Hi everyone. My name is Carl Miller. I am the research director for the Centre for the Analysis of Social Media at Demos. That means that my day job is trying both to build and then use technology to research the internet in different ways. I have been doing that for about 13 or 14 years now. I suppose most pertinent to the issues being discussed now would be the work that we have been doing for quite a long time trying to pull apart and understand illicit influence operations online and how they affect various aspects of British public life.
I am Sam Armstrong. I am the director of communications at the Henry Jackson Society. I look after our work on China and I also serve as the director of strategy and communications at the Inter-Parliamentary Alliance on China, which I know a couple of members of the Committee are members of as well.
My fundamental answer is yes. There are a number of good powers in the Bill. It does not address every issue that some of our allies have wrestled with, but in so far as there are powers in it, all of them are in my view good and helpful powers, which will greatly aid the security services in their important work keeping us all safe.
I will restrict myself from any broad observations and will keep to the one area that I actually know something about, which is to do with information warfare and influence operations, especially over the internet and social media, and how that might impact things. In so far as that is the case—I am sure we will dig into this more in a second—I do not see the Bill as doing any harm. In fact, strangely, as a centre-left think-tank, we have long been calling for more direct state activity in this area. We have deferred far too much and far too often to the tech giants to try to sort these kinds of problems out for us. My fear, though, is about how the Bill will be enforced and deployed. I do not think that in and of itself, as it stands, it alone will be enough to secure—digitally secure—elections and quite a lot of other important moments, themes and aspects of life against the kinds of online influence that we have seen.
If there is one thing to take away from any of my evidence it is probably this: we have completely misconceived—the Bill slightly, but generally in Government at the moment—the problem as one of disinformation. The problem is not overwhelmingly or primarily one of disinformation. When we pull apart these campaigns, ones that we know or highly suspect of being in one way or another sponsored or driven by, or of having interacted with, a foreign, usually autocratic state, we notice that disinformation is only one of a whole array of different methods that can be used to influence people. You can paint an extremely distorted picture of the world simply by amplifying some truths over others.
If we look at what is happening in Ukraine at the moment, it is as much about “Putin riding bear” memes as it is about explicit disinformation. Much of this interacts at the level of identity, belonging, kinship, friendship, reasons for getting up in the morning and the problems that people see in the world—hugely subtle. Even at the level of lying, it is less to do with the overt falsehood circulating on the internet and much more to do with the harnessing of false identities and false reasons for being involved in debates. I tend to view this as the emergence of a kind of shadowy tradecraft. It is one that can wrap together, yes, some disinformation, but also some black-hat search engine manipulation, the harnessing of outrage, things to do with identity, as I have been saying, and humour and comedy—all that is influential in different ways.
The way we often set up this problem is through a hyper-rationalist idea that there is this thing called disinformation that propagates online, people lacking digital literacy believe it, and that influences their behaviour and attitudes. I will shut up in a second. I rarely interview people, but I have interviewed some of the perpetrators that actually do these operations and they tell me one thing, time and time again. They say, “Carl, we don’t lie about the world to get people to change their minds. We tell people things they already think are true about the world and then guide that in a particular direction.”
The current influence operation in Ukraine is a brilliant example of that. What we are seeing is Russia or pro-invasion-linked influence operations targeting the global south, trying to portray the invasion as essentially being an anti-colonial gesture and tapping into deep-seated anti-western and anti-colonial attitudes within the audiences they are addressing.
Yes. In a sense, the threat is changing less so than our recognition of the change. Increasingly, we are waking up to the threat of the more all-encompassing nature of interference launched or directed by branches of the Chinese Communist party. Unlike traditional Russian or Soviet Union espionage, this is not 100 or 200 individuals in the UK at any time running a network of agents in a very organised way. This is something more full-throated and all-encompassing—they call it the united front—in which people who would not ordinarily be, or who would not see themselves as being, operatives of a foreign intelligence state are being brought into it or are acting in it.
In addition, the nature of the way that we have woken up to this threat means that there are individuals acting on behalf of the Chinese state quite explicitly and openly who are also employed concurrently, and declaredly so, by public authorities in the United Kingdom, most particularly at British universities, where we have Confucius centres. That is one well known example. They are a branch of the Chinese state and they often take money directly from the Chinese state for their operations. People are double-hatting in roles in the academy there and in the university. That means there is the bizarre case of the British Government—not the British Government as in Her Majesty’s Government, but public authorities at their largest—employing Chinese spies. The British state is certainly knowingly employing agents of the Chinese state.
