In last two days, unknown persons in Turkey have hacked mosques’ digital audio systems in the coastal city of Izmir and played the anti-fascist song Ciao Bella and other songs with revolutionary messages.
After videos of the stunt were widely shared, Izmir police announced that they had started an investigation on Thursday and detained several people for insulting religion.
The detainees included Banu Ozdemir a former city official of main opposition Republican People’s Party, CHP.
The Turkish Religious Authority, the Diyanet, announced that it had filed a criminal complaint about the hacking.
“These people are unknown and evil-minded. They insulted our sacred religious values in the holy month of Ramadan. We have filed a criminal complaint at the city prosecutor’s office,” the chief cleric in Izmir, Mufti Sukru Balkan, said on Thursday.
The Diyanet had to suspend all calls to prayers, known as adhans, in Izmir because of the attacks until further notice.
The digital attacks and the playing of songs from minarets angered local politicians.
“We condemn these attacks on our mosques. Whoever has a problem with mosques also has problems with the nation,” Omer Celik, the spokesperson of the ruling Justice and Development Party, said on Thursday.
Tunc Soyer, the Mayor of Izmir, from the CHP, also called the incidents provocative. “The incidents made me and the people of Izmir very sad. This is a provocative and villainous act to set us against each other. We should not fall into this trap,” Soyer told the media.
Redhack previously hacked several Turkish government websites, including the Ankara city police department and the Turkish parliament. The group also hacked the email account of Berat Albayrak, the Finance Minister and son-in-law of President Recep Tayyip Erdogan.
Serbian citizens have launched the website hiljade.kamera.rs as a response to the deployment of state-of-the-art facial recognition surveillance technology in the streets of Belgrade. Information regarding these new cameras has been shrouded in secrecy, as the public was kept in the dark on all the most important aspects of this state-lead project.
War, especially in the past hundred years, has propelled the development of exceptional technology. After the Great War came the radio, decades after the Second World War brought us McLuhan’s “global village” and Moore’s law on historic trends. Warfare itself has changed too – from muddy trenches and mustard gas to drone strikes and malware. Some countries, more than others, have frequently been used as testing grounds for different kinds of battle.
Well into the 21st century, Serbia still does not have a strong privacy culture, which has been left in the shadows of past regimes and widespread surveillance. Even today, direct police and security agencies’ access to communications metadata stored by mobile and internet operators makes mass surveillance possible.
As appearances matter most, control over the flow of information is a key component of power in the age of populism. We have recently seen various developments in this context – Twitter shutting down around 8,500 troll accounts pumping out support for the ruling Serbian Progressive Party and its leader and the country’s President Aleksandar Vucic. These trolls are also frequently used to attack political opponents and journalists, exposing the shady dealings of high ranking public officials. Reporters Without Borders and Freedom House have noted a deterioration in press freedom and democracy in the Balkan country.
However, a new threat to human rights and freedoms in Serbia has emerged. In early 2019, the Minister of Interior and the Police Director announced that Belgrade will receive “a thousand” smart surveillance cameras with face and license plate recognition capabilities, supplied by the Chinese tech giant – Huawei. Both the government in Serbia and China have been working on “technical and economic cooperation” since 2009, when they signed their first bilateral agreement. Several years later, a strategic partnership forged between Serbia’s Ministry of Interior and Huawei, paving the way to the implementation of the project “Safe Society in Serbia”. Over the past several months, new cameras have been widely installed throughout Belgrade.
This highly intrusive system has raised questions among citizens and human rights organisations, who have pointed to Serbia’s interesting history with surveillance cameras. Sometimes these devices have conveniently worked and their footage is somehow leaked to the public, and in some cases, they have not worked or recordings of key situations have gone missing, just as conveniently. Even though the Ministry was obliged by law to conduct a Data Protection Impact Assessment (DPIA) of the new smart surveillance system, it failed to fulfil the legal requirements, as warned by civil society organisations and the Commissioner for Personal Data Protection.
The use of such technology to constantly surveil the movements of all citizens, who are now at risk of suddenly becoming potential criminals, has run counter to the fundamental principles of necessity and proportionality, as required by domestic and international data protection standards. In such circumstances, when there was no public debate whatsoever nor transparency, the only remaining option is a social response, as reflected in the newly launched website.
“Hiljade kamera” (“Thousands of Cameras”) is a platform started by a community of individuals and organisations who advocate for the responsible use of surveillance technology. Their goals are citizen-led transparency and to hold officials accountable for their actions, by mapping cameras and speaking out about this topic to the public. The community has recently started tweeting out photos of cameras in Belgrade alongside the hashtag #hiljadekamera and encouraged others to do so as well.
