Dispatch (July 2nd) from the Alliance for Security Democracy

Alliance for Securing Democracy – Weekly Dispatch

Facebook and Twitter attempt to improve political advertising on their platforms: Facebook announced steps to further increase the transparency of ads and Pages on its platform. Viewers will now be able to see the ads that a Page is running across Facebook, Instagram, Messenger, and partner networks, and have the option to report suspicious ads. In a move that has received criticism from publishers, Facebook’s head of global news partnerships Campbell Brown also announced that the company would divide its political ads archive into two sections – one for ads promoting news stories about politics and one for ads promoting political candidates and issues. Michael Golden, president of the World Association of Newspapers and News Publishers (WAN-IFRA), complained that Facebook “confounds the distinction between journalism and political advocacy;” while Byard Duncan, reporter for Reveal, added: “In trying to combat the spread of fake news and other disinformation ahead of 2018’s elections, Facebook is putting barriers in front of legitimate news organizations that want to get their stories in front of a wider audience.” In launching its Ads Transparency Center, Twitter claimed that users will now be able to search for any Twitter handle and bring up the ad campaigns from that account. There will also be additional data available, including information on billing, impressions per tweet, and demographic targeting for political advertisers in the United States. (Facebook, The Straits Times, Digiday, Techrunch)

U.S. lawmakers and tech companies seek to improve election security: The Senate Intelligence Committee unanimously approved the Intelligence Authorization Act for fiscal years 2018 and 2019. The bill contains measures to enhance election security and prevent interference from foreign adversaries. Committee Chairman Richard Burr (R-NC) said “in the wake of foreign efforts to interfere with the 2016 U.S. elections … it is vital that we ensure our voting process remains fair and free from undue influence.” Senator Dianne Feinstein (D-CA) introduced the Bot Disclosure and Accountability Act, which aims to limit the online reach of social media bots during elections. American tech companies are also beginning to discuss methods to prevent foreign interference on social media ahead of the midterm elections. The New York Times reported that Facebook organized a meeting last month between FBI and DHS officials and representatives from major tech companies, including Google, Twitter, Apple, and Microsoft, in order to discuss preparations for this year’s midterm elections. However, the Times explained that, “in public and behind closed doors, intelligence officials have offered scant details about what Russia is doing, prompting frustration from Silicon Valley to Capitol Hill.” Former acting director of the CIA John McLaughlin warned that “there is not the slightest evidence that Russia intends to back off” from interfering in our elections, and while there is still no proof that it was able to alter the results of the vote in 2016, the greatest danger is that it “affected voter attitudes on a range of issues, stoked partisan hostilities and may have reduced confidence in election integrity.” National Security Advisor John Bolton said that President Trump and President Putin would likely discuss the Kremlin’s alleged election meddling during their planned meeting July 16 in Helsinki, Finland. (Roll Call, Senate.gov, The New York Times, Ozy, The New York Post)

Twitter takes aim at manipulation of its platform as users continue to exploit it: Twitter announced new measures that the company is taking to improve how it handles spam, malicious automation, and platform manipulation. Some of the measures include reducing the visibility of suspicious accounts in Tweet and account metrics; improving the signup process; auditing existing accounts for signs of automated signup; and expanding malicious behavior detection systems. Meanwhile, DFR Lab discovered a small group of “active, aggressive, and coordinated” Twitter users that has been engaged for at least 18 months in a “relatively crude” campaign of public posts that attack critics of the Syrian and Russian regimes. Analyst Ben Nimmo points out that while the core group is small, some of its attacks have been so effective that they have drowned out other voices, “dominating the conversation around the targets’ usernames with hostile tweets.” (Twitter, DFR Lab)

