.

CNN has reported that Russian-purchased ads were targeted in sophisticated ways on key demographic groups in Wisconsin and Michigan. In central Pennsylvania, another state won narrowly by Trump, there is evidence of outside tampering designed to depress the Clinton vote.

John Mattes, a former Senate investigator who helped run the online campaign in San Diego for Bernie Sanders, Clinton’s challenger for the Democratic nomination, has found Sanders supporters sites riddled with Eastern Europeans posting fake news under false names.

More recently he has come across the same phenomenon in a Facebook supporters group in central Pennsylvania. One troll, calling himself Stephen Woods, shared a series of fake news stories targeting Clinton, Muslim refugees and African Americans.

Woods’ profile claimed he was from Los Angeles, but his details were thin and he had not bothered to delete posts before February 2015 that were all in Macedonian. Mattes suspects, as do US intelligence agencies, that many Macedonian trolls, who were responsible for a substantial amount of the fake news circulated during the election, are funded and fed material from Moscow.

“Obviously he was not doing this for economic reasons,” Mattes said. “This was totally divisive material intended to depress turnout for Hillary among Sanders supporters in a critical swing area.”

As the evidence of social media manipulation has grown, Facebook has mounted a campaign to address its vulnerabilities and repair the damage to its reputation.

“I don’t want anyone to use our tools to undermine democracy. That’s not what we stand for,” chief executive Mark Zuckerberg wrote in a 21 September post, on returning from parental leave.

He listed nine remedial actions the company was going to take, including measures that would disclose who paid for a political ad and allow their Facebook page to be visited to see what ads they were posting to other audiences.

Facebook has handed to the special counsel and congressional investigators looking into the Kremlin’s interference the content of 3,000 political ads paid for by a shadowy Russian entity called the Internet Research Agency (IRA). The company’s chief operating officer, Sheryl Sandberg, said Facebook owed the nation “not just an apology but determination” to defeat attempts to subvert US democracy.

In an interview with the Axios media site, Sandberg did not address whether Russian trolls were targeting the same users as the Trump campaign, which would point towards collusion. But she did promise: “When the ads get released we will also be releasing the targeting for those ads. We’re going to be fully transparent.”

However, she was vague on the question of when Facebook’s management became aware of large-scale Russian manipulation, saying only: “We started to hear the rumours around the election itself of a different kind of attack.”

Facebook will be asked to be more specific regarding questions about when red flags were raised inside the company and when an internal examination was launched. It will also be asked for a better sense of the true scale of its Russian infiltration, of which the IRA ads may only the tip of the iceberg.

Facebook has said it has taken down 470 accounts linked to the IRA but Senator Warner has pointed out that it took down 50,000 accounts in France.

“It just still seems scale-wise, I think there’s more to do,” he said.

The perfect disinformation platform

Twitter has taken a less forthcoming approach, not revealing numbers regarding the proportion of suspected bots among its users. Some analysts believe fake activity could account for more than half Twitter’s traffic

Buzzfeed reported that the company took 11 months to take down a Russian troll account impersonating the Tennessee Republican Party which had more than 130,000 followers, despite the complaints of the real GOP in the state.

Furthermore, in the course of the election Twitter changed its privacy policy in a way that has made it harder to investigate the Russian influence campaign, according to Thomas Rid, a strategic studies professor and cybersecurity expert at Johns Hopkins University in Washington.

Before the change in policy, tweets deleted by users would remain in archives maintained by the handful of data companies who subscribe to a full “firehose” access to the complete Twitter feed.

After the policy change, which some evidence suggests was made in September 2016, tweets deleted by their authors also have to be deleted in the archives, making it impossible to carry out a forensic analysis of campaigns to promote certain links, stories and hashtags by anyone seeking to cover their tracks.

Rid, who has been analysing the Twitter privacy policy change, said this “made it easier to destroy a lot of forensic evidence that would have been useful for an investigation”.

“The fact that we are in a democracy and we don’t know the answers to these questions is unacceptable,” he said. “Were the KGB to hire a contractor to build the perfect disinformation platform, they could not have done a better job than Twitter.”

