Today is Commonwealth Day, an important day in the calendar, and we celebrate the relationship between Commonwealth countries across the world. This year’s theme is “Unlocking opportunities together for a prosperous Commonwealth” and the Committee challenges the FCDO on what its high commissions overseas are doing to meet that challenge. We in fact have lost a couple of members of the Committee to a service that is taking place in Westminster Abbey today, but I think that it is good that they are there—some of us are there and some of us are here. Today the Committee has our final session on disinformation diplomacy. Thank you to our three witnesses. Would you like to introduce yourselves, by name and job title, for the record? I will start with Ali Law, if you don’t mind.

Thank you very much, Chair. It’s really good to be here. I am Ali Law, director of public policy and Government affairs for northern Europe at TikTok. Dr Fernández: I am Wifredo Fernández and serve as head of Americas for the global Government affairs team at X.

Thank you for the opportunity to appear before the Committee. My name is David Agranovich and I lead Meta’s global threat disruption team.

We have a lot of questions and we need to put them to all three companies in order to be fair. If the answers could be as concise as possible, to make sure that we cover everything, that would be appreciated. If you agree with what another witness says, don’t feel obliged to repeat what they have said; just say that you agree with them. That would be really helpful. It will help us to use our time as efficiently as possible, so that we get through as many issues as we can, if that’s all right. What we would like to do is talk about this in two tranches. The first is about inauthentic, co-ordinated behaviour—so, not about the substance of what is in any posts, but about how it is promoted, whether it is being promoted fairly across your platforms and whether you are being manipulated. We are interested in knowing about that and then moving on to the obligations that there may be in terms of ensuring that truth is promoted and of the Online Safety Act. If we could begin with inauthentic, co-ordinated behaviour, that would be helpful, and the question is this. How does your definition align with or differ from that used by the British Government or the EU, or other platforms? How would you define inauthentic, co-ordinated behaviour? I will begin with Mr Law.

Thank you again, Chair, for the opportunity to contribute to this vitally important evidence session. I think it is right to say, when you talk about covert influence, that we are seeing a continued and substantial set of actions by hostile actors trying to influence democratic elections. The attempts are often co-ordinated at scale, with significant resources and across various networks. As a result, in order to tackle them, we think that they require solutions that span our businesses and industries, other businesses not present here, regulators, civil society and Governments as well. From a TikTok perspective, I think you are right to set out the kind of spectrum of where this problem sits, and when we are speaking specifically about a covert influence operation, that is what I would call the end of a spectrum, after a significant number of other checks and balances are applied to pieces of content or behaviour on our platform. The specific definition that we use is that it is co-ordinated behaviour that aims to mislead our users or systems, with an objective to impact public discussion. But it is important to note that, as I say, that is the end of a spectrum. The community guidelines that we apply on mis and disinformation and on hateful and harmful content and the automated processes that we have in place for spam, fake engagement and deceptive impersonation or accounts all ladder up, so that while we dedicate a significant amount of resource specifically to those covert influence operations—as you say, that may be a series of posts that are non-violative in and of themselves and represent a set of activities that are not covered in the other areas that I have described—it really is a whole-spectrum approach to clamping down on the ultimate harm that we are discussing.

That is a very interesting answer, but I would like to drill down on the promotion, the inauthentic co-ordinated behaviour. Leaving aside the content, I want to understand—from TikTok’s perspective—how and what you identify as inauthentic co-ordinated behaviour?

To qualify, it needs to tick three specific aspects. We need to see accounts that are working together to spread specific narratives, operated collectively or by the same person, so co-ordination is the first aspect. Secondly, we need to see them trying to mislead systems or users, whether that is fake personas, or obfuscation of their location or their objectives. Finally, we need to see them attempting to manipulate or corrupt public debate, so as to influence elections or opinions on a global conflict. On the techniques, some I will not be able to go into in a public setting, but we use a range of data and information, including whether people are controlling particular things from the same device, some proprietary data that we use and other signals for types of behaviour—IP address elements, that kind of thing. Those three aspects are needed, however, to be listed as covert influence operations under our community guidelines. We then publish, on a transparent and month-by-month basis, every network that we identify and disrupt under that policy. Within that publication, we identify: where it originated from, so the physical location that we disrupted; where it was targeting and, if appropriate, with what particular narrative or information; the number of accounts that were involved; and the number of followers that were involved. We also do a load of work on recidivism, or the idea of a network being disrupted and then trying to return and attempt the same approach again, under a slightly different guise—we will report that, too. We publish that month by month, with all that information for each of the aspects that we disrupt. That reflects the output of our covert influence operations team.

Before I move to the others, let me ask one last question. Can you give us an example from last month of inauthentic co-ordinated behaviour targeting Britain or, if you cannot think of one, any other country?

Rather than from last month, we have observed two that have very specifically targeted the UK. The last one was in early 2024. The network that we disrupted originated in Iran. It was a relatively small number of accounts, and actually it was quite typical of some of the things we see, inasmuch as some of those accounts were created several months prior and looked like they were posting relatively benign content, but we observed co-ordinated behaviour in early 2024 and disrupted that. We subsequently saw a level of recidivism in April and July 2024. That is not to say that the UK is not the wider subject of broader geographical attempts from networks to disrupt, but that would be an example of one that was specifically targeted to the UK.

Okay. Dr Fernández, may I ask you the same questions?

Absolutely. Thank you, Chair Thornberry and the members of the Committee, and hello also to Chair Onwurah. Good to see you. At X, our mission is to serve the public conversation, balancing freedom of expression with the need to enforce against manipulation of that conversation. We define co-ordinated inauthentic behaviour as the operation of multiple accounts to artificially influence or disrupt conversations. That could mean infiltrating trends, hashtags or engagement through identical content, or what we call copypasta, the operation of bot networks or any sort of deceptive amplification. We combat that through our policies, which are rooted in authenticity, to address multiple dimensions of authenticity. First is the authenticity of the content, so we prohibit misleading or manipulated media that could cause public confusion or harm; inauthentic accounts, so banning fake personas and addressing issues of impersonation, which we see a lot of around election time; unauthorised automation, so recently we shipped new updates to our API developer policy to restrict developers’ ability to programme automated replies unless their account is specifically mentioned; and co-ordination, restricting that artificial engagement. That is how we define it.

Do you have an example of one?

For major elections, we typically see different campaigns, commonly from China or Russia—we certainly saw that in the 2024 election here in the United States. There are different campaigns throughout, depending on the moment.

Do you think there has been an example of inauthentic co-ordinated behaviour on X in the UK recently? Dr Fernández: Our teams investigated this issue as recently as the last election in 2024, and we did not see any evidence of that on X.

Mr Agranovich, would you mind also answering that question, please?

Absolutely—thank you again for the opportunity to participate in this really important discussion. I have been with Meta now for a little over seven years, so I am happy to be able to talk to the CIB policy. I was part of writing the industry’s first, I think, co-ordinated inauthentic behaviour policy seven years ago. Our definition of co-ordinated inauthentic behaviour looks somewhat similar from our partners’ across the industry. We essentially look for co-ordinated networks using false identities and adversarial behaviour to conceal their activities and mislead our users. That has roughly three core tests. The first test is, is it a network? Are there multiple accounts or other assets—pages, groups and the like—on our services that are working together to do something? What are they doing? The second test is misleading our users—generally about who they are, who is behind the operation and where they might be located. The third test is, how are they doing that? They are using false identities. That could be fake accounts or personas, or it could be, for example, misleading people about where they are located or who is behind the activity. How do we enforce on those operations? Since the beginning, when we have found CIB networks, we have conducted a deep-dive investigation to try to identify the entirety of the operational network, the idea being that these are among the most severe violations of our policies. We do not want them on our services, and we want to make as big of an impact on the bad guys behind the network as possible. Once we have identified the network, we will take down that network and put in place steps, both automated and scaled tools, as well as continuing investigations, to keep that network off our services. Then, we will share information, both publicly and with industry partners, to enable further enforcement on the network and to help people who use our services or the general public know what that network was doing. Our underlying thesis here is that the people behind covert influence operations want to stay covert, so if we can essentially blow their cover by shining some sunlight on their operations, that could potentially raise the costs of their operations against them.

Would you like to use this opportunity to give us an example of one of these attempted manipulations that has been targeted on Britain through Meta?

