Democracy has entered a new phase characterised by hacking by foreign states and fake stories discrediting political representatives, disseminated by social media. The social media companies have been incapable, or unwilling, to do anything about the fact that a large part of the dissemination of this “fake news” has been through automated software programs posting tweets on Twitter.
The French presidential election didn’t escape this process after the party of leading favourite, Emmanuel Macron, was hacked and 9 Giga Bytes of emails, documents and photos posted on the Internet.
The French presidential election has had its share of fake news including a claim repeated by right wing Front National leader, Marine Le Pen, that opponent Emmanuel Macron has an offshore account in the Bahamas. This accusation originated on the notorious online bulletin board 4chan, but its lack of credibility didn’t stop Marine Le Pen from quoting it in an attempt to at least fuel the story for mainstream and social media.
The strange part of the hacked email’s release was the timing, just before the start of a media blackout period where they are banned from communicating or reporting anything that could be construed as electoral propaganda. Since the documents contained emails up until April 24th 2017, the hackers would have been able to release them with presumably more effect well before this time.
The late release of the dump, combined with the media blackout, means that its effect on the election is likely to be minimal. Wikileaks has already reported that metadata in the dump features Cyrillic writing and mentions the name of an employee of a Russian government security contractor Evrika, implicating Russian involvement. Whoever was responsible for the hack, the Front National and far-right activists in France and the US quickly tried to exploit the release on Twitter making it a trending topic for a short while in the US and in France.
At this time, it is really not possible to conclude very much about the authenticity of the data or who could have been behind its hack and release. Digital fingerprints, such as those found in the metadata of the dumped files, is hardly conclusive evidence of the identity of the perpetrators. The inclusion of cyrillic metadata with names tied to the Russian Federal Security Services (FSB), could just as easily have been other nations’ security services wanting to implicate and discredit Russia. In fact, this last possibility would explain the release of files at the last minute when it was very unlikely to have had much impact on the outcome of the election.
There is a lesson however for all future elections and their political participants about how technology has come to dominate the political process in a number of ways. First, social media, once believed to be the vehicle for true democratic expression by the public, has become a morass of disinformation, easily manipulated through software. Second, the production of fake news supported by falsified photos and documents has become another mainstream tactic employed by anyone and everyone wanting to influence the outcome. Third, it is certain that political parties will be hacked and there is little that they can do to prevent that happening.
Dealing with this new political reality is going to be difficult, but at least governments and political parties will not need much persuading that something needs to be done to stop the democratic process from being completely subverted.
The first thing governments could do would be to force social media companies like Facebook and Twitter to deal with automated “bots” that are responsible for amplifying the spread of disinformation. Technically, this would be easy for them to do and so it is unclear why they haven’t done so already.
Preventing political parties from being hacked is going to be an impossible task. Phishing emails are becoming increasingly sophisticated. A recent spate of phishing emails targeting Google Docs users is fooling even technically adept users. Employees of political parties will have to become very much better at scrupulously deleting emails and documents that contain anything that would cause issues if they became public. Encryption should be used for documents that absolutely need to be kept.
On a more optimistic note, the issue of fake news may be something that loses its potency with time. The fact that the phenomenon is widely understood now means that disinformation is being identified and counteracted before it has much impact. The public is also getting better at discounting known unreliable sources of information. There is also the process of habituation that kicks in when there is a continuous succession of outlandish claims made on social media. People simply stop listening or believing it.
Authors: David Glance, Director of UWA Centre for Software Practice, University of Western Australia