Month: January 2023

Experts say private individuals are paying the price of the lax online security put in place by public institutions. 

“Citizens’ data is being exposed because of logical errors and a failure to take appropriate technical-logical measures to protect privacy and prevent data being exposed to third parties,” said Kosovo cyber expert Mentor Hoxhaj.

Long-lasting fallout

Mentor Hoxhaj, Kosovo cyber expert. Photo courtesy of Mentor Hoxhaj

The fallout from the data breach in Albania is still being felt.

A 42-year-old woman from Tirana, who asked not to be named, told BIRN the data revealed a discrepancy in salaries between herself and others doing the same job.

“I’m the oldest in my workplace and I learned that the others working with me in the same sector are paid way better than me,” she said. “It came as a blow to me when I learned this fact and it pushed me to take a decision and change my employer to one where I will have a better salary.”

But Albanian lawyer Bledi Meminaj said worse is still to come. 

“We will have cases when someone will take out a loan on behalf of a family member or buy an expensive item by giving the data of an acquaintance,” he told BIRN.

Meminaj said that the Tax Administration should have been held accountable. “We will feel the effects of this leak after three years,” he said.

For Elton [not his real name], the reckoning has come far sooner.

“My wife learned about my salary and the situation deteriorated,” said Elton, who had told his wife he earned less.

“We need an afterwork beer, but this didn’t look normal in her eyes. She wanted all my money in the house, for the family. We quarrelled for many months until she filed for divorce a few days ago.”

Playing politics

In the Balkans, Albania is seen as the worst when it comes to protecting the personal data of its citizens. 

The December 2021 leak was not the first. Eight months earlier, as Albania braced for a parliamentary election, the Tirana-based portal Lapsi.al published a database of more than 900,000 voters that was being used by the ruling Socialist Party.

The document contained personal data such as phone numbers, ID numbers, polling station numbers, employment details and a description of the political affiliation of every Tirana voter. It even named the party member tasked with tracking a voter’s political preferences. 

Lapsi editor Armand Shkullaku could hardly believe his eyes.

“Someone I know told me that a Socialist Party group was receiving data from the National Information Society Agency (NISA) for all citizens, not only for Tirana,” Shkullaku told BIRN. “In total, only five senior members of the Socialist Party had access to the data, and then they were distributed according to a pyramid in the party,” until it reached those tasked with tracking individual voters.

The Socialists won the election, securing an unprecedented third consecutive term.

But even before prosecutors could release their findings, there was another leak, this one involving vehicle licence plates.

Eventually, after the election, four people were arrested, from NISA and the Tax Administration.

But Shkullaku accused the prosecution of dragging its feet for political reasons.

“They threatened to raid our office and the case went to court. Then we appealed to Strasbourg,” he said. “But we understood that their goal was to drag the issue out until April 25, election day, because if the result of the investigation was published before the elections it would have a huge impact on the result.”

The four suspects were later released and the investigation continues.

In Kosovo – many violations, few complaints

Krenare Sogojeva Dermaku, Kosovo Privacy Commissioner. Photo: BIRN

In Kosovo, Donika dropped her case when her harasser apologised.

“The offender admitted wrongdoing; he told how he succeeded in getting hold of my data and expressed his remorse. He also pledged he would never do the same thing again.”

“This was enough for me. I didn’t want to take the case to court because it would take years to get a verdict.”

Surprisingly, Krenare Sogojeva Dermaku, the Commissioner of the Agency for Information and Privacy, AIP, said the agency had not received a single complaint from private individuals concerning data privacy breaches by public institutions.

Sogojeva Dermaku was elected to the post in June 2021 by parliament after years in which the agency was unable to carry out its work because of political disagreement over who should run it.

Since January, AIP has received 64 complaints against private entities concerning publication of personal data, direct marketing, processing of biometric data for aims of identification and surveillance in public spaces.

“Perhaps citizens are not informed of our services, so that could be the reason why they do not file complaints,” said Sogojeva Dermaku. “We will organise a campaign which will inform people how their privacy could be breached, how they should act and what can we do.”

Likewise, the office of the Ombudsperson in Kosovo told BIRN it had not received any complaints concerning violations of privacy via government e-services.

Tax Administration officials admit shortcomings and say that they are working to improve the service.

“We have received complaints and we have addressed them with the Agency for Information and Privacy,” said Tax Administration spokeswoman Valentina Bytyci Sefa.

She told BIRN that improvements would be made to the administration’s mobile app to avoid breaches.

Hoxhaj, the cyber expert, said that public institutions had simply failed to take the appropriate measures.

“The institutions have not applied the ‘privacy by design’ rule/standard, which means that in the case when a service is applied, appropriate measures should be taken so that personal data is safe and privacy is protected,” he said.

“From the information security point of view, there is a violation of ‘confidentiality’ because the data can be exposed to third parties.”

Call for radical measures

In Albania, experts say that beyond increasing security, the law on the protection of personal data must also be amended.

IT expert Genti Progni called for punishments to be toughened up.

“We believe and hope that we have all the conditions, because money has been given for security,” Progni told BIRN. “There is no 100 per cent security in any country, but I think that the punishment of persons who are authorised to have access and abuse this access should be increased.”

Meanwhile, the office of the Commissioner for Data Protection said that, following an administrative investigation, it had recommended to relevant authorities that they update security protocols and limit the access to and use of data in state databases.

“A decision has also been taken to impose a sanction on the tax authority for refusing to cooperate,” the Commissioner said. “These recommendations must be implemented quickly, without prejudice to other proceedings of the competent authorities that aim to assess the integrity of the electoral process.”

Albanian legal expert Ervin Karamuco said that more than 150 people had so far gone to court over violations of their privacy but no verdict had yet been passed.

“Currently, any criminal organisation or structured cyber group finds it very easy to clone an individual’s identity and use it for cover purposes for the criminal acts they intend to commit,” Karamuco said.

He says that the state should take urgent, radical measures to change all identity cards and the ID numbers of Albanian citizens. 

“The publication of personal data has put the lives of Albanians in danger in many ways.”

As far as who runs the page and what the source of the money that was used to buy the Facebook ads on it, BIRN/Telex has been unable to find out officially. All that can be gleaned from Facebook’s public database is the number of Hungarian users who have administrative privileges to the page (there are three of them) and a phone number, an email address and a website through which they can be reached – supposedly. This reporter’s attempts to contact the administrators of the “Nem is Jámbor” page based on the information provided – by phone, text or email – were all in vain.

Although this particular Facebook page, which concentrates on discrediting Jámbor, stands out in many ways and is probably the most striking example of the phenomenon of such pages campaigning against opposition candidates, it is far from being the only one. By monitoring primarily political Facebook ads, BIRN/Telex has identified a total of 45 pages campaigning along similar lines during the run-up to the election.

Together, these pages cover 42 different parliamentary constituencies – i.e., 37 per cent of the country’s 106 constituencies. What these pages all have in common is that they invariably push pro-Fidesz narratives and that, despite a public database of Facebook ads that is designed to ensure transparency, it is impossible to know who exactly is behind them, who is maintaining them and – crucially – who is funding them.

This is adding to further worries about the free and fair nature of the April 3 election, which will pit Viktor Oban’s Fidesz against the joint six-party opposition, called United for Hungary, in what is expected to the closest election since 2010. Fears about the conduct of the 2022 election after 12 years of Fidesz rule has already led to OSCE election monitors being dispatched to Hungary – the first time Europe’s main security and rights watchdog will have conducted such extensive oversight of an election within an EU member state.

At the last Hungarian parliamentary election in 2018, the OSCE found that, “intimidating and xenophobic rhetoric, media bias and opaque campaign financing constricted the space for genuine political debate, hindering voters’ ability to make a fully-informed choice”.