In addition to the Iran example that my colleague from TikTok mentioned, which our teams also identified and enforced against in 2024, another operation that I imagine many of you are familiar with is known publicly as Doppelgänger, which is an operation from Russia. Our teams first discovered Doppelgänger several years ago, and we assessed it to be one of Russia’s most prolific and ongoing operations targeting the UK as well as a number of countries in Europe and the United States. Doppelgänger uses websites that conceal themselves as legitimate media outlets, as well as more than 300 other social media platforms, including our services. It attempts to undermine support for countries that are supporting Ukraine in its ongoing war with Russia and to support countries that are against Ukraine in the war with Russia. Since we first identified that network, we have taken down hundreds of different assets across our services and blocked thousands of websites it has created. We have also shared more than 6,000 web domains, X accounts and other cross-social media indicators publicly through our GitHub repository where we see those networks operating on other services.

Thank you for casting some light on what Meta does to detect inauthentic co-ordinated behaviour. Is it possible for you, Dr Fernández, to tell us what X does to identify this?

We have a mix of human and automated interventions here. This is behaviour, so we focus on the behaviour of accounts. We look at a host of both account signals and technical signals to detect it and enforce it at scale, which largely results in the suspension of these networks, and then we have measures to enforce against evasions of those bans. That is pretty straightforward, and I think it rhymes with the other platforms’ approach. Again, I can’t get into too much technical detail without disclosing sensitive details that might give bad actors playbooks to evade these interventions.

There has been quite a lot of publicity about the 1,300 Scottish nationalists who were based in Iran expressing themselves on Twitter, whose network closed down when the internet in Iran was closed down in the summer and then in early January. I wondered whether those 1,300 accounts that had 224 million views on Twitter had finally been closed down. Dr Fernández: We have actioned a number of accounts. I do not have the specific number in front of me, but I do know we have actioned a number of accounts that correlate to that public reporting.

How did you find them? Was it through the media or did you find it yourself?

It was a mix of both team detection and reporting that assisted that.

Is there anything further that you would want to say? I think you did explain on behalf of your company what it was that TikTok does to try to identify these malign actors. Perhaps I will move on to Alex.

Some of you have covered the actions you take after identifying, but it might be helpful to go through those. What range of enforcement actions can you take, whether that is content removal, account lockdowns, and so on? Do you preserve evidence of those actions for external scrutiny and for law enforcement and the like to look at it? We will start with Mr Agranovich, please.

Thank you for your questions. First, on the actions that we take for enforcement, if it is okay with you, I will break that into what we do about clandestine influence operations and CIB, and what we do about overt influence—for example, state-controlled media entities. On the covert side, we take a pretty aggressive approach. When we find these operations, and once we have built out the networks and understand what to enforce against, we remove everything that is part of that network. We also take steps to try and identify the people and organisations behind those clandestine influence operations. When we can do that—if, for example, they have real accounts on our services—we will ban those individuals from using our services. If we can identify organisations—for example, Russia’s Internet Research Agency—that are primarily organised to conduct CIB, we will also ban those organisations and anything they might have on our services from our services. In addition to those initial enforcements, we have a number of automated scaled detection systems that we train on the takedowns that we do. Those systems are designed to continuously run and keep them off our services, should they try and come back, which we know they generally try to. We also share, as appropriate, information with law enforcement and Government, in part because we know that getting their accounts taken down is not always the biggest personal cost, but getting indicted, sanctioned, or having other real-world consequences can be significantly more effective. Then we will share with industry partners so that they can conduct their own investigations and, should they find violations, also take down those networks. We want the people behind clandestine IO to know that using Facebook not only carries a cost for their assets on our services, but may also carry a cost for the entirety of their operation. On the overt IO side, we are a bit more careful, in part because of guidance we received from media freedom and access experts as we developed our state media programmes. On state media, we label state-controlled media from a number of countries, in particular Russia, Iran and China, so people know that on our services they are seeing content from a state-controlled entity. We also, particularly on Russia, take additional steps so that Russian state media cannot, for example, advertise on our services or otherwise gain paid amplification. In addition to that, when people try to visit, for example, Russian state media entities’ links on our websites, they also get an interstitial warning them that they are going to a Russian state-controlled—under the editorial control of the Russian state—media outlet. What do we do to preserve information? On our covert IO enforcements, we do preserve information in the event of a law enforcement inquiry, including in cases where we have shared proactively with law enforcement. We also report publicly, as my colleague from TikTok mentioned, on a regular basis. We now do semi-annual reports on the CIB networks that we have taken down. When we do that, we talk about the assets they used, their tactics, and what they talked about, as well as including what we call indicators of compromise, which are threat indicators on other service platforms that people can use to draw a more comprehensive picture of what those operations may have been doing.

What is the timescale between you identifying inauthentic behaviour and taking action on it? Does that change in situations of high importance, such as in an election or in crises like the war in Iran?

The timescale varies, but we always endeavour to move as quickly as possible—the caveat being that we have to ensure that we have identified the network and conducted our investigation. We are often talking in the order of days to weeks at most here—oftentimes much less: hours to days—to identify and enforce. During crisis situations, one thing that we have seen over the past few years is that influence operations rarely spin up really fast when a crisis starts. Often, what we will see is existing networks, which may have been dormant, pivot to the ongoing crisis. To give a great example, as you can imagine, we are very focused on what is happening around the crisis in Iran right now, but given that we are just in the first week, we have not seen substantial new activity from influence networks there. We have teams that are dedicated to tracking Iranian-origin CIB networks, so I imagine that when or if we see those, in addition to enforcing, we will be able to disclose that.

The Committee has seen lots of examples of this. Particularly in Romania and Moldova, we have seen accounts that were created and lay dormant, but suddenly overnight—because there is an election or a particular issue—they suddenly sprung into life. When we heard about that, it really worried us that it could happen in the UK.

You are calling out a great example. The example I was going to give was that in the early days of Russia’s invasion of Ukraine, four years ago, the pattern we saw there was almost exactly as you described: dormant accounts, often in countries like Romania and Moldova, that did not have a lot of activity. But when the war began, within about a week they had pivoted to targeting issues around Russia’s invasion. When we identified those networks, we took them down immediately. We also continue monitoring for when they try to build new capabilities. Around crises we surge resources and capacity towards looking for activity targeting the crisis.

Dr Fernández, same question: what actions do you take when you have identified the behaviour? What information do you preserve for law enforcement and others?

Following the Chair’s direction to rhyme with what my colleague has said, we have similar measures in terms of takedown and collaboration with law enforcement. To the extent that the Committee or any organ within the UK Government has signals or intelligence that they want to share about activity of concern that is potentially co-ordinated inauthentic behaviour, we welcome that partnership.

I am sorry to cut through, but we had a certain amount of difficulty finding someone to represent X at this hearing. We had some difficulty finding out who might be the representative in the UK. I think there is somebody who is on maternity leave, but we are not aware of anyone else. There seems to be somebody else who really does sound like a bot—we do not think that it is a person. Obviously, we are very grateful to you for coming along to answer questions, but if we did know of the X platform being manipulated, who would we report it to in the UK?

You can certainly route that to me. We also have an alias that goes to our team, which I believe your Committee should have. There are certainly several of us here—

An alias? Is that the bot?

No, not a bot. It’s an email.

There is some kind of thing that really does sound like a robot talking to us—it does not make any sense. We tried the robot, and we tried the person on maternity leave, but we have genuinely not been able to find anyone else—and we have tried. I believe that Dame Chi also tried to find someone too.

Yes. It took us some time as well.

Did you find a representative of X in Britian? No, I don’t think you did.

Not one who was willing to speak to us.

I am certainly willing, and I have been in touch with your staff, Chair. Our commitment is to be responsive to your intelligence sharing, information requests and all that. I am not sure which bot you are referring to. We do not have—

We will certainly share the information with you. Your title is “head of Americas”, but perhaps it should be “head of Americas and the UK” so that we have someone we can talk to.

The title is ceremonial, and I do work across jurisdictions. We are a lean global team that will plug in where we can. By all means, you can certainly rest on me.

I have the same question about reaction time. With the war going on in Iran at the moment, there have been lots of reports about misinformation being shared on X. There is an FT article talking about lots of fake satellite information, AI-generated videos showing attacks that have not happened and the like. What action are you taking with regard to that activity, and has your speed changed at all because we are in a war situation?