In a statement on 28 September, Twitter said it was implementing policies aimed at weeding out bots and had found a total of 201 accounts that appeared to be linked to the Russian propaganda campaign. The company is reported by the Daily Beast to have handed over details of tweets promoted by the Kremlin’s English-language TV network, RT.

That was a tiny figure compared to the scale of intrusion suggested by outside researchers. Warner called Twitter’s response on the issue “inadequate on every level”.

Google said last month it had found no evidence of a Russian propaganda campaign. But the Washington Post reported on 9 October that an internal investigation had in fact found Russian operatives spread disinformation across Google’s many products, which include YouTube, as well as advertising associated with Google search and Gmail.

The congressional hearings will represent an opening skirmish in a struggle over the limits of internet freedom. The Silicon Valley giants will be protecting a worldview as well as their profit margin.

“There is a Californian libertarian mentality that assumes everyone is good at heart and that if you create an open platform, great things happen,” said one investigator looking into Russian manipulation of social media platforms. “But there are bad people out there who want to do bad things.

“The question about all this freedom is, what is a cost worth paying?”

Guardian:

You Might Aslo Read:

Social Media & 21st-Century Warfare:

Yahoo’s Big Breach Is A Catalyst for Change:

« Electronic Camouflage In Future Warfare
Cybersecurity Training Isn’t The Complete Solution »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Tendo Solutions

Tendo Solutions

Tendo Solutions provides intelligence, security, forensics and risk solutions to clients across different sectors and jurisdictions.

ISARA Corp

ISARA Corp

ISARA Corporation is a security solutions company specializing in creating class-defining quantum-safe cryptography for today's computing ecosystems.

Cyber Pathways

Cyber Pathways

Cyber Pathways brings together the next generation of Cyber professionals along with delegates who are looking to cross train and enter the cyber market.

Scholarly Networks Security Initiative (SNSI)

Scholarly Networks Security Initiative (SNSI)

SNSI brings together publishers and institutions to solve cyber-challenges threatening the integrity of the scientific record, scholarly systems and the safety of personal data.

CERT.JE

CERT.JE

CERT.JE is responsible for promoting and improving the cyber resilience across the critical national infrastructure, business communities and citizens in Jersey.

Debevoise & Plimpton

Debevoise & Plimpton

Debevoise & Plimpton LLP is a premier law firm with market-leading practices in areas including Data Strategy & Security.

Park Place Technologies

Park Place Technologies

Park Place Technologies' mission is to drive uptime, performance and value for critical IT infrastructure.

eCloudvalley Digital Technology

eCloudvalley Digital Technology

eCloudvalley Digital Technology is a born-in-the-cloud partner focused entirely on AWS services across APAC region.

Web3fied

Web3fied

Web3fied is a seed stage company building the future of decentralized digital identity and credentials management.

Sababa Security

Sababa Security

Sababa Security is the first Italian innovation cyber security vendor, that provides security products, training, and managed services to protect diverse IT and OT environments.

Yarix

Yarix

Yarix is the leading company in Var Group’s Digital Security division and one of the most recognised, innovative and authoritative Italian companies in the IT security sector.

Finlaw Associates

Finlaw Associates

Finlaw Associates is a trusted cybercrime law firm providing a wide range of taxation, legal, advisory and regulatory services to the financial, commercial and industrial communities.

Cyphershield

Cyphershield

Cypershield is a Security and Smart Contract audit company providing professional smart contract auditing services for varied Crypto projects.

StealthMole

StealthMole

StealthMole is a deep and dark web threat intelligence company that delivers a cloud-based, unified platform for digital investigation, risk assessment, and threat monitoring.

DataPatrol

DataPatrol

DataPatrol is a software company, specialized in providing Security and Privacy of company’s data and information in an evolved way.

Sword Group

Sword Group

Sword is a leader in data insights, digital transformation and technology services with a substantial reputation in complex IT, business projects and mission critical operations.