Tech Giants Face US Congress Over Russia Election

A showdown is looming in Washington between Congress and the powerful social media companies that have helped define the current unsettled age in western democracies.

The immediate issue before the Senate and the House intelligence committees, which first summoned representatives from Facebook, Twitter and Google to appear on 1 November to determine the extent the companies were used in a multi-pronged Russian operation to influence the 2016 presidential election.

All three companies have admitted that Russian entities bought ads on their sites in an effort to skew the vote. In Facebook’s case, ads pushing divisive messages were bought by fake American accounts and focused on swing states.

On Twitter, vast armies of automated user accounts, “bots”, and fake users helped promote fake news stories, damaging to Hillary Clinton and favourable to Donald Trump. Russian-funded accounts spread bogus stories across the Google search engine and its subsidiary YouTube.

The wider question hovering over the committee hearings on 1 November is whether these organisations, which once seemed to encapsulate the spirit of free speech and communication in the 21st century, have become Trojan horses used by foreign autocracies and domestic extremists to subvert democracies from the inside, exploiting openness, blurring fact and fiction and fuelling civil conflict.

“What should alarm the American people is the brazen exploitation and distortion of popular opinion by a hostile foreign power amounting really to an attack on our democracy,” Richard Blumenthal, Democratic senator for Connecticut, told the Guardian.

“This attempt to disrupt our elections by surreptitiously targeting voters in certain places with certain backgrounds and views is clear threat to our democratic process, so Americans should be as alarmed about it as they would be an act of war.”

Facebook, Twitter and Google will send their general counsels to testify before the congressional panels. They will face unprecedented questions about how the companies plan to police themselves.

With those hearings looming, Trump sought to downplay the importance of Russian ads and fake news during the election. “Keep hearing about “tiny” amount of money spent on Facebook ads,” the president tweeted. “What about the billions of dollars of Fake News on CNN, ABC, NBC & CBS?”

“Crooked Hillary Clinton spent hundreds of millions of dollars more on Presidential Election than I did,” the president wrote in another tweet. “Facebook was on her side, not mine!”

Nonetheless, momentum is building in Congress to start regulating and patrolling the open plains of social media. On Thursday, a bipartisan bid was launched in the Senate to exercise some control over online political advertising.

“The Honest Ads Act”, sponsored by Democrats Amy Klobuchar and Mark Warner and Republican John McCain, is aimed at preventing foreign influence on elections by subjecting political ads sold online to the same rules and transparency that applies to TV and radio.

“Unfortunately, US laws requiring transparency in political campaigns have not kept pace with rapid advances in technology, allowing our adversaries to take advantage of these loopholes to deceive millions of American voters with impunity,” McCain said on the bill’s launch.

Social media companies have fought off such attempts at regulation for years, but a tech company employee who requested anonymity to speak about candidly about internal industry discussions suggested Silicon Valley might now be open to narrowly tailored regulation on political ads.

“In 2011, when political advertising on social media were more of a fledgling industry, companies were more concerned that a disclaimer would be problematic and hurt the industry,” the employee said. “The social and political ad space is so established now that it’s hard to see campaigns pulling out of the market based on that.”

However, it is not clear how much support the bill will attract from the Republican leadership, which has resisted efforts to restrict anything it sees as related to campaign finance.

Totally Divisive Material

The climate in which the legislation is debated will be determined to a great extent by the outcome of the 1 November hearings. Social media executives are going to be asked what they knew about Russian subversion of their platforms and when they knew it.

There will be also be sharp questioning over whether the precise targeting of divisive ads and fake news in areas that proved critical to Trump’s victory showed any evidence of collusion.

CNN has reported that Russian-purchased ads were targeted in sophisticated ways on key demographic groups in Wisconsin and Michigan. In central Pennsylvania, another state won narrowly by Trump, there is evidence of outside tampering designed to depress the Clinton vote.

John Mattes, a former Senate investigator who helped run the online campaign in San Diego for Bernie Sanders, Clinton’s challenger for the Democratic nomination, has found Sanders supporters sites riddled with Eastern Europeans posting fake news under false names.

More recently he has come across the same phenomenon in a Facebook supporters group in central Pennsylvania. One troll, calling himself Stephen Woods, shared a series of fake news stories targeting Clinton, Muslim refugees and African Americans.

Woods’ profile claimed he was from Los Angeles, but his details were thin and he had not bothered to delete posts before February 2015 that were all in Macedonian. Mattes suspects, as do US intelligence agencies, that many Macedonian trolls, who were responsible for a substantial amount of the fake news circulated during the election, are funded and fed material from Moscow.

“Obviously he was not doing this for economic reasons,” Mattes said. “This was totally divisive material intended to depress turnout for Hillary among Sanders supporters in a critical swing area.”

As the evidence of social media manipulation has grown, Facebook has mounted a campaign to address its vulnerabilities and repair the damage to its reputation.

“I don’t want anyone to use our tools to undermine democracy. That’s not what we stand for,” chief executive Mark Zuckerberg wrote in a 21 September post, on returning from parental leave.

He listed nine remedial actions the company was going to take, including measures that would disclose who paid for a political ad and allow their Facebook page to be visited to see what ads they were posting to other audiences.

Facebook has handed to the special counsel and congressional investigators looking into the Kremlin’s interference the content of 3,000 political ads paid for by a shadowy Russian entity called the Internet Research Agency (IRA). The company’s chief operating officer, Sheryl Sandberg, said Facebook owed the nation “not just an apology but determination” to defeat attempts to subvert US democracy.

In an interview with the Axios media site, Sandberg did not address whether Russian trolls were targeting the same users as the Trump campaign, which would point towards collusion. But she did promise: “When the ads get released we will also be releasing the targeting for those ads. We’re going to be fully transparent.”