Unfortunately, it is a posture that we are well accustomed to. In response to the Iran conflict, we remain vigilant and steadfast, and have taken proactive action on thousands of accounts. We stood up our incident response protocol, and have been conducting manual sweeps as well as automated interventions, as soon as three hours after the initial strikes occurred. Those sweeps have been running 24/7 since the crisis response protocol was initiated. That is supplemented by working group meetings that bring together experts across our company. We are scaling that enforcement, based on certain heuristics of the conversation, and other defences that can detect and enforce against new forms of violative content. In this conflict, and in different types of scenarios recently, you have seen the power and effectiveness of community notes. They have been shown on more than 20,000 posts and seen more than 120 million times so far because of the media matching we have. With community notes, combined with our enforcement against synthetic and manipulated media, spam and platform manipulation, we have several different interventions that help aid in enforcing against manipulation of the platform.

I have reported a few accounts myself, as an X user. Often, I get a report two or three days later that my community note has been accepted, and of course millions of people may have seen the misinformation in that time. Indeed, it stays up, even with the community note on; the posts do not seem to be taken down. Do you think that that is more effective than what you had before community notes, where these things would be more proactively taken down?

We are always looking to increase the speed of notes. We introduced lightning notes, which tries to get community notes up faster. We are endeavouring to scale the network of contributors. We have about 1.25 million contributors globally, with more than 76,000 in the UK alone. As we onboard more contributors, that will help with the speed. When a user requests a note, which any user may do, we have now started to experiment with what we call collaborative notes. AI will draft a note, and the user who requests it can offer suggestions for the note or edit it, and then it goes to the network of contributors to rate. Sometimes, it does take time, and for others it can happen quite quickly—in a matter of minutes or hours. We are endeavouring to make it faster every single day, so the team is super focused on that.

I will try to keep this brief. Co-ordinated behaviour like this is a breach of our terms of service. The action we take is to remove all accounts and all content that is posted. Once we remove a network, we catalogue its behaviour, and that enables us to take quicker and more forceful action if we get any signals of it re-emerging, and we can take a compressed process towards that. That is the aspect I mentioned earlier in terms of recidivism. We also ensure that we preserve information. As I say, we publish things on a monthly basis. All the information relating to networks that we have disrupted is made available to the public on a month-by-month basis. Where appropriate, and indeed in the case of the UK example that I gave, we will brief Governments ahead of the publication of our findings. You asked about time. I echo a lot of what my colleague from Meta said. It is worth saying that these are complex and sophisticated networks, so the aim is to ensure that when you move, you move against all of the network. It is a bit like one of those dawn police raids, where you have to have sufficient evidence to be able to go all at the same time, so that you are taking the totality of the problem all at once. Also, as we mentioned, lots of these accounts may be set up, and either lie dormant or post benign content until being activated, so the time from start to finish varies case by case. As these cases involve breaches of our terms of service and our guidelines, we try to move as swiftly as possible. We also, though, do have to be sure, and that is an important point. Getting sufficient evidence to meet the threshold is absolutely paramount; given that the content itself may not be violative, the risk that you are taking is potentially to shut down democratic discourse course at a time when views were being exchanged. A high level of certainty is necessary, but certainly something that we move very, very swiftly towards.

I return to the point that the Chair made at the start about the breadth of what we are talking about here. The comments that I just made were specific to covert influence operations, and all of the content that is being posted still goes through our content moderation process. We have community guidelines that prohibit mis and disinformation, regardless of intent. If mid and disinformation is being spread and it has the potential to significantly harm society or individuals, aside from whether or not it is co-ordinated behaviour, then our usual content moderation process is designed to pick that up and act upon it. What does that mean? It means that automated moderation runs on every video that is uploaded to TikTok. It applies AI models and other tools to scan for potentially violative content. Some of that is more straightforward, such as nudity. Pornography is prohibited on our platform, and AI models are very good at being able to identify that and block it from upload. However, when it comes to mis and disinformation, we maintain a centralised database of conspiracy theories that have been deemed to reach the threshold of mis and disinformation, and we can block on that basis. If we are unsure, either ourselves or because of reports passed to us, we can pass it to the independent fact checkers that we work with. They will assess it and either verify it, label it “unverified” or tell us that they cannot be sure. We then have a range of options that we can take from our moderation perspective on that basis, which includes taking down that information or restricting it from the “For You” feed, which is the way in which most people use TikTok. The stats that we have on that are improving all the time. From a misinformation perspective, we remove 99% on a proactive basis—by that I mean, it has not been reported to us, but we have detected it ourselves. We remove 90% of it with zero views and 95% within two hours. None of that is to say that we have achieved what we set out to, and it is a race that is never run, but the content moderation process is designed to tackle mis and disinformation at source, before you ever get to an assessment of whether that was co-ordinated behaviour or not. The co-ordinated behaviour bit that ends at this spectrum comes after we have determined that it does not breach our community guidelines or indeed that it does not breach other elements of inauthenticity such as spamming or fake engagement which are run in parallel. It is a multilayered approach that is designed

That sounds great, but it does not coincide with our experience. I will not go into Romania, but let me talk about Moldova. According to the World Service, there was a Russian-backed interference exercise: they bought votes, there were cyber-attacks and fake bomb attacks, and there was disinformation. In the Moldovan 2025 elections, so just last year, disinformation activity on TikTok had 23 million views and 860,000 likes. This just sprang up at the time of an election. You are telling us that you take it all down without anybody seeing anything, but the World Service says there were 23 million views of disinformation promoted by Russia to try to influence the Moldovan elections. Our concern as the Foreign Affairs Committee is that if they can do it in Moldova, they can do it in the UK.

I very much appreciate the concern. We have the same concern because, fundamentally, at the heart of the TikTok experience is people getting an authentic experience with genuine views and exchanges. I am happy to talk about Romania as well. The sophistication of the actors that we are talking about means that we will continue to see all the platforms that are giving evidence today, and a series of others, as continued vectors for attempts from hostile actors.

Absolutely. There are three of you here, and you are only representative of a much wider problem. I appreciate that, and we are grateful to you for coming.

Thank you. But in those instances, and indeed in Romania, we still observed and disrupted the networks that we were referring to.

Only after the election was called off.

In Romania we disrupted from September 2024 onwards and reported in November and December 2024. TikTok launched in 2017, and we have been through about 250 elections worldwide. Whenever we go into an election, we put a series of steps in place to ensure that we are trying to enforce against our community guidelines on mis and disinformation—and, by the way, hateful content. We are not only undertaking what I have set out from a covert influence operation perspective, but ensuring that whenever any content is posted in relation to an election, links to authoritative sets of information are clearly displayed at the bottom. Commonly in the UK we will do an election hub. We work with the Electoral Commission, which provides information about how and where to vote and the ability to sign up for voting, as well as further information about media literacy tips and how to spot potential hoaxes or misinformation. None of that is to absolve our responsibility to stop it at source, and that is why we continue to invest in the way we do. I agree with you that it remains a substantial threat, but it is one that we are putting at the very top of our priority list, from both a community guidelines perspective and a covert influence operations perspective.

Thank you for your description of the processes. I feel like we have been heavy on process so far, and a little light on data. It is useful to hear proportions such as 90% is removed with zero views and 95% is removed within two hours, but could we go beyond thinking about proportions to thinking about the raw data? Perhaps we could start with Meta, and Mr Agranovich. How many inauthentic networks have you removed from your platform?

We have taken down more than 250 co-ordinated inauthentic behaviour networks from more than 70 different countries. They operated in more than 40 different languages. Roughly half of those were foreign influence operations, so they originated in one country and targeted another. The other half were domestic or a mix of domestic and foreign, so they were targeting audiences in the country that they were based in.

Thank you. In a minute, I will ask a bit more about where. Dr Fernández, what about X?

I don’t have a specific number of networks that we have taken down, but to give you a sense of the scale of actions against platform manipulation spam, in 2024 alone we suspended over 800 million accounts under those policies, which encapsulate these co-ordinated inauthentic networks. We are finalising our 2025 data and will be publishing that shortly. However, just in the latter part of last year, we took down several hundred million accounts for spam and platform manipulation. The scale is massive and it is an ongoing challenge for our engineering and product teams. It is the top priority for us to continue battling it.

Mr Law, do you have raw data?

Yes; I have just totted it up and it is 38 in the last six months. We have further month-by-month data available that I have not aggregated, but I am happy to do that subsequently. Like other colleagues, I would say that that is a range of networks that originate from outside the audience they were targeting and that originate on a domestic basis as well. Within our transparency report we indicate whether it was a purely internal exercise or we took external reporting and signals as the beginning of our process.

Could you suggest where those 38 networks may have been based geographically?

