A BRITISH LAWMAKER suggested that Facebook was made aware of suspicious Russian behavior on its platform as early as 2014 during a hearing on fake news and disinformation that took place in London on Tuesday. The MP, Damian Collins, was drawing on a cache of internal Facebook documents that he seized last week, and which the social networking giant has fought for months to keep sealed. In his remarks, Facebook vice president of policy Richard Allan called the documents incomplete and misleading, but their contents proved ripe fodder for the hearing, which featured dozens of lawmakers from nine different countries.
Over the course of three hours, they grilled Allan on Facebook’s long history of privacy screw-ups. He sat in a chair that had been reserved with a name plate for CEO Mark Zuckerberg—a theatrical nod at the fact that the Facebook founder rebuffed repeated invitations to testify before the International Grand Committee. In addition to the UK, the lawmakers there hailed from Argentina, Belgium, Brazil, Canada, France, Ireland, Latvia, and Singapore. It was the first time international parliamentarians had been invited to a hearing at Britain’s House of Commons since 1933, signaling the seriousness with which regulators worldwide now take social media platforms.
Collins, who chairs the Digital, Culture, Media, and Sport Committee, convened the hearing. The documents he acquired—and told reporters that he plans to release in the next week—are part of an ongoing California lawsuit, dating back to 2015, in which the parent company behind a now-defunct Facebook app is accusing Facebook of willfully exploiting user data and scheming to drive its potential rivals out of business. The developer, called Six4Three, argues that the internal Facebook communications obtained through discovery substantiate their claims. Facebook says their case is without merit. Earlier this year, a California court honored Facebook’s request to keep the documents sealed. But in a made-for-TV turn last week, British lawmakers compelled Six4Three’s founder, Ted Kramer, to hand over the documents while he was on a business trip in London.
Collins cut right to the heart of the documents during the hearing. In October of 2014, he said, a Facebook engineer notified the company that entities with Russian IP addresses had been using a Pinterest API to pull out three billion data points a day from the Facebook friends API. Collins wanted to know what happened after that information was brought forward.
“Was that reported or was it kept, as so often seems to be the case, kept within the family?” he asked.
Allan said that the emails constitute an “unverified partial account from a source who has a particular angle.”
“There is, as I understand it, a partial set of information obtained by a hostile litigant who’s seeking to overturn the very changes to restrict access to data that you, as a committee, and others would want to see happen,” Allan continued.
When reached for comment, a Facebook spokesperson told WIRED, “The engineers who had flagged these initial concerns subsequently looked into this further and found no evidence of specific Russian activity.” Facebook later supplied WIRED with redacted versions of the emails themselves. “Ok, things are not as bad as they seemed,” reads one email. “There was a series of unfortunate coincidences that made me think of the worst.” The email goes on to say that the activity was actually coming from Pinterest’s servers and was successfully pinging Facebook’s API just six million times daily, not three billion times. Facebook wouldn’t elaborate on the cause of the confusion.1
The swirling drama in the UK is just the latest crisis to emerge for Facebook over the last few weeks. In case you were too busy gnawing on leftover turkey to keep up, here’s what you need to know.
What is Six4Three?
Years ago, Six4Three developed an app called Pikinis, which allowed Facebook users to find other users’ bathing suit photos. It hinged on a feature of Facebook’s API that gave app developers access to their users’ data, as well as the data of their users’ friends. This feature is also what enabled a Cambridge University researcher named Aleksandr Kogan to collect the of data of tens of millions of Facebook users without their knowledge and sell it to the political firm Cambridge Analytica, which went on to work for President Trump’s 2016 campaign. The story of Cambridge Analytica’s wanton data scraping, and Facebook’s failure to stop it, sparked international outrage when it hit the front pages of The New York Times and The Guardian/Observer in March. The news also cast Six4Three’s years-old case in a new light.
The Six4Three lawsuit stems from Facebook’s decision in 2014 to cut off developer access to friend data. According to a source familiar with the case, Six4Three alleges that in 2012, long before Facebook changed its API, the company was desperate to boost its mobile advertising business. So, the suit alleges, Facebook began requiring developers to buy mobile ads in order to gain access to certain types of user data, including friend data. But two years later, in 2014, when Facebook announced changes to its API, it began cutting off access to friend data altogether. (Apps that were already using this data got extended access until April of 2015.) Six4Three’s Pikinis app was among the apps that shut down in 2015 due to the API changes. The suit argues that Facebook essentially defrauded developers by luring them to the platform with the promise of data, and then cutting them off from that data in 2014.
Facebook, for its part, argues that these changes were well within their rights and were made to protect user privacy. But the documents Kramer gave to Collins are reportedly what Six4Three uses to argue its more nefarious claims and offer evidence that Facebook was trading data access for advertising.
So, how did Collins get these sealed documents?
A representative for Collins told WIRED he had no further comment on the matter, and Kramer did not respond to WIRED’s request for comment. But in a court filing in San Mateo Superior Court on Monday, Kramer’s lawyers wrote that while traveling on a business trip to London last week, Kramer received several notices to his hotel from the DCMS committee, demanding the documents. In one instance, the committee sent the serjeant-at-arms to the hotel to personally serve Kramer with an order to produce the documents. But because of the California court’s decision, Kramer’s lawyers repeatedly advised him not to comply. Kramer’s lawyers say it’s unclear how British lawmakers knew where Kramer was staying, though the filing notes that Kramer had previously shared his location with Observer journalist Carole Cadwalladr. It was also Cadwalladr, the filing says, who first suggested “rais[ing] Six4Three’s case with Damian Collins” earlier in the year. Cadwalladr didn’t respond to WIRED’s request for comment.
After several notices, the filing says, Collins sent Kramer a letter notifying him that he was under investigation by Parliament. After some hasty Googling, Kramer decided to present himself to Collins, who, Kramer’s lawyers say, threatened their client with imprisonment if he refused to hand over the documents. “Mr. Kramer did not know whether he was free to leave the location, nor did he know whether, if allowed to leave, he would be allowed to fly home to the United States,” the filing reads. “At this point, Mr. Kramer panicked. He opened his computer, took out a USB drive, and went onto the local [D]ropbox folder containing Six4Three’s documents.”Source Link