The Interior Ministry has yet to publish a reworked and compliant Data Protection Impact Assessment (DPIA) but the installation of cameras continues under sketchy legal circumstances.
Already under unprecedented pressure since a failed 2016 coup against President Recep Tayyip Erdogan, civil society groups in Turkey say their ability to draw attention to human rights violations has been further curtailed by government restrictions on public gatherings and events to tackle the spread of COVID-19.
Four days after registering its first confirmed case of the novel coronavirus, on March 15 Turkey banned all public events and subsequently halted all travel between the country’s major cities and imposed movement restrictions on those under the age of 20 or over the age of 65.
Non-governmental organisations, like much of the rest of society, have moved almost all activity online; while some organisations say this has resulted in an increase in output, most say restrictions on travel and scrutiny of state institutions have hurt their work.
With almost 40 branches across the country, Human Rights Association, IHD, general secretary Osman Isci told BIRN: “We had to cancel all our events, inter-city travel and press conference, which were crucial for our work and for spreading awareness about human rights violations across the country.”
“There has been a significant decrease in reports on human rights violations because of the restrictions,” he said.
Civil society sidelined
Third anniversary of the failed coup attempt at the Ataturk Airport in Istanbul, Turkey, 2019. Photo: EPA-EFE/ERDEM SAHIN
Enes Ozkan, the editor-in-chief of Daktilo84, a non-governmental academic platform bringing together academics and experts, said the restrictions had increased output.
“Now, everyone has to stay home and this made everyone more accessible,” he said. “We started to increase our webinars, writings and other online events because of the increasing demand as well as accessibility of our members,” Ozkan told BIRN.
Already working largely online, Daktilo84 was less affected, he said, “but organisations that focus on psychical events suffer the most.”
Social Democracy Foundation, SODEV, for example, said staff members were now working from home and board meetings were held online. All regular events and conferences were cancelled, said director Murat Uner.
“We can continue our work somehow but we hope that this situation will end soon,” he said.
Uner said SODEV had received notice from the Turkish Interior Ministry that even all online events had been banned as part of the government’s measures against the pandemic. Uproar among civil society groups forced a U-turn, with the government saying it the order had been the result of a mistake.
Isci of IHD said it was indicative of the government’s approach to civil society, particularly since Erdogan put down a coup in 2016 that he blamed on U.S.-based cleric and former ally Fethullah Gulen. Gulen denied any involvement, but the government nevertheless launched a crackdown on his followers as well as large parts of the public sector, security forces, media and civil society.
“When any extraordinary situation such as the COVID-19 pandemic occurs, civil society organisations become more vulnerable and fragile because of security-oriented policies,” Isci told BIRN.
“In order to overcome the difficulties which civil society organisations face the government should respect the requirements of civil society,” he said.
Isci complained that the government had made no effort to involve civil society groups in the fight against the coronavirus.
Like other “authoritarian governments”, he said, Turkey’s has pursued legislation that creates “a suitable atmosphere to close the space for civil society movement,” for example by restricting access to parliament and prisons and excluding medical unions from crisis-management efforts.
Post-putsch crackdown
A man with a face mask in Istanbul, Turkey, 2020. Photo: EPA-EFE/TOLGA BOZOGLU
Since the failed coup, 1,767 associations, foundations and labour unions have been closed down by the government and hundreds of others had to cease activities citing government pressure.
Ozkan said civil society groups in Turkey were seriously dwindling in number.
“Most of the remaining civil society organisations are embedded to the state or they are countrymen associations which are simply nothing more than meeting points for people living in large cities who are from same village or town,” he said.
“If you are critical, very vocal and influential, the government wants to control and to shape you via audits and fines,” Ozkan told BIRN. “If you have funding from abroad the situation becomes worse.”
Isci said the government had framed much of political life in terms of security, creating a deeply polarised “us and them” atmosphere. “You face certain problems if you are critical,” he said. “This is why we see that so many civil society organisations have been closed down.”
Security placed above freedom
Illustration. Photo: EPA-EFE/CLEMENS BILAN
With the COVID-19 pandemic, Ozkan compared the response of the Turkish government to that of Viktor Orban’s Hungary, Donald Trump’s US administration and Poland under the Law and Justice Party of Jaroslaw Kaczynski. Freedom becomes subordinated to security, he said.
“Authoritarian regimes use everything to become more authoritarian; they try to use everything for their favour and the coronavirus crisis is a perfect example of that,” he said. “Autocrats use the pandemic to maximise their power.”
“There should be a balance between security and freedoms. However, everyone now focuses on staying home safe and fulfilling their main needs. When freedoms come in second place, this provides more space for authoritarian regimes.”