California passes a new data-privacy bill as industry balks: California passed a bill that gives consumers first-time protections for their data, and imposes strict restrictions on how tech companies collect and use user data. The bill, which will go into effect in 2020, “broadens the definition of what constitutes as personal information and gives California consumers the right to prohibit the sale of personal data to third parties and opt out of sharing it altogether.” The new protections apply to Internet platforms, such as Facebook, and Google, but also to other businesses that collect data on their customers. State Senator Bill Dodd (D-CA) said in a statement: “My hope is other states will follow, ensuring privacy and safeguarding personal information in a way the federal government has so far been unwilling to do.” The tech industry is mobilizing against the bill. Google spokeswoman Katherine Williams explained that “while today’s law marks some improvements to an overly vague and broad ballot measure, it came together under extreme time pressure, and imposes sweeping novel obligations on thousands of large and small businesses around the world, across every industry.” Robert Callahan, vice president of state government affairs for the Internet Association, an industry group that includes Google, Facebook, and Amazon, said, “It is critical going forward that policymakers work to correct the inevitable, negative policy, and compliance ramifications this last-minute deal will create for California’s consumers and businesses alike.” (The Wall Street Journal, The Hill)

House approves legislation to improve the foreign investment review process to deter Chinese influence: The House of Representatives advanced the Foreign Investment Risk Review Modernization Act of 2018 (FIRRMA), which reforms the Committee on Foreign Investment in the United States (CFIUS) that reviews foreign investment transactions for threats to U.S. national security. FIRRMA closes loopholes in CFIUS’s jurisdiction and strengthens the foreign investment review process, allowing the agency more power to limit or turn away investments in critical technologies and infrastructure by China. Rep. Robert Pittenger (R-NC) explained: “For over two years, we have fought for CFIUS reform and the implementation of stronger policies to combat strategic and disruptive Chinese activities … this landmark legislation will take enormous steps to improve our foreign investment review process to prevent further transfers of military applicable technologies to the Chinese government.” (House.gov)

Social media manipulation prevalent ahead of Mexico’s presidential election: The DFR Lab found that Facebook pages and Twitter accounts promoted partisan political messages, most of them attacking Andres Manuel Lopez Obrador ahead of Mexico’s July 1 presidential election. DFR Lab presented data pointing to the involvement of automated bots, which boost messages by giving them “deceptively high numbers of likes and retweets.” Specifically, they revealed Facebook pages that criticized Obrador featured posts with thousands of “likes” but no other reactions or comments, an unusual phenomenon on Facebook. DFR Lab also discovered that a network of automated Twitter accounts continued to promote partisan messages which appeared to have been paid for by local political groups and were linked to Carlos Merlo, self-described as Mexico’s “king of fake news.” Spanish firm Alto Data Analytics analyzed the digital space ahead of the election and discovered that although RT did not play a decisive role in the creation of narratives, or significantly disrupt the public debate surrounding the election, “there were repetitions of similar strategies and tactics successfully used in other electoral processes in Europe and USA.” Lopez Obrador ultimately won the election. (DFR Lab, Alto Data Analytics)

Australia passes sweeping laws to curb foreign interference: Australia approved sweeping national security laws that target foreign interference in politics and introduced tougher penalties on espionage. Attorney General Christian Porter said that Australia’s national security had been greatly enhanced with the successful passage of the bills, calling them “strong new laws against those who seek to undermine our national security and our democratic institutions and processes.” While government officials have said that the laws are not aimed at any country, their passage comes at a time when Australia has expressed concern about China’s increasing influence. Lu Kang, spokesman for the Chinese Foreign Ministry, responded that China does not interfere in other countries’ affairs: “We hope that all countries could cast off Cold War mind-set and strengthen exchanges and cooperation on the basis of mutual respect and equal treatment.” The United States, United Kingdom, and Canada are drafting similar legislation. (The Guardian, The New York Times)

