August 30, 2019

Where disinformation thrives: The 'unusual' suspects

For brands, ads placed via the ad tech landscape can fall into a vortex of violence and toxicity. Major brands rarely know that their content appears alongside some of the most heinous and egregious content on the open web.

Take these banner ads for Slack (the messaging platform) and Hot Jar (a website analytics company). These ads were on the same web page as content created by the accused Christchurch shooter on Pastebin, a “website where you can store any text online for easy sharing.

Banner ad for Slack shown on Pastebin, alongside Brenton Tarrant content

Banner ad for Hot Jar next to Christchurch shooter manifesto text

After I took to Twitter, both companies responded within hours and publicly said that they had flagged the issue for their respective teams. In the case of Hot Jar, they said that they tracked down the “partner site where this ad placement occurred” and took it down.

But using Twitter as a platform for brand safety is not scalable nor does it deal with the issue of the platforms that disseminate and monetise disinformation and related extremist content.

This story has been playing out for more than two years.

Analysts estimated back in 2017 that Google lost around $750 million dollars in revenue due to long-simmering concerns about brand placement alongside extremist content on YouTube ads. During that year, over 250 brands pulled their advertising from Google’s display ads network and YouTube.

While progress has been made to some extent, content violations continue when it comes to disinformation. This reality partially triggered the formation of the GDI and our focus on how disinformation is a cross-platform phenomenon.

We need to look across the digital landscape at all web-based platforms - not just at the usual suspects like Google, Facebook and Twitter. We need to turn our attention towards payment platforms, ad exchanges, and anonymous upload sites like Pastebin.

Pastebin allows anonymous users to share what otherwise looks like an innocuous link anywhere across the open web. In theory, online anonymity has benefits for an open web. But unfortunately Pastebin is connected with security threats, malware, stolen data and, increasingly, violent extremist propaganda.

Pastebin has been the platform of choice for posting the manifestos and messages of support for the mass shooters in Christchurch, Poway and El Paso. In the wake of these three attacks, we have identified at least 39 copies of the three manifestos on Pastebin. In the case of the Poway shooter, the manifesto was posted to Pastebin hours before carrying out the mass shooting (GDI immediately flagged this to Pastebin, leading to its removal). Within 60 minutes of the first news reports, anonymous users across 8chan, 4chan, Voat, Reddit, and Discord began sharing links to the alleged shooter’s manifesto via a Pastebin URL.

And for each Pastebin URL connected with this and the other shootings, programmatic banner ads can be found on every page.

Ads for Progressive Insurance, Wayfair and Toyota are among the brands that GDI has identified.

Ad shown alongside Brenton Tarrant letter to a Russian supporter

Ad for Wayfair furniture shows up above links to Tarrant's video

Toyota ad shares space with links to Tarrant tributes

Additionally, companies selling VPNs, SEO optimisation software and domain hosting services were identified in ads that link directly to a separate Pastebin page called the Pastebin Deals Store.

Christchurch shooting video links share space with Namecheap hosting ads

The Sisyphean task of reaching out to each company when their ads are found next to such content highlights the inefficiencies in current approaches to brand safety - and more broadly fighting disinformation.

Even if Pastebin tackles the problem, the related disinformation actors and communities will simply move to another platform. This is already happening on GitHub which has been linked to malware, data breaches, and other related problems.

For the GDI, this points to the need for simultaneous cross-platform responses that deal with these threats in real-time and in coordination. It also means brands demanding strong risk-rating criteria for disinformation and extremism to prevent their ads from ever appearing next to such content.

We are working on both fronts - and will continue to share our efforts with this community.

Stay Up to Date

Subscribe to our newsletter to get direct updates on GDI’s latest research, publications, events and more.

Follow Us:TwitterLinkedIn