;
OPINION

Twitter’s Nakedly Partisan Hacked Materials Policy.

Twitter’s political abuse of rules meant to crack down on hacking undermines the viability of these vital policies.

Stopping the release of material garnered through cyberattacks is both a noble and difficult aspiration. Increasingly so, the personal data of Americans is being strewn about the internet by criminals in efforts to defraud, blackmail, and steal identities. A January 2021 report by Risk Based Security reveals that the total number of records compromised in 2020 exceeded 37 billion, a 141% increase over 2019 and the most in a single year since the report’s inception. One billion or more records were exposed for each of the top five breaches, and between 100 million and 1 billion records were exposed by another eighteen. An alarming caveat is that 1,923 of the 3,932 publicly reported breaches in the report did not have a confirmed number of exposed records.

As the old internet adage goes, once it’s on the internet, it’s there forever!

Once your data is leaked on some seedy dark web forum, it is essentially impossible to get it off there. As the old internet adage goes, once it’s on the internet, it’s there forever! This is where the efforts to limit the spread of these materials become vitally important. While Twitter may not be the most popular place for hackers to advertise the sale of compromised credentials, there is still a necessity for a hacked materials policy on social media sites, where most of the public conversations of our age take place. Society would not tolerate the theft and extortion of personal information in the public square of old, so limiting its spread within the cyber square is the natural evolution. Moreover, content moderation policies established by prominent platforms like Facebook and Twitter set the norms for user expectations on sites with less traffic.

Twitter’s “distribution of hacked materials policy” was first introduced in 2018 in response to criticisms that it had not been policing the spread of information stolen from the Democratic National Committee and Hillary Clinton’s campaign by Russian state hackers amid “disinformation” campaigns by the Kremlin-backed Internet Research Agency. This new policy was intended to prohibit posts that contained hacked materials or links to sites which contained hacked materials.

The authority that Twitter and other similar platforms have to limit what can and cannot be shared online grants them enormous power, even in the case of hacked materials, which may, on face, seem like a straightforward policy. Twitter gets to create the definition of what stolen material is and then decide how to punish those who violate their rules. Unfortunately, the nakedly partisan Twitter showed us what the abuse of this power looks like as they selectively put a stop to the spread of compromising information on then-candidate Joe Biden, while doing nothing to affect a circulating story on the private tax information of American citizens.

Hunter Biden.

Hunter Biden.

CENSORING THE OPPOSITION

A New York Post story published on October 14th, 2020, was the victim of misapplication of Twitter’s well-intentioned policy that aims to stop the spread of information that “makes all of us less secure online.” The story featured emails relating to Hunter Biden that were supposedly contained in a “trove of data” from a laptop. This water-damaged device was dropped off at a Delaware computer repair shop in April of 2019. When it came time to pay for the repair job and pick the laptop up, the customer could not be reached, despite multiple contact attempts.

Note that the policy does not explicitly define what Twitter’s definition of “hacking” is.

The repair shop owner, John Paul Mac Isaac, who is now filing a $500 million libel lawsuit against Twitter, claims that a contract was signed by Hunter Biden that states that any equipment left at the shop for over 90 days would be considered “abandoned,” and the shop would not be held liable for damage or loss. After trying to contact the owner of the device, Mac Isaac eventually provided a copy of the computer’s hard drive to Robert Costello, a lawyer for Rudy Giuliani. He also alerted the FBI of the computer’s existence, resulting in its seizure.

Twitter claims that it blocked posts linking to the story or containing pictures from it because their “distribution of hacked materials” policy was being violated. The policy, as it stood on October 12th, states the following.

We don’t condone attempts to compromise or infiltrate computer systems for malicious purposes. As such, we don’t permit the use of our services to directly distribute content obtained through hacking that contains private information, may put people in physical harm or danger, or contains trade secrets. You also may not threaten to hack or break into someone’s digital information or attempt to incentivize others to do so.

Note that the policy does not explicitly define what Twitter’s definition of “hacking” is. Still, we can assume they are referring to the traditional definition of an “act of compromising digital devices and networks through unauthorized access to an account or computer system.” The question then is whether the material on the computer’s hard drive was accessed in an unauthorized fashion?

The contract signed by Hunter Biden states that the shop is not responsible for any loss of property and that it “reserves the right to remove any equipment or parts installed.” It is fuzzy on whether the data within the equipment—the hard drive in this case—would belong to the shop owner and be allowed to be given to whomever he desired. It is just as fuzzy and questionable if Twitter’s policy provided the standing to censor the story and even suspend the Twitter account of The New York Post.

In either case, it is alarming to see that a major news organization could be suspended for writing and sharing a story on a major political candidate’s involvement in their son’s foreign business dealings. Jack Dorsey, CEO of Twitter, seemed to acknowledge the optics around the situation, tweeting on October 14th that “Our communication around our actions on the @nypost article was not great” and that “blocking URL sharing via tweet or DM with zero context as to why we’re blocking: unacceptable.”

