2+2=5: Signatures from Chinese COVID-19 WeChat Petition to the WHO Show Signs of Manipulation
China continues to find new ways to amplify the conspiracy that COVID-19 is a U.S. military bioweapon
“This group of Chinese netizens entrusted Global Times to collect signatures, in hopes that even more Chinese netizens join in and call on the World Health Organization to let virologists, laboratory safety experts, and biological weapon experts from China and other nations [free from US political influence] investigate the lab at America's Fort Detrick. Sign now!”
- Global Times petition website
In late July last year, the Chinese state-owned media outlet the Global Times promoted a petition to the World Health Organization (WHO), calling on it to investigate the American military’s biological research lab at Fort Detrick, alleging that the COVID-19 virus was in fact a military bioweapon deployed by the United States. What was unique about this petition, according to the Global Times, was that it was entirely citizen-led and that it was garnering millions of signatures per day on the popular Chinese social media and messaging app WeChat.
The Chinese were outraged, according to Global Times reporting, and they were calling on the WHO to prove once and for all that COVID-19 originated in the U.S. In the two weeks the petition was active, the Global Times reported it gathered over 25 million signatures via WeChat. Our team at Miburo carried out a closer examination of the data, however, and found that it tells a different story.
Dissecting the inner workings of the petition’s dedicated website, we were able to collect signatures as they came in. The petition’s website hosted a graphic that displayed incoming signatures allegedly in real time. We closely tracked incoming signatures on the website for a 10-day period — from July 24 through August 6, when the petition closed. During this timeframe, the Global Times reported 14.8 million new signatures. However, by streaming the data from the petition website’s graphic, we found that only 1.5 million new signatures actually appeared in this 10-day period. Our analysis suggests that at least 13.3 million signatures on this petition, or over half the total amount, may have been fabricated. This petition appears to be one of the latest Chinese government campaigns to obfuscate the origin of COVID-19.
In one way or another, China has spent the better part of the last two years spreading disinformation about the origins of the Coronavirus pandemic. This propaganda has taken many forms since early 2020. Aimed at audiences abroad, messaging has been carried out in several ways. On social media, it’s been propagated by offering money to popular Chinese Twitter accounts to spread positive messaging about the Chinese government’s response to the pandemic and netizen-led campaigns sowing conspiracies about the severity of the virus abroad and foreign governments’ responses. Chinese state-owned media (CSM) has also amplified Western conspiracy theorists and promoted a website to report on suspicious U.S. military biolabs around the world in several languages. CSM has also made a concerted effort in the past year to amplify the views of foreign influencers whose content aligns with the Chinese Communist Party (CCP)’s own worldview, including on COVID-19. Government officials have even directly alleged the virus originated in the U.S. The Chinese government is trying to have it both ways. At home, the CCP has issued directives to "resolutely control anything that seriously damages party and government credibility and attacks the political system." They have hired companies such as Urun Big Data Services and Onesight Technologies to assist in pushing positive propaganda about the Party’s response to the pandemic while also stifling criticism and dissent.
One of the chief narratives that has been pushed by Chinese government officials and CSM during this time has been that COVID-19 not only originated in the United States, but that it leaked from a military lab at Fort Detrick, Maryland. The Global Times petition to the WHO is just one of the latest means by which Chinese state-owned media outlets give oxygen to this conspiracy.
A Closer Look at the Data
The Global Times petition website featured the full text of the Chinese-language petition, a live count of the total number of signatures, and a scrolling graphic of incoming signatures in real time.
In the screenshot above, the top part of the photo (in the red box) shows a live count of petition signatures, while the lower half (in the green box) shows the scrolling graphic of incoming signatures in real time. You can see how the website looked at the time, with moving graphics, in the Wayback Machine here.
The graphic displaying incoming signatures on the petition’s website loaded data from an Application Programming Interface (API), a URL that returns specific data when it is visited. While APIs are often publicly available on social media sites, such as Twitter, and facilitate automating news delivery and building bots, they are also a basic infrastructural part of most of the modern web. Websites often use APIs to load more data when you scroll to the bottom of a page, for example. In the case of the Global Times WHO petition’s website, an API loaded signatures into the scrolling graphic of incoming signatures.
In past years, security researchers such as Hang Do Thi Duc, Dan Gorelick and Dan Salmon found that a similar scrolling graphic on Venmo’s website made use of a public API, enabling anyone with the technical know-how to collect data on all public Venmo transactions in real time. This exposed API enabled Hang to assemble a database of all 207 million public Venmo transactions in 2017, from which he built a website telling stories from the data. The exposed Venmo API even inspired a Twitter bot @venmodrugs that tweeted every time a user claimed to buy or sell drugs on the platform. Finding hidden APIs can also be a useful investigative skill. Data journalists at The Markup have used exposed APIs to reveal biases in the inner workings of algorithms.
