By Robert McMillan, Dustin Volz and Jeff Horwitz
When the New York Post this week published articles based on email exchanges with Hunter Biden -- Joe Biden's son -- Facebook Inc. and Twitter Inc. saw the situation as one they spent years preparing to face.
Both social-media companies had been heavily criticized for doing too little to address manipulation and other problematic posts on their platforms in the run-up to the 2016 election. On Wednesday, Twitter and Facebook -- within hours after the articles were published -- determined the content triggered measures they developed in response and acted to limit the articles' spread.
Their actions quickly drew a mixture of support, confusion and criticism, illustrating challenges the platforms face when they handle controversial content around elections. The moves fueled questions from everyone from users to lawmakers that the companies didn't immediately answer about how they decide which articles from which news organizations to target for such scrutiny. Twitter Chief Executive Jack Dorsey criticized his own company for not adequately explaining its actions, and in an about-face Thursday, Twitter said it was changing how it enforces potential violations of its hacked-content policy.
On Thursday, the Senate Judiciary Committee said it plans to subpoena Mr. Dorsey to testify about his company's handling of the matter. Republicans, including President Trump, have argued that the Twitter and Facebook actions reflect bias against them and an effort to influence the election. The companies have strongly disputed those characterizations.
Inside Facebook, executives had performed role-playing exercises in recent months about how to respond to an email dump and described such scenarios in planning documents, according to people familiar with the matter. None of that preparation shielded the company from criticism.
After a Facebook spokesman in Washington said Wednesday morning that the New York Post articles were flagged for fact-checking -- a potentially lengthy process -- the company hasn't made additional public statements on the matter. Facebook has said flagged items are less likely to show up in users' news feeds.
Twitter went further, blocking people from sharing links to the articles or tweeting of images from them. It also suspended accounts of users who attempted to do that, including White House press secretary Kayleigh McEnany. Twitter said the material violated its rules aiming to prevent sharing information obtained through hacking and private information like phone numbers and email addresses without consent. It had blocked this type of material in the past, but never from a large news publisher like the New York Post.
News Corp -- the corporate parent of The Wall Street Journal publisher Dow Jones & Co. -- also owns the New York Post.
Thursday evening, Twitter legal and policy chief Vijaya Gadde said the rule change on how it enforces its hacked content rules came after receiving "significant feedback" over its handling of the Post articles. From now on, Twitter will provide context about the potential violation instead of blocking links unless the material was "directly shared by hackers or those acting in concert with them," Ms. Gadde said. "We are trying to act responsibly & [sic] quickly to prevent harms, but we're still learning along the way," she tweeted.
Matt Perault, a former Facebook public-policy director who now runs Duke University's Center on Science and Technology Policy, on Thursday called the platforms' explanations of their actions lacking.
"Generally, companies interested in protecting free speech would leave up content from major news organizations," said Mr. Perault, before Twitter's announcement.
Twitter and Facebook's restrictions reduced the spread of the articles, but didn't stop links to them from reaching an audience on their platforms outright.
The New York Post's articles were shared on websites and social-media platforms 1.1 million times on Wednesday, according to an analysis from media analytics firm Zignal Labs Inc.
On Wednesday and Thursday, social-media research firm Storyful counted more than 94,000 tweets mentioning alleged censorship of the articles on Twitter and more than 6,300 mentions on public pages on Facebook, where it gained millions of interactions on pages, including those of President Trump, Fox News and Breitbart News. News Corp owns Storyful.
"The response that Twitter and Facebook have taken have clearly had the opposite of the intended effect because this is now the top story," said David Perlman, a former Twitter data scientist who now works for computer-security company Leviathan Security Group Inc., adding that the companies need to think more strategically when addressing these issues.
The responses Wednesday were shaped by the reckoning over social media's role in the spread of manipulation and disinformation campaigns ahead of the 2016 U.S. presidential election, according to officials from social-media companies and independent cybersecurity analysts. In the summer of that year, for example, Russian intelligence operatives used a persona known as Guccifer 2.0 to leak Democratic Party groups' emails that had been obtained through a cyberattack.
Since then, the companies have announced a bevy of new policies intended to crack down on election-related manipulation and disinformation, including restrictions on circulating so-called "hack-and-leak" material that appears to be private information stolen during a cyberattack.
"Russian actors relied on this technique in 2016, and we should all be ready in case they or others try again," said Nathaniel Gleicher, Facebook's head of cybersecurity policy, earlier this month.
Leaders at social-media companies have said their priority has been addressing foreign influence operations targeting U.S. elections. Often, quick action is required during these operations, where stories can gain traction and go viral within hours, disinformation researchers say.
The New York Post's articles cited emails it said were written and received by Hunter Biden that were provided by allies of President Trump, who in turn said they received them from a computer-repair person who found them on a laptop. One article included a copy of an email said to have been sent to Hunter Biden describing a meeting between his father and an executive at Burisma Holdings, the Ukrainian gas company on whose board Hunter Biden served.
The Biden campaign said that Joe Biden engaged in no wrongdoing and that no such meeting took place. It also said the New York Post didn't ask the campaign about critical elements of the story ahead of publication.
The Wall Street Journal hasn't independently verified the New York Post articles.
A New York Post spokeswoman couldn't be reached for comment. Post editors have said the social-media companies' actions amount to censorship and that it stands by its articles.
Hunter Biden has denied wrongdoing and said he exercised poor judgment in joining Burisma's board while his father's vice-presidential duties included Ukraine. A recent investigation by Republican senators didn't support an accusation by Mr. Trump and other Republicans that Joe Biden sought the removal of Ukraine's top prosecutor in 2016 to protect Burisma from investigation.
The timing of the email release by the New York Post and the circumstances behind how the information was obtained raised concerns among cybersecurity experts and some government officials that the material could be linked to a foreign disinformation operation -- in an echo of 2016. Russian hackers have previously targeted Burisma Holdings, they say. And Rudy Giuliani, Mr. Trump's personal lawyer, who the New York Post said gave it a copy of the hard drive, has visited Kyiv in search of damaging material on the Bidens, the Journal has reported. He has worked with multiple Ukrainians in that effort, including a lawmaker whom the U.S. Treasury Department sanctioned last month for acting as a Russian agent interfering in the 2020 presidential elections.
Mr. Giuliani told the Journal on Wednesday he didn't know if the material published by the New York Post had come from a hack. On Thursday, he said on a satellite-radio program that "categorically, this has not been hacked."
About a month ago, U.S. intelligence officials reached out to independent analysts familiar with Russian hacking attempts on Burisma, saying they had seen an uptick in signals that leaks of emails could be forthcoming as an "October surprise" event akin to the WikiLeaks releases of hacked Democratic emails in 2016, according to a person familiar with those conversations.
Earlier this year U.S. cybersecurity analysts said hackers believed to be affiliated with the same Russian military intelligence that hacked emails from Democratic Party groups in 2016 had breached Burisma and had been targeting the company since the previous November, as Congress was holding hearings on whether Mr. Trump abused his office by pressuring his Ukrainian counterpart to work with his Mr. Giuliani to investigate the Bidens. The Democratic-led House impeached Mr. Trump last year, and the Republican-led Senate acquitted him of both articles of impeachment in February.
Write to Robert McMillan at Robert.Mcmillan@wsj.com, Dustin Volz at email@example.com and Jeff Horwitz at Jeff.Horwitz@wsj.com
(END) Dow Jones Newswires