This Bill will do an awful lot to deal with it. There are some offences in the Bill that are drawn extremely broadly and will allow the security services to take a knife to whichever problems they would like.
The Bill does not do certain things that other countries have done. For example, Australia introduced the Foreign Relations Act, which allowed the central Government to terminate relationships that public authorities had entered into with foreign states where they were undermining Australia’s foreign policy position. That is a power that I know Australian officials have been keen to encourage the British Government to replicate.
In terms of assisting foreign intelligence services, which I think is by far and away the most broadly applicable offence in the Bill, and the trade secrets offence, there are broad powers there and the Government deserve commendation for bringing those powers before Parliament, although not before time. The security services have been keenly pushing for them and they will appreciate them in doing their work.
CarlQ Miller, you painted quite a distressing picture of the complexity and volume of the information that is being pushed online by foreign states. If it is not so much about disinformation or misinformation, but about the amplification of uncomfortable truths in a country, which then has a destabilising effect on society, how do we disrupt it?
That is a great question. We can start by cleaning up the grubby world of spam. Often, when talking about online influence operations and disinformation, we descend into this kind of rarefied world of grand geopolitics, but it has as much to do with a very wide array of services and companies. If anyone googles “buy retweets now”, you will be able to see what I am talking about.
There are a tonne of companies that operate in plain sight, selling social media manipulation as “social media services”. You can buy fake followers; you can buy fake engagement. I looked it up on the way here; as of about 10 minutes ago, there was a company selling positive comments in Ukrainian on Instagram—mostly, they claim, by users from Ukraine—for $78 per 1,000. That is on the light net; we are not even talking about the services that are cryptographically secured or anonymised.
There is an array of these kinds of operations. An almost shadowy grey-area marketplace has emerged, which radically lowers the barriers to entry into doing those kinds of activities. That has always been there, but the consensus has emerged among researchers like me that, over the last year or two, the actual number, sophistication and variety of those services has increased quite dramatically. To be honest, if we were to really try to genuinely start increasing the cost and penalties for the actors that do that kind of thing, we would have to target that entire industry as participants in it.
Lastly, in pulling apart some of the operations regarding Ukraine, our hunch is that state-backed activities have likely made use of those exact same services. We will see states maybe rolling out capability outside of state, setting up as private companies, and selling those capabilities back into state.
I have spent 10 years saying the social media companies have not been doing enough on just about every matter of importance that I can possibly think of. They are doing a tremendous amount more now than before, but that has a couple of implications.
First, we have dramatically overfocused on Facebook and Twitter. There are reasons for that, and a lot of them are the fault of researchers like me. We research Facebook because it is big, and Twitter because it is easy to research. If you have a look at the journalistic stories that drive the awareness and debate, they are very often furnished by exposés and revelations about those two platforms.
If I were to point to one part of the internet that I am genuinely afraid about, it would be Wikipedia. If I were an information operation officer, I would have no idea why I was mucking around with Twitter. In Wikipedia, we have an open platform that is protected and serviced by an open community of people who can freely join. If I were a state, I would employ a phalanx of people to contribute completely legitimate edits to Wikipedia and build up their standing in the community, and then they could run for office within Wikipedia and start using the powers they would gain to change what is on Wikipedia and the policies that govern it.
There are lots of other such open-source communities, many of which, including Wikipedia, inform and drive the decisions that the tech giants make. They have not managed to build the kind of internal defensive teams that a Facebook or a Twitter can to try—often in the shadows and in secret; we do not know enough about what happens—to clear that kind of stuff off at scale.
The problem is that it is so broad, in that there are problems even in this building. The security services will tell you privately that—far beyond Christine Lee, who obviously was named—there are agents of the Chinese state here who are known to the security services and in whom they have taken an active interest.
There are huge problems in academia; China has made no secret of its interest in academia. When the Zhenhua database leak happened a couple of years ago—this was a database that China was using to identify potential targets of intelligence activity—it was no surprise that they had targeted think-tanks and academics very carefully.
The third and final area that China is very, very interested in is anything related to technology, and to the areas that it would like to obtain and that it set out in its “Made in China 2025” programme. Those areas are twofold. The first is universities and open research. There are researchers in the UK right now who are, frankly, working with branches of the Chinese navy to come up with devices to track nuclear submarines around the world. That is as dangerous as it comes to our national security, and that work is going on in the open. I am also aware of British companies that are making engines—or casings for engines in this case—that they have admitted are good for nothing other than for engines in tanks. There are grievous concerns about the whole level.
