Connect with us

Latest News

For Trump and Facebook, judgment day is around the corner

Published

on

Facebook unceremoniously confiscated Trump’s biggest social media megaphone months ago, but the former president might be poised to snatch it back.

Facebook’s Oversight Board, an external Supreme Court-like policy decision making group, will either restore Trump’s Facebook privileges or banish him forever on Wednesday. Whatever happens, it’s a huge moment for Facebook’s nascent experiment in outsourcing hard content moderation calls to an elite group of global thinkers, academics and political figures and allowing them to set precedents that could shape the world’s biggest social networks for years to come.

Facebook CEO Mark Zuckerberg announced Trump’s suspension from Facebook in the immediate aftermath of the Capitol attack. It was initially a temporary suspension, but two weeks later Facebook said that the decision would be sent to the Oversight Board. “We believe the risks of allowing the President to continue to use our service during this period are simply too great,” Facebook CEO Mark Zuckerberg wrote in January.

Facebook’s VP of Global Affairs Nick Clegg, a former British politician, expressed hope that the board would back the company’s own conclusions, calling Trump’s suspension an “unprecedented set of events which called for unprecedented action.”

Trump inflamed tensions and incited violence on January 6, but that incident wasn’t without precedent. In the aftermath of the murder of George Floyd, an unarmed Black man killed by Minneapolis police, President Trump ominously declared on social media “when the looting starts, the shooting starts,” a threat of imminent violence with racist roots that Facebook declined to take action against, prompting internal protests at the company.

The former president skirted or crossed the line with Facebook any number of times over his four years in office, but the platform stood steadfastly behind a maxim that all speech was good speech, even as other social networks grew more squeamish.

In a dramatic address in late 2019, Zuckerberg evoked Martin Luther King Jr. as he defended Facebook’s anything goes approach. “In times of social turmoil, our impulse is often to pull back on free expression,” Zuckerberg said. “We want the progress that comes from free expression, but not the tension.” King’s daughter strenuously objected.

A little over a year later, with all of Facebook’s peers doing the same and Trump leaving office, Zuckerberg would shrink back from his grand free speech declarations.

In 2019 and well into 2020, Facebook was still a roiling hotbed of misinformation, conspiracies and extremism. The social network hosted thousands of armed militias organizing for violence and a sea of content amplifying QAnon, which moved from a fringe belief on the margins to a mainstream political phenomenon through Facebook.

Those same forces would converge at the U.S. Capitol on January 6 for a day of violence that Facebook executives characterized as spontaneous, even though it had been festering openly on the platform for months.

 

How the Oversight Board works

Facebook’s Oversight Board began reviewing its first cases last October. Facebook can refer cases to the board, like it did with Trump, but users can also appeal to the board to overturn policy decisions that affect them after they exhaust the normal Facebook or Instagram appeals process. A five member subset of its 20 total members evaluate whether content should be allowed to remain on the platform and then reach a decision, which the full board must approve by a majority vote. Initially, the Oversight Board was only empowered to reinstate content removed on Facebook and Instagram, but in mid-April began accepting requests to review controversial content that stayed up.

Last month, the Oversight Board replaced departing member Pamela Karlan, a Stanford professor and voting rights scholar critical of Trump, who left to join the Biden administration. Karlan’s replacement, PEN America CEO Susan Nossel, wrote an op-ed in the LA Times in late January arguing that extending a permanent ban on Trump “may feel good” but that decision would ultimately set a dangerous precedent. Nossel joined the board too late to participate in the Trump decision.

The Oversight Board’s earliest batch of decisions leaned in the direction of restoring content that’s been taken down — not upholding its removal. While the board’s other decisions are likely to touch on the full spectrum of frustration people have with Facebook’s content moderation preferences, they come with far less baggage than the Trump decision. In one instance, the Oversight Board voted to restore an image of a woman’s nipples used in the context of a breast cancer post. In another, the board decided that a quote from a famous Nazi didn’t merit removal because it wasn’t an endorsement of Nazi ideology. In all cases, the Oversight Board can issue policy recommendations, but Facebook isn’t obligated to implement them — just the decisions.

Befitting its DNA of global activists, political figures and academics, the Oversight Board’s might have ambitions well beyond one social network. Earlier this year, Oversight Board co-chair and former Prime Minister of Denmark Helle Thorning-Schmidt declared that other social media companies would be “welcome to join” the project, which is branded in a conspicuously Facebook-less way. (The group calls itself the “Oversight Board” though everyone calls it the “Facebook Oversight Board.”)

