“Fake news” is all the rage in the press these days. In the United States at least, fake news (aka lying) oddly isn’t illegal and is probably protected by the First Amendment to the Constitution. But Russian fake news meant to influence an election probably is illegal or at least regulated. Moreover the First Amendment doesn’t apply to state actors or citizens of other countries living abroad.
Facebook and Google went before Congress to talk about how they’re starting to block Russian ads and other things. Unless you have a very short memory, you’ll recognize that this isn’t a new problem, just a new twist on an old problem. Those of us who had email accounts for more than five years remember that, not long ago, we got ads for “medical enhancement products” directly in our inbox every day. Now, it is really rare and the spam is almost never a medical enhancement product; usually it is a brand new phishing attack.
Google’s Gmail service has been one of the pioneers in spam detection. It now claims to block 99.9 percent of spam and phishing attacks. New ones evolve every day but by tracing and authenticating the source and applying filters and machine learning techniques, Gmail adapts to them too.
But fake news is an anomaly. It is a message of a sort, but it has unique characteristics. It is source of advertising that doesn’t normally advertise in a specific region targeting a specific group. It may use keywords, likes, or affinities that aren’t normally used. Moreover, Facebook and Google are collecting payment for them, which allows much more specific authentication than is possible with email. Examples might include routing transit (RT) numbers, the bank used, the credit account number, the country of the account/bank, and names used. The social media services can also track what other ads the sponsors paid for.
Beyond spam-style message filtering, using the source information lets a Facebook or a Google make more specific decision. It is entirely legitimate and legal for a US organization to target political messages to people who like a Confederate monument, even if I find it morally detestable. However, it might not be legitimate or legal for a Russian organization to do so. It may, however, be legitimate or legal for a Russian company to target people who like toys with commercial messages.
You may think with puppet companies and international commerce that the Russians can still find their way around this. You’d be right, but we do have a framework already in place for that. Ask your friendly financial technology companies about anti-money laundering (AML) and ”know your customer” (KYC) regulations.
Financial services companies and banks generally operate under “safe harbor”—or excuse from liability for what their account holders do if it turns out to involve illegal drugs or weapons, for examples. But to operate under “safe harbor” protection, these companies must deploy technical solutions to prevent money laundering. Much of these rules were put into place due to legal regulations arising in the aftermath of the September, 11 2001 attacks.
KYC technologies and processes identify the source of financial transactions. AML technologies are mainly machine learning and pattern recognition technologies to find fraudulent transactions, such as Bayesian filters, clustering, classification, and collaborative filtering. They are a clear technical cousin to spam detection.
Facebook and Google are facing a legal and political challenge on whether they are just a platform for others to publish or whether they are more of a publication themselves. The argument for “more of a publication” is that they exert both automated and manual editorial control. The argument for “more of a platform” is that they don’t really exert as much editorial control as, say, InfoWorld. They do, however, exert far more control over ad and targeted content.
The legal regulations in place on a financial services institution can serve as a guide. Because we don’t want random “banks” set up that basically are shells for drug dealers to launder money, there are regulations in place for what a bank must do to not be considered a conspirator with its customers.
At least for their ad business, Facebook and Google need to deploy some of the tools and technologies that the financial services industries use, and commit to adapting them and helping write the next generation of rules around these regulations and technologies. The good news is that they’ve done this in other places, so they do know how.