EU leaders move to extend sanctions on Russia: After meeting in Brussels on June 29, the European Council (EC) announced that EU leaders agreed to extend economic sanctions against Russia for six months. According to an EU official, Friday’s decision came after a “very short discussion” on Ukraine, Russia, and the Minsk peace agreement. The sanctions were first imposed in 2014 after Russia illegally annexed Crimea and have been subsequently renewed every six months. In a summit statement, the EU leaders also reiterated their “full support” for a UN resolution on the downing of MH17 over eastern Ukraine in 2014, killing over 200 people on board. As Italy seeks to ease tensions with Russia, Italian Prime Minister Giuseppe Conte argued that the renewal of EU sanctions against Russia should not be automatic, and warned that “we need to be very careful about this. Sanctions should be a means and not constitute an end.” (RFE/RL, Reuters)

Ukraine warns of Russian cyber-attack one year after NotPetya: Ukraine’s cyber police chief Serhiy Demedyuk told Reuters that hackers from Russia are infecting Ukrainian companies – including banks and energy infrastructure firms – with malicious software to create “back doors” for a large, coordinated cyber-attack. Russian spokesperson Dmitry Peskov denied the allegations. Chief scientist with cybersecurity firm AlienVault Jaime Blasco pointed out that “the fact that the Ukraine government has decided to go public with this shows that they are scared that this could have a big impact and want people to be aware.” These allegations come a day after the one-year anniversary of the costly cyberattack “NotPetya,” which took down government agencies and businesses in Ukraine before spreading to corporate networks around the globe. Andrea Limbago, chief social scientist at the cybersecurity firm Endgame advised that, “when Ukraine warns about cyber-attacks … we should take notice, because NotPetya showed Russia is willing to inflict massive collateral damage in those attacks.” Director of intelligence analysis at FireEye John Hulquist added that the attack demonstrates “Russia has not slowed down since NotPetya.” (Reuters, Axios)

U.K. calls for reforms on digital political advertising: A new report by the U.K.’s Electoral Commission warned that British democracy “may be under threat,” and called for urgent legal changes to increase transparency about how digital tools are used for political campaigning, including requiring all digital political campaigns to report their funders; imposing new restrictions on spending in U.K. elections and referendums by foreign organizations; and mandating all campaigners provide detailed paperwork about their online expenditures. Commission chair John Holmes explained that “implementing our package of recommendations will significantly increase transparency about who is seeking to influence voters online, and the money spent on this at U.K. elections and referendums.” (The Electoral Commission)

Russian and U.S. energy officials discussed Nord Stream 2 as experts warn of its risks: Russian Energy Minister Alexander Novak met with U.S. Treasury Secretary Steven Mnuchin and U.S. Energy Secretary Rick Perry to discuss continued sanctions on Russia and the proposed Nord Stream 2 pipeline between Russia and Germany – which the U.S. government officially opposes. Following the meeting, Novak said that “implementation of such infrastructure projects has to be built on the economic basis,” and should not involve “political evaluation,” while Secretary Perry told reporters: “I think we’ve got our issues with Russia, but I’m one of those that believe you need to be having conversations with folks and finding places that we can work together.” Congressman Jeff Duncan (R-SC) warned the House Energy and Commerce Committee that “Russia is a gas station masquerading as a country. They’re providing that natural gas to Europe, and they use the levers of influence of turning that spigot on and off to affect policy, not only in Eastern Europe, but in Western Europe.” Prague-based European Values think tank published an appeal signed by 50 security experts from 18 European countries outlining reasons why Nord Stream 2 would be “a strategic mistake for Berlin and its European allies,” including increased German political dependence on Russian energy, and the contradictions it poses to EU Energy Union principles. Meanwhile, Thilo Wieland, a board member of Wintershall, a German oil and gas subsidiary of BASF, claimed that Europe’s geography and diminishing natural gas reserves mean the pipeline would bring both economic and environmental advantages, and “once completed, Nord Stream 2 will play a key role in Europe’s energy supply,” adding that “any talk of Russia having a monopoly is inaccurate.” (Reuters, Energy and Commerce Committee, European Values)