fake accounts – Techdirt (original) (raw)
Stories filed under: "fake accounts"
Surveillance Tech Firm Sued By Meta For Using Thousands Of Bogus Accounts To Scrape Data
from the breaking-the-rules-to-sell-stuff-to-cops dept
About a half-decade ago, major social media companies finally did something to prevent their platforms from being used to engage in mass surveillance. Prompted by revelations in public records, Twitter and Facebook began cutting off API access to certain data scrapers that sold their services to government agencies. Twitter blocked both Dataminr and Geofeedia from accessing its “firehose” API. Facebook did the same thing to Geofeedia, denying it access to both its core service and Instagram.
That may have had some impact on these companies’ ability to secure new government contracts, but there are plenty of others willing to fill the tiny void left by this disruption. And they’re willing to break the rules that govern users of social media platforms, just like the law enforcement agencies they sell to.
Meet Voyager Labs, first exposed late last year by The Guardian, which based its report on public records obtained by the Brennan Center. Here’s what Voyager offers to its law enforcement customers, which include the Los Angeles Police Department:
Pulling information from every part of an individual’s various social media profiles, Voyager helps police investigate and surveil people by reconstructing their entire digital lives – public and private. By relying on artificial intelligence, the company claims, its software can decipher the meaning and significance of online human behavior, and can determine whether subjects have already committed a crime, may commit a crime or adhere to certain ideologies.
But new documents, obtained through public information requests by the Brennan Center, a non-profit organization, and shared with the Guardian, show that the assumptions the software relies on to draw those conclusions may run afoul of first amendment protections. In one case, Voyager indicated that it considered using an Instagram name that showed Arab pride or tweeting about Islam to be signs of a potential inclination toward extremism.
The documents also reveal Voyager promotes a variety of ethically questionable strategies to access user information, including enabling police to use fake personas to gain access to groups or private social media profiles.
It’s that last part — the use of fake personas — that’s getting Voyager sued by Meta, Facebook’s parent company. Facebook has let law enforcement officers know — on multiple occasions — that setting up fake accounts violates its terms of use. It also informed (repeatedly) this particular enabler of ToS violations. When it was ignored to the tune of tens of thousands of bogus accounts by Voyager, it sued, as Jess Weatherbed reports for The Verge.
According to a legal filing issued on November 11th, Meta alleges that Voyager Labs created over 38,000 fake Facebook user accounts and used its surveillance software to gather data from Facebook and Instagram without authorization. Voyager Labs also collected data from sites including Twitter, YouTube, and Telegram.
Meta says Voyager Labs used fake accounts to scrape information from over 600,000 Facebook users between July 2022 and September 2022. Meta says it disabled more than 60,000 Voyager Labs-related Facebook and Instagram accounts and pages “on or about” January 12th.
The updated complaint [PDF], containing more than 1,500 pages of exhibits covering everything from Voyager’s financial statements to its communications with law enforcement users, seeks an injunction blocking Voyager from further violating Facebook’s terms of service agreement.
This is kind of a pleasant surprise. Restricting the complaint to breach of contract actions under both state and federal law keeps the oft-abused CFAA out of it. Had the CFAA been brought into this as a cause of action, it would have created the possibility that researchers, academics, and others who scrape Facebook for useful data might have been harmed by an expansive reading of the CFAA’s “unauthorized access” clause. Fortunately, the CFAA is not in play here, with Meta content to seek damages for Voyager’s repeated violations of its agreements with Facebook.
If Meta succeeds, Voyager’s “real time” scraping service will cease to be useful to its customers. And if the company gets a favorable ruling that results in the collection of damages, fewer companies will be as likely to violate rules just so they can sell stuff to cops.
Filed Under: breach of contract, fake accounts, law enforcement, scraping
Companies: meta, voyager
Texas’ Long Indicted Attorney General Launches Investigation Into Whether Or Not He’s The Biggest Elon Musk Sycophant Yet
from the answer-points-to-yes dept
Okay, so, it was just a few weeks ago that a teenager went into an elementary school and killed 21 people, including 19 children. You might think there are important things about that which should draw the attention of the state’s top lawyer. Attorney General Ken Paxton is a busy man. He’s running for a third term in the job, while still waiting for the supposed trial on his indictment that happened seven years ago. He also wasted a bunch of time on a bunch of bogus “stop the steal” lawsuits, and led the charge on the ridiculous attempt to force DirecTV to platform nonsense peddler OAN. Oh, and of course, his office is also leading the charge to enforce his obviously unconstitutional social media content moderation bill.