Before I do that, it is important to state that when we give the origin of a network, that is purely location information—we are not making a judgment, deliberation or determination on who the specific actor may have been. Nevertheless, we primarily see Russia, more than any other, as the location that other networks will be influenced from. I mentioned Iran earlier, but it is of a lower order of magnitude than the Russians.

What themes or narratives were suffused in the Russian posts?

Like my colleague from Meta, we have observed influence on, or attempts to influence, discussions around the war with Ukraine, and attempts to influence elections in other European and world countries. Sometimes the networks are purely pro the country that they originate from, and other times they are seeking to impact democratic processes in target countries.

Is there nothing from China?

We have seen China as well. For example, we have seen and disrupted Chinese originated networks towards Taiwan.

Could you expand on what you saw originating from the PRC in relation to Taiwan?

I do not have the specific example in front of me, but I am happy to go away and point towards it. As I say, we publish all this information on a transparent basis.

Mr Agranovich, I have the same question for you on the geographic origins of those inauthentic networks.

Similarly to my colleague from TikTok, Russia is the most prolific source of inauthentic behaviour operations that we have seen over the last seven to eight years. Roughly, more than 40 of the operations that I mentioned originated in Russia. The next most prolific is Iran—more than 30 of those operations originated in Iran—and the third most prolific for us are operations from China. To your question about the narratives that they spread, in the early days—more than four years ago, when the war in Ukraine intensified—Russian operations generally targeted a whole host of different issues, and often both sides of those issues. Our assessments, to cite one of the Russian operations, was that their goal was to undermine confidence in public debate and the information ecosystem, and less so that they had any particular issue that they were backing. Four years ago, when the war intensified, that changed to really become about undermining support for Ukraine. Iranian operations tend to focus on issues of geopolitical concern to Iran and their region. Similarly, early on Chinese operations were generally in Chinese and targeted Chinese diaspora populations. Then, about two to three years ago, we began to see Chinese operations on our services using other languages, and targeting audiences in English, still around issues generally of interest to Chinese geopolitical concerns or domestic issues like five poisons issues in China.

Dr Fernández, what about the geographic origins of those networks for X?

The top three that were mentioned—Russia, China and Iran—is the same for us, with Russia typically being the leader among those three.

What are the narratives that you see at X in relation to Russia?

To take the 2024 United States election as an example, it is really about undermining adversarial entities and jurisdictions and stoking division. It is really narrative-based, but there are also broad operations in terms of the number of accounts that they use to try to flood the zone with a particular type of narrative.

Could you give an example?

I do not have any examples in front of me, but I am happy to follow up with some examples for the Committee.

In 2024 we had 799 million—and change—account suspensions under our spam and platform manipulation policy, which encompasses inauthentic behaviour. The way that behaviour manifests on X is in spamming—

The permanent removal of those accounts.

The ones we remove are not really considered in that aggregate number. We see them as inauthentic accounts, not real personas, so that is a separate calculation.

Yes. Again, we separate the inauthentic networks in our actions against spam and other types of similar behaviour. That is separate.

Have I missed something? Are there more inauthentic accounts on X than there are authentic accounts?

To give you a sense, every single day there are billions of attempts to create accounts on X that we are able to thwart. There are efforts every single day to create inauthentic networks of accounts. A lot of the actions that we take against spam and platform manipulation occur before those accounts are even able to post anything. Our goal is to try to have interventions at all different levels of account creation and account lifespan, and then take action accordingly. I want to separate our efforts to combat the manipulation of the platform and the creation of inauthentic accounts from the users we see logging in every day and every month, who are active on the platform and who we have more information about.

Again, we are quite confident. I want to focus on the activity of trying to create those inauthentic accounts, and all the interventions that we have in place to ensure that an account is authentic. All throughout the account-creation process, we are able to implement interventions to make sure that those accounts never post and are not part of the public conversation.

I am not familiar with the research, but I am happy to review it and come back to you.

All three of you have told us about how active you are in seeking out and removing inauthentic accounts. Over the course of the inquiry, we have heard from Governments that disinformation currently represents one of the greatest threats to democracies. We have talked to Government institutions in France, Moldova, Estonia and, of course, the UK, and they have all told us about how they are seeking to counter it. We have also heard from NGOs that are monitoring it. I have to say that all of them have suggested to me that the platforms have not been wholly co-operative in trying to prevent it. I also note that all three of your companies are currently under investigation by the European Commission, under the Digital Services Act, for failing to provide the information that you should to regulators. To what extent do you think that is unfair? Can you be doing more, working with Governments and regulators, to prevent what is a considerable threat to all western and democratic Governments? Who is going to go first?

I am happy to. To be clear, a number of DSA investigations are ongoing with the Commission, but as they pertain to misinformation and disinformation, we are being incredibly co-operative, and I think that has been noted by the Commission specifically in relation to the Romanian election, where there is an ongoing investigation. I do not think it is a case of not providing relevant information; I think they are assessing things in their entirety. Your question was about whether more can be done overall. One of my observations would be that whenever we identify and disrupt networks, whether that is through CIO or other aspects of our inauthentic activity, there is only so much that we are ever going to be able to see on-platform. One of the common things that we will see is a level of co-ordination that takes place off our platform, using either encrypted messaging services or other kinds of features, or indeed sometimes directly in real life, or through more traditional methods of communication. The challenge for us as platforms is about being able to use the signals that we have from our services to be able to identify that co-ordinated behaviour when, if it is actually taking place off-platform, we might have only the output behavioural signals from them, rather than any evidence of the co-ordination itself. I definitely think there are areas that could be strengthened in that respect. Part of the challenge is in ensuring that you bring all members of the value chain into the conversation—that echoes something we were talking about earlier, on the breadth of what we are talking about. We will commonly see, for example, people off-platforming to encrypted messaging spaces, where we have no idea what the ongoing conversation is, but it may then be affecting and impacting what shows up on the platform. That is one point. Related to that, but perhaps—

With disinformation, we are essentially talking about content that is posted for public view. There is a separate issue around encrypted messaging.

On disinformation, again, my point is that we have policies in place on disinformation and misinformation that can assess it on the basis of the content posted. We actually do not need to know who that person is or what their intent is; we simply judge it against our own community guidelines and the threshold there is whether it has the potential for significant harm to an individual or to society. Co-ordination does not matter on that point: we do not allow misinformation or disinformation that has that potential harm. As I say, we will assess that on the basis of our own set of moderators making a call, our database of claims that have already been designated as misinformation and disinformation, or, where we do not have that information, working with global fact-checkers, which we continue to do. What I am saying on the co-ordinated perspective is about where the content itself may not be misinformation or disinformation—my colleague from Meta mentioned attempts to impact confidence in public discourse as a whole. Where we see that level of activity, that is the area where I think it could help to bring a greater level of the value chain into the conversation and, potentially, to have the Government acting as more of a convenor to share and facilitate signals between platforms. We are able to do an element of that in certain circumstances but, although we are quite public about what we do, it is about targeting and creating a situation where the information that is gathered from all platforms is cross-referenced so that we are armed with as much as possible to be able to identify whether this activity is going on.

Counter-disinformation centres have been established in a number of countries. Obviously, I do not expect you to instantly accept whatever they tell you to take down, but can you assure me that co-operation is close and that when they bring disinformation to your attention, you look at it and rapidly remove it where it is proven to be so?

I can give you specific UK examples. During the civil unrest in the UK in late 2024, we stood up exactly the kind of crisis response approach that I have been talking about for other things, like Iran. We focus on whether there is harmful content on the platform. That includes misinformation and disinformation that might have a harmful impact on society as a whole. We took a range of signals at that point. We worked closely with law enforcement to ensure that we had as many authoritative facts as possible about what was happening on the ground, so that we could work with our fact checkers to check whether claims being made in some of the content we saw were in fact verifiable. During these kinds of periods—this goes for elections and fast-moving crisis events—we also make sure that we have search interstitials, so that when people are looking for information about elections, an ongoing crisis or something like that, they are pointed towards authoritative information, even if that means taking them off our platform to law enforcement, or the electoral commission in election instances. It is very standard to work closely with the sorts of bodies that you are talking about, and something we have done directly here in the UK.

Dr Fernández, as I understand it, X is looking at a very substantial fine from the European Commission as a result of breach of the DSA requirements. Are you working as closely as you could be with law enforcement and regulatory bodies?