Where do you start first? Well, that is a choice between those that are dangerously undermining our national security and tech, and those that are dangerously undermining our democracy in accessing this building and in terms of the influence and space in which they are influencing our democratic process.
Mr Miller, to come back to information ops, what do we know about scale of state-enacted or state-sponsored information operations specifically?Q
One suggestion that I was going to make today was that we have nothing like a comprehensive picture. This is often extremely sporadic project-based research, and it is usually platform-specific, even though we know that, in all likelihood, that is not how the campaigns work—they will work across tonnes of platforms all at once. We will see only certain kinds of campaigns. We are broadly better at seeing broad-based campaigns addressing quite large slices of a population, but again, if we were to put ourselves in the mind of an influence operator, there would be much more targeted campaigns directed towards—if you will—higher-value targets as well.
What we know about scale is that many more countries than those we talk about are doing it. I understand that in the last Indian election, accounts attributable to every single mainstream political party were taken down by Facebook during that campaign. It has emerged as an almost mainstream campaigning tactic.
Q Sorry, but are you talking about domestic actors—domestic political parties in their engagement in domestic politics—rather than foreign state involvement?
Yes. One of the reasons that I am hesitating is that, for researchers like me, clear and guaranteed attribution—outside the platforms—is unbelievably difficult, and I do not want to overstate. I can tell you that there are dozens upon dozens upon dozens of incidences, scenarios and narratives that we regard—reading the tea leaves of machine-learning patterns as we do—as suspicious. With the open data that is available to me, I cannot definitively link that back to a state. However, Twitter and Facebook, for example, have both disclosed dozens of campaigns that were—at least in part—likely targeting the UK, and linked them back to what they believe to be state actors.
Q When we talk specifically about foreign-interference information operations in countries such as the UK, we tend to focus on elections times, big democratic events, referendums and so on, but is there any reason to believe that something of a moderately comparable scale does not go on the rest of the time?
No, there is not. In fact, I am sure it does, and that is one of the big trends we are seeing. We ran an effort over COP26, and we saw that there were certainly various kinds of organised attempts to manipulate big global thematic conversations about climate action, for instance. Given the barriers of entry into this world, I also do not think that it will be national elections; it might be quite small and local events that see some level of manipulation happening, too.
I will also point out one reality about how these work. One of the difficulties in seeing how the Bill—I am sorry if I have misunderstood this—might apply is its requirement that the actors involved have to be conscious that they are working on behalf of a foreign power.
Quite often, my suspicion is that you would have a state agency with various kinds of links with online actors, and there might be a whole chain, from a PR company to another more specialist digital consultant to a much spammier consultant, and that person might be the person reaching in and actually gathering together various kinds of functionalities, capabilities or services to do overtly illegitimate and malign forms of manipulation online. It might be very difficult; they might never know that a state is at the other end of the trail. With the companies that I mention—the ones selling large amounts of digital manipulation—I cannot believe that they do any kind of “know your customer” activity. I do not think that they have any idea who is employing them.
Q You talked earlier about what we might call the falsehood versus division distinction, and we had a good conversation about this with a previous panel of witnesses. This question is for you both: will you say something about how the use of those techniques varies between states, and what trends we are seeing?
I cannot create a profile for how each state would approach information operations, to be honest. I do think that there is quite a high degree of heterogeneity among the actors involved. You have all kinds of different intelligence agencies, and military-based and political PR comms-based actors. One of the truisms is that it is a bit of a scattergun approach at the moment, where lots of things have been tried and they are attempting to evaluate them, and they do not really know which ones are succeeding and which are not. I am not quite sure if that is true or not.
The actual nitty-gritty of the techniques and technologies involved is probably the shadowiest part of this whole area. If the Bill were to be effective, something we need in parallel to it would be almost a digital influence version of the national risk register, where we have state support to pull apart and lay out where we think the genuine threats are and the genuine bodies of capability and technology that have been built to do this kind of stuff. It is very difficult for researchers in the open to do this by ourselves.
Q Mr Armstrong, with your China speciality, can you say anything about how that country’s approach to information ops has changed or is changing?
Yes. China initially began—there is some really interesting stuff that has only happened in the UK in this space. We had a university that for a very long time rather openly advertised itself as providing services and specialist media training to officers of the Chinese propaganda Ministry, among others—various branches of the Chinese state—right here in London, metres away from the BBC. You also have the Confucius centre picture, which is important.