But, even with all that going on, he’s apparently got enough time to try to kiss up to Elon Musk, who proudly moved Tesla’s headquarters to Texas a few years back, and has since cultivated closer and closer ties to the Republican party.
So, on Monday, just hours after Musk filed a letter with the SEC setting up his pretext for backing out of the Twitter deal, Paxton announced that his office was launching an investigation into spam bots on Twitter. I only wish I were joking. But this is an actual thing that an actual elected official is wasting taxpayer money on.
Today Attorney General Ken Paxton launched an investigation against Twitter for potentially false reporting over its fake bot accounts in violation of the Texas Deceptive Trade Practices Act.
On Twitter, “bots” are automated, non-human accounts that can do virtually the same things as real people: send tweets, follow other users, and like and retweet others’ posts. Spam accounts like these inflate followers and reach, and often push deceptive and annoying activity. Bot accounts can not only reduce the quality of users’ experience on the platform but may also inflate the value of the company and the costs of doing business with it, thus directly harming Texas consumers and businesses.
Twitter has received intense scrutiny in recent weeks over claiming in its financial regulatory filings that fewer than 5% of all users are bots, when they may in fact comprise as much as 20% or more. The difference could dramatically affect the cost to Texas consumers and businesses who transact with Twitter.
So, a few things about all this. First, lol, wut? This is not something an Attorney General is supposed to be investigating. This is an even more thinly veiled suck up to Musk than Musk’s thinly veiled pretext for bailing on the Twitter deal. Second, even here, Paxton misstates the issue. The single study that people have been pointing to suggesting 20% spam is studying something different than Twitter’s SEC filings which talk about less than 5% of its daily monetizable daily active users are false or spam accounts. That could still mean that over 20% of the users on the site are spam. The report is just about monetizable daily active users. And Twitter has explained its methodology for this.
To just jump in and compare the 5% number to the 20% number is comparing two totally different things.
Also, once again, this is not something a state AG is supposed to be investigating.
This is clearly a political witch hunt by a state AG, something that happens with alarming frequency these days (on both side so political aisle).
Anyway, Paxton sent a Civil Investigative Demand, which is basically a subpoena, to Twitter. I imagine Twitter will seek to quash or otherwise limit it. I am reminded of the time that the MPAA got then Mississippi Attorney General Jim Hood to issue a similar CID to “investigate” Google. Google fought it and eventually Hood dropped the whole thing. Chances are this is going nowhere.
Still, this is obvious to basically everyone — whether you support Elon or not — that this is nothing more than a blatant abuse of Ken Paxton’s office and powers in a political manner, to benefit the most wealthy resident in his state in the lead up to his next election. In a just world, the people of Texas would send Paxton packing in November for such a blatant abuse of office. But, in the world we live in today, it’ll probably give him an electoral boost, because instead of trying to help the people of Texas, the people of Texas seem to like it when their Attorney General spends their tax money by vanquishing people he perceives as his political enemies.
Filed Under: abuse of office, elon musk, fake accounts, investigation, ken paxton, spam, spam bots, subpoean
Companies: twitter
Facebook (Again) Tells Law Enforcement That Setting Up Fake Accounts Violates Its Terms Of Use
from the LAPD-teaching-respect-for-the-law-by-playing-by-its-own-rules-wtaf dept
Law enforcement agencies routinely engage in surveillance of social media accounts. Some of this is accomplished with third-party tools that use keywords and geofences to give cops info that may be relevant to investigations. These tools also give cops a lot of garbage data that law enforcement is free to sift through for officers’ own entertainment or to bypass constitutional protections surrounding speech and warrantless searches.
Does it actually help combat crime? The jury (if a court would ever allow one to consider these issues…) is still out on that. But social media surveillance continues under the theory that anything someone published publicly should be accessible by cops since it’s accessible by everyone else.
But the constitutional metric changes (or at least should) when cops set up fake accounts to engage in surveillance of suspected criminals. In these cases, cops may be welcomed into more private circles where information can’t be accessed unless a person has been given access.
This isn’t a new problem. It dates back to 2009, when Facebook was gaining critical mass and Twitter was just starting to generate enough interest to become (very eventually) sustainable. Twitter’s account verification process allows users to engage without turning over much personal info. The same can’t be said for Facebook, which would prefer to have its user base verified with as much personal info as possible — something that was supposed to limit abusive behavior but just ended up giving the platform plenty of actionable (and sellable) demographic info. Facebook insisted on real people and real names and altered its policy to inform users that setting up bogus accounts was something that could result in account termination.
