Tanzania's Abuse Of US Copyright Law To Silence Critics On Twitter Should Be A Warning For Regulators Looking To Mess With Content Moderation
We were just highlighting how rules that enable the easy takedown of content on social media will always lead to over-blocking, and this is why we should be quite careful about government attempts to mandate content removal -- like those of Senator Amy Klobuchar to require websites to remove "health misinformation." It's not like we don't have tremendous evidence of this. Daphne Keller over at Stanford has been keeping tabs on studies of "over-removal", with the key culprit being copyright law.
In the US, copyright law remains the main tool for silencing speech (which is why there's still a very strong argument that the DMCA fundamentally has a 1st Amendment problem). It didn't get that much attention, but a recent revelation from Twitter about removing networks of coordinated inauthentic behavior online, reveals just how US copyright law can be weaponized by foreign governments to silence critics -- and it should be a very loud warning to those looking to create government mandates for the removal of information online.
Twitter shared the details of these removals with the Internet Observatory at Stanford and it's from that organization's report that the details of what happened here come. However, Stanford IO released reports on a bunch of different networks at once, so what happened with Tanzania seems to have gotten less attention than the overall set of examples. But the Tanzania example should send up signal flares about why making it easy to remove content online is so dangerous.
For years we've highlighted a tactic that people have used to silence others: faking a copyright on material and then claiming infringement. The tactic is stupidly brilliant. If you find some content you don't like, just copy it onto your own website/blog and then backdate it so it looks like it came out before the content you want to have deleted. Then, send a DMCA takedown notice claiming that yours is the original, and the actual original is infringing.
A year ago, the good folks at Access Now spotted how they had been alerted to Tanzanian activists being silenced on Twitter through this technique:
Notably, ahead of Tanzania's upcoming elections, our Helpline has received reports of hundreds of DMCA takedown demands to censor Tanzanian activists on Twitter.
Twitter has now dealt with this effort, but the details, as noted by Stanford are really eye-opening.
Twitter suspended a network of 268 accounts that were supportive of the Tanzanian government and used copyright reporting adversarially to target accounts belonging to Tanzanian activists and an opposition politician. This Tanzanian operation worked by first taking text or images tweeted by accounts that criticized the ruling Chama Cha Mapinduzi party, then putting the same content on WordPress sites and modifying the date to make it appear as if the WordPress post preceded the tweet. Fake accounts pretending to be Tanzanians or South Africans then reported the content to Twitter for violations of the US Digital Millennium Copyright Act (DMCA). Twitter then notified the accounts of the reported copyright claim. To counter such DMCA takedowns, however, the accused copyright infringer must share their personal information with Twitter. At least one of the targeted accounts relied on anonymity for safety, possibly making it undesirable for them to counter through Twitter's process. This operation succeeded in getting Twitter to suspend at least two of the targeted accounts, though both have since been reinstated.
The details in the report show the lengths that this network went through to abuse US copyright law to silence Tanzanian activists.
The typical starting point in this operation was a tweet-sometimes justtext, sometimes with an image-from a targeted account, which includedthe prominent activist known as Kigogo (@kigogo2014 on Twitter, 640,000followers). Kigogo is affiliated with human rights organization Fichua Tanzania,which advocates for a politically free and open Tanzania. @kigogo2014 is apseudonymous account that shares inside information on the country's elitesand is on occasion critical of the government, which has threatened to unveiland arrest the individual behind the account. Also targeted in this schemewas @RealHauleGluck (237,000 followers), who self-describes as a human rightswatcher in Tanzania.
The network then created websites-we know of three of them based on a tweetfrom @kigogo2014 (see Figures 3 and 4). These sites were undeveloped and existedexclusively to post content copied from the targeted Twitter accounts. Each poston the websites was typically just an image or some of the words from the originaltweet.
You can see an archive of one of these WordPress sites. It has no real info on it other than copies of the tweets or images in the tweets. The Stanford researchers looked at the metadata of the WordPress posting to see how they were backdated:
These websites then backdated a blog post to make it appear as if it had beencreated prior to the date of the original tweet. For example, Figure 5 shows sourcecode from one of the WordPress sites. The post shows the publication date ofSeptember 27, 2020, making it appear as if it had been published several daysbefore the original content was tweeted on October 1, 2020-but the source codeshows the post was actually edited on October 2, 2020. Note that the minute fieldsfor the published and updated dates are within two minutes of each other (19 and21, respectively), further suggesting that the blog post was created on October2nd at 3:19pm, manually backdated to September 27th (but preserving the timefield at 3:19pm), then completed on October 2nd at 3:21pm.
Metadata. It'll get you every time.
But the real weaponry here was... the US DMCA notice-and-takedown scheme:
In the next step of the scheme, Twitter accounts in the network filed DMCAcomplaints on Twitter. From screenshots the targeted accounts posted (seeFigure 6 on the following page), we can see what these complaints looked like.They include a name-likely fake, and often appear to be Nigerian. The phonenumber does not appear to map onto the format of real phone numbers inTanzania, where cell phone numbers begin with +2557 or +2556 and landlinenumbers begin with 02. Additionally, the same phone number was used forcomplaints linked to multiple individuals. The complaints linked to the allegedlyviolative content, along with the original" content. In one somewhat comicalexample, the complaint was over a generic photo of a sunset (Figure 7 on page 8).
The newstzolivia.wordpress.com site had a post that consisted entirely of likelybackdated tweet-length content, often stolen from @kigogo2014; examples areshown in Figure 8 on page 9. The site listed the email patelolivia719@gmail.comunder one post, and one of the suspended accounts used the display name OliviaPatel. The account, created on June 16, 2020, had no followers.
The complaints also included the address of the complainant. Interestingly, 99of the suspended Twitter accounts included an address in their bio, primarilyin South Africa. We suspect the network thought their complaints would seemmore credible if the address listed in the complaint matched the address listedin the bio, though it is unclear if this mattered. Many of the accounts that listedaddresses had no visible tweets, suggesting their primary purpose may have beencopyright reporting.
While this network was caught, and the suspended Twitter accounts were reinstated, this still should serve as a warning sign. When you, under the threat of legal liability, force websites to remove content based solely on the say-so of reporters, it will inevitably be abused, and sometimes to dangerous ends.
This is just the latest striking example of how that works.