Untangling The Wire’s accusations about Meta and Instagram moderation in India

Meta — Facebook and Instagram’s parent company — was at the center of controversy in India, where a local publication claimed the company removed an Instagram post on behalf of an Indian politician. Meta pushed back on these claims and accused the outlet of using “fabricated” evidence, and it’s starting to look like that may be the case.

Meta and many experts online found inconsistencies after Meta. The Wire’s reporting, the outlet decided to On October 18th, its stories will be suspended. and conduct an “internal review” of the documents it used as evidence. Later, it It withdrew its October 23rd report due to “certain discrepancies” that emerged in its reporting.

It’s an unusually difficult story to keep track of, drawing on the nuances of Indian politics, email forensics, and Meta’s contentious relationship with the press. So we’ve boiled down the last couple weeks of chaos into a simple recap of what’s happened and why it matters.

On October 6th, independent Indian news publication The Wire Published an articleInstagram incorrectly deleted a satirical photo of a Hindu man worshiping Yogi Adityanath (the chief minister of Uttar Pradesh). The owner of the account, @cringearchivist, says Instagram removed the post for violating its “sexual activity and nudity” policies, even though it did not contain sexual activity or nudity.

Many believed the post had been flagged because of a bug in an automated system. The Wire said this wasn’t true. A Meta source claimed that the statement was false. The Wire the company removed the post at the request of Amit Malviya, the head of the information technology cell at India’s ruling party, Bharatiya Janata Party (or BJP), but holes in The Wire’s reporting make these allegations questionable.

Meta has since been deposed The Wire’s report. It accuses the outlet of spreading false information and has attempted to debunk the “fabricated evidence” provided by The Wire’s source, It states that it hopes The Wire “is the victim of this hoax, not the perpetrator.” After adamantly defending its claims, The Wire has taken the responses from Meta and users online into account and said it’s going to “review its reporting on Meta.” The outlet later made the decision to retract its story entirely due to various inconsistencies in the documents it initially presented as evidence, which we’ll go over below.

Essentially, The WireAccording to reports, Malviya banned the post using privileges that are only available to celebrities. To back up these claims, they published screenshots of the documentation Instagram allegedly uses as part of its internal review process, which list Malviya’s Instagram handle, @amitmalviya, as the user who reported @cringearchivist’s post. The document also stated Malviya “has XCheck privileges” and that another review of the reported content is “not required.”

The XCheck Program is indisputably true: Last year, a Report from The Wall Street JournalIt was revealed that Meta uses an XCheck (or cross-check) system to let high-profile users. avoid Facebook and Instagram’s typical moderation processes. But The Wire’s reporting seemed to show this was being used for partisan political ends in India, allowing Malviya to “post as he likes without the rules governing the platform applying to him.”

Meta replied to the allegations by saying its cross-check program “does not grant enrolled accounts the power to automatically have content removed from our platform.” It adds that the policy was put in place to “prevent potential over-enforcement mistakes and to double-check cases where a decision could require more understanding.”

The company also attacked the internal report that was provided by The Wire’s source. Guy Rosen, Meta’s chief information officer, says the instagram.workplace.com URL included in the screenshots doesn’t actually exist. “It appears to be a fabrication,” Rosen writes for Twitter. “The URL on that ‘report’ is one that’s not in use. The naming convention is one we don’t use. There is no such report.”

To prove its legitimacy, The Wire posted a video showing what the outlet claimed is part of Instagram’s internal workspace. The clip showed a user scrolling through a list of alleged “post-incident reports involving VIPS” on Instagram’s backend, which The Wire said employees can only access through the company’s internal subdomain, instagram.workplace.com. And while the outlet said, “it ascertained that the video hadn’t been tampered with,” Pranesh PrakashAn analyst in legal and policy, spotted an instance when the cursor jumps out of control during the video.

Meta says the company has evidence that a user made an external Meta Workplace account, altering the page’s branding so that it appeared to belong to Instagram. The account was created on the 13th of October, just a few weeks after. The Wire’s initial reports.

“Based on the timing of this account’s creation on October 13, it appears to have been set up specifically in order to manufacture evidence to support the Wire’s inaccurate reporting,” Meta explains. “We have locked the account because it’s in violation of our policies and is being used to perpetuate fraud and mislead journalists.”

The WireAlso claimedIt obtained an email from Andy Stone (Policy Communications Director at Meta), which it received. In the email, Stone allegedly expresses frustration at the aforementioned leaked internal document and asks to put the journalists behind the story on a “watchlist.” The WireSo far as to verify the authenticity of the email using a tool called dkimpy, which validates the email’s DKIM (DomainKeys Identified Mail) signature.

The protocol is supposed to prove that an email really came from where it says it did, and in this case, that’s Meta’s fb.com domain. The Wire posted a video showing the authentication process — that the outlet says was signed off on by two independent security experts — and came to the conclusion that the email is real.

In response, Meta said that the email is “fake” and that there’s no such thing as a “watchlist.” Stone also denies the existence of the email in a statement on Twitter. “This is completely false,” Stone writes. “I never sent, wrote, or even thought what’s expressed in that supposed email, as it’s been clear from the outset that @thewire_in‘s stories are based on fabrications.”