Since then, little has improved. In the last four years, the state media has almost exclusively invited pro-government politicians to appear on its programs, while Hungary has fallen 19 places in Reporters Without Borders’ World Press Freedom Index.

What gives them away?

Taking the page “Nem is Jámbor” as an example, one might assume it is easy to spot similar pages, but that is not actually the case. Not all of these pages, for example, have been newly created. The oldest, “Otthonom Pécs” (literally, “Pécs is my home”), dates back to 2009, while most were created in 2017-18.

Furthermore, the pages’ aggregate of shared content, descriptions and titles are not always directed against a single figure of the opposition.

There are indeed a few pages that target an opposition parliamentary candidate in their very title. For example, one honed in on Bernadett Szél under the name “Ellenszél” (a pun based on the candidate’s name meaning “headwind”); another was called “Hiller István igazi arca” (literally, “The real face of István Hiller”). However, this tactic was uncommon among most of the pages we encountered.

More often, the page name refers to the area or perhaps a local landmark, such as “Vasi Srácok”, (“The Guys from Vas”), “Kaposvári Fricska” (“The Kaposvár Flick”), “A Tűztorony hangja” (“The Voice of the Fire Tower”, named after a landmark in Sopron), or “Tétény vezér” (referring to one of the Seven Chieftains of the Magyars and the 22nd district of Budapest).

Often, the name isn’t even directly related to any particular constituency, like “Csak Szólok” (literally, “I’m just saying”) or “A szomszédja már tudja – Ön is tudja meg” (literally, “Your neighbour already knows – You should know too”).

There are pages that are more concerned with generally bashing the opposition in their posts and often re-share content created by pro-government influencers aligned with government-allied organisations like Megafon Center or Aktuális Media, but there are also examples where, on the face of it, everything posted appears to simply be local pro-Fidesz news.

However, what ties the less obvious examples of attack pages to our first blatant example is that most, if not all, the Facebook ads on these pages over the last few months strive to discredit the opposition candidate of a particular constituency. Thus, the already well-documented campaign tactics on Facebook using a jumble of pro-Fidesz narrative and local attacks is now combining with another, lesser-known phenomenon of targeting individual candidates on Facebook pages, especially using paid ads.

It is important to note that while opposition-supporting groups also advertised heavily during the election campaign period, spending an average of half a million forints a month on their Facebook pages targeting the provinces, neither the pages themselves nor their ads were aimed directly at discrediting the government candidate of the area.

What’s the point?

Politicians and pundits alike have been arguing for some time that the key battleground of the 2022 election campaign would be Facebook.

The number of Facebook users in Hungary totalled 7.29 million as of February, making this social media platform by far the most widely used in the country. Alarmed by the power of Big Tech, government media allies attempted to create an alternative platform to deliver their messaging, but Hundub, the self-developed, conservative “safe space” that was supposed to replace the so-called ‘censoring’ Facebook, went out of business after just six months of operation and its owner was subject to enforcement proceedings by the tax authorities.

As research shows, several factors persuaded Fidesz’s communication advisors in 2021 to turn back to Hungary’s most popular social media platform to implement a centralisation strategy similar to the one the party carried out in the traditional news media segment since coming to power in 2010.

Although campaign spending in Hungary is capped by law, in practice this has no impact on platforms that are not officially linked to any parties or politicians. Consequently, the political sphere has almost completely outsourced online campaigning to a grey area, regardless of which side we are talking about. But if larger, well-established websites are already pumping out party political propaganda, what is the point of producing pro-Fidesz content specifically for smaller groups of followers, mostly ranging from a few hundred to several thousand?

If the focus of these projects was to build up a following, it could be argued that it is easier to engage locals directly rather than, say, for a broader propaganda page to target a nationwide audience. Some of the pages that are active in the smear campaigns also seem to be trying to exploit or build a kind of local identity in a way that is resolutely directed against the opposition alliance United for Hungary. However, this turned out to be rare among the pages that we came across, just as it is rare for defamatory pages to focus explicitly on addressing local issues. If the usual tactics of alarmism about the danger of the left or the drumming of pro-Fidesz messages were involved, they were simply adapted to the character, name or work of the opposition politician in question.

However, experts say there is a clear advantage in putting a local focus on paid advertising on these Facebook pages. Since the crosshairs of Facebook ads can be skilfully adjusted based on the geographic location of users, even with small amounts of money these pages can effectively engage potential – and, thus, impressionable – voters of particular opposition politicians.

How much spent in the last month?

The total spending of around 11 million forints (almost 30,000 euros) on these defamatory sites between February 17 and March 18 pales in comparison to the 1.2 billion forints (more than 3.2 million euros) that was spent to win over Hungarian voters on Facebook during the first month of the official campaign period. But considering how much easier it is to target a particular constituency with campaign messages, it is certainly surprising that, of the pages identified by BIRN/Telex as campaigning against an opposition candidate, 26 had a monthly expenditure of over 100,000 forints (more than 250 euros) and seven had a monthly expenditure of over 500,000 forints (more than 1,300 euros). These amounts would be sufficient for advertising targeted at the entire population of Hungary, not just at single constituency areas.

During this period the page “V-Akták” spent the most on Facebook ads at 1.6 million forints (almost 4,300 euros), but “Öreg Huszár” also spent over 1 million forints (almost 2,700 euros).

The underrepresentation of pages that do not spend on paid advertising on our list does not necessarily imply there are few such pages campaigning against an opposition candidate without advertising. Rather, the ones included are just those we happened to stumble across.

Ad libraries and dead-ends

So, if there is a definite benefit to putting a local focus on paid advertising on these Facebook pages and the cost of running the pages is remarkably low, then the next question is, who is behind all this?

Since Facebook, like other tech giants, has come under fire in the past for providing a platform for disinformation and political manipulation, in the spring of 2019 the US tech giant decided to make public who is spending on political and public interest ads, how much they are spending, and what kind of exposure they are getting in return.

Anyone can browse this data on Facebook’s Ad Library page, but as we saw in case of the page called “Nem is Jámbor”, this does not necessarily result in full transparency.

Although some of the information provided to register an ad account is generally made public – phone number, email address, website and, in some cases, even physical address – if it isn’t actually associated with any person or group, then critics say it is about as useful as Facebook blindly accepting – and proudly declaring – that the contributor of a given political ad was “Átvert Elek” (a pun resembling a Hungarian name that translates as “I fooled you”).

This is not a gross exaggeration. The ads on the page campaigning against opposition candidate Gergely Arató, which goes by the name X.ᴛʀᴀ, were paid for by “Team Gyurcsány” – the name of the former premier who is a party leader in the opposition alliance – and the contact information contains the address “contact@teamgyurcsany.com”.

Of the 45 pages identified as being defamatory in nature, 35 of them included telephone contact information. After going through the entire list, calling each number, it turned out that:

• Two of the pages provided the numbers of public payphones: “Kaposvár Fricska” was registered to the number of a payphone in Csombárd, while “Kommegmondó” had the number of a payphone at a gas station in Komárom.
• Eight of the numbers were no longer in use or at least didn’t ring when called, 12 of them were turned off, and of the 13 numbers that did ring through, four of them never picked up.
• Of the nine phone numbers that were active, two of them were owned by individuals who claimed to have no knowledge of the Facebook pages and no idea how anyone could have verified this contact information (either by call or text) when registering a Facebook ad account for a given page.
• In total, BIRN/Telex was only able to find four phone numbers that were at least able to confirm their existence and that the contact information was indeed associated with the given page.