I will not comment on the ongoing DSA matter, as that is a separate legal matter. What I can say is that we remain fully committed to compliance with the duties set out in the Online Safety Act in the UK, and we welcome our continued engagement with Ofcom and working diligently as a priority to towards the OSA deliverables that are in line with Ofcom’s road map. That is our commitment. Our commitment is also to compliance with the DSA. To come back to your question about disinformation, there are a couple of things I wanted to highlight. We rolled out a feature late last year called “About this account”. For users we have enough signals about to deem authentic, we provide another layer of transparency: when and where the account was created, where it is based—that is somewhat fluid depending on travel, of course—and how many handle name changes there have been since the creation of the account. That is a really exciting and interesting surface that we will continue to build on. We have seen a lot of interest from users and usage of that. That is super important. I also want to note our account verification, particularly for Governments, which I think is unique to the marketplace. X is a place for digital diplomacy. It is where we go to understand when things are happening and where world leaders and local leaders go to engage in the conversation and speak to their constituents. The grey checkmark uptake has been really significant and encouraging to see across the world. It is another signal of authenticity. When folks come to X, they can see that this person is a representative of their Government or a leader of their Government. That is really important to the public conversation and its integrity.

To repeat the question I put to Mr Law, is X committed to working with Government counter-disinformation bodies, and will you respond as quickly as you can when disinformation is brought to your attention?

Yes, certainly. We welcome intelligence on these networks, wherever it may come from. All sorts of stakeholders contribute to open source intelligence and threat reporting. If the UK Government have signals of these co-ordinated networks, we certainly want to know about it.

Mr Agranovich, to what extent are you working with the bodies that are trying to prevent disinformation from being spread?

We work quite closely with civil society partners—open-source research groups and disinformation research organisations—as well as counter-disinformation centres. For example, we were one of the early partners of the centre for hybrid warfare up in Finland. In addition to welcoming leads from those organisations, we also, where we can, share information about what we are seeing from those networks to help improve their own investigative capabilities. As both my colleagues mentioned, we always conduct independent investigations based on the leads that they share with us. If we do enforce, it is based on our own internal investigative work, but we welcome information from those organisations to help us find things that we might not have found ourselves.

Finally, in the next few months we have two extremely important elections, where there is a high risk of attempts to interfere. One is in Hungary, in about three weeks’ time, and one is in Armenia a bit later. We know that those are likely to be subject to Russian attempts to influence the elections. To what extent are you actively trying to ensure that that does not happen?

We are very focused on both those elections. On the one hand, we have expert intelligence investigators whose job it is to track known threat actor countries—Russia, China, Iran and the like—consistently and continuously across our services. So they will keep doing the work they were already doing in looking for those operations. We will also surge teams to look specifically at those elections, with the goal of identifying and disrupting potential activity that might target those elections specifically. In addition to the teams that we have in the UK who work on these issues, we have teams supporting those elections directly who are based in Europe and can provide real-time, same-time-zone support. If questions come up from Governments or authorities in Europe or the countries in question around those elections, we can respond more quickly.

Dr Fernández, you do not have a British representative, but do you have representatives of X in Hungary and Armenia? If people in Hungary and Armenia, who are about to face elections that we all appreciate are pivotal, see what they believe to be Russian disinformation, who would they report it to and how would they go about doing that?

I cannot share particular details of where our personnel are located. We obviously have an office in the UK; we have personnel in the UK. We have a colleague who is temporarily out of office, which I understand has been an inconvenience—

Honestly, we have really tried. We have asked the other team and we have asked the department that is supposed to regulate you. Everyone is having some difficulty pinpointing a member of X staff currently working in the UK—but never mind that. Can you assure us that you have members of X staff working in Hungary and Armenia, where there are pivotal European elections happening now?

Again, our teams across Europe work across all the European markets, and we support those elections across the region. When those elections happen, we have an elections working group that convenes to assess the different threat vectors for that election and prepare accordingly, depending on the volume of conversation, the number of users that we have, the contours of the narratives that we can expect and the level of threats that we expect from co-ordinated and authentic networks. That happens across elections all over the world.

These elections are happening now. Are you telling us that there are teams active at the moment monitoring what is going out on your platform relating to the elections in Hungary and Armenia?

We monitor, prepare for and respond to elections all over the world throughout the year. It is an ongoing working group that works specifically on these issues, and it is a cross-functional group that involves members from all around the company. We are well trained, well versed and well prepared for elections of all sizes across our different markets. We are obviously a global platform and very popular for elections-related discourse, so this is not new, though obviously the threats always emerge and adapt.

So is it one elections co-ordination group that you have to monitor all elections across the world?

Our safety team is responsible for the enforcement of our rules and terms of service. For elections, we have a group that co-ordinates across different elections to make sure that we are adequately prepared for each of them, based on the different threat factors that we see specifically on X.

If you wouldn’t mind, could you help us? There are people who are concerned about what is happening in these two countries right now—because as Europeans we are very concerned about the elections in Hungary and Armenia, and the malign influence of Russia—so how can people report that to X if they see it? How do we go about contacting X?

As part of the DSA, every EU country has a digital services co-ordinator that is tasked with implementing the Digital Services Act and co-ordinating with platforms. There is also a list of sanctioned trusted flaggers that are approved by each of those digital services co-ordinators in each country, and trusted flaggers have their own dedicated reporting channels to the platforms. I would point you to the resources made available by the European Commission, the EU and the DSA on how the digital services co-ordinators function within the EU.

Yes, we will have those for high-profile elections. You mentioned the Hungarian one, for example, and my counterpart in central Europe is working incredibly hard on that at the moment. We will stand up local election integrity taskforces that are designed to be sufficiently staffed during that period of time, that will work from a trust and safety perspective—reviewing the content that is coming on to the platform—and through continuous enforcement on the covert influence operation bit. I would highlight our work with fact checkers, because that provides us with one additional input to assess the veracity of what is being claimed on our platform. We work with them to test broad trends and narratives, and then any specific aspects that are highlighted to us. We are perhaps a bit different in our origin from my fellow panellists, in as much as TikTok started very much as an entertainment platform. Over a period of time, as our user base has grown, we have seen a great deal more political discourse, so we want to ensure that it is an environment where everybody can engage in that, if that is their interest. In the last few years, we have seen a greater number of political stakeholders, Governments and departments, including the UK Government and Prime Minister, coming on to the platform. We want to make sure that we preserve the ability for it to be used as a communications tool by people participating in that process, as well as by our users to express their opinions. We encourage candidates to apply for verified account badges—those cannot be purchased and they indicate that the account belongs to who it says it does. If we are thinking about lessons learned, there is probably something that lots of Governments and parties could think about in respect of standardising how they communicate with platforms at the start of an electoral period. What you commonly find is that there is a real range of candidates, lots of whom have a social media presence. Being in a position where the parties are able to say, “Here are our candidates” and “Here are their account handles” would help us instantaneously to be able to verify and label them accordingly on our systems and, at the same time, take action against anybody who is trying to impersonate. We will do that anyway, but obviously, it will be using our own initiative and understanding rather than being able to get confirmation directly from political parties.

Do X and Meta think that is a good idea? Mr Agranovich is nodding, so just for the record, he agrees. What about you, Dr Fernández? Do you think that we should provide a list of candidates so that you can stop people from impersonating us?

Certainly around elections, I think that impersonation is one of the largest areas of policy violations. Whether it is accounts that are compromised because they do not have good security practices or impersonating accounts, that is something we see a spike in around election time, so that would be certainly helpful.

It is a great pleasure to be guesting on this Committee from the Science, Innovation and Technology Committee. Yes, Wifredo: you gave evidence to us a year ago, and you will be giving evidence in our updated session on the inquiry into social media and algorithms, on 24 March, I think. I will not go back over it, but my Committee shared the Chair’s unsuccessful experience in trying to identify somebody who was responsible for X in the UK. My Committee’s inquiry spent some time looking at social media algorithms and online harm. It raised a number of questions and issues about how algorithmic manipulation and bias are identified and addressed by platforms, and how information about that is shared. Perhaps I can ask this question to each of you: how do your ranking and recommendation systems assess and mitigate the risk of the algorithm amplifying disinformation because it is highly engaging, and how do you address bias in the algorithm? Equally, how do you manage the risk of over-moderation of legitimate political speech?