On April 13, before parliament voted a new package of laws including greater government control over media, civil society, academia and social media, Erdogan declared, “Some media and politicians are more dangerous than the virus. They attack and criticise the government instead of supporting it in these hard days, but our country will get rid of media and political viruses very soon.”
The law on social media, which would further restrict digital rights, was eventually postponed to make way for COVID-19-related legislation.
Ozkan said such laws were made possible by a situation in which people are ready to trade away rights and freedoms for greater safety.
“And civil society organisations are excluded from all the process,” he said. “What we say is not heard, we are not involved in decision-making processes and the government never listens us.”
More than ever before, because of the coronavirus outbreak, use of video conferencing is on the rise.
Whether it is attending work meetings or online seminars and conferences, or taking part in leisure activities like online fitness classes and birthday parties – video conferencing and social media apps have brought huge relief, and a sense of continuity, to people feeling trapped inside their homes by government-imposed lockdowns.
However, while the coronavirus wreaks havoc outside, this time of increased online activities has also generated growing challenges. While some of the most popular video conferencing and video sharing apps, such as Zoom, Houseparty, and TikTok, have seen record-breaking growth in the numbers of users, the apps have also faced serious data breaches and other cybersecurity-related issues.
Cybersecurity experts say that while use of the apps has clearly reduced the risk of people getting infected with the virus by going outside, the same isn’t true for other viral problems, talking about cyberspace.
“Disclosure of personal data, recording sensitive information, or storing people’s profiles on unauthorized servers are some of the risks that go hand in hand with the use of video-conferencing tools,” says Skopje-based cybersecurity practitioner Daniel Trenchov.
“Greater use of virtual telecommunication tools does eliminate pandemic-induced risks,” he adds, “but not necessarily cybersecurity ones.”
Zoom ‘bombing’ is on the rise:
Illustration. Photo: EFE/MATTIA SEDDA
Last Friday, Michael Oghia, a Belgrade-based internet governance consultant, was getting ready for his weekly Zoom conference call with colleagues all over the world.
Usually, the group uses these meetings to chat and discuss ongoing social developments. This time, however, they experienced something more unpleasant.
“Around 45 minutes into the event, when one of the speakers went to share his screen, all of a sudden a child pornography video appeared. Once I realized what was happening, I immediately shut my laptop out of shock,” Oghia said.
“I couldn’t believe it. For a moment I thought that maybe it didn’t even happen. Then re-entered the Zoom call and wanted to see if the others had experienced it. Around 15 or 20 minutes later, another Zoom-bombing happened – again child porn. It was absolutely vile,” Oghia told BIRN.
“Zoom-bombing” incidents like this have become a regular occurrence for those using the app lately. In the last few months, since the coronavirus outbreak started, the app has seen the number of daily users increase hugely from 10 millio to 300 million.
After the incident, Oghia contacted Zoom to report what had happened. The company replied that it would investigate.
“Zoom-bombing is on the rise, and in this particular case, I’ve heard of multiple instances over the past few days of it happening (one group was the UK-based Open Rights Group, for instance),” Oghia explained.
“There will always be issues with safety concerns, but this is no excuse. I’ve used Zoom for years, and the ease of using the platform and the features it has have made video-conferencing easier. But they need to do an even better job at ensuring their privacy and making sure the security features are clear and easy to use.”
The incident prompted Oghia and his colleagues to prepare a short “zoom-bombing” prevention and resources guide to help others that are using Zoom and other video conferencing software.
In its latest statement, Zoom said that it would release an improved version of the app, addressing security concerns about phemonena like “bombing”, while also having upgraded encryption features.
More education in safe use of apps needed:
Illustration. Photo: EPA-EFE/AMEL PAIN
When it comes to the security of video-conferencing apps, several factors are crucial, cybersecurity experts explain. One is having a proper education in the safe use of these social tools.
“These apps have a very useful role and that is why their use should not be avoided, but it is necessary to educate ourselves more, to provide the highest possible protection,” a Skopje-based personal data protection expert, Ljubica Pendaroska, told BIRN.
It is essential to note that not every app is designed for use at home. Zoom was designed for use by large businesses with in-house IT specialists who would set up and control the software when using it, Pendaroska explained.
Now, especially during lockdowns, while Zoom is still mostly used for business purposes, people are using it more for family events such as birthdays, or even wedding celebrations.
“Potential hazards also come from the fact that these apps detect and remove issues most often on the go, or as they occur,” she said.
“What’s particularly concerning is that most of these tools are not encrypted by end-user to end-user, which increases the possibility of so-called ‘interception’ of communications by unwanted and malicious participants,” she added.