Thus, only seven of the 45 defamatory pages listed a phone number through which this reporter managed to speak to someone who might be associated with the Facebook page in question. Upon learning the nature of our inquiries, five of them hung up almost immediately and proceeded to ignore all subsequent calls and texts:

• The number listed for the page “BalonKabat” was answered by a man who did not introduce himself. He claimed not to be affiliated with the page, but, somewhat suspiciously, hung up right after being told that, according to Facebook, someone had officially verified his number at some point.
• Our call to the number for the page “Fehérvár Hangja” was also answered by a man who introduced himself, but as soon as he heard mention of the Facebook page he hung up even before this reporter was able to finish the question. The number then became unavailable.
• We also managed to reach Gergő Bozóky – a familiar figure who back in 2020 ran for representative in a special election for the local government of Balatonszepezd. His campaign was notable for posters in Fidesz’s orange colour, the support of pro-government figures, and his team not being considered locals. Despite having given an interview to this reporter two years ago, this time he hung up and made the number unavailable when he realised the call was related to the Facebook page “BALfake – Soha többé Baloldal” (literally, “FAKEleft – Never Again Left”, or as a pun, “Twit – Never Again Left”).
• Our call to the number listed for “Palotai Poloska” was picked up by a woman who was not surprised to hear the purpose of our inquiry. She went so far as to confirm that the number was correct, but didn’t want to answer any questions. When asked whether it would be possible to talk to any of the other six administrators of the page, she hung up.
• Calling the number associated with the “Csak Szólok” page, a man answered who knew which page was being referred to. He said he was working at the moment and promised to call back later. He then hung up quickly. Despite contacting him again via text and email, he never replied.

Perhaps the two cases where BIRN/Telex made the most progress were those that led to local radio personalities.

We managed to get in contact with someone via the number provided under the page that was campaigning against Sopron city’s Koloman Brenner, “Tűztorony Hangja”. The man introduced himself and provided the phone number of a local public figure with the same name as a presenter on Radio 1. The man promised this person would be able to answer any questions about the page. From there, the story continued along the same lines as those mentioned above: the new contact didn’t pick up and the old one became unavailable.

The phone number for “Vasi Srácok” went through to a presenter for Hit Radio, who didn’t understand what we were talking about at first. Later, he called back and related a story about how, as a private contractor, he had helped someone launch a website and navigate Facebook’s advertising platform. As to who that individual was, however, he couldn’t say for reasons of client confidentiality. He claimed the page’s contact number was set to his private number in early February and never updated. He continued by explaining that he “didn’t deal with content or with ad launches” and his clients “didn’t provide much in the way of contact information anyway – perhaps an email address.” He asked what the issue was about the Facebook page in question – a page he considers merely “funny and humorous”. He promised that if he managed to get in touch with his client, he would pass along our contact details. This also ended up being a dead end.

Doing Fidesz’s bidding

There are several reasons to surmise it is not the actual opposition politicians that the defamatory pages are intended to discredit, but rather the six-party opposition coalition, United for Hungary, as a whole. In other words, these pages are not motivated by a personal dislike of the candidate, but are designed rather to work in Fidesz’s favour.

The most notable example of this is the page “Voksoló”, which was originally gunning for Miklós Gér. After he withdrew from the election, it switched immediately to targeting the new opposition candidate, Rebeka Szabó.

Then there is the page “Öreg Huszár”, which simultaneously speaks out against Márta V. Naszályi, the opposition mayor of Budapest’s 1st district, and Antal Csárdi, the opposition parliamentary candidate. And the page “Cívis Polgár”, which divides its ire between the opposition candidates of two constituencies in Debrecen.

Two outstanding questions remain: who has the time, money and energy to maintain a few unpopular pages that campaign against the opposition by focusing on specific constituencies? And is there any connection between the various pages that follow a similar logic.

What is certain is that, although these pages are clearly designed to bolster Fidesz’s election campaign, they are not officially a part of Fidesz and have no clear link to the governing party. Yet at the same time, it is also apparent that:

• Several defamatory pages are deeply integrated into the propaganda machine orbiting the government by resharing the content (and sometimes even repurposing it against local opposition candidates) of Megafon Centre’s pro-government influencer army (Megafon is an outfit that spends a lot on Facebook for ads of the pro-government influencers that it promotes. It remains unclear where the financing originates, though Megafon has previously denied having received public money).
• We uncovered a link between the contact information of two apparently different pages: the phone number for “Nem is Jámbor” (mentioned in the introduction) is identical to the one for “Tétény Vezér”, a page launched in 2017, which is currently campaigning against Endre Tóth (opposition candidate for the 21st district of Budapest).
• We also found an example of a page, “Salgótarjáni Aktuális”, currently being used as a defamatory platform targeting the opposition candidate Beatrix Godó, but which existed in 2015 under the name “Tibor Simon for Mayor”, a Fidesz candidate.

With respect to the page “Salgótarjáni Aktuális”, BIRN/Telex managed to contact Tibor Simon, who has since retired from party politics and now works as a government official. He informed BIRN/Telex that the page’s predecessor was created by his campaign staff when he was running in the special mayoral election for Salgótarján in 2015. As far as he knew, the page was deleted following the election, and he has had nothing to do with it since February 2016. According to Facebook’s public data, the page’s name was changed to “Polgári Salgótarjánért” (literally, “For a Civil Salgótarján”) in March 2016 and then to its current name in February 2021.

Ultimately, perhaps the most puzzling outstanding question centres on what the people and groups who run and fund these pages are so worried about. Why do they make themselves so inaccessible to the public? Why do they hide behind bogus Facebook pages, paid ad managers and untraceable phone numbers that become inactive or belong to public payphones?

Data was collected from Facebook’s public advertising database, the Facebook Ad Library. We reached out to all Facebook pages in this article that had placed paid ads. In the event the pages publicly displayed an active phone number, we contacted them both by calling and text. We also sent them our questions via email if the pages included such an address. For pages that only had the name of an individual as the advertiser and no contact details, we reached out to them via message on Facebook. However, at the time of writing this article, we had yet to receive any response to our written inquiries.

“Today, it is not uncommon for groups to hire attackers on the dark web who will do a certain amount of work for a certain amount of money,” said Metodi Hadji-Janev, associate professor of international law at the ‘General Mihailo Apostolski’ Military Academy in Skopje. “The fact is that cyberspace is an attractive channel for attacks with various motives.”

Cybersecurity analyst Suad Seferi told BIRN: “There is always the potential for far-right ideological threats in cyberspace. While they may be rare, they can still be very dangerous.”

From homegrown to state-sponsored

Illustration: EPA-EFE/SASCHA STEINBACH

Several global institutions have already felt the wrath of far-right extremism; in April 2020, far-right extremists published more than 25,000 email addresses belonging to major organisations such as the World Health Organisation, the World Bank, and the US National Institutes of Health.

The threat isn’t always homegrown.

Over the past couple of years, North Macedonia has been targeted by hackers in neighbouring countries, most notably a group calling itself ‘Powerful Greek Army’.

Two years ago, the group hacked dozens of e-mail addresses and passwords of employees in North Macedonia’s finance and economy ministry and the municipality of the city of Strumica.

Then in February this year, Powerful Greek Army struck again, this time targeting the North Macedonia’s education ministry.

Motives can vary – from political, ideological, to financial. Sometimes, it’s just about showing off.

“In the region there are these types of cyber incidents where the main goal of the attacker is to boast that they have successfully breached the defence systems of the governmental institutions of the targeted country,” said Milan Popov, a Skopje-based cybersecurity engineer.

“They usually deface the landing page of the institution to mark their presence. While institutions usually deny these attacks, in most cases they are indeed happening.”

There is also the state-sponsored variety, Popov told BIRN.

“China, Russia, and North Korea have been using them for different purposes from disabling the enemy’s major infrastructure to special operations to gather useful information. For example, North Korea mostly uses such attacks to finance itself with extortion from ransomware and all kinds of malwares.”

