In response to this tweet quoting Elon Musk on what he has planned for Twitter’s suspension policies. . .

. . .Alex Stamos, a cybersecurity expert and Director of the Stanford Internet Observatory, argued in this multi-tweet thread that Musk might have it wrong and not fully understand what Twitter’s Trust and Safety team actually does.

“Watching Elon try to openly recreate several decades of trust and safety work by tens of thousands of people from first principles is likely to give me a stroke.”

He added, “It’s like watching a baby play with a blender from behind a plexiglass barrier.”

Stamos did admit there are some ways Musk can improve what goes down at Twitter, but he listed 10 facts Musk must face before he does so:

“I think there are lots of ways Elon could improve content moderation at Twitter, but he first has to accept some basic facts: 1) The controversial, US-specific disinformation and incitement decisions he keeps bringing up are < 0.1% of Twitter’s content moderation/T&S actions.”

“2) While there are laws setting baselines on child sexual exploitation, explicit threats/incitement and copyright infringement, the vast majority of the non-controversial 99.9% of Twitter moderation decisions can not and will not be guided by law in the US (1st Amendment).”

“3) “Just following the law” outside of the US is tricky if you have any respect for human rights; some of the worst actors online are authoritarian states that use the dual tools of online propaganda and censorship to control their populace, including Elon’s partner the KSA.”

“4) Twitter and other platforms are mostly saturated in the developed world. If he wants to triple Twitter’s user base, that will require even more dealing with the challenges of autocracies and developing democracies.”

“5) Even if you only follow the law in democracies, he will be facing a real challenges in building a global platform with such a large mismatch between the US and the UK’s Online Safety Bill and EU Digital Services Act and Digital Markets Acts.”

“6) Elon wants to encrypt DMs, which I think is fantastic. That is directly in conflict with the proposed European laws. US-based platforms have to be opinionated on privacy and human-rights issues if they want to protect their users.”

“7) The Twitter T&S team is not a bunch of censorious liberals as he assumes. If he actually spoke to them, he would realize that they are trying to balance a lot of important equities at scale and that each decision involves hard tradeoffs that don’t easily fit in a tweet.”

“8) Unlike engineering challenges where you are fighting against the laws of physics, chemistry and the difficulty of making complex systems reliable, with both infosec and Trust and Safety your adversaries are intelligent actors who are highly motivated to defeat your solutions.”

His conclusion:

“There is no press release when you pass 1 million cars or a party when you amazingly land a rocket on a barge. A good day in security or T&S means you go home happy that you stopped something and come back the next day to find out that your adversary did a complete end-run.”


Definitely food for thought.