Bringing Facebook to book Down Under

The embattled web giant struggles to suppress crackpot theories as coronavirus keeps its moderators off work and Australian courts consider a colossal privacy fine

The world's social media giants are increasingly coming under fire as the coronavirus outbreak has revealed that their automated AI content systems are largely unable to tell fake news from factual. The huge armies of underpaid, overworked human moderators who normally keep the social networks relatively well-policed mostly cannot work from home due to the web giants' own internal rules, intended to protect user privacy.

Even as crackpot theories and snake-oil remedies gain huge traction on Facebook, Instagram and the rest, genuine news from respectable media organisations is suppressed as spam. Meanwhile the very privacy and security backlash which has prevented the social networks from allowing remote-working access to their systems continues to unfold, as Australian authorities move against Facebook over the Cambridge Analytica scandal of 2014-15.

In a case lodged in the federal courts in early March, Australian information commissioner Angelene Falk alleges that Facebook committed serious and repeated contraventions of Australian privacy law because data collected by the web giant was obtained by now-defunct UK firm Cambridge Analytica and used for political profiling. Cambridge Analytica had the Trump presidential campaign among its clients.

Facebook data obtained by Cambridge Analytica included Australians' names, dates of birth, email addresses, city locations, friends lists, page likes and in some cases Facebook messages.


‘This Is Your Digital Life'. And a whole lot of other people's digital lives too

"We consider the design of the Facebook platform meant that users were unable to exercise reasonable choice and control," Falk said.

"Facebook's default settings facilitated the disclosure of personal information, including sensitive information, at the expense of privacy."

At the time, Facebook said 311,127 Australians between March 2014 and May 2015 had their data shared with the This Is Your Digital Life app, accounting for 0.4pc of users affected by the breach, despite the fact that just 53 Australians had chosen to install the app. This Is Your Digital Life was the conduit through which Cambridge Analytica obtained its data. Some 87m Facebook users worldwide were affected by the scandal.

To date, Facebook has not been able to tell the OAIC which Australian users were affected.

Facebook discovered the information had been harvested by a third party in late 2015, but failed to alert users at the time.

In a statement, a Facebook spokeswoman said the company had been engaging with the OAIC on this matter for years.

"We've made major changes to our platforms, in consultation with international regulators, to restrict the information available to app developers, implement new governance protocols and build industry-leading controls to help people protect and manage their data," she said.

"We're unable to comment further as this is now before the federal court."

It's understood that one of the measures enacted by Facebook after it found out, months after the fact, that Cambridge Analytica had been able to slurp tens of millions of its users' data, was the confirmation of strict limits on remote access to its key systems. It is this strict policy which has meant that the 30,000 human contractors who police the social network's gigantic online estate are now mostly unable to do their jobs, as they normally work in dense open-plan offices which cannot comply with coronavirus social distancing rules.

That's a big issue for Facebook, as its automated systems aren't coping at all well without human assistance. It was widely reported last month that legitimate news stories from respected outlets were being rejected as spam when users tried to post them on the social network.

Alex Stamos, a former Facebook executive, tweeted that he thought it was "an anti-spam rule… going haywire. We might be seeing the start of the [machine learning] going nuts with less human oversight."


Not just yelling ‘Fire'. On Facebook, people are yelling ‘Set Fire to 5G masts'

Mark Zuckerberg is clearly aware of the problem. He touched on it during a press call on March 18.

"Even in the most free-expression, friendly traditions like the United States, you've long had the precedent that you don't allow people to yell fire in a crowded room," commented the Facebook CEO. "I think it's similar to people spreading dangerous misinformation in the time of an outbreak like this."

Unfortunately a lot of people are continuing to yell fire in the crowded rooms of Facebook: literally so. In particular, crackpots who believe that 5G mobile transmissions cause coronavirus are calling for people to burn down mobile masts: and others are listening.

In early April, blazes were reported at cell towers in several UK locations: Birmingham, Liverpool and Merseyside. A spokesman for Vodafone told the BBC there had been more incidents at both its own sites and those shared with O2, but did not identify the locations.

"We have received several reports of criminal damage to phone masts and abuse of telecoms engineers apparently inspired by crackpot conspiracy theories circulating online," a spokeswoman for the Department for Digital, Culture, Media and Sport told reporters.

"Those responsible for criminal acts will face the full force of the law.

"We must also see social media companies acting responsibly and taking much swifter action to stop nonsense spreading on their platforms which encourages such acts."

Apart from Facebook, the 5G crackpots are active across other platforms including Pinterest,, TikTok and Twitter among others. The UK DCMS intends to hold talks in coming weeks with various tech companies during which it will attempt to get the arson-incitement content taken down.

Of course, this would probably require more human moderation: which would be likely to involve some relaxation of security. This in turn would increase the possibility of black hats gaining remote access to Facebook's management systems, with the attendant possibility of breaches and misuse as seen five years ago.


You thought the US regulators were tough? Watch this, says the AIC

In Australia, Facebook is still facing penalties dating from back then. Each individual contravention in the land Down Under could mean a maximum penalty of AU$1.7m. The OAIC hasn't indicated whether penalties would be sought for all 311,127 Australians affected. If it did, the resulting total would be a staggering AU$529bn, approximately US$343bn: roughly five times the digital giant's entire annual revenue. Facebook suffered a US$5bn fine in the USA over the scandal: the UK for its part charged the company just £500,000.

The OAIC has asked that the Australian court order Facebook to "pay civil pecuniary penalties" under the Privacy Act "as applicable for contraventions that occurred during the relevant period."

According to the court documents, Cambridge Analytica provided written confirmation in January 2016 that all users' personal information obtained through the app had been deleted, but the company did not take any independent steps to ensure the data had been deleted or destroyed.

The whole affair may indicate that the time of almost weightless profits and margins for the web giants may be ending. Despite billions poured into AI research, the giants' automated technology routinely lets them down, damaging their brands and angering public authorities worldwide. Hiring armies of humans to help costs a lot of money, even at outsourced contractor rates, and introduces vulnerabilities too: coronavirus office shutdowns today, perhaps insider threat tomorrow.

Meeting the often conflicting requirements which are being laid upon the web giants looks set to be expensive: but the potential size of the looming Australian fine suggests that doing nothing could cost them even more.