NEW YORK – Facebook, Twitter and Google routinely squabble for users, engineers and advertising money. Yet it makes sense for these tech giants to work together on security threats, elections meddling and other common ills.
Such co-operation was evident Tuesday when Facebook announced that it had removed 652 suspicious pages, groups and accounts linked to Russia and Iran. This was followed by similar news from Twitter. On Monday, meanwhile, Microsoft reported a new Russian effort to impersonate conservative U.S. websites, potentially as part of an espionage campaign.
Co-operation makes it easier for tech companies to combat fraudulent use of their services. It also makes them look good in the eyes of their users and regulators by showing that they take the threats seriously enough to set aside competitive differences.
They have little other choice if they want to avoid regulation and stay ahead of – or just keep up with – the malicious actors, who are getting smarter and smarter at evading the tech companies’ controls.
Case in point: While Facebook said there was no evidence that Russian and Iranian actors co-operated with each other in the latest efforts to create fake accounts to mislead users, the company said their tactics were similar. In other words, if the bad guys are learning from each other, the companies fighting them would need to do the same.
Facebook has significantly stepped up policing of its services since last year, when it acknowledged that Russian agents successfully used Facebook to run political influence operations aimed at swaying the 2016 presidential election.
Other social media companies have done likewise and continue to turn up fresh evidence of political disinformation campaigns. While some of the 2016 disruptions seemed to support certain candidates, more recent campaigns appear aimed at sowing discord and driving people to more extreme sides of the political stage.
Tech companies already share information to fight terrorism, child pornography, malware and spam. They are now adding global political threats from nation-states. In congressional hearings earlier this year, Facebook General Counsel Colin Stretch said Facebook, Twitter and Google have a “long history” of working together on such threats. He expressed hope that sharing information becomes “industry standard practice.”
Understanding the threat requires understanding how the malicious actors communicate, operate and move among various services, Facebook said in a blog post on Tuesday. “To help gather this information, we often share intelligence with other companies once we have a basic grasp of what’s happening,” the company wrote.
Even with all the co-operation, disagreements exist. The companies don’t always agree on when and how to go public with threats they uncover, for example. And while critics have called for a formal industry body to address issues such as elections meddling, misinformation and hate speech on social networks, no such broad-reaching organization exists.
The closest is the Cybersecurity Tech Accord, which Microsoft, Facebook and other companies formed to protect businesses and users from internet crime. But bigshots such as Google and Twitter were noticeably missing. (Those companies did not respond to messages Wednesday asking if they have joined since).
Nonetheless, co-operation has helped other industries stave off regulation. For example, the movie industry banded together to develop its own ratings system in the 1960s to ward off government censorship.
Jeff Bardin, chief information officer at the security firm Treadstone 71, said co-operation is one way to combat fake accounts without imposing tighter verification when users sign up. Of course, if Facebook started asking potential members for a government-issued ID and a home address, it would drive people away.
“There is no way they will do that upfront,” he said. So, what’s left is to continue to play the cat-and-mouse game, catching and removing the enemy and then learning its new tactics as it changes them.