Where China has actually done very poorly is in its direct Government-to-Government disinformation. Some of the stuff that you saw around “Wolf Warrior” or that the Global Times—its state international newspaper—puts out is very ineffective. What China is incredibly effective at is not really that disinformation or misinformation public communications picture, but identifying individuals of influence within academia, business or wherever, and building up close relations with them. They are invariably people of influence, who in turn use their own networks to say, “Well, look, I’d be careful of all this talk about China. They are the biggest-growing economy on Earth, we really need to trade with them and we shouldn’t do anything to upset them at any point.” In so far as I have seen, that is where the Chinese influence picture has been focused.
I have a couple of questions. My first is for both of you. You have said slightly different things about the Bill, but is there anything that is not in the Bill that you think ought to be there and that would make a difference in the field in which you are doing researchQ ?
Yes, there are two things. The first is the foreign influence transparency register system. I note that there has been a promise that it is to come, but the devil will be in the detail on that because there is a series of policy judgments that have to be made—whether it is expansive, where the teeth bite and so on. It is incredibly important that it is seen quickly.
Secondly, there should be an ability for the Secretary of State, either of the Home Office or the Foreign, Commonwealth and Development Office, to intervene in known problematic institutional relations. There are excellent powers here, such as the individual prevention and investigation measures, but there is very little capacity when that is done more corporately—to go in and say not just to universities but to companies, which would be an expansion of the Australian power, “This arrangement is not in the UK’s interest, and we are ordering you to terminate it.” To say that is a glaring omission is perhaps overstating it, but those are the two powers I would really like to see.
There is nothing I dislike in the Bill. It makes a lot of sense to criminalise conscious influence activities linked to foreign states, but we should not think that it will have an appreciable impact on the kind of illicit influence operations that we know are happening.
Q My second question is about the foreign influence registration scheme, which the Government promised they would introduce during the passage of the Bill through the Commons. However, we do not quite have a Minister at the moment, apart from Mr Mann, who probably has not been deeply involved in the policy decision making thus far. I may be doing him wrong, but as a former Minister I know that it takes a bit of time to get up to scratch in a new brief.
Mr Armstrong, you obviously think the foreign influence registration scheme would help a very great deal. Mr Miller, would it make any difference to some of the issues that you have been discussing if it were clearer that some of the actors that work in social media that you have been talking about had to register?
No, it will not. Identity is being hijacked and used at a very great scale, so we do not know who these actors are. To be honest with you, the way to start to reduce this activity is to try to create some cost and penalties for the people who do it. They are not doing it from the UK. The nature of the internet is that crime on the internet, like anything, passes unbelievably easily across borders, almost without being noticed. The way forward will be for us to create ways of reaching beyond our own borders and increase the costs. This might sound strange for a think-tanker to say, but we need to increase cyber-offensive activity against the criminal architectures that allow this kind of work to happen.
It is difficult, because the web of powers that the intelligence agencies have to use cyber-offensive activity—various kinds of online action, such as device interference—is spread out across a number of different pieces of legislation.
One of the difficulties is that online influence operations are so widespread and common that most of them would probably not pass the thresholds for the intelligence agencies to become interested and engaged in them. That is one of the difficulties that we have with cyber-crime in general. A tremendous amount of it happens, but so much of the capability to do something about it is concentrated within GCHQ, and not in the police services that have to handle most of it. Sorry, that was a slightly amorphous and broad answer.
Q That is fine. Finally, Mr Armstrong, is there a foreign influence registration scheme out there that you think would be particularly helpful to import into this legislation? What is the best example?
The Australian scheme is by far and away the best example—in my view, the US FARA system is not a good comparator—and it is a shame that we have not taken the opportunity to bring it in sooner. The Australian high commissioner in London was George Brandis, who was the Attorney General who wrote that very Bill, and I know he was keen wherever possible to impress on the Government that he was there and ready to help. I am sure that offer has not dissipated.
I have two questions, if there is time. First, Mr Miller, you mentioned people who are employed online and you said that you do not think those people have any idea who is employing them. Clauses 13 and 24 state thatQ
“a person commits an offence if…the person engages in conduct intending that the conduct, or a course of conduct” and
“the foreign power condition is met…if… the person knows, or ought reasonably to know, that” it is a foreign power. Do you think that should be widened to include an element of recklessness or recklessness?
I think doing anything that might compel any of the services involved to do any kind of due diligence on the people who are employing them can only be a good thing, although the general point I am making is that I don’t think criminalising activity within domestic legislation has been a particularly effective way of changing what people do on the internet, especially when those people are largely concentrated in jurisdictions that do not have any co-operative relationship with British law enforcement.