“For the first time in history, we actually have content moderation being done outside one of the big social media platforms,” Thorning-Schmidt declared, grandly. “That in itself… I don’t hesitate to call it historic.”

Facebook’s decision to outsource some major policy decisions is indeed an experimental one, but that experiment is just getting started. The Trump case will give Facebook’s miniaturized Supreme Court an opportunity to send a message, though whether the takeaway is that it’s powerful enough to keep a world leader muzzled or independent enough to strike out from its parent and reverse the biggest social media policy decision ever made remains to be seen.

If Trump comes back, the company can shrug its shoulders and shirk another PR firestorm, content that its experiment in external content moderation is legitimized. If the board doubles down on banishing Trump, Facebook will rest easy knowing that someone else can take the blowback this round in its most controversial content call to date. For Facebook, for once, it’s a win-win situation.

 

Latest News

What The Conflict With Israel Looks Like To 2 Palestinians

Published

on

NPR’s Steve Inskeep talks to Omar Shaban, founder of a Gaza-based think tank, and Palestinian lawyer Diana Buttu, about how this cycle of Palestinian-Israeli violence plays out in their neighborhoods.

Continue Reading

Latest News

Echelon exposed riders’ account data, thanks to a leaky API

Published

on

Image Credits: Echelon (stock image)

Peloton wasn’t the only at-home workout giant exposing private account data. Rival exercise giant Echelon also had a leaky API that let virtually anyone access riders’ account information.

Fitness technology company Echelon, like Peloton, offers a range of workout hardware — bikes, rowers, and a treadmill — as a cheaper alternative for members to exercise at home. Its app also lets members join virtual classes without the need for workout equipment.

But Jan Masters, a security researcher at Pen Test Partners, found that Echelon’s API allowed him to access the account data — including name, city, age, sex, phone number, weight, birthday, and workout statistics and history — of any other member in a live or pre-recorded class. The API also disclosed some information about members’ workout equipment, such as its serial number.

Masters, if you recall, found a similar bug with Peloton’s API, which let him make unauthenticated requests and pull private user account data directly from Peloton’s servers without the server ever checking to make sure he (or anyone else) was allowed to request it.

Echelon’s API allows its members’ devices and apps to talk with Echelon’s servers over the internet. The API was supposed to check if the member’s device was authorized to pull user data by checking for an authorization token. But Masters said the token wasn’t needed to request data.

Masters also found another bug that allowed members to pull data on any other member because of weak access controls on the API. Masters said this bug made it easy to enumerate user account IDs and scrape account data from Echelon’s servers. Facebook, LinkedIn, Peloton and Clubhouse have all fallen victim to scraping attacks that abuse access to APIs to pull in data about users on their platforms.

Ken Munro, founder of Pen Test Partners, disclosed the vulnerabilities to Echelon on January 20 in a Twitter direct message, since the company doesn’t have a public-facing vulnerability disclosure process (which it says is now “under review”). But the researchers did not hear back during the 90 days after the report was submitted, the standard amount of time security researchers give companies to fix flaws before their details are made public.

TechCrunch asked Echelon for comment, and was told that the security flaws identified by Masters — which he wrote up in a blog post — were fixed in January.

“We hired an outside service to perform a penetration test of systems and identify vulnerabilities. We have taken appropriate actions to correct these, most of which were implemented by January 21, 2021. However, Echelon’s position is that the User ID is not PII [personally identifiable information,” said Chris Martin, Echelon’s chief information security officer, in an email.

Echelon did not name the outside security company but said while the company said it keeps detailed logs, it did not say if it had found any evidence of malicious exploitation.

But Munro disputed the company’s claim of when it fixed the vulnerabilities, and provided TechCrunch with evidence that one of the vulnerabilities was not fixed until at least mid-April, and another vulnerability could still be exploited as recently as this week.

When asked for clarity, Echelon did not address the discrepancies. “[The security flaws] have been remediated,” Martin reiterated.

Echelon also confirmed it fixed a bug that allowed users under the age of 13 to sign up. Many companies block access to children under the age of 13 to avoid complying with the Children’s Online Privacy Protection Act, or COPPA, a U.S. law that puts strict rules on what data companies can collect on children. TechCrunch was able to create an Echelon account this week with an age less than 13, despite the page saying: “Minimum age of use is 13 years old.”

Continue Reading

Latest News

Casualties Mount As Violence Intensifies Between Hamas, Israel

Published

on

Israel has called up more troops and launched its heaviest assault yet along the Gaza border. Seven people in Israel have been killed. Losses are much higher on the Palestinian side.

Continue Reading

Trending

Copyright © 2020 Latin America Business News

en_USEnglish