Tech Giants Face US Congress Over Russia Election

A showdown is looming in Washington between Congress and the powerful social media companies that have helped define the current unsettled age in western democracies.

The immediate issue before the Senate and the House intelligence committees, which first summoned representatives from Facebook, Twitter and Google to appear on 1 November to determine the extent the companies were used in a multi-pronged Russian operation to influence the 2016 presidential election.

All three companies have admitted that Russian entities bought ads on their sites in an effort to skew the vote. In Facebook’s case, ads pushing divisive messages were bought by fake American accounts and focused on swing states.

On Twitter, vast armies of automated user accounts, “bots”, and fake users helped promote fake news stories, damaging to Hillary Clinton and favourable to Donald Trump. Russian-funded accounts spread bogus stories across the Google search engine and its subsidiary YouTube.

The wider question hovering over the committee hearings on 1 November is whether these organisations, which once seemed to encapsulate the spirit of free speech and communication in the 21st century, have become Trojan horses used by foreign autocracies and domestic extremists to subvert democracies from the inside, exploiting openness, blurring fact and fiction and fuelling civil conflict.

“What should alarm the American people is the brazen exploitation and distortion of popular opinion by a hostile foreign power amounting really to an attack on our democracy,” Richard Blumenthal, Democratic senator for Connecticut, told the Guardian.

“This attempt to disrupt our elections by surreptitiously targeting voters in certain places with certain backgrounds and views is clear threat to our democratic process, so Americans should be as alarmed about it as they would be an act of war.”

Facebook, Twitter and Google will send their general counsels to testify before the congressional panels. They will face unprecedented questions about how the companies plan to police themselves.

With those hearings looming, Trump sought to downplay the importance of Russian ads and fake news during the election. “Keep hearing about “tiny” amount of money spent on Facebook ads,” the president tweeted. “What about the billions of dollars of Fake News on CNN, ABC, NBC & CBS?”

“Crooked Hillary Clinton spent hundreds of millions of dollars more on Presidential Election than I did,” the president wrote in another tweet. “Facebook was on her side, not mine!”

Nonetheless, momentum is building in Congress to start regulating and patrolling the open plains of social media. On Thursday, a bipartisan bid was launched in the Senate to exercise some control over online political advertising.

“The Honest Ads Act”, sponsored by Democrats Amy Klobuchar and Mark Warner and Republican John McCain, is aimed at preventing foreign influence on elections by subjecting political ads sold online to the same rules and transparency that applies to TV and radio.

“Unfortunately, US laws requiring transparency in political campaigns have not kept pace with rapid advances in technology, allowing our adversaries to take advantage of these loopholes to deceive millions of American voters with impunity,” McCain said on the bill’s launch.

Social media companies have fought off such attempts at regulation for years, but a tech company employee who requested anonymity to speak about candidly about internal industry discussions suggested Silicon Valley might now be open to narrowly tailored regulation on political ads.

“In 2011, when political advertising on social media were more of a fledgling industry, companies were more concerned that a disclaimer would be problematic and hurt the industry,” the employee said. “The social and political ad space is so established now that it’s hard to see campaigns pulling out of the market based on that.”

However, it is not clear how much support the bill will attract from the Republican leadership, which has resisted efforts to restrict anything it sees as related to campaign finance.

Totally Divisive Material

The climate in which the legislation is debated will be determined to a great extent by the outcome of the 1 November hearings. Social media executives are going to be asked what they knew about Russian subversion of their platforms and when they knew it.

There will be also be sharp questioning over whether the precise targeting of divisive ads and fake news in areas that proved critical to Trump’s victory showed any evidence of collusion.

CNN has reported that Russian-purchased ads were targeted in sophisticated ways on key demographic groups in Wisconsin and Michigan. In central Pennsylvania, another state won narrowly by Trump, there is evidence of outside tampering designed to depress the Clinton vote.