I remember I spent time with a number of cyber-crime teams across the UK and, in the words of one cyber-crime police officer, “If you are in Russia, the cost or penalty of doing cyber-crimes against British citizens is basically nil.” This is not going to be an effective way of reaching beyond our borders and addressing where we believe a large number of actors doing this kind of thing are; they are not doing this from the UK.
Q On that point and the concerns you mentioned earlier about enforcement and deployment, and that the Bill is not enough alone, what would you propose? Will you expand on that point?
Partly it is to do with changing our national knowledge of where these threats are and who is doing them, so the integration of intelligence. Then, as I said, there should be a national risk register and possibly the creation of powers for parts of the intelligence establishment to undertake direct activity against some of the technical architectures that allow this to happen.
Sorry to delve into the technicalities for a second, but for instance residential proxy IP addresses are a very important way in which this stuff happens. Residential proxy IPs are toasters and fridges and stuff. Basically, they each have an IP address and many of them are hijacked. They are the kind of things you that you use if you want to fool a social media platform into thinking that you are 10,000 people from around the planet when you are not—you are one operator sitting in a particular country. These are criminal architectures that have been amassed and rented out and sold to people, and I am sure they are rented out by some of the actors who seek to do influence operations. These are the kinds of things that we need to target. Putting pressure on that kind of asset is the kind of thing that will probably not get rid of them, but will meaningfully increase the costs of this kind of activity.
Yes, I think so. Imposing a duty on the social media companies is one of the only immediate tools and levers we can pull. I take Carl’s point; I do not think it is going to be sufficient to deal with the hordes of people overseas who are, frankly, conducting quasi-military-type activities against the UK through cyber means here, because criminal law is not the tool for that. Should they exist and are they necessary? Yes. Are they sufficient? Probably not.
It is just massively insufficient. The reason why is that the platforms, however rich, clever or large they are, cannot reach beyond the platforms themselves. That is the problem. The way we have tried to respond to this problem so far is to have Facebook take down accounts, but take-down is a very weak response. That is essentially being priced in to those kinds of activities. They have developed methodologies for setting up or acquiring new accounts as they go. In principle, I am not hostile to platform regulation across a range of online threats, but for those problems where we are dealing with a set number of actors who have specific capabilities and tap into a specific and constantly evolving tradecraft, I do not think it is going to be the tool to make much difference.
We have covered a lot of the ground that I wanted to talk about. Several times in your answers, Karl, you have alluded to the fact that whatever we do the pitch is so complex that we cannot deter. What is it in the Bill, which you said you have no problems with, that you like about detecting and prosecuting—if deterrence is not contained in the Bill?Q
The main thing I would say that the state can step in to help with is around attribution. That is something that we cannot do without state powers. It is something that, at the moment, only the tech giants do, and that is only linked to take-down. If we were to have any prospect of either taking direct cyber-action, or actually bringing criminal prosecution, it would be something that we need. One big thing here is around data access—I am sure you have had other panellists talk to you about that before. To foreground that, I have come here as a researcher whose job it is to do that kind of research, and one of my main things is that we know so little. We know nothing about TikTok—it makes none of its data available. Facebook makes some of its data available, and that is why we have some picture of it. Twitter makes a lot of its data available, and that is why we have a bigger picture.
TikTok is enormous, likely very influential, anecdotally there is tonnes of Ukraine-invasion activity happening on it now, and it has absolutely no application programming interface available for researchers in any way, whatsoever. By the way, there are also rumours that Facebook is withdrawing some of the data access that it currently gives researchers. I am sorry; I know this is ranging far beyond the scope of the Bill. However, to put this on your radars, I think that legislators may have to step in sooner or later to compel platforms to maintain data availability. Otherwise, even the very small window we currently get is going to continually shrink.
Yes, I would say that we should actually open this up. One of the best things about the Ukrainian war—there is not much to take solace in—is that defence intelligence has been publishing daily information that has been countering many of those problems. That is a really good thing; we have seen it work and it is wonderful.
We saw a foreign intelligence asset, Christine Lee, regularly making use of this place and having worrying relations with Members of this House. That continued right up until MI5 published a foreign interference alert about her. She is not alone; a number of countries have foreign intelligence and influence assets operating in and around here. There are a number more from the country that sent Christine Lee.
It has been a few months now. If you want to deal with this problem, the fastest way is some sunlight and disinfectant. Let us see a routine publication of those individuals that lengthy, hugely expensive but necessary investigations launched by MI5 have established—beyond MI5’s doubt, at least—are engaged in foreign interference.