Jack Dorsey.

Jack Dorsey.

REVEALING THE DOUBLE-STANDARD

Unlike in the case of the New York Post’s expose on Hunter Biden, what is not questionable is Twitter’s glaring about-face when it came to the proliferation of a June 8th ProPublica article on their platform expounding upon the leaked tax records of the wealthiest citizens of the United States. In “The Secret IRS Files: Trove of Never-Before-Seen Records Reveal How the Wealthiest Avoid Income Tax,” ProPublica starts by stating they “obtained a vast cache of IRS information showing how billionaires like Jeff Bezos, Elon Musk and Warren Buffett pay little in income tax compared to their massive wealth—sometimes, even nothing.”

As it turns out, the U.S. Code defines tax return information as explicitly confidential.

Later in the article, when addressing the claim that publishing this information was a violation of privacy, ProPublica asserts, “We have concluded that the public interest in knowing this information at this pivotal moment outweighs that legitimate concern.” Twitter seems to have agreed with this sentiment as they did not issue any public comment on the leak, nor did they respond to accusations pointing to the obvious bias in how they enforced their hacked materials policies.

The tax information of these individuals was illegally obtained and disseminated, as confirmed by Treasury spokeswoman Lily Adams. Twitter’s hacked materials policy was updated shortly after the New York Post story in October 2020, so it is imperative that we juxtapose their decision not to censor this story with their official policy stance at the time. In the overview, Twitter says that it doesn’t “permit the use of our services to directly distribute content obtained through hacking by the people or groups associated with a hack.” Since ProPublica was not behind the hack, it seems that they have not violated anything—yet. After this part, the policy claims that Twitter “may label Tweets containing or linking to hacked materials to help people understand the authenticity or source of these materials and provide additional context.” It is obvious then that, in the case of ProPublica’s clear circulation of hacked materials, Twitter decided to avoid leftist scorn by not providing additional context on the illegal disclosure of this private information.

Linked within the hacked materials policy is Twitter’s private information policy. The first words on this page establish that on Twitter, “You may not publish or post other people’s private information without their express authorization and permission.” As it turns out, the U.S. Code defines tax return information as explicitly confidential. However, it is still hard to say whether sharing the ProPublica article is a stark violation of the hacked materials policy. Twitter made sure to avoid getting itself into any hot water in the future by stating, “We recognize that source materials obtained through leaks can serve as the basis for important reporting by news agencies meant to hold our institutions and leaders to account.”

If someone concludes, after honestly reviewing the two incidents, that Twitter acted by the books, they must still address the fact that Twitter decided that information complicating the potential president of the United States was not important reporting. Given that almost 99% of the 2020 federal donations of Twitter employees went to Democrats, it is not hard to see that this decision was highly political.

Twitter.

Twitter.

UNDERMINING POLICY

Most of the discussion around Twitter’s hacked materials policy focuses on the blatant hypocrisy and politically beneficial policy enforcement. What is often left to the wayside, however, is the importance that these policies have for limiting the distribution of hacked materials.

They have manipulated and weaponized a policy that aims to curtail the seemingly endless number of hacks perpetuated throughout the internet.

Being one of the largest social media platforms in the world makes Twitter an ideal place to advertise the availability of compromised data and systems. As of March 2021, Twitter has around 199 million daily active users. This is quite the sizable user base to leverage if you have compromised data to sell. The large number also presents significant challenges to taking down the tweets and accounts of hackers, making it easier to slip through the cracks.

The hacked materials policy has legitimate standing as it provides a basis for Twitter to impose restrictions on the dissemination of a hacker’s ill-gotten gains. It also acts as a quasi-deterrent to hacking activity. Without this policy and the enforcement behind it, Twitter would be rife with personal data dumps, auctions for compromised logins, and hacking competitions to see who could cause the most damage. While it is true that these activities can take place elsewhere, a substantial amount of illicit cyber behavior is mitigated through this policy and its enforcement.

However well-intentioned a policy is, it can still be thoroughly undermined through dishonest and corrupt application. A rule is not a rule if it does not apply across the board to all activities under its purview, especially if ideology has a hand in its enforcement.

Unfortunately, it looks like Twitter has engaged in exactly this behavior. They have manipulated and weaponized a policy that aims to curtail the seemingly endless number of hacks perpetuated throughout the internet. It is hard to maintain the legitimacy of a standard when its purpose has been abused, and the enforcer revealed as tyrannical.

As damaging news stories continue to break on both sides, will Twitter once again censor that which pierces the liberal narrative and look the other way when it comes to politically beneficial leaks? That may be the case if history has any indication. Twitter’s share of the marketplace of ideas grows ever larger and influential, making these recent despotic actions that much more alarming.

Written By:

Caleb Larson is an information security engineer in the financial services industry and a member of InfraGard, a partnership between the FBI and private U.S. critical infrastructure organizations.