- Twitter set out new rules for how it polices "hacked materials" on its platform on Thursday.
- The new rules stipulate Twitter won't take down hacked material unless it's shared directly by hackers or users working "in concert" with them.
- Twitter changed its rules after its decision to block users from sharing a contested New York Post story about Joe and Hunter Biden prompted uproar.
- Two cybersecurity experts told Business Insider that Twitter's wording gives hackers plenty of opportunity to find loopholes and exploit the new rules.
- Visit Business Insider's homepage for more stories.
Twitter's new rules on how it polices hacked materials could leave a "yawning gap" for hackers to exploit, a cybersecurity expert told Business Insider.
Twitter announced two changes to its rules on "Hacked Materials" on Thursday, after its decision to block users from sharing a contested New York Post story about Joe and Hunter Biden provoked uproar.
First, it will no longer remove hacked content unless it is directly shared by hackers or people "acting in concert" with them.
Secondly, instead of blocking links to hacked materials, it will add context labels to Tweets.
Professor Alan Woodward, a cybersecurity expert at the University of Surrey, told Business Insider hackers may have plenty of room to exploit the new boundaries.
"The danger seems to be that hacked material could easily be leaked by a third party who could at the very least be sympathetic to the hackers. By reserving the ban to hackers and those acting in 'concert' with the hackers it leaves a yawning gap that is bound to be exploited," he said.
"By having this fudge, Twitter are also giving themselves the ability to use their discretion: It is they who will decide who is acting in concert with the hackers. I think the intention is good but as we all know, the road to hell is paved with good intentions," he added.
Professor Eerke Boiten of De Montfort University agreed that the wording of the policy is too vague, given the reality of how hacked materials spread online.
"Who would be seen to be 'acting in concert with hackers' is an obvious unresolvable debate in these days of conspiracy theories and unsavoury entanglements of politics and media," Boiten said.
A Twitter spokeswoman declined to comment on these concerns when contacted by Business Insider.
"I do wonder if this could be the worst of all worlds"
Woodward said he thought the second part of the policy could be a good idea — but added that it relied on Twitter's own judgment. "I do like the idea of labelling Tweets if they are suspect in any way. At least that allows readers a degree of calibration. However, the same point applies: it is Twitter who decides which Tweets to label," he said.
"Clearly the previous ban on all hacked material, regardless of who shared it, raised some political eyebrows, but I do wonder if this could be the worst of all worlds, not the best of both as I suspect Twitter hopes," Woodward said.
Twitter changed its policy after running into a political minefield over a New York Post article.
The article claimed to have obtained emails from Joe Biden's son Hunter Biden showing he corresponded with Ukrainian officials. Doubts were quickly raised about the Post's sourcing and reporting, and both Twitter and Facebook limited users from sharing the article.
Twitter specifically stopped users from sharing the link to the article, saying it violated the platform's "Hacked Materials Policy." Under the new rules set out on Thursday that would no longer apply, as the New York Post article would not count as having been directly shared by a hacker.
This came after President Trump and Republican lawmakers railed against Twitter and Facebook's decision to curtail the spread of the article, and Senators announced plans to subpoena Twitter CEO Jack Dorsey.
Case points to "bigger issue" with social media firms
Woodward said the skirmish between Twitter and lawmakers highlights a wider problem with social media platforms, in that they aren't publishers, but share some of the same editorial responsibilities.
"This is part of a much bigger issue around social media. They are not simply simplistic bulletin boards anymore, they have some responsibility, but also I don't think they are really publishers in the same way Business Insider is, for example. We have a truly new type of media and it requires some new thinking to address the whole issue, of which this would be a part," he said.
Boiten said Twitter's decision showed it was trying to "reflect the community's sense of natural justice into its regulation," given there were no actual laws or regulations constraining it.
He suggested restrictions on what kind of hacked materials can be shared on the platform might be a better way for Twitter to police it. "In practice, restrictions on the nature of the information itself look clearer and possibly easier to enforce than these restrictions on the way the information is obtained," he said.
Source: Read Full Article