It is worth taking a moment to talk about the way in which TikTok operates in this respect. We operate on what we call a content graph, not a social graph. That means that if you are a TikTok user, you do not have to follow anyone: you will land on the “For You” page, which will be populated with videos that we believe you will like based on your behaviour and preferences. When you first sign up to TikTok, that page is populated by a series of videos that are popular across the TikTok environment as a whole. If, say, you like videos one, three, seven and eight, and you watch, like or comment on them, it will take that information, cluster it with other users who like the same videos, identify other videos that those users liked and serve up a selection to you. The algorithm is comparatively content agnostic in the way it operates, reacting to the signals that you give it rather than saying that it knows a particular type of content that you like. You are asking about disinformation and its amplification. That falls under our content moderation approach, which, as I explained earlier, involves ensuring that every video uploaded to TikTok is scrutinised at source by automated tools, which assess it against our community guidelines before it hits the platform. Those tools might have the confidence to say, “No—that is violative of our community guidelines,” or might pass it to the human moderation team. In cases of mis and disinformation, we may work with fact checkers and the global database to look into it. The process we go through should ensure that that is looked at, and it is doing so, given the stats that I gave earlier: 90% of misinformation having zero views and 95% being taken down within two hours. Having said that, there may of course be edge cases or cases where you miss something. One thing that we do at TikTok is re-moderate on the basis of a piece of content getting a greater level of engagement. The content may have been sitting on the platform not being watched, but if it then hits 1,000, 10,000 or 100,000 views, we will pass it through the moderation process again to ensure that we are applying the community guidelines against it and taking action where appropriate. You also asked about the idea of biasing. From our perspective, as I say, we want to ensure that people have an experience that delights, surprises and engages them, and the content agnostic element of our algorithm really helps with that. We also try to ensure that we have appropriate dispersal, so that somebody who watches a series of content is not served up with, for instance, just dog videos because they have engaged with a few of them, but are shown a real variety of different things. We have submitted various audits of our recommender system to the European Commission under the DMA. We have a research API that people can use to interrogate trends that they see on our platform, and we work hard to ensure that the algorithm accurately reflects our users’ preferences, as that is ultimately how they get an authentic and engaging experience.

I just want to understand this perfectly, because one of the issues that came up in our inquiry was that inaccurate information about the attacker in the horrendous Southport murders case was put in the “For You” part of TikTok and thus drove misinformation about who the attacker was. Are you saying that that would not happen now because it would be identified and taken down immediately, as that level of misinformation was a consequence of how quickly it went out, or are you saying that that is not an issue for other reasons? I am a bit confused as to why the way in which your algorithm works is relevant to misinformation and disinformation because that can travel very quickly, whether you are dependent on content or not.

In that specific example, which we discussed last year, the false name of the attacker was something that showed up in the suggested search box. That is where you go and search about a particular issue, and it might autocomplete with some suggested terms. As I think I said to your Committee, we regretted not moving as fast as we would have liked to on that issue. Our focus at the time—I think this reflects the way that we respond to any kind of crisis that we see—is on the short-form video content that we know lands on people’s “for you” page, so the information that they are seeing, and to make sure that there is no harm that can arise from that, including mis and disinformation. I do not think it was short-form video that was percolating; I think that it was in the suggested search aspect. When we are responding to these crises—this goes back to the point that I was talking about earlier—the need for accurate and up-to-date, verified information is obviously of the utmost importance. The way that we work with fact checkers is to ensure that when there is a claim—

I do not want to interrupt you, but you have talked about that already. These things happen very quickly, so does the algorithm make it more likely that engaging content will be amplified before your fact checkers have been able to check their facts?

When we refer something to our fact checkers, we take it out of the “For You” feed, so it is not available as part of the thing that people will scroll on. When it is under verification, it will still be available on the platform. We talked a little bit about that—I think your final question was about that balance. We do not want to be in a situation where, if these are legitimate claims or claims of opinion, we are completely and totally removing them, but we do take it out of the “For You” feed and therefore out of the place where people can stumble upon it. We will refer it to fact checkers and they will either verify it—

We have gone through the process a few times. I do not think that you are addressing the point about whether more engaging content is more likely to be amplified.

Our algorithm absolutely presents people with content that they will find engaging. What I am trying to say is that with our moderation process, our use of fact checkers and some of the levers that we have that involve taking it out of the “For You” feed, we aim to insulate against the ability for mis and disinformation to rapidly spread and get significant numbers of views.

How does it go before the fact checkers?

We refer it. It will either be on the basis of a claim that we will look at under our misinformation community guideline—as I say, that is about whether or not that misinformation might have the potential for significant harm to an individual or society—so there may be a claim that somebody is making that we directly assess, or from people reporting to us. That can involve users themselves or, indeed, similar to colleagues, a number of trusted partners and flaggers. As I say, the first bit is checking against a database of known conspiracy, and those are the sorts of things that we will commonly be able to prevent even being uploaded in the first instance.

That all takes time.

Yes. Although, as I say, 95% of misinformation posts were removed within two hours—

The 5% could be significant. Okay, thank you very much. Dr Fernández.

Thank you—and I look forward to diving deeper into this topic in a matter of weeks. Following up on our conversation a little over a year ago, we have since made significant updates to our “For You” recommendation algorithm, and we have published the code for that, as of last month. You can go to GitHub and dive into the code base and architecture of our recommendation algorithm for yourself and provide feedback. That is something we will continue to update as we update the algorithm. We are proud to be that transparent and look forward to the input of the global developer community and user community on the algorithm. You may have also seen—it is not available yet in the UK, but in the US and Canada and throughout the middle east—that we have provided the opportunity for people to have their own filters on the “For You” recommendation tab. You will tap the “For You” icon and be able to filter based on topic and have a feed that is solely that topic. You could have a feed solely about gaming, about business and finance, about science and technology or about entertainment and the arts. That is a way to give users a lot more control over their feeds. We are really excited about the feedback we are getting, and excited to roll that out to more markets. We think it is a great way of offering algorithmic choice. Of course, that is in addition to the choice they already have between “For You” and “Following” and creating their own custom feed using lists.

You said that you have published some of the code around your algorithm. Do you test the algorithm to see if there is potential bias in the ranking of content?

As you will see from our model, it is not based on specific content; it is based on the user and what we think is going to be relevant to the user. That may be different for everyone, so it is not based on a specific type of content that we have determined.

I understand that, but do you test to see if someone is more likely to receive content from certain political parties or origins and so on. Do you do any testing like that for bias?

Yes, of course we want users to be able to see a spectrum of types of content. X is a place where we see robust debate on any particular issue.

Do you test for political bias?

I am not part of the engineering team, so I cannot speak specifically to their tests and experiments, but certainly we want people to come to X to seek the truth, engage in interesting discourse and debate and see all sides and all spectrums of a particular argument or issue. That sort of objective truth-seeking mission is what we are all about.

Do you think that those people who say that X has the most appalling right-wing bias these days are being unfair on you?

I can speak for what I see on my “For You” page, which at this point is heavily trained from over 17 years of usage, but I see all sides of a particular debate, whether it is a debate on a particular entertainment issue or the politics of the day. I truly do think we are a global town square in that regard, and sometimes the local pub, where a lot of banter and discussion happens. So I do see all sides—

You don’t think that your pub is full of Reform voters, and particularly Reform Members of Parliament, whose tweets do seem to be amplified more than other Members of Parliament who perhaps have many more followers? I don’t want to be bitter about this, but when a newly elected member of the Reform party becomes an MP, any utterance of theirs seems to get spread around the United Kingdom with extraordinary alacrity, and in front of a very large number of eyeballs. You don’t think that is anything to do with your algorithm?

I think X is certainly a place for politics, and there is certainly a fervent user base in the UK across the whole political spectrum, so it is really interesting to get your perspective on that.

You’ve never heard this before?

I have certainly heard that there is a heavy amount of political content across the whole political spectrum—that’s for sure.

There is published research on this, Dr Fernández. A study published in Nature in January on the “For You” page said that it pushes political opinion “in a more conservative direction” and that it was influencing more conservative perceptions of the criminal investigations against Trump and more conservative views on the war in Ukraine. It also showed that the algorithm led users to follow more conservative activist accounts than it would otherwise. That is public research. I am a left-wing politician, and I get a lot of far-right American content on my “For You” page. Are you denying that research? What is X’s position?

I think that research was based on data from about three years ago, so it is not really relevant to the algorithm that you are experiencing today—

So our experience ought to be that X is much more even-handed and, indeed, left-wing than it was three years ago. Is that the information you are putting before the Committee today?