Big potential for cyber-attacks in the Balkans

Illustration: EPA-EFE/FELIPE TRUEBA.

In the Balkans, a region still grappling with the legacy of conflict, the potential for malicious cyber activity is enormous, experts say. Hacking groups from Turkey and Greece, for example, have frequently traded blows in recent years, with hackers targeting state institutions in either country depending on the issue of the day.

Far-right groups in other countries can capitalise on similar disputes to further their political goals, as Anonopsmkd tried.

“I remember that during the 90s there were similar cyber wars going on between Albanians and Serbs, when hacking was simpler and chaos could be created in most institutions with just a few clicks,” said Seferi, recalling the period when socialist Yugoslavia was falling apart and Serbs and Albanians were at odds over Kosovo.

IT systems used by state institutions today are much more advanced, but much still depends on their level of preparedness and the expertise they have to hand.

“The risks for state institutions are constant and they should be equipped with experts in that field that can help prevent such cyber-attacks,” said Seferi.

Easter holiday triggered online threats in Serbia and Bosnia

Existing tensions in Serbia and Bosnia prompted a new round of online threats targeting journalists and top politicians in both countries. The attacks surged ahead of the Easter holidays in both countries where religious divisions remain as alive as ever.

On April 28, Teresa Ribeiro, OSCE Representative on Freedom of the Media, expressed concern about attacks on media staffers in Serbia following a rise in violent threats, verbal attacks and allegations of being foreign mercenaries and “traitors”. Ribeiro said: “I am increasingly concerned by the latest barrage of threats and tone of accusations against media workers in Serbia. Such targeted anti-media manifestations – which are all too often perpetrated in direct reprisal for journalists’ work – have a chilling effect, not only on their ability to serve the public in a democratic society, but also on their physical and psychological wellbeing.”

The head of the Bosnian Serb, Orthodox Church in Bosnia and Herzegovina Metropolitan Hrizostom conducts an Orthodox Easter service in Orthodox Cathedral in Sarajevo, Bosnia and Herzegovina, 28 April 2019. Photo: EPA-EFE/FEHIM DEMIR

In Serbia, on April 22, the inbox of the daily newspaper and portal Danas was flooded with threats reacting to the published quote, “Truth, not God”, attributed to Indian independence leader Mahatma Gandhi, published on the Instagram of their portal.

According to the Independent Journalists’ Association of Serbia, this was the sixth attack on journalists that week, just before Easter. On April 18, the email address of the N1 portal received a threatening email, which the editorial office called the latest in a series of threats sent to this media outlet.

In another case, criminal proceedings were initiated against a man accused of threatening President Aleksandar Vučić on Instagram on April 16.

In Bosnia, a song threatening the international community’s top official in Bosnia, High Representative Christian Schmidt, with death, was widely shared on social networks on April 20, including YouTube, where it has attracted several hundred comments.

The song was sung by protesters at a rally in the mainly Bosnian Serb city of Banja Luka after Schmidt used his executive powers to suspend a property law in Bosnia’s mainly Serbian Republika Srpska RS entity.

In another case, Žarko Kovačević, deputy mayor of Prijedor, insulted his fellow Catholic citizens on Easter day. “When I remember what the Catholic clergy did and are doing to the Serbs, how many victims there were under their blessing, it’s not just that I cannot congratulate them [at Easter], but they disgust me,” he wrote. Kovacevic’s Facebook profile is currently blocked, and no posts are visible.

Pro-Kremlin propaganda rages on in Hungary

The re-election of Prime Minister Viktor Orbán and his Fidesz party drew opposition claims that freedom and pluralism of the media remain at risk. The editor of the independent weekly HVG, Márton Gergely, accused the Fidesz party of winning by “lies”. He said: “It is quite certain that this election was won with lies”, adding: “Since the election, we have seen that Orbán and Fidesz will not step back from their path.”

Ukrainian President Volodymyr Zelensky answers questions of journalists during his press conference in Kyiv, Ukraine, 23 April 2022. Photo: EPA-EFE/SERGEY DOLZHENKO

A few days ago, Tilos Rádió, an independent radio station based in Budapest, learned that its broadcasting license would not be extended in September, following a decision of the Hungarian government.

A video, which began circulating on Facebook in Hungary on April 28, showed cocaine on Ukrainian President Zelensky’s desk. However, it was a montage and the footage has been altered. The white powder was added afterwards. No powder was visible on the table in the original video. The Ukrainian President was also victim of another slur when an article on an anonymous website falsely claimed that Zelensky called Hungarian people “disgusting”. The article has been circulating in Hungarian-language pro-Russian groups on Facebook.

Two different incidents of pro-Russian disinformation and propaganda also occurred in Hungary on April 19. In the first, András Kovács, a journalist for the pro-government news website Origo, shared a post from a right-wing site called Szamok complaining about “the murderous Ukraine regime” and about EU aid for Ukraine’s reconstruction. In a second case, an article from RT (formerly Russia Today), media outlet, banned in the EU, claimed that the notorious massacre in the town of Bucha, attributed to Russian forces, was not committed by the Russians. This reposted by two extremist news sites close to the Hungarian government, Vadhajtások and Szent Korona Rádió.

Cyber-attacks hit Romania and North Macedonia

Hacking attacks targeting websites belonging to public and government institutions continue to occur in many online environments. Macedonia and Romania’s digital landscape, in particular, are struggling to react to the continued cyber-attacks and computer fraud targeting their public systems.

Marcel Ciolacu (C), the new leader of Romania’s main opposition party, the Social Democrat Party (PSD), arrives at his party congress surrounded by coleagues at the Parliament Palace in Bucharest, Romania, 22 August 2020. Photo: EPA-EFE/BOGDAN CRISTEL

On April 21, the website of the North Macedonia Public Procurement Bureau was reportedly targeted by a ransomware attack, according to several online portals in the country. According to the reports, hackers demanded a ransom paid in bitcoin. However, the head of the Public Procurement Bureau, Borche Hadziev, denied the report, saying that there just was a technical problem, which took time to fix. According to this institution, because of the incident, all tender calls would be extended for several weeks.

Meanwhile, in Romania, just few days after the visit to Kyiv of the Prime Minister and head of the Chamber of Deputies, websites belonging to several key public institutions were hit by DDoS attacks. The attacks were soon claimed on Telegram by Killnet, a hacking group based in Russia. The hackers blamed the attacks on Marcel Ciolacu, the Chamber of Deputies’ President, who promised Romania’s “maximum assistance” to Ukraine. For about seven hours, users couldn’t access the websites belonging to the Ministry of Defence, the government, the Border Police and the railway company.

However, the attack was dismissed as the “work of amateurs” by Vasile Dincu, Romanian Defence Minister. He further added that the hackers didn’t compromise the databases or the command and control systems. “Such attacks exist on government sites even without an ongoing war. Our cyber security divisions are ready. Episodes like this are from amateurs. Some are institutionally orchestrated,” Dincu said.

The harmful effects of online violence against women and girls, thus, exceed the issue of safety. Ultimately, this violence prevents women and girls from fully enjoying their human rights and hinders the achievement of gender equality.

Online violence against women takes many different forms: from harassment and intimidation to stalking, rape and death threats. New forms constantly emerge in the digital dimension. And while “doxing”, “trolling”, “sextortion” and “revenge porn” may be terms most of us have heard of, but aren’t sure how to define, studies have shown that over half the women and girls using the Internet have experienced these or other forms of online violence. Women and girls in the Balkans are just as exposed to digital forms of gender–based violence, but there remains a lacuna of research and statistics for the region.

Noting the significance of regional and context specific data – and the lack of it – as part of our efforts to detect digital rights violations in the Southeastern and Central Europe, we have analyzed over 35 instances of online gender-based violence against women and girls that took place from January 2021 to March 2022 in Albania, Bosnia and Herzegovina, Kosovo, Montenegro, North Macedonia and Serbia, which we collected as part of our Digital Rights Monitoring Database.

