As the Facebook and Cambridge Analytica saga unfolds, how did social media become such a threat to democracy? John Kennedy investigates.
“Asleep or awake, working or eating, indoors or out of doors, in the bath or in bed — no escape, Big Brother is watching you,” George Orwell wrote prophetically in his book Nineteen Eighty-Four.
From his vantage point of 1949, as he watched the world plunge into a Cold War, Orwell might have gotten the year wrong, but he was right on the money about what was coming.
And now, we have gone from the Cold War to the Social Media War.
This is war we never could imagine, and one in which we are all just cannon fodder, whether we like to admit it or not. We offer up insights and clues daily, and, sadly – as the US elections of 2016 proved – some of us are pretty much being told what to think, or manipulated into what we should think, not so much by an imaginary Big Brother, but potentially a vast family of Big Brothers with diverse methods, politics and intentions.
The explosive Observer investigation at the weekend into Cambridge Analytica and how it is alleged to have improperly gained access to data on 50m Facebook users shocked the world. It took a seedier turn when Channel 4 video footage also emerged last night (19 March) indicating how Cold War-era tactics such as entrapping politicians with sex and bribes could also be used to manipulate elections to suit a corporate objective.
For some time now, Facebook has been firefighting insinuations of how fake news and manipulation of ads on its network by Russian cyber gangs contributed to the election of Donald Trump as president of the US.
The implication is that not only are nation states trying to manipulate social media, but third parties can do it, too – for the highest bidder.
And, as allegations continue to surface around how Cambridge Analytica was able to get data on 50m Facebook users in the first place using a third-party app, the social network has seen its share value plunge 7pc, wiping nearly $40bn off its market value as investors, worried about how new regulations could damage Facebook’s advertising business, take flight.
I don’t think Mark Zuckerberg ever intended for Facebook to have been abused the way it has been alleged to by nation states or businesses. I genuinely believe he wants to make the world a better place.
But, in many ways, the onset of social media, with billions of people offering up their own data to the social shrine, has sadly and predictably become a godsend for those who work in the shadows.
In war, any war, information is power
It does not help Facebook that, just as it grapples with how it has been used to spread disinformation for political purposes, the social network’s chief information security officer (CISO), Alex Stamos, is leaving the company.
I met Stamos in 2016 at the Web Summit in Lisbon – ironically, the same week that Trump was elected – and found him to be a conscientious and talented asset for Facebook. However, it turns out that Stamos is leaving over a disagreement over how much Facebook should publicly share about how nation states misused the platform, and debate over organisational changes in the run-up to the 2018 midterm elections in the US.
Apparently, Stamos advocated more disclosure about Russian interference and meddling with the network, but was met with resistance. It did not help – and it is extremely ironic, considering the scrutiny that Facebook is under from an infosec perspective – that Stamos’s CISO office had been reduced in size from 120 down to just three people.
For its part, Facebook said yesterday that it had hired forensic auditors from the firm Stroz Friedberg to investigate and determine whether Cambridge Analytica still had the data.
“Auditors from Stroz Friedberg were on site at Cambridge Analytica’s London office this evening,” the company said in a statement.
“At the request of the UK Information Commissioner’s Office, which has announced it is pursuing a warrant to conduct its own on-site investigation, the Stroz Friedberg auditors stood down.”
For its part, Cambridge Analytica has denied media claims, and said that it deleted all Facebook data that it obtained from a third-party app in 2014 after learning of the conflict with data protection regulation.
The company has also rejected allegations emerging from secretly taped interviews with senior executives that portrayed them boasting of their ability to sway elections in countries around the world such as Sri Lanka by using data and political manipulation.
Regulation is coming
Facebook’s battle is really about taking its head out of the sand, facing up to the reality that people are trying to manipulate the platform in turn to manipulate users, and effectively proving to the masses that it really has the ordinary user’s interests – their privacy and safety – at heart.
Whether Facebook or Wall Street or the wider Silicon Valley like it or not, greater regulation is coming.
In Europe – thanks to the work of campaigning lawyer Max Schrems – we have gotten accustomed to debates around what internet giants are doing with our data and resulting regulatory intensity.
With the General Data Protection Regulation (GDPR) becoming law in May across the EU, tech companies are now going to be under greater-than-ever regulatory security both sides of the Atlantic.
Various attorneys general of US states are about to launch inquiries into Facebook’s data policies.
Not only that, but the US Senate is expected to progress a bill that would chip away at the internet industry’s legal shield, a law known as Section 230 of the Communications Decency Act, with new legislation to tackle online sex traffic.
The lid on a virtual Pandora’s box has been lifted and it could be the biggest existential battle Facebook has faced in its short 14-year history.
It’s not a dystopian fantasy, it is today’s reality
Whether most users realise it or not; whether you use social networks such as Facebook or Twitter, or just consider yourself a private citizen with no interest in social media, you are on the frontline of a dangerous new epoch in human history.
If you have a computer or carry a mobile device, you are a node on a new battlefield.
The weapons aren’t bullets – they are your thoughts, persuasions or backdoors into your prejudices or your bank accounts. And, willingly, we all subscribe to the echo chambers we choose to understand or affiliate with.
Most devices – despite using the latest antivirus systems – may have already been compromised because most internet security players are behind on security threat detection. It is a game of cat-and-mouse between tech firms and hackers; some working for themselves, some in the pocket of corporations or nation states.
And ordinary users are mere cannon fodder.
Most up-to-date devices already have malware inside waiting for a digital foot soldier belonging to Russia, China, Israel or the US to just hit the button.
As it emerged on Friday (16 March), the US has officially warned that Russian hackers have already been shown to have gained access to energy grids, nuclear power facilities and water facilities in the US. That alert was based on a report by Symantec last October.
If that isn’t worrying enough, the fact that shadowy interests can manipulate the masses to suit their intentions is terrifying.
That alone is the single greatest threat to world democracy in the 73 or so years since the end of World War II.
And it is only now that we are getting our heads around the vulnerabilities of our privacy.
As this unfolds, ask yourself: what is the right side?
And who is the enemy?
Want stories like this and more direct to your inbox? Sign up for Tech Trends, Silicon Republic’s weekly digest of need-to-know tech news.