Once again it looks like we will have to leave it to the European Union to be the adult in the room, especially when it comes to US companies running roughshod over everyone in pursuit of the almighty dollar. We have them to thank for things like taking Microsoft to task for various monopolistic tactics with the Windows OS, getting Apple to make iPhones with USB-C charging ports and the whole General Data Protection Regulation thing which made the internet a little obnoxious for everyone for a short while, but sometimes medicine doesn’t always taste good. This time around the EU has Meta in its sights for Facebook’s recent plans to decommission its political election monitoring platform CrowdTangle without offering any sort of replacement, something that the European Commission says could be a violation of the recently implemented Digital Services Act.
What this means for you
Normally, regulatory reform started in the EU takes a while to make its way across the pond to us (if it makes it at all), but fortunately for us, election season starts in June for the EU, and the EC is concerned that Facebook is not doing enough to combat misinformation on its platform. Facebook isn’t the only platform the that is under DSA scrutiny: both TikTok and Twitter also have pending investigations that will hopefully result in something more than the wrist slaps handed out by US regulatory bodies. In the case of Facebook, they could be facing fines upwards of $8.5 billion for failing to “tackle the spread of illegal content, online disinformation and other societal risks.” Even for a company as big as Meta, that’s going to sting. The EC has given Meta 5 days to provide an explanation. While it’s likely that Zuckerberg and crew will provide the usual corporate platitudes it always trots out in these situations, the EC’s track record seems to indicate that hand-waving and vague promises won’t be enough. Everyone, cross your fingers!
Image by Ralph from Pixabay
There’s no way to spin this: Facebook is currently running a political ad with a false claim that Biden tried to bribe Ukraine regarding an investigation into a firm that employed his son. Facebook’s own fact-checking partners have debunked this claim, and yet, the ad has been viewed millions of times and even re-broadcasted by traditional media outlets.
According to its own misinformation policy governing ads, Facebook
“…prohibits ads that include claims debunked by third-party fact checkers or, in certain circumstances, claims debunked by organizations with particular expertise.”
https://www.facebook.com/policies/ads/prohibited_content/misinformation
Open and shut case, right? Not so fast, or at least, no so fast as of September 24th, when Facebook “clarified” why it was allowing political ads containing lies to run on its platform unchecked. Facebook VP of Global Affairs and Communications Nick Clegg announced on the stage at the Atlantic Festival in Washington D.C.
“We have a responsibility to protect the platform from outside interference, and to make sure that when people pay us for political ads we make it as transparent as possible. But it is not our role to intervene when politicians speak.”
https://newsroom.fb.com/news/2019/09/elections-and-political-speech/
And furthermore, Mr. Clegg cites a policy established in 2016 (approximately one month prior to the November 2016 elections) that literally grants an exception to ANY content it deems “newsworthy, significant or important to the public interest…“
“..if someone makes a statement or shares a post which breaks our community standards we will still allow it on our platform if we believe the public interest in seeing it outweighs the risk of harm.” (emphasis mine)
https://newsroom.fb.com/news/2019/09/elections-and-political-speech/
I can get behind the principle of this – Facebook is trying to tread the fine line between unbiased distribution of information while facing the impossible task of fact-checking the millions of posts that are published on it platform. But here’s the hitch: Facebook is telling us that it has our best interests at heart, but has repeatedly demonstrated that this is just not the case. Also consider the fact that Facebook considers profanity banworthy but not outright falsehoods. Based solely on that alone, I would question whether or not Facebook has an accurate understanding of what is actually harmful. That and the incident where the spread of false information via Facebook actually lead to genocide, something that the world seems to have conveniently forgotten.
Given that political ads are resulting in millions of dollars in revenue a week for Facebook, and that Mark Zuckerberg has been quietly hosting private dinners with high-profile right-wing conservatives (a verifiable large source of ad revenue) who have been critical of Facebook in the past, its pretty clear that Facebook knows exactly which side butters its toast.
I don’t care which side of the political spectrum an ad comes from, but I do care if you are relying on falsehoods instead of facts to profit, and I find it offensive that the world’s biggest social media platform on which billions trust as their primary news source disrespects its customers with double standards and naked profiteering. At minimum, you should be taking everything you see on Facebook with a huge grain of salt, especially the political ads.
There are so many reports of this nature that I literally can’t even. My vacation can’t come soon enough, but in reality I’m just going to be worrying about all of you staying safe in the face of widespread negligence and malfeasance. Read on if you dare:
AT&T employees took bribes to plant malware on the company’s network
TLDR: Pakastani hackers bribe ATT employees $1M+ over the course of 5 years to unlock phones and install malware and rogue devices on ATT networks.
More N.S.A. Call Data Problems Surface as Law’s Expiration Approaches
TLDR: Remember all that secret data collection the NSA got caught doing a few years back? They were supposed to delete that data, but Oops! they didn’t.