We welcome fresh research and study. I query whether a user wants to be in a particular echo chamber or whether, perhaps, they want to see opinions of folks they may not agree with. I think that sort of balance is important to the public discourse.

I think the balance is the problem, because you are presenting people with views from one particular direction that they do not agree with, but maybe not views from the other direction. Certainly, in all our experiences, and according to the research—I am sure that this is not just a UK problem; it is an international problem—it is pushing the Overton window, if you want to say, in a particular direction.

Is it your contention that you are not seeing content that is aligned with your particular political party or political views?

I do when I am following the pages that I follow, but when I automatically get bumped to the other page, I get a lot of far-right American Christian conservative content forwarded to me. I am happy to see a wide variety of views, but I do not get far-left content, for example.

If there is content that you are not interested in, I encourage you to hit those three dots on the top right part of the post.

It is a bit less about my particular feed than it is about the systematic issues that we are talking about here.

Sure, but what I am pointing to is a product feature that allows users to provide feedback to the system about content that they are not interested in. When you hit those three dots, you can say, “I’m not interested in this post,” and you can select either that the content is not relevant or that you would like to see fewer posts from the account. That helps the algorithm reinforce what your preferences are.

No, that is not the premise that I am accepting or the contention that I am making. What I am saying is that if there is any piece of content that you are not interested in, you have a mechanism to provide feedback so that the system can better understand what your preferences are. Again, we provide as much user choice as we can, and we publish the algorithm—and I think our leadership has been very clear—not necessarily because we are extremely proud, but because we want the tough user feedback that, obviously, we are getting now and we continue to get every single day on the platform. We are a platform that operates in public, and we get user feedback very directly. We hear that user feedback, and we know that we want to improve our recommendations and we want to provide more choice. That is why we are experimenting with timeline filters so that if you do not want to see anything about politics in your “For You” feed, you can simply toggle that off and just focus on gaming or any other interest that you may have. Ultimately, we want to provide as much choice as possible, and we want to provide content that you want to see, enjoy seeing and enjoy engaging with, that you want to share with other people in your life and, ultimately, that you are entertained by. That is our mission: we want X to be a place that is wholly relevant to why you visit. You want to understand what is happening in the world, and so we are going to continue to endeavour to make that easier and simpler for you, and give you more control as a user over what is in that “For You” feed, while also giving you the choice to simply have a very straightforward feed of the accounts you wish to follow. An underutilised feature is lists, which you can pin to your timeline. You can create tons of custom timelines based on certain accounts or topics that you want to follow, and those are ones you can easily swipe to and from. That is an underutilised feature on X.

I have two quick follow-up questions. I think it is unrealistic to expect that hundreds of millions of individuals will all try to reverse-engineer the algorithm to rid it of whatever biases may be there. Do you test for bias, and is it possible for others—outside parties, researchers and so on—to have APIs into the algorithm so that they can demonstrate whether there is bias or not?

Yes, certainly. They can go to developer.x.com and sign up for a developer account. We have just overhauled the system so that it is pay per use, and I think it provides—

Pay per use? You have to pay for it?

To conduct certain research, you may need certain access. Obviously, there are different research programmes in other jurisdictions that facilitate that access, but for researchers all around the world, as has always been the case, they have the ability to use our developer console to conduct research at a very reasonable rate.

One of the things that my Committee called for was greater transparency and access to the algorithm. Finally, do you accept that if there were political bias in X’s algorithm, that would represent support for a political party or a political movement, which would be an interference in our electoral process?

Our goal is to seek the truth and for users on X to be able to seek the truth, and for the algorithm to be as objective as possible, and that is the endeavour that we will continue on.

I will take that as a kind of yes.

Again, we are the only platform to publish our recommendation algorithm, so we welcome the study and scrutiny of it. Community notes is completely open, transparent and public. Every data point is available to researchers to study misleading information, and the technology that powers it is completely open source. As far as making our technology transparent, we are trying our best to do so.

May I ask about the Twitter Moderation Research Consortium, which I think was the way academics could get access to the algorithm? Obviously, with the change of ownership, that was closed down. Don’t you regret not having easier and more open access to your algorithm, given that I am sure this is not the first time you have heard the criticisms that you have heard this afternoon?

I think access is easier and more open than ever to developer tools and the API for researchers to study. Research all around the world relies on certain tools that researchers have to procure, and access to X’s API is reasonable and comparable in that regard to other commercially available survey tools and such. In terms of researching misleading information and the efficacy of community notes, there is no cost to that. That data is updated daily. We have researchers all around the world who are downloading that data every single day. We have researchers experimenting with AI community note writing, which is really exciting. In terms of disinformation and misleading information, we have one of the richest treasure troves that has no cost to it, and that is the community notes database.

May I ask specifically about deepfakes, where a person’s personality, image or voice is used without their permission to propagate a message? We have heard that during an election that is potentially an offence; the electoral commissioner talked about that. Last week, I met somebody to whom this happened. She had been trying to get the deepfake removed, and was told that she had to prove it was not her. It was incredibly difficult, and there is resistance from the platforms to tackling this. As I understand it, under the Online Safety Act, a new offence has been created called false communication, and platforms are also liable if they disseminate what is provably false. To what extent are you taking account of that new provision of the Online Safety Act and acting against what is plainly false information and, in particular, deepfakes? Who is going to start?

I can go first, by all means.

You are unfortunate in being the one person in the room.

No, I am very happy to be so. From our perspective, the Online Safety Act itself is something that we obviously comply with. We have been regulated by Ofcom since 2020 under a previous regime—the VSP regime—and new laws or new obligations do not change the approach that we have already taken on this issue. The first thing to say is that anything that is violative in our community guidelines is violative whether it is AI or not, so we always assess it on the content in and of itself first. When it comes to AI and synthetic media, we don’t prohibit deepfakes of private individuals without their consent and of public individuals if they are endorsing a commercial product or a political stance.

Did you say you do or you don’t allow that?

We don’t allow it.

You don’t allow private individuals to be deepfaked.

Without their consent—or public figures, if they are endorsing a product or a political stance. Obviously, the sophistication of AI is increasing. That has huge potential creative upsides for creators, but it also means that we have to reflect that challenge in the way that we approach enforcement. We do a number of things. I think that we were the first video-sharing platform to implement C2PA provenance codes. That is where you take metadata from where an AI clip is generated, it is read by the platform, and it will automatically label the AI. We have to ensure that anything that is created from an AI perspective is labelled; again, that is part of our community guidelines. We have also continued to iterate our approach. We announced towards the tail end of last year that we are now doing invisible watermarking, so that if a piece of AI has been created, it might not have an overt watermark, but it will have an invisible one that can be read by our systems. I think that we have labelled more than 1.3 billion pieces of AI content on TikTok thus far. It is something that we are acutely aware of, particularly—as you say—during an election period, when misinformation could be enhanced by the application of AI, but it is something that we have tools to deal with, both from a community guidelines perspective and a wider content moderation perspective.

If the content was not labelled as AI, that in and of itself is then not in adherence with our community guidelines. If you are talking about a private individual, we have privacy routes that people can avail themselves of on our platform, which would be the same as for content that was produced without your consent more generally.

But if a video did go up that, I don’t know, accused Sir John of suddenly becoming a Labour supporter—

A video went up saying that my colleague George Freeman had defected to Reform, and he was very upset about that.

That is an example of something that would breach our policies, because it is a deepfake of a public persona making a political claim that is not what they made.

And it should have been able to go down straightaway?

That comes to some of the points we were talking about earlier. Obviously, you then need to build in the ability to assess some of these claims directly, and we do that in part with fact checkers and in part with our own trust and safety team, including misinformation specialists. Clearly, you still want to make space for satirical content and things similar to that, so there is a level of balance. We adopt a precautionary approach, particularly during election periods.

Can I ask the other two platforms what their approach to this issue is? Mr Agranovich, can we start with you?

Absolutely, and thanks for the question. I’d echo a lot of what my colleague from TikTok said, and I think we have relatively similar approaches to the issue of AI-generated content. We also provide labelling of AI-generated content, and we do that in part by implementing C2PA. Again, that is the metadata embedded within AI-generated video or AI-generated photos. However, I’d call out that the approach is not without challenges. It is at times very difficult to determine whether content was created with an AI tool. C2PA is not implemented by every AI company, so some content generators, particularly smaller, commercially available AI content generators, do not have that metadata embedded. While we endeavour to do our own detection to try to identify if a video or photo may have been created with AI, absent that underlying metadata there will be some level of inaccuracy, and I think that is something we are constantly trying to close. However, to be fully transparent, I think it is a challenge across the industry at the moment. We certainly would encourage AI companies that produce content, particularly videos and photos, to voluntarily join the C2PA kind of coalition to implement it within their own products. Yes, this is something that I think we are continuing to work to get better at, and I’d echo many of the approaches that TikTok mentioned.