Houseparty, another popular video conferencing app, has also faced intense security scrutiny over the last months.
The app is popular with teenagers and youngsters who use it to play various group games, giving it a more fun-based approach compared to other apps. At the same time, these groups are potentially vulnerable to various security issues that can arise.
“There are also apps, for example like Houseparty, where to make it easier to find friends, you can connect your account with phone contacts and social media accounts,” Pendaroska noted. “This enormously increases the potential danger not only for your safety but also for the safety of all these contacts,” she added.
“There could be hacker attacks; during the meeting, the administrator can see details such as the operating system, IP address and location data of each of the participants; also, uninvited users in the communication, if the password is not authenticated, could use the conversation to spread malicious links or send files,” she explained.
Espionage concerns linked to China:
Illustration. Photo: Pxhere
TikTok, a Chinese video-sharing social network, is increasingly popular in the Balkans, especially among teenagers who post various challenges to each other, such as dance-offs, sing-offs and so on.
But in some parts of the world, there are initiatives to ban it. In the US, lawmakers have introduced a bill to the Senate, which cites the company’s connection to the Chinese government, saying its potential collection of data from US citizens represents a security risk to the US.
Global cybersecurity companies have also identified many security vulnerabilities in the app that could allow malicious actors to manipulate its content and reveal the personal data of its users.
Cybersecurity experts say one way that tech companies could deal with such security risks and the consequences for their users is by having transparency reports.
“This could also include independent security audits of their code looking for weaknesses and flaws – akin to what Microsoft and Apple do with their operating systems, or what Google does with its “bug bounty” program,” Oghia suggested.
When it comes to the users themselves, the best prevention is to know not only what these apps bring to the table, but just as importantly, what their software solutions and vulnerabilities are.
Research by Picodi.com, an international e-commerce platform, says interest in video messaging clients has increased by seven times since the coronavirus restrictions were introduced in many European countries.
WhatsApp was the most frequently searched messaging app in 22 European countries. It is also a favourite app in the Czech Republic, Albania, Romania and Turkey.
Worldwide interest in the Zoom video app is skyrocketing, in Europe as well, with it being the most popular app in 14 countries, including Moldova, North Macedonia and Slovenia.
Besides WhatsApp and Zoom, people were massively using Skype – in Hungary, Poland, Slovakia and Greece, Viber – in Bosnia and Herzegovina and Montenegro, and Microsoft teams – in Croatia and Bulgaria.
Picodi.com analyzed the average number of online search queries of 19 messaging clients which enable video chatting.
North Macedonia has become the first country in the Western Balkans to launch a contact-tracing app to tackle the spread of COVID-19, with the government at pains to stress user data will be protected.
StopKorona! went live on April 13 as a Bluetooth-based smartphone app that warns users if they have come into contact with someone who has tested positive for the novel coronavirus, based on the distance between their mobile devices.
The app, downloaded more than 5,000 times on its first day, was developed and donated to the Macedonian authorities by Skopje-based software company Nextsense.
States are increasingly looking at digital solutions to control the spread of COVID-19 as they move to open up their economies while limiting the burden on their health services. The European Union and data protection campaigners, however, have voiced concern over the threat such technology poses to individual privacy.
Presenting the app, Health Minister Venko Filipce said North Macedonia was looking to use “all tools and possibilities” to combat a disease that, as of April 15, had killed 44 people.
Information Society Minister Damjan Manchevski said all data would be securely stored.
“This data is recorded on a secure server of the Ministry of Health,” Manchevski said at the launch. “And no other user has access to mobile numbers, nor is there any data stored about the owner of the number.”
If a person tests positive for COVID-19, they can “voluntarily” submit their data to the Ministry of Health, Manchevski said, enabling the app to warn other users if they come into contact with that person.
Data privacy concerns linger
Macedonian Minister of Health Venko Filipce accompanied by Prime Minister Oliver Spasovski in Skopje, Republic of North Macedonia, 2020. Photo: EPA-EFE/NAKE BATEV
China, Singapore, Israel and Russia are among a number of countries that have developed their own coronavirus mobile tracking apps, mainly using Bluetooth, GPS, cellular location tracking and QR codes. The Chinese government app colour codes citizens according to risk level.
The technology, however, has set alarm bells ringing among data protection campaigners and rights organisations concerned about the threat posed by mass surveillance and loosening of data protection laws.
Nextsense director Vasko Kronevski, however, said his firm’s StopKorona! app adhered to all legal requirements.
“This is a mobile app made by following best practices around the world in dealing with the coronavirus,” he said. “It guarantees the complete protection of users’ privacy.”