The selected cases demonstrate prevailing trends and contemporary forms of online violence against women and girls, which are worsening discrimination against women and hindering full enjoyment of their rights in the Balkans. They do not in any way represent the overall scale of violence committed against women in in the region. This is just a small piece of the puzzle that helps us to better understand trends and responses.

BIRN monitoring reveals six prevailing trends in which digital violence occurs:

• Online attacks with clear manifestation of hate speech
• Online attacks that follow domestic violence
• Online attacks that lead to physical violence
• Online attacks that include or lead to privacy breaches
• Online attacks on publicly exposed women groups, in particular journalists and politicians
• Online attacks on already vulnerable groups, in particular minorities, migrants and members of the LGBTQ community

Right to hold and express opinions v. Right to live free from violence

International Woman’s day March in Skopje in 2021. Photo: EPA-EFE/GEORGI LICOVSKI

More than half of the documented cases demonstrate a recurring theme of verbal harassment of women intertwined with sexist, misogynistic, degrading and disparaging comments, insults and threats, including threats of physical and sexual violence, rape, death and encouragement of others to inflict harm.

Triggers vary in nature. In some cases they are nonexistent, as some social media users deem it their personal right to share sexist, misogynist and hateful content and comments about women, regardless of whether the targeted woman is a public figure or not, and invite others to participate in their smear campaigns.

For example, in North Macedonia, a woman was subjected to a surge of hateful, sexist and misogynistic comments on social media after a news portal published an article about the amount of books she reads each year. According to the website, the woman read more than 438 books a year, which led to a number of hateful comments and mockery of her, personally, her family, her ability to be a mother, her professional record, etc. Most of the comments were posted on Facebook in the comments section on the pages where the article was shared and posted. The comments remained available despite their clear violation of Facebook’s community standards on hate speech.

Very often, discrimination and gender-based violence against women is incited and perpetuated by online portals that publish misogynistic, sexist and degrading articles about women. From tabloid to mainstream media, click-bait culture and lack of ethical standards, as well as poor (self) regulation, women and girls, through images and words, are subjected to violence and discrimination.

For instance, in two documented cases, internet portals in Bosnia and Herzegovina published articles depicting women’s physical appearance in a sexist manner with clear elements of “age shaming”. The articles resulted in further verbal harassment, ridicule, mockery, stigmatization and discrimination of the women by social media users in the comments section. In both cases, neither the media outlet nor the social media platforms removed the content despite their violation of journalistic ethical standards and community guidelines.

These two cases are not unique to the media landscape in Bosnia and Herzegovina; cases of misogynistic and sexist content published by media then going viral on social media with the surge of hateful comments are common in other countries in the region, too – with a similar lack of response from media or big tech companies.

Online violence against women as extension of domestic violence

A Bosnian woman looks at artist’s paintings in Sarajevo. Photo: EPA/Fehim Demir

In many cases, violence in the digital world is an extension of domestic violence committed by an intimate partner. Very often, domestic violence serves as a trigger for online attacks and gender-based violence. In Bosnia and Herzegovina, for instance, both news about a femicide and news about a victim reporting rape attracted misogynistic and offensive comments, with particularly concerning “victim blaming” and “victim shaming” comments from users who claimed that the victim “got what she deserved”.

Such comments reflect a prevailing attitude towards victims of domestic violence and sexual abuse in the region. This often pushes victims into self-censorship and silence, as they refrain from speaking out about the violence they suffered due to the concerns about prejudice and damage to their own reputation.

In many cases, online violence on social media is triggered by media reporting on domestic violence against women and girls. A BIRN investigation showed that media in North Macedonia still tend to sensationalise coverage of gender-based violence and point the finger of blame at the victim. According to research  done by the group Female Journalists against Violence, 27 per cent of articles in Serbia focused on domestic violence use sensationalistic or stereotypical terminology when describing a victim. The same report also showed that, in at least 40 per cent of the articles, the identity of the victim was revealed in the media. It often happens that, following this revelation, the victims are targeted on social media. In some countries, however, like Albania, Kosovo and Montenegro, domestic and a follow-up online violence has triggered protests in support of victims, as well as calls for stronger legislation to protect those exposed to violence.

When online violence moves offline

Kosovans take part in a march to mark International Women’s Day in Pristina, Kosovo, 08 March 2019. Photo by EPA-EFE/VALDRIN XHEMAJ

While the right to hold and express opinions applies to offensive and unfavourable ideas, this right is not unlimited. Incitement to violence, hostility or discrimination is not protected speech and cannot be justified under this right. Words and other forms of expression can and do lead to physical assault of those against whom the speech is directed. And while alarms would go off if this happened in the “real” world, when it comes to violence in the digital environment, many – in some cases including law enforcement authorities – regard virtual things as “not real”, as something that cannot inflict “real” harm. This seems to be the prevailing attitude even when threats of physical violence and assault are made online. However, online violence is not confined by the screen. The fact that in many cases online violence finds its way into the “real” world was demonstrated by a case in Serbia where, before physically assaulting a female gym employee, a man made online threats to her and even announced his plans to assault her on social media.

Furthermore, a case in which an unlawful action taking place offline was transferred and disseminated online, to subject the victim to further harm and suffering, demonstrates how online and offline violence are often intertwined and even dependent on each other to achieve full effect.

In another case in Serbia, a man was reported to the police for covertly taking intimate photos of a woman through the window of her home while she was undressing, and posting them online, violating not only her privacy rights and subjecting her to gender-based violence in the offline world but furthering violations in the digital environment as well.

Research also showed a correlation between online violence and human-trafficking, leading to increased cyber-trafficking of women, in particular during the global COVID pandemic. More than 40 per cent of female victims of human trafficking have also been subjected to some form of online abuse, according to a report by a Serbian NGO, Atina, looking at the correlation between the two. In interviews with 178 women and girls who received support from Atina over the past five years, 42 per cent reported being the target of online abuse, ranging from cyber-bullying, cyber-stalking, hacking, catfishing, revenge porn and “doxing” to online publication of private information intended to publicly expose and shame the victims. For 31 per cent of the interviewees, online abuse was directly linked to the process of human trafficking.

Explicit content sharing and privacy violations

A woman takes a picture of a contemporary art installation by Turkish artist Vahit Tuna that aims to raise awareness on women killed by domestic violence, in Istanbul. Photo: EPA – EFE

Online gender-based violence against women is often perpetrated through non-consensual accessing, manipulation and sharing of private information and content, including explicit content and photoshopped photos and videos that are sexualized or created with the intent to humiliate and stigmatize women.

In Bosnia and Herzegovina, a photomontage of a woman artist’s naked body was shared online and accompanied by sexist and misogynistic insults and mockery, done not only directly by the perpetrator but by his numerous followers as well.

“Sextortion” is a similar form of online gender-based violence. This refers to the use of digital means to blackmail a victim, usually involving the perpetrator threatening to release intimate pictures of the victim, or other content, in order to obtain more explicit content, sexual acts or sexual contact with the victim. Such forms of online violence against women have been documented in the Balkans as well. For instance, in Bosnia and Herzegovina, a man was reported to the police for “sexual blackmail” after he had been harassing a woman online for a long time, by sending her offensive messages and threatening to publish explicit images of her, if she did not agree to have a relationship with him.

A particularly worrying trend noted in the monitored countries is the sharing of explicit photos and videos of women, as well as their personal information, including their names and addresses, via social media, messaging apps and secret groups.

