Damned If You Do; Damned If You Don't: ProPublica's Bizarre Reporting On WhatsApp Abuse Reports

from the come-on-guys dept

I've been struck over the years by how much reporting on technology involves attacking companies for what they do -- even if for totally contradictory reasons. Everything is viewed through the lens of assuming the worst possible intentions. And, yes, sometimes perhaps that's deserved. Companies act badly and no one should give them the benefit of the doubt if they can't show reasons it ought not to be. But sometimes, it just gets ridiculous, as is clear in a recent ProPublica piece that attacked WhatsApp for its "report" feature. Now, I like ProPublica a lot and feel that they do some of the best investigative reporting around. But this was not that.

ProPublica itself has reported on how WhatsApp can be abused by those with nefarious intent -- criticizing the company for failing to do anything about it. But this new article is basically the opposite. It's attacking WhatsApp because it has a feature that allows users to "report" a message they received to WhatsApp. ProPublica dangerously incorrectly used this to claim that WhatsApp (which offers end-to-end encryption) is somehow bad about privacy. The title of the article reads -- incorrectly -- "How Facebook Undermines Privacy Protections for Its 2 Billion WhatsApp Users." The (since edited) article contains this bullshit section:

Zuckerberg’s vision centered on WhatsApp’s signature feature, which he said the company was planning to apply to Instagram and Facebook Messenger: end-to-end encryption, which converts all messages into an unreadable format that is only unlocked when they reach their intended destinations. WhatsApp messages are so secure, he said, that nobody else — not even the company — can read a word. As Zuckerberg had put it earlier, in testimony to the U.S. Senate in 2018, “We don’t see any of the content in WhatsApp.”

WhatsApp emphasizes this point so consistently that a flag with a similar assurance automatically appears on-screen before users send messages: “No one outside of this chat, not even WhatsApp, can read or listen to them.”

Those assurances are not true. WhatsApp has more than 1,000 contract workers filling floors of office buildings in Austin, Texas, Dublin and Singapore, where they examine millions of pieces of users' content. Seated at computers in pods organized by work assignments, these hourly workers use special Facebook software to sift through millions of private messages, images and videos. They pass judgment on whatever flashes on their screen — claims of everything from fraud or spam to child porn and potential terrorist plotting — typically in less than a minute.

The false implication here is that WhatsApp (and Facebook) are lying about end-to-end encryption. Except, that's bullshit. The people reviewing content are only reviewing content that has been reported. I don't understand why this is hard for people to comprehend, but even with end-to-end encryption one of those "ends" can forward the contents to someone else, and those people can see it. And that's all that's happening here. When you "report" content in Facebook, it is the functional equivalent of forwarding the message.

If it's "undermining" privacy (and it's not), then the person who is reporting the content is the one undermining privacy by forwarding the message and saying it might be problematic. This is actually quite a reasonable approach to dealing with questionable content on an encrypted messaging program, but ProPublica decides to spread a very misleading report suggesting that it's undermining privacy.

Alec Muffett does a nice job dismantling the argument. As he notes, it's really bad when journalists try to redefine end-to-end encryption to mean something it is not. It does not mean that recipients of messages cannot forward them or cannot share them. And, in fact, pretending that's true, or insisting that forwarding messages and reporting them is somehow an attack on privacy is dangerous. It actually undermines encryption by setting up false and dangerous expectations about what it actually entails.

Alex Stamos similarly has a great thread on the many problems in the article, but here's the key bit:

But, really, this gets back to a larger point that I keep trying to make with regards to reporting on "privacy" violations. People differ (greatly!) on what they think a privacy violation really entails, and because of that, we get very silly demands -- often from the media and politicians -- about "protecting privacy" when many of those demands would do tremendous harm to other important ideas -- such as harming competition or harming free speech.

And this is especially troubling when perfectly reasonable (and in fact, quite good) systems like WhatsApp "report" feature are portrayed incorrectly as "undermining privacy" when what it's actually trying to do is help deal with the other issue that the media keeps attacking WhatsApp for: enabling people to abuse these tools to spread hatred, disinformation, or other dangerous content.