“The success will depend on the mass use of the application. It is important to emphasise that we used global experiences from different countries.”
One of those examples is Singapore’s TraceTogether app, which helped the Asian country successfully contain the COVID-19 outbreak within its borders while, unlike most countries, keeping businesses and schools open.
According to data privacy experts, the decentralized design of North Macedonia’s app guarantees that data will only be stored on those devices that run it, unless they voluntarily submit it to the ministry.
“The key part is that the citizen maintains full control over their data until the moment they decide to send it to the Ministry after being diagnosed,” said Danilo Krivokapic, director of the Serbia-based digital rights watchdog SHARE Foundation.
“Additionally, all data stored on the phone is being deleted after 14 days,” he told BIRN. “In that context, the app is in line with the legislation that covers Data Protection.”
Krivokapic stressed that once data is shared with the authorities, the Ministry and all data users are obliged to respect the legal framework regarding privacy and data protection.
EU countries warming up to digital solutions
People wearing face masks in Skopje, Republic of North Macedonia, 2020. Photo: EPA-EFE/GEORGI LICOVSKI
France and Germany are reported to be working on similar contact-tracing apps, while Poland has made the biggest progress within the EU.
Polish authorities have already launched a smartphone app for those in quarantine and are now working on another, similar to StopKorona!
The first app was mandatory for people in quarantine, meaning that they had to upload selfies so the authorities could track their exact location.
According to Krzysztof Izdebski, policy director at ePanstwo Foundation, a Poland-based NGO that promotes transparency and open data, the coronavirus pandemic has already posed significant threats to privacy, with governments deploying technologies primarily created for the surveillance of their citizens.
With the second app, the Bluetooth-based ProteGO, authorities have published the app’s source code online, to get feedback and opinions from IT experts before implementing it.
So ProteGO, said Izdebski, is an example of an app that is trying to meet privacy requirements.
“The data is stored on personal devices for up to two weeks, and only if the user is sick and agrees to share data with respective authorities, they are being sent to the server – without information on the location,” Izdebski told BIRN.
And while digital solutions such as these could become a game-changer in containing the outbreak, experts note that success still depends on how many people are willing to use them.
“For the technical solution to have some results, a substantial number of citizens need to run the apps and to decide to share their data in case they are diagnosed,” said SHARE Foundation’s Krivokapic. “This way, the app can serve its purpose.”
As Turkey, like the rest of the world, struggles with the coronavirus pandemic, its government plans to take another step to further restrict digital rights in the country.
A draft law will create new responsibilities for answering the government’s demands on their content for social media giants such as Twitter, Facebook and Instagram and popular messaging apps like WhatsApp and Messenger.
The law on social media was dropped from the parliamentary schedule on Tuesday to make way for more urgent bills on the economy and health amid the COVID-19 pandemic. But civil society groups and opposition parties fear it will be back before long.
Human rights watchdogs, experts and the opposition suspect the government of President Recep Tayyip Erdogan is using the coronavirus crisis to place further controls over social media.
Experts warn that the planned measures would have serious consequences for tech companies’ activities, and may result in some leaving the country.
The draft law on social media has been sent to the business world and unions for consultation, but the opposition is sure it will come back to parliament soon.
“Erdogan’s intention is to close down the social media with this draft law. They will try to bring the draft law [back to parliament] at the first possible chance,” Garo Paylan, an MP from the pro-Kurdish People’s Democratic Party, HDP, told the media on Tuesday.
Emre Kursat Kaya, a security analyst with the Istanbul-based Centre for Economics and Foreign Policy Studies, EDAM, says times of pandemics are usually compared to wartime periods for a reason.
“People are pushed to make a choice between their individual freedoms and more security from public authorities. Most of the time, it is the latter that prevails. Not many questions are asked and debates around issues are mostly avoided as the crisis requires rapid responses,” Kaya told BIRN.
New law creates long list of obligations
Turkish President Recep Tayyip Erdogan in Ankara, Turkey, 2020. Photo: EPA-EFE/STR
The draft law obliges foreign social media companies with high internet traffic to appoint an official representative in Turkey to answer authorities’ demands concerning the content on their platforms.
Companies will need to respond to communications from the authorities about their content within 72 hours and compile and notify officials of all removed or blocked content in three-month periods, the draft law says.
More importantly, the companies will also be asked to store data belonging to Turkish users within the country.
If they fail to respond to official requests within 72 hours, they will face penalties up to 135 million euros. Companies that do not compile the removed or blocked content, or do not store data in Turkey, could be fined up to 675 million euros.
The draft law also says that companies that do not follow the government’s new rules could face having their bandwidth halved after 30 days by a court order, and then reduced by 95 per cent if they continue to flout the rules for another 30 days.