During our 10-day streaming period, our team collected 38,837 JSONs resembling the above from the petition website’s API, pinging the API for a new batch of data every 20 to 30 seconds. Simply put, the data told a different story than the Global Times itself. We found that not as many signatures were coming in as the graphic led visitors to believe. The scrolling graphic would frequently replay the same list of 40 cities, re-using old data to give the appearance that new signatures were constantly rolling in (see Figure 61 below). When this happened, the graphic’s API would also return a duplicate JSON. Out of the nearly 39,000 JSONs we collected in the 10-day streaming period, over 15,000 were duplicates. In other words, an astonishing 39.3% of the data we collected was recycled. Most JSONs also contained exactly 40 cities, while some contained 80. The number of cities in the JSONs did not vary, despite the fact that JSONs can deliver vast amounts of data (as they do in the Twitter API, for example).
Using this data, we were also able to collect unique signatures in the data over time. We observed a collective increase of 1,500,724 signatures over 10 days, while the Global Times reported a change of 14,850,576 signatures in this timeframe. In other words, there was a difference of 13.3 million signatures between what we saw and what the Global Times reported.
The large discrepancy between our observed increase of signatures and the reported increase wasn’t the only suspicious aspect of the data. Tracking the top locations by signature number, the city that came in third place was simply “地球”—“Earth.”
While the petition was said to be a citizen-led initiative, it’s clear that the Global Times itself took a personal stake in amplifying it. The outlet vastly increased the number of articles it was publishing mentioning Fort Detrick once the petition was launched. Its Editor-in-Chief Hu Xijin (胡锡进) took to Weibo and Twitter to call for signatures. Another of its popular reporters, Lü Lu (吕璐), published a video endorsing the petition on the Global Times’s official Douyin account (the Chinese version of TikTok), claiming that Fort Detrick was one of the “darkest” military labs in the U.S. Other outlets such as CGTN and Xinhua news also amplified the petition, as did government officials, such as Ministry of Foreign Affairs spokesmen Wang Wenbin and Zhao Lijian, one of the first CCP officials to sow the COVID-19 origin conspiracy theory in March 2020.
Coordinated Promotion of Petition and Fort Detrick Conspiracy Videos on Social Media
We also tracked citations of the petition on social media sites. Using Facebook’s CrowdTangle browser extension, we found several instances of suspicious promotion of the petition URL in public groups and pages on Facebook. We found a set of 11 users posting the petition over 10 times across multiple pages and groups.
Several of these users show extreme dedication to spreading the petition to different groups. The most active of these users posted the link 42 times with identical post text in each. The second most active posted 34 of their 35 posts within one hour.
The Global Times Invites Everyone to sign the petition, please spread the word!
What in the world happened at Fort Detrick’s Biological Weapon Research Institution? The U.S. owes the world an explanation. “Fort Detrick”! What the hell did you do?
CCTV News Client 2021-06-08
At the same time, we also saw signs of coordinated promotion of a Fort Detrick video from Jason Lightfoot, a British vlogger whose videos frequently promote a worldview and narratives, including disinformation, that hew closely to the official CCP line. This video amplified Fort Detrick conspiracies, encouraged viewers to sign the Global Times petition, and showed similar signs of suspicious promotion based on data from the CrowdTangle extension. Lightfoot is also “Global Stringer” for China’s state-owned media outlet CGTN, and his videos are frequently amplified by CSM, such as Xinhua and CCTV. In one of his 2021 videos that was featured in CGTN, Lightfoot casts doubt on human rights abuses in China’s Northwest Region of Xinjiang, asking, “Is there one single piece of evidence that there's one million people in all of these camps? Any evidence?” Quite simply put, there is,2 and several governments around the world have formally recognized China’s treatment of the Muslim-minority Uyghurs as genocide.
Summing It Up
The Global Times petition to the WHO closed on August 6. Several signs suggest that this petition’s main purpose was as an innovative way to amplify the narrative that the U.S. created the novel Coronavirus. The discrepancy in the number of signatures we collected versus the number of signatures reported, widespread promotion of the petition by Chinese government officials and state-owned media outlets, and suspicious covert promotion of the website itself and conspiracy videos about Fort Detrick all cast doubt on the authenticity of the petition. Spamouflage, a CCP-aligned disinformation actor we published a six-part series on last month, also promoted the petition in posts on Facebook. Further, researchers and journalists have documented Chinese efforts to place blame for the Coronavirus on the U.S. since early 2020.