On that point, the person I was talking to is quite a well-known musician. She has had literally hundreds of accounts created in her name and using her image, but with which she has had no involvement whatsoever. She is having to spend literally hours every day trying to get them taken down, but as soon as she does, more are being created. Is it her responsibility, or can you proactively put a flag saying, “This is somebody who is suffering from this, and therefore we are not going to accept these accounts being created”?

The first thing I should say is that I am very sorry to your friend that she is having to deal with this, and I know from experience how frustrating it can be. First, I should say that it is our responsibility as a platform to take impersonation seriously, whether that impersonation is to enable misinformation or disinformation, or to enable scams or spam. There are a number of tools that we have launched in the last year that are designed to get better at dealing with celebrity impersonation, in particular, which we have seen being used by scammers to try to scam people out of their money. The short answer is, yes, there are programmes that we can put in place to try to do more of that proactive detection. We can also suggest to people who are the target of impersonation a few certain steps to take with their own accounts, which can make our automated systems more effective. To the point about your friend in particular, we have a team based in London. We’d certainly be happy to follow up on ways that we might be able to address that particular case.

I’d be grateful if you were. She came to talk to a group of Members of Parliament to express her frustration that this was happening and that she had been unable to tackle it. I will certainly put you in touch.

I appreciate that. Thank you.

Dr Fernández? Dr Fernández: I would certainly welcome more details if you are—

Not specifically about her, but what is X doing to prevent individuals from having their persona used without their consent, potentially on a massive scale? Dr Fernández: First, we have a clear policy on authenticity. Deceptive identities and trying to create deceptive personas is against our rules. Similar to the other platforms, we have programmes in place to help address that at scale. I mentioned before that we see, often in times of elections, the attempted impersonation of candidates, public figures or members of elected office. We also have our synthetic and manipulated media policy, which addresses it at just a content level. Finally, we have community notes, which address potentially misleading information at the content level. However, I think that what you are talking about is the authenticity of the account. Similar to other platforms, we have ways of scaling enforcement there, depending on the individual case.

Another scandal broke this morning in relation to Grok, which was AI being used to generate the most appalling and offensive messages to Hillsborough victims. That happened today. Dr Fernández: I understand there were some unacceptable generated responses, and we actioned those posts in accordance with our policies. Our engineering teams are investigating the issue to ensure that it does not happen again.

Could I ask a question about the Online Safety Act and, in particular, the National Security Act, which seems to be bolted on to the Online Safety Act and enacts an offence in relation to foreign interference? I wonder how much any of you three have come across this, and whether you have been asked, through this legislation, to take down any particular posts. Perhaps I will begin with Meta.

At Meta, we certainly believe that the principles and duties established in the Online Safety Act provide a strong foundation for addressing a number of different content risks, including state-sponsored disinformation being treated as priority illegal content. Personally, I am not familiar with any individual pieces of content that we have had to take down based on those requests, but I can follow up with our teams and with the Committee afterwards as to whether that might be the case. That said, I would say that it is also a priority for us to identify and remove, particularly, foreign-origin disinformation operations targeting elections in the UK, as well as elections around the world. That is work that we will do whether or not we are required to do so under specific regulation.

Thank you. Dr Fernández, are you aware of the National Security Act, which works in conjunction with the Online Safety Act to deal with foreign, international interference?

I am not aware of any particular case, but I am happy to take it back to my team. Obviously, we are fully committed to compliance with the OSA and all laws in the UK. That is certainly our charge. I am happy to look into whether there has been any specific case in which that has been invoked.

Are you aware of the foreign interference offence under the National Security Act?

It is included in the illegal harms part of the OSA, and therefore—

Well done—bingo! Give the boy a gold star.

Thank you, Chair. I therefore think the consequence of it is that the set of steps, which I have set out today, around covert influence operations and other aspects are included in the risk assessments that we then submit to Ofcom under that part of the code.

Exactly. It says quite a lot that people do not seem to know about it, apart from you. When we are assessing whether the legislation is particularly effective, the fact that representatives of social media companies do not exactly have it at the tip of their fingers—although you do—is perhaps important in itself. We have a few other questions about the monetisation of disinformation. It is getting a little late, but can we perhaps finish the other subjects?

Off the top of my head, I do not have a specific number, but we report on the amount of money that we assess these influence operations or networks spend in attempting, for example, to buy ads to drive content that they are pushing on our platforms. That number is often very small—by very small, I mean a couple of hundred dollars here and there. I would also say that it is not revenue that we want. Specific to how misinformation or even just highly polarising content meshes with our business model, Facebook and Instagram—our services—are platforms where we want people to be able to build authentic communities. People do not want to be in an authentic community if they cannot trust the people in that community, or if they feel that they are being targeted by malicious actors trying to abuse those communities. Disinformation networks, or even just the spammers and scammers of the world, run counter to the core assumption that makes our business model work. That is one of the reasons why we take this problem so seriously—

We do not allow political advertising at all, so we are not taking any money for boosting political content or anything like that.

If it does not meet our guidelines, it is prohibited; if it meets our guidelines, we have not termed it as misinformation or disinformation. From a business-model perspective, we are again slightly different from some of our competitors, inasmuch as we do not monetise against particular videos—the adverts that you see are in the middle of pre-rolls. When you are going through the “For You” feed, it is not just a case of, the higher the number of individual videos that are seen, the greater the revenue that we are getting; that is not what it is. If you go through the “For You” feed, you will commonly see videos that have received fewer than 300 views and very few likes, because we are trying to create an environment where people explore a variety of content, different types of things that they are inspired or surprised by. Similar to my colleague at Meta, we want people to have a good experience. I have given the figures on what we take down in relation to misinformation—

Any post that receives a community note cannot be monetised. I do not have a specific figure for the question that you asked.

The last question from me relates to extremist content promoted by Daesh. Sometimes, synthetic content is developed—synthetic audio, images and text—so how are you adapting your content moderation to take account of such AI-generated extremist content?

That question goes to the previous point I mentioned. Community guidelines apply whether or not it is AI-generated and synthetic. We do not allow hateful ideologies or incitement posts, and if there are specific signals, signs or audio that are associated with hateful ideology in that way, we will add them to a bank, which means that we can pre-screen on upload anything that comes through. If there is an example of a piece of content that has been identified as breaching our community guidelines, we do not just take it down but add the key elements of it to the models that are applied and—whether it is a prohibited signal, sign or something like that—block them on upload.

In the interests of brevity, our approach is almost exactly the same. I would add two things. First, we also do not allow hateful iconography, so if synthetic content was produced on behalf of Daesh that included specific symbology, that would also be enough for us to enforce—again, whether or not it is AI-generated. Secondly, we also share the signal banking with other parts of the industry, through the Global Internet Forum to Counter Terrorism—GIFCT. We both receive signal—including, I believe, from TikTok—and share that signal, so that if we were to detect content, everybody else could also block it.

Our approach is similar to the other companies. If you have any examples of this particular content, X would welcome them so that our teams can further investigate, as I am not aware of that sort of activity at the moment.

I am grateful to my colleague from Meta for adding two other elements that also apply to TikTok. We became members of GIFCT late last year. That brings me to one of the points I wanted to make to the Committee, which is, along with the recommendations that you are considering around the wider value chain, from a TikTok perspective we are keen to have continued and greater involvement in these sorts of conversations. Unfortunately, we were not invited to be part of the Defending Democracy taskforce that the UK Government have previously run. Similarly, we still face restrictions on the parliamentary estate, despite the fact that the UK Government are on TikTok, and the TikTok device approach is exactly the same as and commensurate with our other competitors under the UK mobile device management policy. From our perspective, we have a great desire to be further involved in conversations and would welcome any assistance that the Committee can give on that front.

I thank all three of you for giving the Committee the huge amount of time you have today. It has been quite an intense two hours; we have learned a great deal, and we are very grateful to you for giving your time. If you do not mind, we are likely to go through the transcript and, where you have said you will get back to us on things, I may write to ask you if you could give us the additional information—perhaps beginning, Dr Fernández, with who it is we talk to in Britain. Thank you all very much indeed.