John Mattes, a former Senate investigator who helped run the online campaign in San Diego for Bernie Sanders, Clinton’s challenger for the Democratic nomination, has found Sanders supporters sites riddled with Eastern Europeans posting fake news under false names.

More recently he has come across the same phenomenon in a Facebook supporters group in central Pennsylvania. One troll, calling himself Stephen Woods, shared a series of fake news stories targeting Clinton, Muslim refugees and African Americans.

Woods’ profile claimed he was from Los Angeles, but his details were thin and he had not bothered to delete posts before February 2015 that were all in Macedonian. Mattes suspects, as do US intelligence agencies, that many Macedonian trolls, who were responsible for a substantial amount of the fake news circulated during the election, are funded and fed material from Moscow.

“Obviously he was not doing this for economic reasons,” Mattes said. “This was totally divisive material intended to depress turnout for Hillary among Sanders supporters in a critical swing area.”

As the evidence of social media manipulation has grown, Facebook has mounted a campaign to address its vulnerabilities and repair the damage to its reputation.

“I don’t want anyone to use our tools to undermine democracy. That’s not what we stand for,” chief executive Mark Zuckerberg wrote in a 21 September post, on returning from parental leave.

He listed nine remedial actions the company was going to take, including measures that would disclose who paid for a political ad and allow their Facebook page to be visited to see what ads they were posting to other audiences.

Facebook has handed to the special counsel and congressional investigators looking into the Kremlin’s interference the content of 3,000 political ads paid for by a shadowy Russian entity called the Internet Research Agency (IRA). The company’s chief operating officer, Sheryl Sandberg, said Facebook owed the nation “not just an apology but determination” to defeat attempts to subvert US democracy.

In an interview with the Axios media site, Sandberg did not address whether Russian trolls were targeting the same users as the Trump campaign, which would point towards collusion. But she did promise: “When the ads get released we will also be releasing the targeting for those ads. We’re going to be fully transparent.”

However, she was vague on the question of when Facebook’s management became aware of large-scale Russian manipulation, saying only: “We started to hear the rumours around the election itself of a different kind of attack.”

Facebook will be asked to be more specific regarding questions about when red flags were raised inside the company and when an internal examination was launched. It will also be asked for a better sense of the true scale of its Russian infiltration, of which the IRA ads may only the tip of the iceberg.

Facebook has said it has taken down 470 accounts linked to the IRA but Senator Warner has pointed out that it took down 50,000 accounts in France.

“It just still seems scale-wise, I think there’s more to do,” he said.

The perfect disinformation platform

Twitter has taken a less forthcoming approach, not revealing numbers regarding the proportion of suspected bots among its users. Some analysts believe fake activity could account for more than half Twitter’s traffic

Buzzfeed reported that the company took 11 months to take down a Russian troll account impersonating the Tennessee Republican Party which had more than 130,000 followers, despite the complaints of the real GOP in the state.

Furthermore, in the course of the election Twitter changed its privacy policy in a way that has made it harder to investigate the Russian influence campaign, according to Thomas Rid, a strategic studies professor and cybersecurity expert at Johns Hopkins University in Washington.

Before the change in policy, tweets deleted by users would remain in archives maintained by the handful of data companies who subscribe to a full “firehose” access to the complete Twitter feed.

After the policy change, which some evidence suggests was made in September 2016, tweets deleted by their authors also have to be deleted in the archives, making it impossible to carry out a forensic analysis of campaigns to promote certain links, stories and hashtags by anyone seeking to cover their tracks.

Rid, who has been analysing the Twitter privacy policy change, said this “made it easier to destroy a lot of forensic evidence that would have been useful for an investigation”.

“The fact that we are in a democracy and we don’t know the answers to these questions is unacceptable,” he said. “Were the KGB to hire a contractor to build the perfect disinformation platform, they could not have done a better job than Twitter.”

In a statement on 28 September, Twitter said it was implementing policies aimed at weeding out bots and had found a total of 201 accounts that appeared to be linked to the Russian propaganda campaign. The company is reported by the Daily Beast to have handed over details of tweets promoted by the Kremlin’s English-language TV network, RT.

