X

Facebook ex-security boss Alex Stamos: Firm blew it, but so did others

US spy agencies "failed to provide actionable intelligence" on Russian trolls, and "grandstanding" lawmakers also dropped the ball, Stamos says in a Washington Post op-ed.

CNET News staff
3 min read
Former Facebook security chief Alex Stamos

Former Facebook security chief Alex Stamos.

Brendan Moran/Getty Images

Sure, Facebook screwed up on the Russia thing, but so did Congress, the media and US spy agencies.

That's the word from the social network's former chief of security, Alex Stamos, who aired his views in a Washington Post opinion piece Saturday, three days after a front-page report in The New York Times threw a nasty light on Facebook and its top execs.

The Times story said that last year, as Russian trolls worked Facebook to spread disinformation and sow discord during the US presidential election, CEO Mark Zuckerberg and COO Sheryl Sandberg "ignored warning signs and then sought to conceal them from public view." The two were also distracted and delegated critical decisions to subordinates, the Times said. Zuckerberg and Sandberg have pushed back against the report.

Stamos agreed that Facebook "stuck to a public-communications strategy of minimization and denial" and "should have responded to these threats much earlier and handled disclosure in a more transparent manner." But he said "no one at the company ever told me not to examine Russian activity, nor did anyone attempt to lie about our findings." He also said the world's largest social network wasn't alone in making mistakes.

"The massive US intelligence community failed to provide actionable intelligence on Russia's information-warfare goals and capabilities before the election and offered a dearth of assistance afterward," Stamos wrote.

As for Congress, Stamos chided lawmakers for their "public grandstanding at investigative hearings" and called them out for their "failure to establish facts, effectively oversee the executive branch and provide for the common defense."

And he said the media "rewarded" Russian hackers by publishing thousands of stories about emails stolen from top Democrats.

"It is time for us to come together to protect our society from future information operations," Stamos wrote, warning that the 2020 presidential campaign isn't likely to escape the attention of hackers.

Congress needs to pass legislation requiring transparency in political advertising that runs on social media and other tech platforms, Stamos said. And the law needs to "limit the ability of all players ... to micro-target tiny segments of the population with divisive political narratives."

"It would be great," Stamos wrote, "to see Facebook, Google and Twitter propose helpful additions to legislation instead of quietly opposing it."

Stamos also said that in regard to political speech, the US needs to clarify which responsibilities should be left to tech companies and which should be entrusted to government. Some European countries do a better job of this, he said.

"Many areas of cybersecurity demand cooperation between government and corporations," Stamos wrote, "and our allies in France and Germany provide models of how competent defensive cybersecurity responsibility can be built in a democracy."

And Stamos said that though a free press involves certain unavoidable difficulties, "it would be reassuring to see leading newsrooms publish their standards on how they might cover newsworthy data leaks without amplifying the messages of the United States' enemies."

Stamos said that ultimately, everyone needs to up their game. Platforms like Facebook and Twitter "need to improve protections against abuse," he wrote, but their users must also be "willing to question what they see and hear, even when it means questioning their own beliefs."

Inside Facebook's election war room

See all photos
Watch this: Zuckerberg defends actions after New York Times investigation

CNET's Holiday Gift Guide: The place to find the best tech gifts for 2018.

Best Black Friday 2018 deals: The best discounts we've found so far.