Facebook refutes MP claims it knew about Russian data harvesting in 2014
After some confusion, it appears claims that Facebook knew about Russian data harvesting in 2014 appear to be false
Earlier this week, IT Pro reported the seizure of Facebook documents by Parliament's Serjeant at Arms in a London hotel. In a review of the seized documents, one British lawmaker has revealed Facebook knew about Russia's data harvesting as early as 2014.
In an internal email from a Facebook engineer, one of the documents that were seized by Parliament from the founder of Six4Three, reportedly contained information which highlights suspicious activity from Russian-based entities relating to the exploitation of a feature which allowed them to harvest large amounts of data.
Facebook had previously maintained that they were only aware of the data harvesting in 2016, after the US election had taken place. But, Damian Collins who heads the committee of British lawmakers which compelled the founder of Six4Three to hand over the documents it acquired in legal discovery, said the company was aware of Russia's conduct two years before.
Collins and his committee conducted a hearing on Tuesday in which Richard Allen, vice president of policy solutions at Facebook said in his testimony that he would not discuss the documents, Bloomberg reports.
During the hearing, to which Mark Zuckerberg didn't attend, Allen was lambasted by all in attendance with many asking him why he attended instead of Zuckerberg. Allen admitted that Facebook had abused public trust and said Facebook would accept a little more regulation.
Since these reports, Facebook has issued IT Pro a series of redacted emails which seem to verify its claims that an investigation into potential Russian data harvesting were taken out of context. In a series of exchanges, the emails show that a mass of calls were made to Facebook APIs but didn't come from Russian-linked entities after all, instead, they all came from Pinterest.
The emails show that, at the time, Pinterest was migrating to a new version of their API which potentially caused a massive spike in the calls it was making to Facebook. "You'll see we looked into this at the time and determined that the calls to the API were all legitimate API calls from Pinterest and not from Russia," said a Facebook spokesperson. "We also determined the volume of actual calls to be around 6m and that the suggestion of 'billions' was inaccurate."
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
One of the earlier emails in the chain suggested that three billion calls were being made per day when in reality only six million successful calls were made as well as 40 million unsuccessful ones.
So it seems the situation has been blown out of proportion, Facebook wasn't actually being targeted by Russians in 2014, two years before they said they became aware of actual Russian data meddling.
After the nightmarish year its PR department has had, this comes a breath of a fresh air. This is, however, only the first of the seized documents that have been covered by the media, there is still the possibility that the documents hold key details about Facebook's knowledge of its potential privacy flaws in 2016.
Connor Jones has been at the forefront of global cyber security news coverage for the past few years, breaking developments on major stories such as LockBit’s ransomware attack on Royal Mail International, and many others. He has also made sporadic appearances on the ITPro Podcast discussing topics from home desk setups all the way to hacking systems using prosthetic limbs. He has a master’s degree in Magazine Journalism from the University of Sheffield, and has previously written for the likes of Red Bull Esports and UNILAD tech during his career that started in 2015.