For example, a notorious Telegram group where users post and share explicit sexualized content about women and girls has been reactivated in North Macedonia. Alongside the photos, users share the addresses and telephone numbers of the victims, many of whom are underage. In a similar case in Serbia, chat groups containing explicit photos and videos of women and seeking sexual services were detected. Some of these chat groups were named after cities in Serbia, further identifying the location of the victims. Such cases do not only violate the privacy rights of the women and girls whose images and personal information have been shared; they pose a direct threat to their safety.

Female politicians are frequent targets

A Romanian masked woman plays in a street theatre act, meant to show women’s condition in Romanian society. Photo: EPA-EFE/Robert Ghement 

Certain groups of women are more often at the receiving end of online violence due to the role they play in society, or their public positions. Politicians, journalists, human rights defenders and activists are increasingly targeted, threatened and harassed, our monitoring shows.

Previous BIRN research showed that women journalists in the Balkans face online abuse on a daily basis. Most see little point in complaining to employers or the police, given the systematic failures to punish the perpetrators, according to the findings of a BIRN analysis. For the purpose of this research, we explored violence against a group that is prominent in terms of the number of online threats it receives – female politicians. In a large number of cases, female politicians are targeted by online threats that are generally misogynistic, sexualized and specifically gendered. This further institutionalizes patriarchal norms whereby most politicians in the region in leadership positions are male.

For instance, in Montenegro, three female members of the Democratic Party of Socialists, DPS, Drita Llolla, Amina Brahic and Nina Perunovic, were insulted and targeted with sexual harassment by a Twitter user. Similarly, a Montenegrin opposition MP, Draginja Vuksanovic Stankovic, was targeted with threats of physical violence and incitement to violence by a Facebook user. In both cases, although these threats violated the community standards of Facebook and Twitter, the networks failed to sanction hate speech in both cases.

In many cases where female politicians suffer online violence, their male counterparts are perpetrating the violence, further confirming power dynamics in Balkan politics whereby men take most senior and decision making posts and are the majority in the political and governance circles. For instance, in Bosnia and Herzegovina, Social Democratic politician Vojin Mijatovic insulted Sabina Cudic, a representative of the party Nasa Stranka, on the basis of her gender and repeated his insults on his Facebook profile. In a similar case, the Mayor of Zenica, Fuad Kasumovic, commenting on a presentation by a city councilor, Emina Tufekcic, said that she “deserved a slap for every word”. After other councilors condemned him for misogyny, Kasumovic insisted that he had not referred to Tufekcic herself but her party, the Party of Democratic Action, SDA. Tufekcic was not sanctioned for his attack, and his speech went viral, attracting further sexist and misogynistic comments and threats.

Cases of online gender-based violence targeting female politicians are particularly alarming as they threaten to undermine women’s political engagement, silence their voices and hinder their democratic participation. This correlates with studies conducted in Albania by the Ombudsman and Commissioner for Protection from Discrimination. These showed that women in Albanian politics still face routine discrimination, abuse and offensive language. Data analyzed by BIRN on online media coverage shows that sexist and derogative language was still being used against women in the last Albanian elections. Media coverage of women candidates in the election was also lower, compared to coverage of their male colleagues. A sample of some 6,900 articles analyzed by BIRN shows that 30 per cent of online media monitored had a clear gender bias. Data drawn from the monitoring showed that only 15.3 per cent of the political statements published by the media in their online sites came from women candidates as opposed to 84.7 per cent from their male colleagues.

Intersecting forms of discrimination

A Romanian young woman (L) takes care of her partner’s hair during the Gay Pride 2019 parade, in downtown Bucharest. Photo: EPA-EFE/ROBERT GHEMENT 

Women and girls who are subjected to intersecting forms of discrimination on other grounds, apart from gender, are particularly vulnerable to online violence. Women of colour and women who belong to religious or ethnic minorities are often targeted. For these women, gender-based violence in the digital world is intertwined with xenophobic, racist, misogynistic, sexist comments and hate speech.

The toll is particularly high for groups that already experience discrimination in society and are pressured on almost every societal level, – in particular Roma, refugees and migrants and LBGTQ persons. In a case in North Macedonia, explicit photos and videos of Roma women and girls were shared on Facebook, followed by insults, xenophobic and racist comments. In Bosnia, Antimigrant.ba, an anti-migrant internet portal, shared a testimony of an Afghan woman who was sexually harassed by a Croatian border police officer. The testimony was originally published by the UK Guardian, but the Bosnian internet portal misused the article and shared its own review of the story, filled with sexist, misogynistic, xenophobic and racist comments. The administrator and the editor of Antimigrant.ba portal, Fatmir Alispahic, was charged with inciting and spreading hatred through textual, photo and video content on several occasions in 2019 and 2020. However, in 2021, the Court of Bosnia and Herzegovina acquitted him. In Albania, the prominent LBGTQ activist Xheni Karaj and members of her association, Aleanca, have been exposed to threats and insults on social media and have also experienced  derogatory treatment from other media outlets.

Reasons for failing to protect

A woman holds a poster reading ‘Men Should Not Be Making Laws About My Body’ as pro-abortion protesters demonstrate at the West Hollywood City Hall in Hollywood, California, USA, 21 May 2019. Nationwide protests have activists calling for reproductive freedom and a halt to new laws limiting and criminalizing abortion services. EPA-EFE/ETIENNE LAURENT

As outlined, violence against women, including online gender-based violence, is a form of discrimination against women and a human rights violation that prevents women from fully enjoying their human rights, from actively participating in society and, ultimately, from achieving gender equality.

Our monitoring shows that online gender-based violence is growing in the Balkan region for four main reasons: inadequate legislation and an already poor institutional response to discrimination and hate speech; lack of response from big tech companies in implementing their own community policies related to digital violence; media enforcing gender stereotypes and failing to publish violations of professional ethical guidelines; and deep-rooted patriarchal norms on societal level that legitimize and normalize  violence and discrimination against women.

According to relevant regional and international human rights instruments, by which Balkan states are bound, states have an obligation to combat all forms of discrimination against women, including online violence, and to protect their human rights, including every woman’s right to live free from violence. Furthermore, states have an obligation to prevent, investigate and punish acts of violence against women and girls.

Despite their legal obligations, however, many Balkan countries, including those monitored for this study, have poor legal frameworks that do not adequately treat and sanction online violence and its perpetrators. Namely, domestic laws do not explicitly regulate online gender-based violence. Considering the scale of this problem and its detrimental effects on human rights, equality and participation of women, it is essential for countries to adopt specific laws or adapt existing laws to combat and prevent gender-based online violence and its contemporary forms, bearing in mind its continuing evolvement. Here, particularly relevant are violence against women and gender equality domestic legal frameworks, including family laws and laws on domestic violence, and applicable criminal codes.

Even when handling offline gender violence, institutions have a poor record. Criminalization of online violence against women and girls is essential to ensure a deterrent effect. States should criminalize all elements and forms of online violence, including subsequent re-sharing of harmful content. Members of legal and regulatory mechanisms, including law enforcement and prosecutors’ offices, need to be properly trained and equipped with knowledge, human and technical resources, including special divisions for digital crimes, to adequately and effectively implement the law, minimize harmful effects, sanction perpetrators and ensure prevention.

Just as the legal framework fails to regulate online gender-based violence, the laws of monitored countries do not contain provisions specifically regulating online hate speech either. The absence of words “online” or “internet-facilitated” does not and should not, however, prevent relevant authorities from combating online hate speech through the use of existing legal provisions, particularly criminal law provisions. Overall, while existing legal and institutional frameworks for combating hate speech in the Balkan countries seem robust in theory, their practical application is lacking. The rate of sanctioned incidents of reported hate speech is worryingly low, even when it comes to the instances documented in the “offline environment”. For instance, despite data indicating that hate speech in Bosnia and Herzegovina is on the rise, only 13 convictions for hate speech were issued by courts between 2015 and 2020, according to research conducted by Youth Initiative for Human Rights in Bosnia and Global Analytics as part of the project “Suppressing Hate Speech Through Empowerment of Youth”.