Cops didn’t care. They had online lurking to do in hopes of finding something prosecutable without ever leaving the office. Facebook warned law enforcement that setting up fake accounts wasn’t permissible in 2018 after news surfaced showing cops were bypassing these rules to do a little online fishing for potential criminals.
Facebook is now Meta. It is also still Facebook, albeit under a new umbrella corporation. The rules about “real names” still apply to Facebook account creation. And law enforcement officers are still continuing to ignore this rule. Three years after its last letter addressed to cops about terms of service violation Meta is sending out another one [PDF]. It reiterates what officers already know but are apparently of the belief Facebook/Meta won’t actually do much to enforce.
The letter references Los Angeles Police Department activities exposed by the Brennan Center. The LAPD apparently encourages officers to set up fake accounts to locate and surveil criminal suspects. The practice is common enough that the LAPD actually has policies governing the use of social media surveillance via dummy accounts. But the policies ignore Facebook’s rules, which take precedence over the LAPD’s rules. After all, it’s Facebook’s platform, not the LAPD’s playground.
According to the Brennan Center for Justice and media reports the Los Angeles Police Department (“LAPD”) has been instructing its officers to create fake (or “dummy”) Facebook accounts and impersonate legitimate users. Not only do LAPD instructional documents use Facebook as an explicit example in advising officers to set up fake social media accounts, but documents also indicate that LAPD policies simply allow officers to create fake accounts for “online investigative activity.” To the extent these practices are ongoing they violate our terms of service. While the legitimacy of such policies may be up to the LAPD, officers must abide by Facebook’s policies when creating accounts on our services. The Police Department should cease all activities on Facebook that involve the use of fake accounts, impersonation of others, and collection of data for surveillance purposes.
This alone won’t prevent the LAPD from violating Facebook’s terms of service to engage in online surveillance. Facebook will have to determine which accounts are fake and terminate them. But this letter gives the LAPD notice that when its bogus accounts are terminated, it will have zero recourse.
The letter also says the LAPD is violating other Facebook rules, albeit indirectly.
It has also come to our attention that the LAPD has used a third-party vendor to collect data on our platforms regarding our users. Under our policies, developers are prohibited from using data obtained on our platforms for surveillance, including the processing of platform data about people, groups, or events for law enforcement or national security purposes (https://developers.facebook.com/terms/#control).
Again, this won’t stop the LAPD from utilizing services it’s paid for. But it does make it clear that if Facebook ever decides to terminate access to this firehose being abused by third parties, neither the third parties or their LAPD beneficiaries will be able to do anything but bitch ineffectively about the loss of access to a surveillance tool.
Subterfuge is often essential to law enforcement investigations. But that doesn’t mean private companies are obliged to provide cover for undercover surveillance. Law enforcement has been told (at least twice) that govern regular people also govern government employees — people who often seem to believe they’re above rules, laws, and even the rule of law.
Filed Under: fake accounts, impersonation, lapd, law enforcement, police
Companies: facebook, meta
James O'Keefe Sues Twitter For Defamation… For Shutting Down His Account
from the this-is-not-going-to-go-well dept
You may have heard recently that James O’Keefe, the guy behind “Project Veritas” — a propaganda outlet whose brand of highly edited, surreptitiously recorded videos are often followed by actual media having to come in and debunk the misleading bits — had his Twitter account shut down recently. He immediately threatened to sue Twitter, and last week he actually did so.
The crux of the lawsuit is that because a reporter claimed that Twitter told him O’Keefe’s account was banned for “operating fake accounts,” that’s defamation. The lawsuit notes that back in February, Twitter also banned the Project Veritas account. In that case, it was because one of Project Veritas’ videos allegedly revealed “private information” which violated its rules. In that case, the private information (according to the lawsuit) was that the video showed the house number of a Facebook executive who they were trying to interview. In the lawsuit, O’Keefe’s lawyers try to make a big deal of the fact that real media organizations sometimes show where people live as well, leaving out the fact that this does not matter one tiny bit. Twitter sets the rules on its own platform, and when it’s making decisions on the rules, they often involve context (and that context may include Project Veritas’ long history).