“The Turkish authorities have long demanded to have official representatives of online service providers,” Kaya noted.
“This demand was linked to a wish to accelerate the removal of unlawful content from online platforms. But even without having a representative in Turkey, these platforms tend to respond to removal requests quite rapidly, and faster than the 72 hours expected by the text,” he added.
Kaya said the first two aspects of the proposed law would not have such a big impact on how fast content is deleted, but “will only add another layer of pressure on online service providers by taking their representatives as responsible”.
He added: “What’s more worrying … is the third aspect, which basically requires data localization from online service providers.
“This is highly problematic as there is no precedent of such action from these global companies and this could result in them simply leaving the Turkish market,” he continued.
Companies may quit market rather than obey
Two Turkish women try to get connected to the Twitter in Istanbul, Turkey. Photo: EPA/TOLGA BOZOGLU
Taylan Yıldız, a former Google analyst and member of the Istanbul Municipal Council from the opposition Good Party, said that the draft law has many open-ended articles, and it will mostly affect people with pro-opposition ideas and opposition parties.
In March alone, 433 Turkish citizens were detained because for social media posts that allegedly spread fake or manipulative news on the coronavirus pandemic.
At least four people were arrested or fined for their social media posts, including Fikri Saglar, a former lawmaker from the main opposition Republican People’s Party, CHP.
A legal investigation was also started against Omer Gergerlioglu, an HDP MP, because of his social media posts on the effect of the pandemic on Turkey’s overcrowded prisons.
Yildiz said that if social media companies withdraw operations from the country, “Turkey will become introverted and will face a disconnection with the rest of the world”.
Turkey previously blocked several social media companies because of their refusals to delete some content.
Court rulings blocked Twitter several times in 2014, though the ban was later lifted following an agreement between Twitter and the government.
As of 2018, Twitter reported that the Turkish government accounted for more than 52 per cent of all content removal requests worldwide; Twitter only answered 4 per cent of the government’s requests.
Turkey also banned the social information platform Wikipedia for more than two-and-a-half years because of content that the government wanted removed. In a surprise decision, the Constitutional Court lifted the ban on January 15, 2020.
“If the legislation passes as it stands, the main issue for social media providers will be the demand for data localization. This is practically impossible, as it would mean an additional financial burden and unavoidable security risks for these companies,” Kaya, from EDAM, said.
He said the demand for data localization was not unique to Turkey, so if companies concede it to Turkey, they will face pressure to do the same for many other countries. “Sadly, this will probably result in many of them leaving the Turkish market,” he predicted.
The worldwide online payments system PayPal ceased all of its operations in Turkey for similar issues in 2016. “Facebook, Twitter and WhatsApp could follow in PayPal’s footsteps and disable the use their applications in Turkey,” Kaya concluded.
In the COVID-19 pandemic, people are being arrested in Serbia for posting or texting messages that contain information that can be linked with the ongoing health crisis – their actions being classified as acts of spreading panic and causing disorder by spreading fake news. They can face up to three years in prison, or a fine.
It comes as people, independent journalists especially, are subjected to severe limitations of freedom of speech under the excuse of the health crisis, which in some cases has also led to their incarceration.
Looking at all these cases as part of a contextualised story, they clearly expose the authoritarian tendency of the regime in Serbia to curb freedoms far more than is necessary during the state of emergency – no doubt knowing that it will leave behind a lot of fear and intimidation, which will last far longer than any pandemic.
Journalist Ana Lalic. Photo: Vesna Lalic /Nova.rs
Last Wednesday, for example, Ana Lalic, a journalist from the online portal Nova S, was arrested merely for reporting poor conditions in the Vojvodina Clinical Centre. She was released the next day thanks to huge pressure from the media and civil society organisations.
Another important decision followed on Thursday when, on the Serbian President’s request, the government withdrew its earlier decision, issued on March 31 , giving the central Crisis Staff led by Prime Minister Ana Brnabic the exclusive right to inform the public about anything linked with the COVID-19 crisis. This seriously endangered media freedoms.
Before this, the information flow had been put under the full control of the government of a country that has dropped 14 places recently in terms of media freedom to 90th position among 180 countries, according to the global media watchdog Reporters Without Borders.
Rule of Law is suffering in COVID-19 outbreak
The rule of law in Serbia was nothing to be proud about already, and the scope of political influence on the judiciary remains a matter of concern. Now, many lawyers and legal experts have warned of the unconstitutionality of decisions issued during the state of emergency, and questioning the state of emergency itself.
