Regulation and targeted response strategies to fight disinformation worked after FDR took office in 1932, and it’s likely to work again today when someone will muster the national trust of residents ready to take action.
Without that kind of popular support, and by instead making conciliation to technology companies, it’s unlikely we’ll see any progress today.
DefenseOne writes there’s been a necessary shift in security from a focus entirely on confidentiality towards more integrity. They then propose three steps to get there.
First is better, faster understanding by the U.S. government of what disinformation American adversaries are spreading—or, ideally, anticipation of that spread before it actually happens. […]
Second is, in appropriate circumstances, the swift, clear, and direct intervention of U.S. government spokespersons to expose falsities and provide the truth. […]
Third is an expanded set of U.S. government partnerships with technologies companies to help them identify disinformation poised to spread across their platforms so that they can craft appropriate responses.
What this article misses entirely is what has worked in the past. Unless they address why that wouldn’t work today, I’m skeptical of their suggestions to try something new and untested.
Point one sounds like a call for more surveillance, which will obviously run into massive resistance before it even gets off the ground. So there’s a tactical and political headwind. Points two and three are unlikely to work at all.
The most effective government spokesperson in past typically was the President. That’s not possible today for obvious reasons. In the past the partnerships with technology companies (radio, newspaper) wasn’t possible, and it’s similarly not possible today. Facebook’s CEO has repeatedly said he will continue to push disinformation for profit.
I’ve been openly writing and presenting on this modern topic since 2012 (e.g. BSidesLV presentation on using data integrity attacks on mobile devices to foment political coups), with research going back to my undergraduate and graduate degrees in the mid-1990s.
What worked in the past? Look at the timeline after the 1932 Presidential election to 1940, which directly addressed Nazi military disinformation campaigns (e.g. America First) promoting fascism.
- Breakup of the organizations disseminating disinformation (regulation).
- Election of a President that can speak truth to power, who aligns a government with values that block attempts to profit on disinformation/harms (regulation).
- Rapid dissemination of antidotes domestically, and active response abroad with strong countermeasures.
The question today thus should be not about cooperating with those who have been poisoning the waters. The question should be whether regulation is possible in an environment of get-rich-quick fake-it-til-you-make-it greedy anti-regulatory values.
Take Flint, Michigan water disaster as an example, let alone Facebook/Google/YouTube/WellsFargo.
After officials repeatedly dismissed claims that Flint’s water was making people sick, residents took action.
America has a history of bottom-up (populist) approaches to governance solving top-down exploitation (It’s the “United” part of USA fighting the King for independence). A bottom-up approach isn’t likely to come from the DefenseOne strategy of partnerships between big government and big technology companies.
In fact, with history as our guide, we can see how President Reagan’s concept of partnership with big technology was to remove protection of American children from predators (promoting “ideological child abuse” for profit), as I explained in my 2018 OWASP talk “Unpoisoned Fruit“.
I’m not saying it will be easy to rotate to populist solutions. It will definitely be hard to take on broad swaths of corrupt powerful leaders who repeatedly profit from poisoning large populations for personal gains.
Yet that’s the obvious fork in our road today, and even outside entities know they can’t thrive if Americans choose to be united again in their take-down of selfish profiteers who now brazenly argue for their right to unregulated harms in vulnerable populations.
If Zuckerberg were CEO of Juul… right now he’d be trying to excite investors by saying ten new fruity tobacco flavors are coming next quarter for freedom-loving children.
The boss of e-cigratte maker Juul stepped down on Wednesday in the face of a regulatory backlash and a surge in mysterious illnesses linked to vaping products.
I wrote in 2012 about the immediate need for regulation of vaping. Seven years later that regulation finally is happening, sadly after dozens have been dying suddenly and without explanation. A partnership with tobacco companies was never on the table.
Bottom line is if you ever wonder why a Republican party today would undermine FCC and CIA authority, look at FDR’s creation of them to understand how and why they were designed to block and tackle foreign fascist military and domestic disinformation campaigns.
Update November 11, 2020:
First, a new story reports during the Reagan administration big oil founded large fraudulent disinformation campaigns to poison American thinking about environmental health and safety.
As part of its services to the industry, FTI monitored environmental activists online, and in one instance an employee created a fake Facebook persona — an imaginary, middle-aged Texas woman with a dog — to help keep tabs on protesters. Former FTI employees say they studied other online influence campaigns and compiled strategies for affecting public discourse. They helped run a campaign that sought a securities rule change, described as protecting the interests of mom-and-pop investors, that aimed to protect oil and gas companies from shareholder pressure to address climate and other concerns…
Founded in 1982 in Annapolis, Md., as a firm that provided expert witnesses and presentations for litigation, FTI has grown into a multinational firm that employs almost 5,000 people in 28 countries. Its business spans a wide range of services, from business consulting to crisis communications.
Second, the FTC calls out Zoom for being a fraud, yet neither penalizes them nor compensates their victims.
Use of Zoom software…
‘increased users risk of remote video surveillance by strangers and remained on users’ computers even after they deleted the Zoom app, and would automatically reinstall the Zoom app—without any user action—in certain circumstances,’ the FTC said. The FTC alleged that Zoom’s deployment of the software without adequate notice or user consent violated US law banning unfair and deceptive business practices.
And they basically lied for years and years about security.
…Zoom claimed it offers end-to-end encryption in its June 2016 and July 2017 HIPAA compliance guides… also claimed it offered end-to-end encryption in a January 2019 white paper, in an April 2017 blog post, and in direct responses to inquiries from customers and potential customers… In fact, Zoom did not provide end-to-end encryption for any Zoom Meeting…
I’ve written before about Zoom’s egregious bad-faith business practices here and here.