Filed Under: bad journalism, bad reporting, encryption, end to end encryption, forwarding, privacy, reporting
Companies: facebook, propublica, whatsapp

Getting Worse Part 1: Intuit Routinely Lies To Customers To Avoid Paying Refunds For Tax Prep Work

from the free-as-in-free dept

It appears Intuit has decided to make things worse rather than better. Just after tax season, we discussed ProPublica's excellent research article on the extreme lengths Intuit had gone to keep its Free File service an unknown to the public. This service is the result of an agreement the top tax prep companies out there reached with the IRS. Essentially, by promising to allow members of the public that earn under a certain amount of money to use their services to file their taxes for free, the IRS in turn has agreed not to pursue its own free to file service. It's an extremely dumb deal for any number of reasons, one of which being how much more efficient it would be for the IRS to carry the weight here, given that it already has all the information most taxpayers need to file.

The other reason, as it turns out, is because Intuit has decided to behave pretty much as cynically as it possibly can. As we detailed in our previous post, the company engaged in a strategy coupling the buying of ads for Google searches and hiding the free to file via the robot.txt file. As a result, something like 3% of eligible taxpayers file for free using the system, while Intuit set up a layer of websites and landing pages all designed to direct the public to paid services, without ever telling them they qualified for free to file tax prep.

As a result of the ProPublica post, many who paid for these services called up Intuit and asked for refunds. If you thought that this public light on shady behavior would lead to an attitude adjustment for Intuit, you're sadly mistaken.

We’ve heard from 16 people who say they were denied refunds and told that the truly free version — Free File — is a government product that’s not run by TurboTax. Ten others reported being told that ProPublica’s stories were inaccurate, or that our coverage is “fake news” or “fictitious.”

None of that is true.

It's quite hard to see how this isn't fraud. Having Intuit reps tell consumers that the free to file program is run by the IRS and not Intuit is a lie. Saying the program is "owned" by the IRS is another lie. Saying that the news organization that is currently airing all of this dirty laundry was so mistaken that a retraction was about to be run is a lie.

Laurie from Washington said she was told by a TurboTax agent that ProPublica was going to run a retraction. (Our stories are accurate, so there’s nothing to retract.) Laurie was charged $130 by TurboTax. Her adjusted gross income was just $376.

An Intuit spokesperson previously said that no material provided to call agents included “derogatory terms about ProPublica.”

Which may be technically true. However, it strains credulity for anyone to suggest that all of these stories are not the result of some centralized communication customer service reps have been instructed to use. It's far more likely that these are talking points given to reps as a way to try to stave off a wave of refunds for services that ought never have been rendered. That becomes all the more likely having seen some of Intuit's internal communications about this whole story (more on that in a separate post).

If true, that would be extremely stupid, considering that Intuit is already in legal hot water over all of this.

In a separate development on Monday, the Los Angeles city attorney sued Intuit and H&R Block under California’s unfair competition law. The two suits, which cite ProPublica’s reporting, demand that the companies pay penalties and restitution for deceiving customers.

“Low-income people without someone to stand up for them have not been able to take advantage of what should be a free service,” City Attorney Mike Feuer said in an interview. “That’s wrong.”

It appears to be an open question just how deep a hole Intuit wants to dig for itself. As we'll see in the separate post, it appears those in charge still have shovels in their hands.

Filed Under: customer service, free file, free tax filings, lies, turbotax
Companies: intuit, propublica

ProPublica's Reporting Error Shows Why The Government Must Declassify Details Of Gina Haspel's Role In CIA Torture

from the please-explain dept

Last week, we wrote a bit about Donald Trump's nominee to head the CIA, Gina Haspel. That post highlighted a bunch of reporting about Haspel's role in running a CIA blacksite in Thailand that was a key spot in the CIA's torture program. Soon after we published it, ProPublica retracted and corrected an earlier piece -- on which much of the reporting about Haspel's connection to torture relied on. Apparently, ProPublica was wrong on the date at which Haspel started at the site, meaning that she took over soon after the most famous torture victim, Abu Zaubaydah, was no longer being tortured. Thus earlier claims that she oversaw his inhumane, brutal, and war crimes-violating torture were incorrect. To some, this error, has been used to toss out all of the concerns and complaints about Haspel, even though reporters now agree that she did oversee the torture of at least one other prisoner at a time when other CIA employees were seeking to transfer out of the site out of disgust for what the CIA was doing.

