23 comments

[ 3.5 ms ] story [ 53.2 ms ] thread
Wow, what's even the point of such a small fine? Even in their reduced revenue state, X probably does $3 bln/year in revenue? So this fine is 1/10000th of their annual revenue for the company. X seems to have barely even tried to avoid this, leaving "some questions entirely blank" in the questionnaire to explain their approach. Given this fine size, I can see why they didn't bother getting a team of moderation and legal experts to huddle on the documents.
380,000 is a couple FTEs for a year, right? I'm surprised that wouldn't have been enough to hire some moderation and legal experts for however long it would take to fill out a questionnaire.
According to levels.fyi, not even. Median "Senior SWE" salary/compensation, $339K.
Filling in a regulatory questionnaire like this is amateurish at best and speaks to really poor governance and internal controls (not necessarily surprising here?). This this was a bank I’d expect the people involved to swiftly have departed well before this announcement.

This will very likely draw closer scrutiny of their processes and actual enforcement actions (a regulator being annoyed enough to issue a public fine in this, or really any, amount over a sloppy response to a routine sort of data gathering is quite unusual for any industry; people normally at least have the professionalism to put /some/ answers down. )

There's an honest expectation that a chat platform is going to respond to the government at the same level a bank would?

Further, I find the government's approach to managing child abuse to be poor governance and a complete mockery of internal legislation. How is a survey from twitter intended to help them honestly combat this problem and prevent children from being victimized? It really looks like a giant "CYA" exercise by the government, and I find it hard to blame X or Google for not taking it particularly seriously.

Why not? Twitter's market cap/revenue is probably larger than that of many banks and certainly more than many hedge funds, which are regulated out the wazoo. Rest of your questions seem disingenuous, if governments didn't consult tech firms about their policies and metrics on this issue people would be complaining about heavy handed regulation based on ignorant assumptions.
> There's an honest expectation that a chat platform is going to respond to the government at the same level a bank would?

If I was an investor in X, I would be concerned. Isn't the end goal to be an "everything app", not just a "chat platform"? How is X going to become a payment processor (a key element of "everything apps" like WeChat) if even the kinds of questions a chat platform gets are beyond its capability to answer?

Out of compliance banks have actual consequences.

You can do compliance so badly as a bank that in a single day your entire business can be taken away from the owners/shareholders and given to a different bank to operate. Literally overnight.

Twitter regulators can fine Twitter for bad compliance to the tune of approximately a nickel.

To be very cynical, to ensure that only large companies can enter this market. If you're a sole proprietor making a chat app, this fine for filling out a form wrong ruins your life. If you're X, you can ignore it basically consequence free. Thus, only X can be in the market.
Typically this sort of fine is a warning shot meant to encourage compliance rather than to damage. I don’t have time right now to dig in and verify, but there’s a Guardian article that mentions the potential for assessing retroactive daily non-compliance fines going back to March 2023. You’d also expect ongoing fines in that case.

https://www.theguardian.com/technology/2023/oct/16/x-fined-6...

But how much of that revenue is profit, and how much of that profit derives from Australia.

Assuming 3bn in revenue, Australia represents 1% of Twitters users, and they have a profit margin of 5%. That means profit is maybe 1.5m. So that's fining them 25% of the year's profit for failing to fill out a form properly.

(comment deleted)
Anecdata: I have reported CSAM on (what was) Twitter which it judged was not against the rules.
> Google is not using its own technology to detect known child sexual exploitation videos on some of its services – Gmail, Chat, Messages.

That's weird. A short time ago, someone got their entire Google identity removed without recourse because they sent a picture of their sick child's genitalia to their family GP.

I think the base rate of people using GMail/Twitter to exchange child pornography is so low compared to the # of people sending pictures of their kids diaper rash to the grandmother to ask for advice that it's really hard for these automated systems to have a low false positive rate. Then you have to put a human in the loop who is now reading a bunch of your user's personal emails/messages which is a large invasion of privacy. Like two 16 years old sexting now being reviewed by some rep at Google.

Meanwhile I assume most predator rings are using some kind of end to end encrypted platforms like whatsapp.

I think probably the best way to break these rings up is by getting people to infiltrate them.

Yup, and the penalty for an individual subjected to this is horrific (waiting for someone to sue Google or whomever for slander given that harm).

The penalty for a company that fails to penalize "child abuse" is much harder. So the end result google is very aggressive in penalties, and interprets CSAM very broadly.

We also need to recognize that while child abuse and similar is the angle be pushed here, governments and law enforcement do not actually consider sex crimes high priority unless they get press coverage (this is backed up by tens of thousands of untested rape kits in the US and similar countries, and whenever they're forced by a court to test any a small percentage of those they identify rapists and in some cases serial rapists). You get similar with "stop terrorism" claims: police need to demonstrate that they use the information they already receive before making claims that they need more.

Finally, following the UK's IPA laws (to stop "terrorism", etc) it turns out they're mostly used for minor crimes (not picking up dog poop, not paying tv licensing fees, etc)

Before everyone shoots schadenfreude at the Evil Monopoly Man Bigtechs, please remember this is the same government that is trying valiantly to ban/backdoor E2E encryption. It should be implicitly distrusted. A few things they want, per the press release:

- scanning twitter DMs, google chat, gmail, google messages, discord messages, and google meet for "sextortion" with "language analysis"

- automatically watching all video calls for CSEA

- policing the above (through unspecified means) for "grooming"

So before jumping on "muh elon bad" and "muh bigtech needs regulation" think about what exactly they're trying to regulate and how.

(Source is their press release here https://www.esafety.gov.au/newsroom/media-releases/second-se...)

So I can't have a private conversation with my Father who lives in another country via the internet, because the only solution we have to unwanted child porn is legal mandates against secret conversations.

Come on, we're smarter than this.

Why FAANG has not already crushed child porn for geolocations that don't want it, is beyond me... shooting itself in the foot and giving Australia ammunition to join in. Why.

That don't want it? I don't think that qualifier was required.