That was a tiny figure compared to the scale of intrusion suggested by outside researchers. Warner called Twitter’s response on the issue “inadequate on every level”.

Google said last month it had found no evidence of a Russian propaganda campaign. But the Washington Post reported on 9 October that an internal investigation had in fact found Russian operatives spread disinformation across Google’s many products, which include YouTube, as well as advertising associated with Google search and Gmail.

The congressional hearings will represent an opening skirmish in a struggle over the limits of internet freedom. The Silicon Valley giants will be protecting a worldview as well as their profit margin.

“There is a Californian libertarian mentality that assumes everyone is good at heart and that if you create an open platform, great things happen,” said one investigator looking into Russian manipulation of social media platforms. “But there are bad people out there who want to do bad things.

“The question about all this freedom is, what is a cost worth paying?”

Guardian:

You Might Aslo Read:

Social Media & 21st-Century Warfare:

Yahoo’s Big Breach Is A Catalyst for Change:

« Electronic Camouflage In Future Warfare
Cybersecurity Training Isn’t The Complete Solution »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Ascentor

Ascentor

Ascentor specialises in independent information and cyber security consultancy. We’re experienced industry experts, providing cyber security services since 2004.

Bishop Fox

Bishop Fox

Bishop Fox is a leading authority in offensive security, providing solutions ranging from continuous penetration testing and attack surface management to product and application security assessments.

Cypress Semiconductor

Cypress Semiconductor

Cypress is a semiconductor design and manufacturing company providing embedded devices for secure IoT applications.

Sparta Consulting

Sparta Consulting

Sparta Consulting is an information management and business development full service provider.

Qubitekk

Qubitekk

Qubitekk has developed quantum cryptography solutions for the machine-to-machine (M2M) communications market.

Data Recovery Services (DRS)

Data Recovery Services (DRS)

DRS provides data recovery services from media including hard disk drives, RAID, solid state disks SSD, memory sticks, USB drives, SD cards, tapes and mobile phones.

Jeffer Mangels Butler & Mitchell LLP (JMBM)

Jeffer Mangels Butler & Mitchell LLP (JMBM)

JMBM is a full service law firm providing counseling and litigation services in a wide range of areas including cyber security.

Crypto4A Technologies

Crypto4A Technologies

Crypto4A quantum-ready cybersecurity solutions significantly improve protection for Cloud, loT, Blockchain, V2X, government and military application deployments.

Riddle&Code

Riddle&Code

Riddle&Code is a product-led services company specializing in onboarding industries to Web3. The team's mission is to provide a trusted connection between the digital and physical worlds.

IQ4 - Cybersecurity Workforce Alliance (CWA)

IQ4 - Cybersecurity Workforce Alliance (CWA)

Cybersecurity Workforce Alliance, a division of iQ4, is an organization comprised of a diverse range of professionals dedicated to the development of the cybersecurity workforce.

PlexTrac

PlexTrac

PlexTrac is a cybersecurity reporting and workflow management platform that supercharges security programs, making them more effective, efficient, and proactive.

Access Venture Partners

Access Venture Partners

Access Venture Partners are an early stage VC firm investing in bold founders and helping every step of the way. Areas we give special focus to include cybersecurity.

DESCERT

DESCERT

DESCERT offers you an extended IT, cyber security, risk advisory & compliance audit team which provides strategic guidance, engineering and audit services.

Siometrix

Siometrix

Siometrix addresses digital identity fraud. It steals your attacker's time and prevents many prevalent attack vectors.

SCS Technology Solutions

SCS Technology Solutions

SCS Technology Solutions has become the preferred partner for top performing organisations across Lincolnshire for IT support and consultancy.

RESTIV Technology

RESTIV Technology

RESTIV Compliance Copilot is your partner in continuous compliance. Real-time monitoring, continuous testing, and transparent evidence—no surprises, just peace of mind.