Truffle Pigs and Hot Potatoes

How campaigns are still bad at online security; maybe we can quit you, Facebook; & more


  • This is civic tech: Here’s a deep literature dive from researcher Christopher Wilson on whether and how civic tech can affect trust in government.

  • Google has a new tool for researchers called Dataset Search, along with guidelines for dataset providers so search engines can properly index them.

  • Writing for the Chronicle of Philanthropy, Sarah Schacht offers some concrete steps foundations should take to address patterns of sexual harassment and abuse in the organizations they fund.

  • Attend: If you are in DC today, check out the latest iteration of Rebooting Democracy this evening.

  • Life in Facebookistan: In the wake of the Cambridge Analytica scandal, Facebook usage by Americans is down somewhat, the latest Pew Internet research shows. Younger users in particular have taken steps to reduce their usage, including deleting the Facebook app from their phones (44%) or taking a break for several weeks or more (47%). I’m inclined to take this report with a spoonful of salt, especially since lots of these people are probably overestimating their time offsite and still hanging out on Instagram, which is owned by FB. Pew also found that more than half (53%) of American adults surveyed said they didn’t understand why certain posts were included in their News Feeds while others were not. While Facebook routinely points out that it gives users some ways to customize their feed, 37% of users over the age of 50 think they have no control at all over it.

  • On the Washington Post’s oped page, Facebook CEO Mark Zuckerberg says his company is making real progress battling misinformation around elections. It’s kind of refreshing to see him admitting that his platform isn’t inherently good; but it’s also telling what he doesn’t talk about in this piece: how Facebook still hasn’t figured out its role in reducing hate speech and misinformation around non-election topics like vaccination conspiracy theories.

  • Facebook is hiring former intelligence agents, “hoping that their security clearance and existing relationships will help enhance the flow of information” from government national security agencies tasked with monitoring foreign influence campaigns, but as Sarah Frier and Aliza Sebenius report for Bloomberg, there’s little meaningful coordination between government authorities and social media companies for dealing with the threats. They write, “With less than 10 weeks until the U.S. midterms, this game of political hot potato— the passing of responsibility between companies and the government— is leading to the uncomfortable conclusion that nobody has the full picture.”

  • To this observer, the most Orwellian statement from yesterday’s congressional hearing with Facebook COO Sheryl Sandberg and Twitter CEO Jack Dorsey came from Sandberg, who declared “privacy and advertising aren’t at odds. In fact they go together,” she claimed, because users can control their privacy settings. Tell that to anyone who has searched for a product on a third-party site and suddenly seen ads for that same product in their Facebook feeds. Or to the majority of Facebook users who, per Pew above, don’t understand how their News Feed works.

  • Though Sandberg’s statement that Facebook would never operate in a country where it couldn’t uphold its values was also pretty chilling, considering Facebook’s deep engagement with the government of Philippines president and admitted murderer Rodrigo Duterte.

  • After today’s congressional hearing, US Attorney General Jeff Sessions announced that he is convening a meeting with state attorneys general “to discuss a growing concern that [social media] companies may be hurting competition and intentionally stifling the free exchange of ideas on their platforms,” The Hill’s Morgan Chalfant and Harper Neidig report.

  • Despite being banned, people linked to Russian influence operations keep sneaking back onto Facebook, Kevin Poulsen reports for The Daily Beast.

  • Tech and politics: Democratic campaign operatives have learned little about basic online security since 2016, Maciej Ceglowski of Tech Solidarity warns in an oped for the Washington Post. Ceglowski, who hilariously describes himself as “a political truffle pig for tech workers” wanting to figure out how to get more involved in political campaigns, writes that “I have yet to meet a campaign that uses security keys” to help staffers protect themselves from phishing attacks. (Note to readers: Ceglowski’s advice is a must read and applies regardless of what political party you work for.)

  • US Homeland Security Secretary Kirstjen Nielsen now says unequivocally that Russian President Vladimir Putin interfered in the 2016 election, calling it a “direct attack on our democracy,” CNN’s Tal Kogan reports.

  • Charlie Warzel of Buzzfeed News reports on how a group of researchers posed as Russian trolls and had no trouble buying political ads on Google.

  • Reporting for The Intercept, Sam Biddle argues that the urge for fast election results is one little-noticed reason for the insecurity of American election voting systems. Read it and worry.

  • How to apply anti-monopoly remedies to companies like Google, Amazon and Facebook? Russell Brandom of The Verge walks through some of the answers being offered by advocates like Open Markets’ Matt Stoller and Public Knowledge’s Harold Feld. While some approaches, like preventing the companies from buying junior competitors, look feasible, others, like breaking Facebook into baby versions of itself, run the risk of just growing more leviathans.

  • Related: Senator Bernie Sanders (I-VT) has introduced the “Stop Bad Employers by Zeroing Out Subsidies Act” (nice acronym!) to put a 100 percent tax on large companies whose employees are forced by low wages to rely on the government for food stamps, public housing and other forms of public assistance, Abha Bhattarai reports for The Washington Post.

  • Information disorder: Could a poorly written tweet by President Trump trigger a war? Jeffrey Lewis, a scholar at the Middlebury Institute of International Studies in Monterey and the author of the chilling new book The 2020 Commission Report on the North Korean Nuclear Attacks Against the United States explains how in Wired. (The book is a page turner—I read it in two gulps the other night.)

  • Open expressions of racism and anti-semitism have surged since 2016 on 4chan and Gab.ai, two sites that have been central gathering hubs for far-right conversation, a new research group called the Network Contagion Research Institute has found.

  • A new study from Google’s own user experience researchers finds that the industry’s focus on engagement metrics has succeeded too well in addicting users to their devices, Hayley Tsukayam reports for The Washington Post.

  • End times: Watch two different reality systems collide as Senator Marco Rubio (R-FL) calls Infowars conspiracy theorist Alex Jones a “dumb ass” and tells him to back off from physically touching him during this press gaggle outside the Intelligence Committee hearing yesterday.

  • Bonus note: For my money, the “tell” in this anonymous oped by a senior official in the White House isn’t the use of the word “lodestar,” it’s the phrase “don’t get me wrong,” which points to “UN Ambassador Nikki Haley,” or Homeland Security Director Kirstjen Nielsen. I’m putting my bets on Nielsen, given her decision, noted above, to stop equivocating about Russia’s role in 2016.