However, what this incident should do is make it clear that the Senate should not move forward with Haspel's nomination unless the details of her involvement is declassified. As Trevor Timm notes, ProPublica's error was not due to problematic reporting, but was the inevitable result of the CIA hiding important information from the public.

In its report, ProPublica was forced to use a combination of heavily censored CIA and court documents and anonymous sources to piece together what happened over a decade ago in the secret CIA prison Haspel ran. Many of the documents were made public only after years of Freedom of Information Act fights brought by public interest groups, while many other documents on Haspel’s CIA tenure remain classified.

These types of unintentional mistakes would be almost entirely avoidable if journalists did not have to read between the lines of ridiculous government redactions meant to cover up crimes.

The most obvious example of this is the Senate’s 500-page summary of the torture report it released in 2014. How many times is Haspel named in the torture report? We have no idea. The redactions on the report completely obscured the names of all participants in the torture program, including the CIA personnel involved, as well as their partners in crime from authoritarian dictatorships like Libya, Egypt, and Syria.

At the time of the report’s release, advocates proposed that CIA personnel should at least be identified by pseudonyms so that the public could understand how many people were involved and if a particular person was responsible for more than others. That proposal was rejected as well.

Because of that, mistakes like the one ProPublica made are inevitable -- because the CIA (and those involved in declassifying what little was released from the Senate's CIA torture report) made it inevitable. Conveniently, this allows the CIA to discredit journalists who are working to report on these important issues.

So this should give even more weight to the demands of various human rights groups to declassify the details of Haspel's involvement. There can be no legitimate national security interest in continuing to keep this information secret. The program was ended long ago. It's been confirmed that Haspel ran the site and was part of the process to destroy the tapes of what happened. But there are more details that must be revealed.

Indeed, the Daily Beast claims that it has separate confirmation that Haspel actually was "in a position of responsibility" during the Zubadaydah interrogation, though she wasn't present at the site. So it's possible that even ProPublica's "correction" is at least somewhat misleading. Which, again, is all the more reason to reveal to the public what actual authority and responsibility she had over the torture program.

And, as a side note, it's worth remembering that former CIA officer, John Kiriakou, was sent to jail for revealing the existence of the torture program. And now the woman who appears to have had authority over at least some of it (as well as the cover-up) may get to lead the CIA? Shouldn't our Senators at least demand a full public understanding of her role in all of it first?

Filed Under: cia, classification, gina haspel, journalism, torture, torture report, transparency
Companies: propublica

Reporter Matchmaking: New Journalism At Work

from the not-the-old-ways dept

While we still hear some traditional journalists whining and complaining about the dying journalism field, it's really exciting to see those who aren't paying attention to that working hard on reinventing journalism in a way that works. We already wrote about how the Planet Money team at NPR spent their own money to buy a toxic asset to learn more about how it worked, and now Clay Shirky points us to another, similar, experiment from new journalism operation ProPublica. In reporting on the mortgage modification story (which is a big, but vastly underreported story), ProPublica is acting as a matchmaker, connecting struggling homeowners with local reporters in order to have their stories told.

As with the reporters buying the toxic asset, it's about getting past the old "he said/she said" style of reporting, and digging deep by actually getting involved in the story. And, it nicely balances out away from pure "citizen journalism" where the participants do the reporting themselves. Instead, it recognizes that there are times when it's useful to have a professional help tell the participants' story -- but in a situation like this, where there are so many participants, there previously wouldn't have been a really effective way to tell that story. You could possibly do a survey, but those are often misleading, and don't go very deep. But by reaching out and teaming up lots of homeowners going through this process with lots of reporters, you create a potentially really interesting and deep set of news stories about an important topic.

Journalism isn't dying. It's just evolving.

Filed Under: journalism, matchmaking
Companies: propublica