Ultimately, this petition did not have a significant effect outside China’s borders. The WHO has not officially responded to it, and very little international coverage of the petition occurred. In some sense, this is old wine in a new bottle — simply the latest innovation in a long-standing Chinese effort to pin blame for the virus on foreign governments. While the U.S. is the most frequent target of these efforts, other countries like Italy have also come into the CCP’s crosshairs.
A lack of traction outside the Middle Kingdom isn’t necessarily a failure – this petition may have achieved the goal of convincing a domestic audience that the theory was more credible. When it looks like many online users are supporting a cause, it can persuade others to buy into a campaign. Petitions are a particularly useful means of sowing disinformation, since they can easily create bandwagon support. This form of persuasive propaganda, known as “manufacturing consensus,” is a key feature of the digital age, particularly on WeChat, China’s most popular social media and messaging app.
Most importantly, this incident gives foreigners a taste of the state-backed disinformation that runs rampant on WeChat, a platform whose influence is large, but often goes overlooked by Westerners. Months after the petition closed, in November 2021, the official WeChat accounts of Chinese embassies and consulates around the world promoted an identical story from CSM outlet Xinhua amplifying the Fort Detrick conspiracy. Accounts for Chinese diplomatic bodies in Bangladesh, Belgium, Canada, Democratic Republic of the Congo, France, Japan, Iraq, Ireland, the Netherlands, and Switzerland all published the story, entitled “The truth about America’s malicious slander of China and the origins of the COVID-19,” within the same 36-hour window.
WeChat has over 1 billion monthly active users, and many of them live abroad. Behind China, the U.S. is home to the most monthly active users of the platform, and 60% of Mandarin-speaking Australians use it as their primary news source. With stats like these, it’s clear that successful domestic propaganda has implications the world at large. Since the CCP retains tight control over the app, its own propaganda campaigns enjoy a privileged status and face no danger of being removed from the platform. This petition didn’t ultimately achieve success outside of the Sinosphere, but that’s not a guarantee future CCP disinformation campaigns won’t hop the Great Firewall with consequences abroad. Scholars and journalists alike have already documented WeChat disinformation’s impacts in the U.S., Canada, and New Zealand. Increasingly, the international community will have to grapple with the effects of Chinese government disinformation on WeChat. The calculus in this campaign was skewing the math in the name of “science,” but the numbers simply don’t add up.
Keep up with the latest from Miburo by subscribing with your email here👇
We have made the assumption that data in the scrolling graphic on the website represented all real-time signatures as they came in, as the website leads users to believe this with its interface.
Duplicate JSONs - we considered JSONs to be duplicates when they contained identical city-timestamp pairs in the “data” field, and the same total signature number in the “num” field.
CrowdTangle Extension - the CrowdTangle extension enables researchers to view citations of a URL on Facebook. It limits the data one can see to 500 citations, so this data likely does not represent all citations of these URLs on Facebook itself. Nevertheless, it is a useful tool that can enable researchers to view coordinated promotion of domains and URLs on Facebook.
The list of 40 cities recycled in Figure 6 follows below:
Hulunbuir in Inner Mongolia
Hohhot, Inner Mongolia
Tongliao, Inner Mongolia
BuzzFeed News: Inside a Xinjiang Detention Camp, China Secretly Built A Vast New Infrastructure To Imprison Muslims; Newlines Institute for Strategy and Foreign Policy The Uyghur Genocide: An Examination of China’s Breaches of the 1948 Genocide Convention; Jamestown Foundation / Adrian Zens: Sterilizations, IUDs, and Mandatory Birth Control: The CCP’s Campaign to Suppress Uyghur Birthrates in Xinjiang; International Consortium of Investigative Journalists (ICIJ) Exposed: China’s Operating Manuals for Mass Internment and Arrest by Algorithm;; New York Times: The Xinjiang Papers: THE XINJIANG PAPERS ‘Absolutely No Mercy’: Leaked Files Expose How China Organized Mass Detentions of Muslim; the Chinese government was staging and scripting tours for foreign observers visiting Xinjiang; Human Rights Watch “Eradicating Ideological Viruses” China’s Campaign of Repression Against. IFTF: Detecting Digital Fingerprints: Tracing Chinese Disinformation in Taiwan; MIT Tech Review: How YouTube’s rules are used to silence human rights activists. Hacking campaigns targeting Uighurs - 2021 Facebook campaign: Taking Action Against Hackers in China; 2019 - TechCrunch Sources say China used iPhone hacks to target Uyghur Muslims; Google ProjectZero :A very deep dive into iOS Exploit chains found in the wild; 2016 PaloAlto Networks Scarlet Mimic: Years-Long Espionage Campaign Targets Minority Activists