The latest statement from the Bar Chamber of Serbia , addressing the constitutionality of the decision to declare a state of emergency, emphasised that the chamber will “always react when they evaluate that there has been a serious disruption of legal state order, which can be dangerous for the legal state functioning”.
But digital rights, and rights to privacy and freedom of expression on the internet all face serious limitations and breaches. In the illiberal democracies of the region, dominated by elements of authoritarian regimes, there is legitimate concern about disproportionate interference in citizens’ personal data and a justified belief that the newly imposed measures are not properly tailored to achieve their objective while minimally damaging guaranteed rights.
Serbian President Aleksandar Vucic in Belgrade, Serbia. Photo: EPA-EFE/KOCA SULEJMANOVIC
President Aleksandar Vucic of Serbia, while introducing the latest measures there, has openly said that the authorities there “see everything”. Those who have entered the country since March 14 are now receiving SMS messages with new rules applying to their situation. We do not have the privilege of being assured that the ongoing tracking and monitoring of individuals and communities is being carried out strictly in line with human rights, however. There is also concern about the future use of the data being collected during this crisis.
Several arrests because of social media posts and account bans have occurred since March 30, while, on the other hand, a page called “COVID 19 Serbia” – which targets journalists and government opponents with sponsored posts during the crisis – functions normally. It is obvious some people are being permitted to use this global disease in the most disgraceful way to hurt others.
The case of the Nova S journalist happened in a certain context, and in an atmosphere where journalists’ right to put questions to the government has been limited, and shortly after the decision was made on controlling the flow of information.
Human rights organisations have issued a joint statement calling on governments to refrain from taking unbalanced measures that violate human rights. The European Union Commissioner for Human Rights, Dunja Mijatovic, has said: “Challenges that governments face during the COVID-19 pandemic are no excuse for clamping down on press freedom and restricting access to information”.
Unprecedented challenges in countering #COVID19 are no excuse to clamp down on press & restrict access to information. All @coe states shld preserve #PressFreedom & ensure that measures vs disinformation are necessary, proportionate & subject to oversight https://t.co/0P0ZRsaTU4pic.twitter.com/woMsKaZLS0
— Commissioner for Human Rights (@CommissionerHR) April 3, 2020
The announcement of the withdrawal of the decision on the information flow – only two days after it was declared – and the release of the journalist Lalic – have been presented as acts of mercy and kindness on the part of the President when more important tasks face the country at the moment.
While the decision was still in force, however, another arrest occurred, of a 34-year-old man, this time for posting a tweet. He was detained on suspicion of spreading panic and causing disorder by allegedly spreading fake news on Twitter saying that Serbia would impose a 24-hour curfew. The man was released the next day, after he told police he was not the author of the fake news and only got the information from his wife who works at the construction, transport and infrastructure ministry.
A day before his arrest, Serbia’s Interior Minister warned citizens that disinformation was circulating on social networks about the alleged new 24-hour curfew, while the tabloid Informer claimed that this fake news was being spread via SMS, and published a number from which the message supposedly arrived.
This text was removed on Wednesday, and replaced with the new one, after users of Telekom Serbia mobile provider received a message about the “Dramatic situation in Serbia” sent to them on the request of central Crisis Staff for COVID-19 suppression – from the same number that Informer had first claimed was used to send the message about “24-hour curfew”.
Real paradise for pro-government media
Before the health crisis finally erupted in Serbia, pro-government media were accusing the opposition and independent-minded people of spreading panic and frightening the public with the pandemic.
Once the COVID-19 pandemic started to really affect Serbia, they rapidly changed their tune – but kept the same authentic style.
Some of the headlines related to coronavirus published on the front page of Informer daily newspaper – “Corona in Serbia under complete control” (top left); “Sick plan of SZS (Alliance for Serbia), spreading lies about coronavirus and migrants in order to postpone the elections and take Vucic down” (top right); “Coronavirus escaped from the laboratory” (down left); “Dr Branimir Nestorovic explained: Coronavirus is ridiculous! No need to wear masks” (down right). Photo: BIRN/Novinarnica.net
At a press conference on Thursday, for example, when the pro-government media asked the President questions, they insulted the journalist Lalic and the portal she works for. Dragan Vucicevic, editor of Serbia’s most popular tabloid, even expressed concern that her release might officially legitimise the publication of fake news in Serbia – tough talk from a man whose media outlet has routinely used published unverified and fake information, and which has been proved to be a pro-government biased news factory!
President Vucic reminded all journalists that, besides the criminal code , Serbia has norms that regulate the responsibilities of journalists and the media (Section 5, Article 38-41) and other individuals for fake news distribution and spreading and causing panic among the public (Article 343).
But one might argue that certain rules seem applicable only to regular citizens – and to media that report on government wrongdoings.
