Removing Coordinated Inauthentic Behavior in Spain

By Nathaniel Gleicher, Head of Cybersecurity Policy

Today, we removed 65 Facebook accounts and 35 Instagram accounts involved in coordinated inauthentic behavior as part of a domestic-focused network in Spain. The individuals behind this activity used fake accounts — many of which had already been disabled by our automated systems — to comment on, amplify and disseminate their own content and posts by others. While most of this activity was focused on amplifying others’ content, some of the account owners also posted about local and national political news and issues including topics like elections, the Partido Popular Party and criticism of its political opponents. Although the people behind this activity attempted to conceal their identities, our investigation found links to individuals associated with Partido Popular.

Our investigation benefited from information shared by our industry peers at Twitter. We will continue monitoring and will take action if we find additional violations.

We’re constantly working to detect and stop this type of activity because we don’t want our services to be used to manipulate people. We’re taking down these Pages, Groups and accounts based on their behavior, not the content they posted. As with all of these takedowns, the people behind this activity coordinated with one another and used fake accounts to misrepresent themselves, and that was the basis for our action.

We are making progress rooting out this abuse, but as we’ve said before, it’s an ongoing challenge. We’re committed to continually improving to stay ahead. That means building better technology, hiring more people and working closer with law enforcement, security experts and other companies.