But the key part of the lawsuit is the claim that because a Twitter spokesperson told the media that O’Keefe violated its policy against “fake accounts,” and O’Keefe claims he didn’t operate fake accounts, this is defamatory. The arguments in the case are going to make some of you laugh:
The false accusation that Mr. O?Keefe operated ?fake accounts? is particularly damaging for Mr. O?Keefe because Mr. O?Keefe is a journalist. As such, his reputation for transparency and accurate reporting is fundamental to his profession.
That is… uh… not quite what many people would call Mr. O’Keefe’s reputation.
By accusing Mr. O?Keefe of ?operating fake accounts,? Twitter was directly attacking Mr. O?Keefe?s fitness for his profession by accusing him of ?misleading others? and by effectively running a disinformation outlet akin to the much-discussed ?Russian interference?/disinformation bots that plagued the 2016 election and which inspired some political operatives to engage in similar tactics in 2017….
Indeed, Twitter?s entire ?fake accounts? policy, which it accused Mr. O?Keefe of violating by stating that he ?operat[ed] fake accounts,? stems from the Russian disinformation campaign.
Thus, by claiming Mr. O?Keefe operated ?fake accounts,? Twitter was saying Mr. O?Keefe could not be trusted as a journalist because he was ?misleading others? via disinformation in the manner the Russian government is widely accused of doing to interfere in the U.S. political process.
That all sounds nice. But if you actually read the Twitter policy in question, it’s a lot broader than O’Keefe’s lawyers make it out to be. It’s quite broad and has to do with a lot more than Russian disinfo accounts. Here’s just part of it:
You may not use Twitter?s services in a manner intended to artificially amplify or suppress information or engage in behavior that manipulates or disrupts people?s experience on Twitter.
We want Twitter to be a place where people can make human connections, find reliable information, and express themselves freely and safely. To make that possible, we do not allow spam or other types of platform manipulation. We define platform manipulation as using Twitter to engage in bulk, aggressive, or deceptive activity that misleads others and/or disrupts their experience.
Platform manipulation can take many forms and our rules are intended to address a wide range of prohibited behavior, including:
* commercially-motivated spam, that typically aims to drive traffic or attention from a conversation on Twitter to accounts, websites, products, services, or initiatives; * inauthentic engagements, that attempt to make accounts or content appear more popular or active than they are; * coordinated activity, that attempts to artificially influence conversations through the use of multiple accounts, fake accounts, automation and/or scripting; and * coordinated harmful activity that encourages or promotes behavior which violates the Twitter Rules.
In other words, it’s quite broad. And lots of people have been caught up in similar account bans over the past few years, including the Krassenstein brothers who became famous for their anti-Donald Trump tweets, as well as a weird (and somewhat silly) “non-partisan” political party. So, for anyone arguing that this policy is used just against “conservatives,” the evidence certainly suggests otherwise. It also does not at all suggest that anyone dinged under this policy is engaged in Russian-style disinformation campaigns.
Like so many of these lawsuits, this one appears to be more performative than serious. It’s not difficult to predict how this will end up.
Filed Under: content moderation, defamation, fake accounts, first amendment, free speech, james o'keefe, policies
Companies: project veritas, twitter
Federal Gov't Gives Customs Officers Permission To Break Social Media Platform Rules Forbidding Fake Accounts
from the all-in-service-of-the-greater-good dept
The scanning of visa and green card applicants’ social media accounts during the application process continues to escalate. Even though the program hasn’t shown itself to be effective in keeping the country free of terrorists or criminals, the DHS and its components continue to believe this is an essential part of our national security infrastructure.
If the ultimate goal is to create a worldwide chilling effect on speech, then this program is coming along nicely. Knowing immigration and customs officers are going to be taking a deep dive into your social media accounts results in a lot of self-censorship, since it’s not entirely clear what screeners are looking for. Presumably, this has been left to officers’ discretion, which means it’s a “we’ll know it when we see it” situation.
Performing a deep dive means having access to as much of an account as possible. Limits placed on site visitors without an account appears to be frustrating customs officers. So, they’ve officially been given permission to create fake accounts to better access the content they’re screening.
U.S. Citizenship and Immigration Services officers can now create fictitious social media accounts to monitor social media information on foreigners seeking visas, green cards and citizenship.
An updated Homeland Security Department review of potential privacy issues dated July 2019 that was posted online on Friday essentially reversed a prior ban on officers creating fake profiles.
