Two and a half years since the Russian invasion in Ukraine, in addition to newly adopted EU regulations such as the Digital Services Act (DSA)1 and the Digital Market Act (DMA)2 allowed us to continue the series of these reports with high expectations of platforms having developed capabilities to identify and remove commercial manipulations. Although there were minor improvements across most platforms since our last experiment in 2022, our expectations were not fully met, leading us to speculate that EU regulations had minimal impact on detecting inauthentic engagement during our red team experiment. Why was this the case? Several potential reasons, which we explore in detail throughout this report, may address this phenomenon.
During the experiment where we purchased inauthentic engagement from commercial social media manipulation services, platforms demonstrated significant variation in resilience to inauthentic activity, with notable differences in the ease of registration and the cost of SMS verification.
