Facebook user data harvested by one of the largest internet companies in Russia could allow the Kremlin to target American voters with continued misinformation campaigns, as well as crack down on critics of Vladimir Putin.
Mail.ru, a Kremlin-linked internet company, was one of the dozens of firms Facebook granted an extension to pull data from unwitting users in 2015. Facebook told CNN on Wednesday it gave the Russian tech giant a two-week extension in 2015 to continue collecting user data. The extension stands out as the social network investigates its handling of user privacy following the Cambridge Analytica data leak.
Facebook curtailed information that third-party app developers could take from users in May 2015, but granted an extension to 61 companies, including Mail.ru. Until that point, app developers could grab a wide range of user data, including names, birthdays, gender, location, what users “liked,” and pictures.
Mail.ru was started by Russian businessman Yuri Milner, a major investor in Facebook, according to a New York Times report last year. But Milner stepped down in 2012, leaving Mail.Ru’s parent company in control of co-owner Alisher Usmanov — who has been linked to the Kremlin by the U.S. Treasury Department, according to CNN.
Following Facebook’s Cambridge Analytica data leak — where up to 87 million users had their profile information grabbed the political firm — is there a good reason for Facebook users to be concerned that a company with ties to a foreign adversary could have their data?
“The reason it’s newsworthy is because it’s not just Cambridge Analytica. This is evidence there are other companies that have sinister motives, that have selected data on Facebook users,” Karen North, director of USC Annenberg’s Digital Social Media Program, told TheWrap. “We should be worried when any foreign entity has access to our private data.”
A former advisor to the Clinton White House, North said it wasn’t surprising to learn that major companies in countries like Russian and China have close links to its government. In fact, it would be jarring if conglomerates were not tied to the Kremlin.
The concern is whether the data grabbed by Mail.Ru was used, and can still be used to sway political opinion in the U.S.
“The biggest issue is are they going to use the data to manipulate our beliefs?” North continued. “This is yet another shot over the bow we should be wary of information that comes to us that tries to persuade us on social media.”
Facebook has been heavily criticized for its inability to stop Kremlin-linked trolls from leveraging its platform to spread misinformation during the 2016 election. CEO Mark Zuckerberg has since said he’s “dead serious” about preventing it from happening again. Facebook has added several measures in the last year to verify accounts running ads, aiming to block the spread of fake news.
But under Russian surveillance laws, Mail.Ru can be compelled to share its data with the Kremlin — if it hasn’t already.
“That means Russia’s intelligence services now have access to all that data, legally, in Russia,” Michael Carpenter, who served on the National Security Council specializing in Russia during the Obama administration, told Vice.
The threat of Russian trolls using information grabbed from companies like Mail.Ru still lingers years later. Looking beyond the U.S., Facebook user data could be used to crack down on Russian activists standing in opposition to President Vladimir Putin.
— Eva (@evacide) July 11, 2018
Facebook clearly understands the threat to Russian dissidents already; the company’s ad algorithm labeled 65,000 Russian users as interested in treason, according to The Guardian. Facebook then removed the category following safety concerns.
Beyond the potential use of U.S. user data to spread misinformation, as well as the security issues it raises in Russia, Mail.Ru’s data extension shows Facebook’s battle to protect its massive audience extends beyond Cambridge Analytica.