Users have found holes in the system via the internet The Wire’s allegations as well. In Tweet a topicArnabRay, cybersecurity expert & author, discovered that the DKIM video analysis was posted by The Wire doesn’t actually prove Stone himself sent the email.

As explained by Ray, “DKIM is based on a domain public key,” which means it can’t prove that it came from a specific person; it only shows that it came from the domain attached to a specific organization, like fb.com. This leaves room for someone with access to the organization’s email to spoof their address, making it seem like the email came from Stone but really didn’t.

Prakash also appears how easy it is to create a video that makes it looks as if he’s using a DKIM tool with a two-line shell script named “dkimverify.” Prakash made it so the “tool” outputs a “signature ok” result regardless of what’s entered, which indicates the DKIM is verified. The Wire has since revealed that, during the review of its reporting, its investigators haven’t been able to verify the validity of Stone’s alleged email.

Emails between The Wire and supposed security experts who verified the outlet’s DKIM authentication process are also questionable. Prakash points out that the dates on the emails don’t match up on The current Archived versions of the article, with the former listing the email’s year as 2022 and the latter saying 2021.

There’s also evidence that the emails may have been fabricated altogether. Kanishk Karan, a policy manager for online platforms, It was found that The Wire Referred to him as an “independent security expert” at the bottom of one of the unredacted emails, along with a fake email address made to look as if it belongs to him. Karan said that while The WireDevesh Kumar, reporter, did reach out to him for DKIM verification. However, he did not do it and referred him elsewhere. This is the most recent update. The Wire admitted the other security expert featured in the story, Ujjwal Kumar, also “denied sending such an email” to sign off on the DKIM process.

Whatever happened, it doesn’t look good for The Wire. One way or another, there’s mounting evidence that their initial reports weren’t quite telling the whole story. Some skepticsBelieve The WireTo discredit Meta, they created a fake story and falsified the evidence. Some even believe that someone connected to the BJP leaked this story in a deliberate attempt to discredit the publication.

Meanwhile, Others think The Wire might’ve been the subject of an elaborate ruse, with someone close to Meta creating the fake evidence and tricking the journalists into believing it’s real. The Wire is considering this as well, noting “We are still reviewing the entire matter, including the possibility that it was deliberately sought to misinform or deceive The Wire.”

Things are becoming more clear as more information is released. There are many. Recent report from PlatformerKumar was the only one to have contact with him. The Wire’s so-called “source,” and just last week, Kumar claimed that his accounts were hacked. In addition to retracting Kumar’s reporting on Meta, The WireAlso, access has been suspended to His story at Tek Foga BJP app that is allegedly used to infiltrate, control and spread misinformation across various social media platforms. The WireThe report states this has “been removed from public view pending the outcome of an internal review by The Wire, as one of its authors was part of the technical team involved in our now retracted Meta coverage.”

“In the light of doubts and concerns from experts about some of this material, and about the verification processes we used — including messages to us by two experts denying making assessments of that process directly and indirectly attributed to them in our third story — we are undertaking an internal review of the materials at our disposal,” The Wire explains. “This will include a review of all documents, source material and sources used for our stories on Meta. Based on our sources’ consent, we are also exploring the option of sharing original files with trusted and reputed domain experts as part of this process.”

But wherever this confusion and doubt came from in the first place, the point of reporting is to suss this stuff out — and that clearly didn’t happen here.

Meta’s leadership has had a turbulent relationship with the Indian government, and this bizarre back-and-forth is only going to make things worse. Frances Haugen, a Facebook whistleblower, revealed that Meta (then-Facebook), largely ignored Indian issues when she came forward last year. According to The New York TimesMeta gave the US 87 percent of its budget in 2019 for misinformation classification, while the remainder was distributed around the world. This lackluster moderation resulted in a lot of hate speech, misinformation and violence on Facebook.

There are also issues related to Meta’s relationship with India’s ruling BJP political party. 2020 The company was accused by being unable to remove anti Muslim postsT. Raja Singh (Indian lawmaker), a member the BJP party, shared this information. Last year, Documents internal obtained by The GuardianFacebook allegedly allowed fake accounts to be linked to promoting a BJP politician on its platform. A Recent report by Al JazeeraMeta claims it offers lower rates for ads bought by pro-Hindu politicians.

Updated October 23, 2012, 2:28 PM ET This article has been updated to reflect that The WireIt has retract its report.

Updated October 19, 2012, 12:05 PM ET This article has been updated to reflect that The Wire has pulled its stories and that it’s conducting an internal review.

Correction, October 17, 2006 at 6:08 PM ETAn earlier version of this article stated that Pranesh Prakash was a policy and legal analyst at the Centre for Internet and Society. Prakash no longer holds this position. It also previously stated that Prakash shows how easy it is to fabricate a false result using a DKIM tool like dkimpy, when Prakash actually shows how to fabricate a video that makes it looks as if he’s using a DKIM tool like dkimverify. We are sorry about the error.

Correction, October 18, 2008 at 11:08 AM ETAn earlier version of this article incorrectly stated that Amit Malviya was the head of BJP, when in fact he is the head IT cell at BJP. We regret this mistake.