Facebook wants to fix the political advertising market, but it might be unable to do so due to a legal loophole.

“Facebook doesn’t like to say it because it sounds scary: it wants to fix the political advertising market on its platform,” wrote tech pundit Sarah Lacy yesterday, in an encouraging piece for Fortune . “Here’s why it might not have a chance of doing so, and why it’s a necessary first step.”

Efforts to take action against fake news are being hampered by flaws in the online ad market, with social media sites like Facebook and Google able to use vast amounts of personal data about users in order to craft targeted marketing campaigns to sway election results. And while Google has promised to make more information about political ads available to the public, many fear that it won’t do enough to prevent used from being simply redirected back to the campaign in question.

According to Fortune, Facebook users have the option to hide their social network activity from third party websites by creating digital do-not-track (DNT) settings. But for many users of this feature, DNT is usually set to “on,” which means that if a third party website’s DNT settings match your own (by default) users can easily be targeted for all manner of data-gathering purposes, such as through ads.

“It’s absolutely essential that we get real and better controls for the political ads market,” Eric Schiffer, chairman of Reputation Management Consultants, told Time last week.

According to Time, social media companies “could get in trouble if the two parties don’t share information and other permissions.”

And Schiffer is right – there is potential for problems between Facebook and Google. The current political campaign cycle is already rife with hack attacks, and it’s possible that attacks against campaigns with sensitive information could be conducted by the same external meddlers behind recent security breaches, such as the BBC’s, or GDPR breach that hit Cambridge Analytica, or the Equifax breach of last year.

Facebook itself recently made headlines for not reporting a number of attacks, which caused a hacker to dump dozens of election-related emails, and posting a publicly available data directory of its employees to CEO Mark Zuckerberg’s private Instagram.

And while Google has promised to publish a report on political ads, Fortune reports that this will not be made available to the public, stating that the study is expected to be made to Washington in March, well after the midterm elections.

The big question for tech companies attempting to fix the fake news problem is what guarantees would prevent bots from re-directing ads to a campaign previously run, in order to avoid scrutiny, or avoid the spotlight, in the first place?