An additional issue is that laws regulating hate speech recognize only several protected grounds, and gender is not one of them. However, as BIRN monitoring shows, it is women and girls that are increasingly being targeted with hate speech and subjected to hatred, hostility and discrimination based on gender. Considering that authorities are obliged to uphold women’s rights and combat discrimination, they should interpret and apply laws in the light of contemporary trends and the issues that women and girls in the Balkans are facing, including, but not limited to, gender-based violence and hate speech.

The issue is not only limited to the lack of adequate legal frameworks or poor implementation.

One major obstacle to combating online violence against women is a general perception that online violence is not a serious crime and cannot cause serious harm. Such attitudes reinforce a culture of impunity and come with dire consequences. They send the message that perpetrators of online violence won’t suffer legal consequences, thereby encouraging further violence. Out of fear, loss of trust in the authorities and a sense of hopelessness, victims silence themselves, retreat from the internet and the public space, fearing consequences of their own exposure, and further exacerbating gender inequality and stigmatization of women in the Balkans. This is even truer in patriarchal societies where women are traditionally segregated and excluded from public life and where men dominate the narrative. Such societies favour men, as shown in elections where the dominant candidates are male and where there is a clear gender cap. It is the same within institutions.

Media also favour male candidates. But it doesn’t end there. The media also amplify violence against women by publishing articles that promote sexists and misogynist attitudes, by revealing personal data about victims of sexual, domestic and general gender-based violence, and by targeting vulnerable groups simply because they belong to certain groups. Although bound by respective ethical codes in journalism, self-regulation has not done much to achieve accountability in terms of unprofessional reporting.

The reasons for increased digital violence are not only internal. They are also external. Social media companies have proved to be great enablers for digital violence against women. The platforms, especially Facebook and Twitter, have failed to uphold their responsibility to protect women’s rights online by failing to adequately investigate and respond to reports of violence and abuse in a transparent manner, leading many women to silence or censor themselves on the platform.

Facebook has its own well developed policy rationale when it comes to hate speech and sanctioning this type of content. In reality, its moderators are blind to the violations of their guidelines in the Balkans. This also reflects the fact that the company has limited content managers who understand the local languages, and relies on mix of algorithms and the human factor. Previously, Facebook told BIRN that it primarily relies on AI to detect violating content on Facebook and Instagram, and in some cases take action on the content automatically.

According to Facebook, they “utilize content reviewers for reviewing and labelling specific content, particularly when technology is less effective at making sense of context, intent or motivation”. BIRN’s investigation shows that the tools used by social media giants to protect their community guidelines are failing: posts and accounts that violate the rules often remain available even when breaches are acknowledged, while others that remain within the rules are suspended without clear reason. Almost half of reports in Bosnian, Serbian, Montenegrin or Macedonian made to Facebook and Twitter are about hate speech. One in two posts reported as hate speech, threatening violence or harassment in Bosnian, Serbian, Montenegrin or Macedonian language, remains online.

When it comes to reports of threats of violence, such content was removed in 60 per cent of cases, and in 50 per cent of cases of targeted harassment. Distinguishing harsh criticism from defamation, or radical political opinions from expressions of hatred and racism or incitement to violence, requires contextual and nuanced analysis. In the absence of that, clear violations of social media networks’ community standards allow offensive and violent content not only to stay but to flourish.

Killed Children’s Remembrance Day sparks online violations in Bosnia

On May 5, Sarajevo’s Day of Remembrance for Fallen Children was celebrated in Children’s Square in Sarajevo with parents and officials laying flowers and addressing gathered residents. The event was also attended by Sefik Dzaferovic and Zeljko Komsic, members of the Presidency of Bosnia and Herzegovina.

The Memorial to Children Killed in the 1992-1995 siege was inaugurated on May 9, 2009, in Veliki Park in the municipality of Centar, by artist Mensud Kečo. A year after its opening a pedestal was erected containing the names of 521 children, out of an estimated total of 1,621 dead.

A Bosnian woman prays on the 30th anniversary of the Bosnian Independence at a memorial to the fallen soldiers in the Bosnian War (1992-95), in Sarajevo, Bosnia and Herzegovina, 01 March 2022. Photo: EPA-EFE/FEHIM DEMIR

Three days after this year’s commemoration day, political analyst and psychologist Srdjan Puhalo wrote an article querying the figures used, titled: “Prove that 1,601 children were killed in Sarajevo or stop using that number”.

“The media in Sarajevo know that this number is not based on reliable research, but still transmit inaccurate information without any evidence. I don’t know why they do that, but in any case, it is not correct, professional, or fair,” Puhalo added.

Following the controversial statements, Puhalo was targeted by several insults and threats on Twitter.

Puhalo was also supported by film director Jasmila Žbanić however, who on May 13 on social media urged institutions to publish accurate data on the number of children killed. The director, who was backed by the Director of the Museum of War Childhood, Jasminko Halilović, and political analyst Ivana Marić, said she had since been exposed to “a wave of anger from those who disagree on the important truth”, adding that, “every child killed deserves to know his or her name and to know exactly how he was killed and who killed him!”

In her police report, she stated that some threats were sent from the Facebook profile of Haris Zahiragić, an MP. “Zahiragić put her name and picture in a false context and provoked a mob calling for a lynch with her lies,” she wrote. Another comment about her had read: “Žbanić should be killed as a matter of urgency”.

Fake news on Ukrainian President continues to go viral in Hungary

Following the April 28 episode of misinformation where Ukrainian President Zelensky was falsely accused of using drugs, online violations targeting Zelensky have not slowed in Hungary’s digital environment.

Disinformation campaigns and misleading news about Zelensky are now commonplace in several countries where social media channels linked to Russia and Belarus aim to destabilize digital environments.

Recently, Pro-Russia online operatives falsely claimed that the Ukrainian President had committed suicide in an attempt to undermine the Ukrainian government and deceive the public.

In an opinion poll launched by Statista, in May, about 65 per cent of Hungarian citizens expressed a negative opinion about Zelensky. This could reflect the disinformation campaigns that pro-Fidesz media outlets have started since the conflict began in Ukraine.

Supporters of Ukraine attend a counter-event against a pro-Russian rally held nearby in Budapest, Hungary, 30 April 2022. Photo: EPA-EFE/Zoltan Balogh

On May 10, an episode was recorded in Hungary where a picture of a weeping girl with a caption calling her the daughter of Zelensky spread among Hungarian Facebook users. The text circulating online says “Zelensky’s daughter” hates her father, who is a “fascist” and “murderer of the Ukrainian people”. However, the picture did not actually show Zelensky’s daughter. It was from a Russian-language video, available online since 2017, in which the crying girl complains that her boyfriend didn’t buy her a new phone.

A further episode of online manipulation occurred on May 16 in which Zelensky was accused of wearing a Nazi swastika. Several social media posts of Zelensky holding a soccer jersey with a swastika in place of a number went viral on Hungarian social media. However, after the detection of pixel discrepancies by AFP, it was found that the picture had been digitally manipulated by adding a swastika to an original photo that Zelensky posted last year, on June 8.

The caption read: “The new jersey of Ukraine’s national football team is special. It can shock. It features several important symbols that unite Ukrainians from Luhansk to Uzhgorod, from Chernihiv to Sevastopol. Our country is one and indivisible. Crimea is Ukraine.”

In polarised Serbia, online attacks on journalists keep going

Although Serbia has some of the most advanced legislation on the media, journalists are routinely threatened by political pressures, and by the impunity of crimes committed against them. In a highly polarised political climate, journalists remain subjected to political attacks instigated by members of the ruling elite that are amplified by certain national TV networks, according to RSF.