Yelp is Screwing Over Restaurants By Quietly Replacing Their Phone Numbers
TLDR: Yelp set up a shady deal with GrubHub to redirect customer calls through their hub instead of dialing the restaurant direct. Restaurants get charged a marketing fee for this sleight-of-hand.
Twitter may have shared your data with ad partners without consent
TLDR: Twitter may have inadvertently shared data on your viewing habits that it collected without authorization. And then used that data to show you more ads. “Oops.”
Democratic Senate campaign group exposed 6.2 million Americans’ emails
TLDR: Dumb campaign staffer puts unsecured spreadsheet online in 2010. Emails have been exposed for nearly 10 years.
Image courtesy of TAW4 at FreeDigitalPhotos.net
The controversial CISPA (Cyber Intelligence Sharing and Protection Act) proposal has passed committee review and is heading to the Senate for a vote, despite a clear warning from the Obama administration that it would VETO the proposed law. Unlike the equally controversial SOPA (Stop Online Piracy Act) backed by media companies and defeated through vigorous and coordinated protests from the technology industry, CISPA has divided the technology industry. Many large companies like IBM, AT&T, Oracle and Verizon backing it, while other, equally sizeable companies like Facebook, Microsoft, Google and dozens of activist organizations oppose the bill on the grounds that it doesn’t do enough to protect the privacy of US citizens.
What this means for you:
In case you are confused as to how CISPA might impact you or your business personally, here’s a summation of what the bill proposes: This law would allow telecommunication companies to share data with governmental agencies for the purposes of combatting terrorist or criminal activity, overriding any local laws that would prohibit such sharing. According to supporters, law-abiding citizens should have nothing to worry about, but opponents contend that on top of very weak protections for citizen privacy, there is nothing in the bill that would protect citizens from potential abuse by the various intelligence agencies who could amass an inconceivably comprehensive database from the information gained by CISPA. Regardless of which side of the privacy fight you stand on, it behooves you as a US citizen to be aware of where you stand on this issue, as well as encouraging everyone around you to participate as they can in helping our government come to terms with this problem.
Image courtesy of Stuart Miles / FreeDigitalPhotos.net
Though it’s no secret to the security world, the US government has specifically avoided naming Chinese state agencies as the source of a tremendous surge in cyberattacks on corporate and government institutions over the course of the past 2 years. On Monday, the gloves finally came off as Obama’s security advisor, Tom Donilon pointed the finger of blame right at China’s military in a speech given to the Asia Society in New York, NY, as evidence gathered by multiple security firms continues to build an unavoidable confrontation on this issue. The Chinese government has of course denied these allegations, but has also said that it is willing to meet with the US and other nations to discuss cybersecurity.
What this means for you:
It’s still very early in the ballgame to decide if this is going to make things better or worse for the average business. At the moment, unless you are on the short list of companies that have information worthy of corporate or state-sponsor cyber-espionage, nothing will change for you, as your threats are likely still coming from the “traditional” vectors: either organized criminal elements seeking to steal from you, or random mischief and mayhem generated by malware controlled by those with less focus and malice. Today, as before, constant vigilance remains the most effective tool in your defense.
Targets of state-sponsored cyberattacks will continue to have a great deal to worry about. Where a “garden variety” attacker encountering strong defenses would normally move on to easier marks, cyber espionage targets will typically suffer through a dedicated, prolong campaign of multiple types of attacks (brute force, trojan horse, spear phishing, social engineering, etc.) because of the valuable data or services protected within and the deep pockets of the government powering their efforts.
It’s not immediately clear what either government hopes to accomplish around meeting on cyber warfare, other than to set up guidelines that will only be used for political leverage when violated by the other party, and probably ignored when it suits either country. As you can imagine, rules like the Geneva War Conventions only work when both sides are willing to abide by them.
In a House Intelligence committee report released on Monday, Oct 8, 2012, US lawmakers cite security concerns with Chinese electronics manufacturing firms Huawei and ZTE. Though neither could be considered a brand recognizable in the US, both firms manufacture electronics that are used to power telecommunication devices all over the world. Though no overt wrongdoing was detected in the 9-month investigation, the report notes that the firms refused to fully cooperate with the investigation. The Chinese government is known to have a heavy hand in directing operations and even strategy for Chinese businesses, mostly to ensure tight control over national security, so it’s no wonder investigators may have encountered resistance from the companies.
What this means for you:
Independent, industry-led investigations have not found any evidence that equipment utilizing parts manufactured by either company have purposefully included security defects or “backdoors” that may have been mandated by the Chinese government as a possible means to infiltrate other countries’ data networks, though vulnerabilities have been found in older Huawei routers. Similar defects have been found in Cisco routers (an American company) which lends credence that the vulnerabilities were not state-sponsored “backdoors”, but instead a product of ongoing security research and development. The intelligence report seems to be more politically minded as opposed to highlighting a clear and present danger, focusing on “what-if” scenarios given China’s heavy-handed government, and fails to note that Chinese (or any other nationality) hackers don’t need an easy-to-detect backdoor to hack American business interests.