Meta, the parent company of Facebook and Instagram, is currently at the center of controversy in India, where a local publication alleges that the company deleted an Instagram post on behalf of an Indian politician. Meta has since pushed back on these claims, accusing the outlet of using “fabricated” evidence, which in fact may be the case based on Meta’s rebuttals and the findings of users online.
It’s an unusually difficult story to keep up, based on the nuances of Indian politics, email forensics and Meta’s controversial relationship with the press. So we’ve summarized the chaos of the past week into a simple summary of what happened and why it matters.
What is going on here?
On October 6, independent Indian news publication The wire published an article about how Instagram erroneously removed a satirical image of a man worshiping Yogi Adityanath, the prime minister of Uttar Pradesh. The account’s owner, @cringearchivist, says Instagram removed the post for violating its “sexual activity and nudity” policy, even though it didn’t include sexual activity or nudity.
Many assumed that the post was flagged due to a malfunction in some automated system, but The wire said this was not true. An internal source at Meta reportedly said: The wire the company removed the post at the request of Amit Malviya, the head of India’s ruling party, Bharatiya Janata Party (or BJP), but holes in The wire‘s reporting makes these allegations questionable.
Meta has since denied The wire‘s report. It accuses the outlet of spreading false information and has attempted the “fabricated evidence” of The wirethe source, which says it hopes The wire “is the victim of this hoax, not the perpetrator.”
What does The wire say happened?
Actually, The wire reported that Malviya got the post banned by using special privileges given to high profile users. To back up these claims, they published screenshots of the documentation Instagram allegedly uses as part of its internal review process, which lists Malviya’s Instagram handle, @amitmalviya, as the user who reported @cringearchivist’s post. The wire also states that Malviya “has XCheck privileges” and that another review of the reported content is “not required”.
The XCheck program is undeniably real: last year a report from The Wall Street Journal revealed that Meta uses an XCheck or cross-checking system that allows high-profile users to avoid the typical Facebook and Instagram moderation processes. But The Wire’s coverage appeared to show that this was being used for partisan political ends in India, allowing Malviya to “post as he pleases without the platform rules applying to him.”
What does Meta say about? The wireclaims?
Meta responded to the accusations by say the cross-checking tool “does not give registered accounts the authority to automatically remove content from our platform.” It adds that the policy was put in place to “prevent potential errors in enforcement and to monitor cases where a decision might require greater understanding.”
The company also pushed back on the internal report of The wire‘s source. Guy Rosen, Chief Information Officer of Meta, says the… instagram.werkplek.com The URL in the screenshots doesn’t actually exist. ‘It seems like a fabrication’ Rosen writes on Twitter. “The URL on that ‘report’ is one that is not in use. The naming convention is one we don’t use. There is no such report.”
To prove the legitimacy of the source, The wire posted a video showing what the outlet claims is part of Instagram’s internal workspace. The clip shows a user scrolling through a list of alleged “post-incident reports with VIPS” on Instagram’s backend, which The wire says employees can only access through the company’s internal subdomain, instagram.werkplek.com. And while the outlet says “it has determined that the video has not been tampered with”, Pranesh Prakasha legal and policy analyst at the Center for Internet and Society, sees a case where the cursor jumps unnaturally during the video.
Meta says the company has evidence that a user created an external Meta Workplace account, which changed the branding of the page to make it look like it belonged to Instagram. It says the account was created on October 13, a few days later The wirethe first reports.
“Based on the timing of the creation of this account on October 13, it appears it was set up specifically to produce evidence to support the Wire’s inaccurate reporting,” explains Meta. “We have blocked the account because it is against our policy and is being used to perpetuate fraud and mislead journalists.”
What about The wireother evidence?
The wire also claims it received an email from Andy Stone, the director of policy communications at Meta. In the email, Stone would express his frustration with the aforementioned leaked internal document and ask that the journalists behind the story be put on a ‘watch list’. The wire went so far to verify the authenticity of the email using a tool called dkimpy, which validates the DKIM (DomainKeys Identified Mail) signature of the email.
The protocol has to prove that an email really came from where it says it did, and in this case, that’s Meta’s fb.com domain. The wire posted a video showing the authentication process — which the outlet says was signed by two independent security experts — and concluded the email is genuine.
In response, Meta said the email is “fake” and that there is no such thing as a “watchlist”. Stone also denies the existence of the email in a statement on Twitter. “This is not true at all”, Stone writes. “I never sent, wrote, or even thought what was in that alleged email, because it was clear from the start that @thewire_in‘s stories are based on fiction.”
Users on the Internet have poked holes in The wirethe allegations. In a thread on twittercybersecurity expert and author Arnab Ray found that the DKIM analysis video posted by The wire doesn’t really prove that Stone sent the email himself.
As Ray explains, “DKIM is based on a domain public key,” meaning it can’t prove it comes from a specific person; it only shows that it comes from the domain associated with a specific organization, such as fb.com. This leaves room for someone with access to the organization’s email to spoof their address, making it look like the email came from Stone, but in reality it isn’t.
Prakash also shows how easy it is to fabricate a false result with a DKIM tool like dkimpy. Prakash was able to get a “signature ok” result, indicating that the DKIM has been verified, from the program using dummy data. The emails between The wire and alleged security experts who verified the outlet’s DKIM authentication process are also questionable. Prakash points out that the dates on the emails do not match: the current and archived versions of the article, with the former listing the year of the email as 2022 and the latter listing 2021.
So…what does this all boil down to?
Whatever happened, it doesn’t look good for you The wire. Somehow, there is mounting evidence that their initial reports didn’t tell the whole story. some skeptics to believe The wire completely made up the evidence and created a fake story in an attempt to smear Meta. In the meantime, others think The wire may have been the subject of an elaborate ruse, where someone close to Meta created the false evidence and tricked the journalists into believing it to be real. There are even some who think that someone aligned with the BJP leaked the story in a deliberate attempt to discredit the publication.
But wherever the confusion came from, the point of reporting is to sort this out – and that clearly didn’t happen here.
Why is all this important?
Meta’s leadership has had a turbulent relationship with the Indian government, and this bizarre back and forth will only make things worse. When Facebook whistleblower Frances Haugen came forward last year, internal documents showed that Meta (then Facebook) was largely ignoring the problems in India. According to The New York TimesIn 2019, Meta allocated 87 percent of its budget for classifying misinformation on the platform to the US, with the remaining 13 percent spread around the rest of the world. This lack of moderation sparked a wave of hate speech and misinformation on Facebook across the country.
There are also issues regarding Meta’s relationship with India’s ruling political party BJP. in 2020, the company was accused of not removing anti-Muslim messages shared by Indian lawmaker T. Raja Singh, a member of the BJP party. And last year, internal documents obtained by the guard found that Facebook allegedly allowed fake accounts linked to promoting a BJP politician on the platform. A recent report from Al Jazeera claims Meta offers a cheaper rate for ads bought by pro-Hindu party politicians.