Facebook refutes MP claims it knew about Russian data harvesting in 2014
After some confusion, it appears claims that Facebook knew about Russian data harvesting in 2014 appear to be false
Earlier this week, IT Pro reported the seizure of Facebook documents by Parliament's Serjeant at Arms in a London hotel. In a review of the seized documents, one British lawmaker has revealed Facebook knew about Russia's data harvesting as early as 2014.
In an internal email from a Facebook engineer, one of the documents that were seized by Parliament from the founder of Six4Three, reportedly contained information which highlights suspicious activity from Russian-based entities relating to the exploitation of a feature which allowed them to harvest large amounts of data.
Facebook had previously maintained that they were only aware of the data harvesting in 2016, after the US election had taken place. But, Damian Collins who heads the committee of British lawmakers which compelled the founder of Six4Three to hand over the documents it acquired in legal discovery, said the company was aware of Russia's conduct two years before.
Collins and his committee conducted a hearing on Tuesday in which Richard Allen, vice president of policy solutions at Facebook said in his testimony that he would not discuss the documents, Bloomberg reports.
During the hearing, to which Mark Zuckerberg didn't attend, Allen was lambasted by all in attendance with many asking him why he attended instead of Zuckerberg. Allen admitted that Facebook had abused public trust and said Facebook would accept a little more regulation.
Since these reports, Facebook has issued IT Pro a series of redacted emails which seem to verify its claims that an investigation into potential Russian data harvesting were taken out of context. In a series of exchanges, the emails show that a mass of calls were made to Facebook APIs but didn't come from Russian-linked entities after all, instead, they all came from Pinterest.
The emails show that, at the time, Pinterest was migrating to a new version of their API which potentially caused a massive spike in the calls it was making to Facebook. "You'll see we looked into this at the time and determined that the calls to the API were all legitimate API calls from Pinterest and not from Russia," said a Facebook spokesperson. "We also determined the volume of actual calls to be around 6m and that the suggestion of 'billions' was inaccurate."
One of the earlier emails in the chain suggested that three billion calls were being made per day when in reality only six million successful calls were made as well as 40 million unsuccessful ones.
So it seems the situation has been blown out of proportion, Facebook wasn't actually being targeted by Russians in 2014, two years before they said they became aware of actual Russian data meddling.
After the nightmarish year its PR department has had, this comes a breath of a fresh air. This is, however, only the first of the seized documents that have been covered by the media, there is still the possibility that the documents hold key details about Facebook's knowledge of its potential privacy flaws in 2016.
The essential guide to cloud-based backup and disaster recovery
Support business continuity by building a holistic emergency planDownload now
Trends in modern data protection
A comprehensive view of the data protection landscapeDownload now
How do vulnerabilities get into software?
90% of security incidents result from exploits against defects in softwareDownload now
Delivering the future of work - now
The CIO’s guide to building the unified digital workspace for today’s hybrid and multi-cloud strategies.Download now