A protestor wears a mask while blocking the streets in front of the government headquarters during a protest against Rio Tinto’s plans to open a lithium mine in Belgrade, Serbia, 18 December 2021. Photo: EPA-EFE/ANDREJ CUKIC

Mina Delić, a journalist and photographer from Senta, in the northern province of Vojvodina, received a court summons over the environmental protests and roadblocks organized across Serbia in December last year. She was allegedly marked as a protest organizer because she had posted a call to a protest in a Facebook group. She was summoned to attend the Senta Misdemeanor Court on May 23, and if she does not respond or justify her absence, her arrest would be ordered.

Another case was related to a local government official who used Facebook to insult a journalist and the television station employing her, as well as an opposition activist. Zdravko Mladenović, president of Batočina municipality, posted insulting remarks about Zlatija Labović and Dragan Biočanin, a local opposition activist who Labović had interviewed. Mladenović said: “What else can you expect from such appearances, deserters, traitors, clowns and jukeboxes, to whom you insert something, and they play and sing when you press a button?” Last December, Mladenović also insulted the correspondent of H1 Television shouting: “Why are you filming?” and “You did not announce yourself to come,” expelling the journalist from the Assembly session.

Cyber-attacks and Russian-sponsored DDoS attacks target Romania and North Macedonia

Hacking attacks continue to be registered with alarming frequency in Romania and North Macedonia, where large public companies and institutional sites are targeted by groups that are often linked to Russia.

In the most prominent case of digital rights violations in North Macedonia in the first half of May, scammers targeted one of the biggest banks, NLB Bank and its customers, asking them for their personal data and accounts. The bank warned customers not to share any details with those asking for it, even if they say they are bank representatives.

In another incident, recorded on April 30, the Romanian National Cybersecurity Directorate said its own website was temporarily taken down by a DDoS attack one day after key public institutions in the country were hit by a wave of cyber-attacks claimed by Killnet, a pro-Russia hacking group. The DDoS attack blocked user access to the website for six hours.

A further incident occurred on May 1 when Digi24.ro, the most read news site in Romania, remained unreachable for some hours after a DDoS attack, later also claimed by Killnet. “The Mirai Team is causing massive damage to Digi24 servers. We are waiting for the next success,” the message posted on Killnet’s Telegram said.

Romanian Far-Rightists Storm Digital Environment

Following the rejection of the so-called “Sovereignty Bill” by Romania’s Chamber of Deputies on May 10, the political climate has further deteriorated.

The law initiative, signed by 23 MPs from the Alliance for the Union of Romanians, AUR, two from the Social Democratic Party, PSD, and two unaffiliated MPs, and which was on the list for a vote in the Chamber of Deputies, aimed, among other things, to extend the powers of the Intelligence service, empowering it to oblige civilians or companies, as well as public authorities and institutions, to collaborate with the institution.

On May 10, two AUR MPs live-streamed themselves harassing Alfred-Robert Simonis, leader of the Social Democratic parliamentary group in the hallway of the Chamber of Deputies. One of the two MPs, Dumitru-Viorel Focșa, as he left the plenary hall, threatened Simonis, telling him: “I will walk over your body. You are a bastard!” Following this, Simonis also hurled insults at the two MPs. This angered supporters of the far-right party, who further insulted and harassed Simonis on Facebook. Later that day, AUR politician also admitted threatening to beat Simonis

A second case saw George Nicolae Simion, leader of the AUR, storm his way into a media outlet. On May 18, after Virgil Popescu, the Minister of Energy, accused him of defending Russian interests in Romania, he live-streamed himself breaking into the newsroom of Digi24 news TV station. Two security guards accused him of forcing his way into the TV studio premises and called the police. Simion initially refused to leave but left after the arrival of the police, shouting: “The state authorities are at the disposal of Digi24. This is the headquarters of the SRI [Romanian Intelligence Service].”

Misinformation about Ukraine spreads in Hungary, Serbia

Since the Ukrainian war started in February, the digital environments in Hungary and Serbia have experienced increasing amounts of disinformation about what is happening there. Online violations involving propaganda and fake news have become endemic and routine. Hungary remains at the top of the list of countries with the largest number of such digital breaches.

On May 15, news was published on several Hungarian-language news portals that McDonald’s had introduced a “neo-Nazi menu in Norway”. This referred to the so-called “Bandera burger” that the news portals said was named after the World War II Ukrainian ultra-nationalist Stepan Bandera. In fact, the name “Bandera” referred to the sauce in the hamburger, which recalled the colours of the Mexican flag and was inspired by a particular ingredient of Mexican cuisine.

A further episode of disinformation in Hungary occurred on May 30. After Ukrainian soldiers defending the Azovsztal plant in the port of Mariupol surrendered in May, a photo of an American admiral Eric Olson, shown among the prisoners-of-war, began to spread in the Hungarian social media. Fact-checking websites revealed that the photo was taken a month before Mariupol surrendered and was published on April 14 by the Russian state news agency Sputnik.

Hungary is not the only country where false news about the Ukraine conflict is spreading. On May 27, several news portals in Serbia also reported on an alleged statement by the Mayor of Kyiv, Vitali Klitschko comparing the war in Ukraine and the conflict in Kosovo.

Klitschko has since denied saying this. The news, which went viral in the Serbian digital space, reported an interview given by Klitschko to a Swiss portal in which he supposedly stated: “The Ukrainians will get rid of the Russians like the Albanians got rid of Serbs.” Klitschko also allegedly said: “I am very glad to have met an Albanian journalist for the first time, which is a good opportunity to convey a message to the Albanian people in the Balkans. We have heard and read that you Albanians, like us Ukrainians, are people of peace and freedom-loving. Today we are fighting the Russian regime that is trying to occupy our country, as you were once occupied by Serbia.”

Later that day, on his Facebook profile, the Mayor denied making the quote. “I did not comment on that. Even before they transmit such information and quote anything, journalists should look for audio or video evidence for such an exclusive,” Klitschko wrote.

Political tensions and discrediting strategies in Bosnia, North Macedonia

Ahead of the general elections on October 2, Bosnia has experienced an increasing number of party clashes and internal tensions.

“Bosnia and Herzegovina remain a country traumatized by war,” said Christian Schmidt, the international community’s High Representative, in a letter to the President of the UN Security Council on April 29. Outlining the main challenges ahead of the elections, Schmidt also said that the authorities of the mainly Serbian Republika Srpska entity have increasingly embraced rhetoric and actions that could undermine Bosnia’s constitutional framework and render state laws inapplicable.

On May 23, meanwhile, Alma Omerović, president of the Women of the SDA (Democratic Action Party) in Sarajevo, invited all voters to vote for her Bosniak party in the elections. Omerović who is also the president of the municipal assembly in Ilijas, insulted the vice-president of the Social Democratic Party, SDP, Denis Bećirović, who will be her opponent in the race for the Bosniak post on the three-member state presidency.

Omerović, who called Bećirović a “traitor” also declared an election “jihad” on social media. “Bosniaks, this is the jihad of our time,” she said on Facebook.

The statement drew numerous reactions, including from the US embassy in Bosnia. “Such a comment is contrary to the sincere commitment to inclusive and collaborative participation in government, for the benefit of all BiH citizens, which is exactly what voters in this country want and deserve,” the embassy said.

In North Macedonia, meanwhile, our monitors also registered a case related to political tensions. On May 25, several Twitter users, in order to discredit the local city government, shared a photo depicting a project that the city of Skopje is carrying out regarding an access ramp in one of its municipalities. The photo, however, turned out to be cropped and the circumstances of the project weren’t stated, which led many Twitter users to accuse the city authorities of not doing a good job on the project.