However, she was vague on the question of when Facebook’s management became aware of large-scale Russian manipulation, saying only: “We started to hear the rumours around the election itself of a different kind of attack.”

Facebook will be asked to be more specific regarding questions about when red flags were raised inside the company and when an internal examination was launched. It will also be asked for a better sense of the true scale of its Russian infiltration, of which the IRA ads may only the tip of the iceberg.

Facebook has said it has taken down 470 accounts linked to the IRA but Senator Warner has pointed out that it took down 50,000 accounts in France.

“It just still seems scale-wise, I think there’s more to do,” he said.

The perfect disinformation platform

Twitter has taken a less forthcoming approach, not revealing numbers regarding the proportion of suspected bots among its users. Some analysts believe fake activity could account for more than half Twitter’s traffic

Buzzfeed reported that the company took 11 months to take down a Russian troll account impersonating the Tennessee Republican Party which had more than 130,000 followers, despite the complaints of the real GOP in the state.

Furthermore, in the course of the election Twitter changed its privacy policy in a way that has made it harder to investigate the Russian influence campaign, according to Thomas Rid, a strategic studies professor and cybersecurity expert at Johns Hopkins University in Washington.

Before the change in policy, tweets deleted by users would remain in archives maintained by the handful of data companies who subscribe to a full “firehose” access to the complete Twitter feed.

After the policy change, which some evidence suggests was made in September 2016, tweets deleted by their authors also have to be deleted in the archives, making it impossible to carry out a forensic analysis of campaigns to promote certain links, stories and hashtags by anyone seeking to cover their tracks.

Rid, who has been analysing the Twitter privacy policy change, said this “made it easier to destroy a lot of forensic evidence that would have been useful for an investigation”.

“The fact that we are in a democracy and we don’t know the answers to these questions is unacceptable,” he said. “Were the KGB to hire a contractor to build the perfect disinformation platform, they could not have done a better job than Twitter.”

In a statement on 28 September, Twitter said it was implementing policies aimed at weeding out bots and had found a total of 201 accounts that appeared to be linked to the Russian propaganda campaign. The company is reported by the Daily Beast to have handed over details of tweets promoted by the Kremlin’s English-language TV network, RT.

That was a tiny figure compared to the scale of intrusion suggested by outside researchers. Warner called Twitter’s response on the issue “inadequate on every level”.

Google said last month it had found no evidence of a Russian propaganda campaign. But the Washington Post reported on 9 October that an internal investigation had in fact found Russian operatives spread disinformation across Google’s many products, which include YouTube, as well as advertising associated with Google search and Gmail.

The congressional hearings will represent an opening skirmish in a struggle over the limits of internet freedom. The Silicon Valley giants will be protecting a worldview as well as their profit margin.

“There is a Californian libertarian mentality that assumes everyone is good at heart and that if you create an open platform, great things happen,” said one investigator looking into Russian manipulation of social media platforms. “But there are bad people out there who want to do bad things.

“The question about all this freedom is, what is a cost worth paying?”

Guardian:

You Might Aslo Read:

Social Media & 21st-Century Warfare:

Yahoo’s Big Breach Is A Catalyst for Change:

« Electronic Camouflage In Future Warfare
Cybersecurity Training Isn’t The Complete Solution »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

CloudInsure

CloudInsure

CloudInsure is a Cloud Insurance platform designed to specifically address emerging liabilities within the Cloud environment.

D-Fence

D-Fence

D-Fence high availability security service protects corporate email communication, the company and it's employee's against cyber threats.

Claroty

Claroty

Claroty was conceived to secure and optimize OT networks that run the world’s most critical infrastructures.

Berwick Partners

Berwick Partners

Berwick Partners’ Cyber Security Practice is a leading recruiter of senior management positions in this field; we have an exceptional understanding of the constantly changing Cyber landscape.

Cybeats Technologies

Cybeats Technologies

Cybeats delivers an integrated security platform designed to secure and protect high-valued connected devices.

Careerjet

Careerjet

Careerjet is a leading online job search engine with a large presence worldwide, sourcing millions of job ads from thousands of websites from all over the world in areas including Cybersecurity.

SecureThings

SecureThings

SecureThings focus is to provide guidance and technology to secure connected vehicles in order to build end-to-end security for the automotive industry.

Sabat Group

Sabat Group

Sabat Group provide relationship-driven information security & cyber security recruiting services.

Sprint Networks

Sprint Networks

Sprint Networks is a trusted compliance and risk program advisor which deliver cost-effective technology to reduce enterprise-wide risk.

Switchfast Technologies

Switchfast Technologies

Switchfast Technologies is an IT consulting and managed services provider, offering IT support and consulting to Chicagoland small businesses.

Upstack

Upstack

UPSTACK - One partner, end-to-end expertise, helping develop the solutions you need – when you need them.

Archer Technologies

Archer Technologies

Archer helps organizations manage risk in the digital era—uniting stakeholders, integrating technologies and transforming risk into reward.

Oz Forensics

Oz Forensics

Oz Forensics is a global leader in preventing biometric and deepfake fraud. It is a developer of facial Liveness detection for Antifraud Biometric Software with high expertise in the Fintech market.

Indevtech

Indevtech

Indevtech has been serving Hawaii since 2001, providing end-to-end managed IT services to small- and medium-businesses.

PureSoftware

PureSoftware

PureSoftware is a global software products and digital services company that is driving transformation for the world’s top organizations across various industry verticals.

Hubble

Hubble

Hubble grew from the idea that legacy solutions were failing to provide organizations with the asset visibility they needed to effectively secure and operate their businesses.