A USCIS statement explaining the change says fake accounts and identities will make it easier for investigators to search for potential evidence of fraud or security concerns as they decide whether to allow someone entry into the U.S.
The federal government may say it’s okay for personnel to do this. But it’s not okay with the platforms they’ll be using. Twitter immediately offered a statement pointing out the creation of fake accounts (and the use of Twitter data for “persistent surveillance”) violates its terms of use.
Facebook — which has already pointed this out to local law enforcement agencies — said the same thing in the statement it released the day after the USCIS gave customs officers the fake account green light.
“Law enforcement authorities, like everyone else, are required to use their real names on Facebook and we make this policy clear,” Facebook spokeswoman Sarah Pollack told The Associated Press in a statement Tuesday. “Operating fake accounts is not allowed, and we will act on any violating accounts.”
I guess maintaining law and order means breaking the rules. I imagine the DHS and its components will proceed with their fake account creation despite these statements because without an account, passive surveillance of foreigners will be much more limited.
For whatever it’s worth, the USCIS has placed some limits on the use of fake social media accounts. They can only be used to passively view targeted accounts and aren’t allowed to “follow” or “friend” any targeted accounts. Officers must also undergo annual training, although what that entails hasn’t been described in detail.
Foreigners planning to visit the United States are at the mercy of an ultra-vague policy that encourages federal officers to violate the policies of privately-owned social media platforms. No doubt this will turn out well for everyone involved and not result in a ton of abuse.
Filed Under: dhs, fake accounts, social media, surveillance
Conservative Bias? Twitter Bans Famous 'Resistance' Heroes
from the less-Krass,-more-class dept
Social media’s war on conservatives continues, this time taking out accounts linked to… the so-called #Resistance?
Twitter has permanently banned prominent anti-Trump brothers Brian and Ed Krassenstein, alleging that two of the biggest stars of #Resistance Twitter had broken the site’s rules about operating fake accounts and purchasing fake interactions with their accounts.
“The Twitter Rules apply to everyone,” a Twitter spokesperson said in a statement. “Operating multiple fake accounts and purchasing account interactions are strictly prohibited. Engaging in these behaviors will result in permanent suspension from the service.”
When not fawning over G-men-turned-Resistance heroes like James Comey, they were hammering F5 on Donald Trump’s Twitter page. They may not have been the first to respond, but they were some of the accounts that did the most business, racking up retweets and likes with each amateurish counter to Trump’s latest announcement, assertion, or declaration of fake news.
Now, there’s the question of how much of that Twitter business was legit. The Krassensteins claim nothing about this was inorganic. They deny buying followers or bots to give their accounts more prominence and rack up more internet points.
It could be Twitter is mistaken. Moderation at scale is hard, as has been hammered home by several posts here recently. What Twitter thought it saw happening with the Krassensteins’ accounts may have been benign, rather than malignant.
But the Krassensteins’ past as grifters may be indicative of current behavior.
Long before they took up the #Resistance mantle, the Krassensteins began hawking dubious investment advice—way back in 2003—on a pair of internet forums, selling ads to online money-making operations that included a number of apparent scams, including some run by people later convicted on charges ranging from fraud to capital murder.
According to prosecutors, the services the Krassensteins promoted on their websites duped thousands of “investors” into funding Ponzi scheme-type scams and even resulted in some downloading a virus that emptied their accounts on an anonymous online-payment platform used by the Krassensteins themselves, before it was shut down as part of a major federal money-laundering investigation.
Whether you view the Krassensteins as opportunists or brave speakers of truth to power, the conclusion here is inescapable: Twitter doesn’t just target conservatives for removal. While it appears this moderation happens far more often to conservatives, Hanlon and his razor suggest prominent alt-right accounts are engaging in questionable behavior more frequently than those without this particular slant. A lot has been made of social media’s supposedly-leftist stance, but it’s just as likely far right grifters like Laura Loomer and Jacob Wohl violated the terms of service repeatedly before being permabanned.
The banning of the Krassenstein brothers won’t budge the needle on this debate, though. Both sides have plenty of circumstantial evidence to point to as evidence of social media bias. And Twitter is still routinely suspending accounts that no one believes have violated the Twitter Rules, only to reinstate them after a bit of investigation, suggesting Twitter’s moderation efforts are far from perfect and unlikely to ever reach a point that will satisfy its many critics.
Filed Under: brian krassenstein, conservative bias, content moderation, ed krassenstein, fake accounts, gaming, krassenstein brothers, resistance
Companies: twitter