Not limited to one country
As usual, bad trends in the Balkans never emerge only in one country. Arrests for posts on social media and articles, removal of content from websites, or even removal of whole websites, banning accounts, and limitations on journalistic work are all happening in other countries in the region as well.
Additionally, citizens’ personal data and lists of names of infected people are being shared on the internet – and no one is being prosecuted for such activities.
The latest example of this type of violation in Serbia comes from the northern municipality of Sid, which published the personal data of a citizen confirmed as infected with COVID-19. That person’s initials, age, address and workplace were all published on the municipal website.
False information about the virus is spread each day in the Balkans. In a region with poor media literacy, citizens are deceived in the most senseless way at a time when they are most vulnerable. Journalists and individuals who try to report on the under-reported cases are portrayed as enemies of the fight against the virus.
The health of each person is, and must be, our priority at this time – but that should not mean it has to be constantly confronted with the health of our freedoms.
For more information and the latest updates on arbitrary arrests, emergency legislation to combat the COVID-19 outbreak, surveillance, phone tapping, privacy breaches and other digital rights violations, visit the Digital Rights in the Time of COVID-19 page on BIRN’s Investigative Resource Desk.
As Croatian MPs discussed a proposed law amendment, that would allow authorities easier access to citizens’ information amid the ongoing coronavirus epidemic, opposition lawmakers warned that it could limit citizens’ rights to freedom of movement and their privacy.
Last week, the government, led by the conservative Croatian Democratic Union, HDZ, proposed a change of the Electronic Communications Act under which, in extraordinary situations, the health minister would ask telecommunications companies to provide data on the locations of users’ terminal equipment.
While MPs accept that the aim of the proposal is legitimate – to control people prescribed self-isolation, due to numerous violations of such orders – many of them complained that the government did not elaborate the proposal clearly, or with enough safeguards.
Social Democrat MPs and some other parliamentary groups have submitted an amendment seeking more clarity about who can be monitored, how long the surveillance will last, and what authorities will do with the data they collect. They also said the subject of monitoring must be regularly informed that he or she is under surveillance.
On Wednesday, Ombudsperson Lora Vidovic suggested amendments to the proposal, urging that the restriction should apply only “to narrow, clearly and precisely defined situations, only when the health and lives of citizens could not otherwise be effectively protected.
“Clear criteria should be explicitly defined in the law, which will ensure the implementation of this measure over precisely defined categories of citizens, for example, those who have determined self-isolation by the competent authorities,” Vidovic said in a press release.
MPs are also debating whether such a law changes could be passed by an urgent procedure in parliament, as the government wants, or by a simple majority of MPs, or whether a two-thirds majority is needed, as restrictions of such rights are a constitutional matter.
Article 17 of the constitution states that “individual constitutionally guaranteed freedoms and rights may [only] be restricted during a state of war or any clear and present danger to the independence and unity of the Republic of Croatia or in the event of any natural disaster”.
Under the constitution, imposing such restrictions must be decided by a two-thirds majority of all members of parliament.
However, MPs will not vote on the issue on Wednesday since the speaker, Gordan Jandrokovic, has announced that he will first seek the opinion of the Constitutional Court on the proposed “restricting of citizens’ freedoms”, which he said, were only introduced to protect citizens against coronavirus infection.
BIRN and SHARE Foundation are bringing you the latest updates and cases of arbitrary arrests, surveillance, phone tapping, privacy breaches and other digital rights violations as countries of Central and Southeast Europe impose emergency legislation to combat the COVID-19 outbreak.
Romanian cybersecurity giant Bitdefender said on Friday that online attacks linked to Covid-19 “have risen by 475 per cent in March as compared to the previous month”, and the numbers are expected to keep increasing until the end of the month .
“Almost one third of the Covid-19-related attacks target public authorities and healthcare institutions,” Bitdefender said in a statement.
One of the medical centres targeted was a hospital in the Czech Republic currently being used for tests against coronavirus.
Bitdefender’s security specialist Filip Truta said that “the cyberattack thwarts efforts in fighting the pandemic”.
Hackers usually infect computers by fooling medical institutions’ personnel with “information about medical procedures and therapies to treat COVID-19 infections”, said Bitdefender. Such messages are mostly sent in the name of institutions such as the World Health Organisation.
The statement mentions the US, Turkey and France as the most targeted countries in the world. Romania was the ninth more targeted country.
“Cyberattacks against hospitals can bring to a halt their activity if, for example, the medical data of the admitted patients is blocked,” Bitdefender said.
“Over time, attackers have repeatedly infected the computers with ransomware and then have asked for a ransom to give back the access to the data,” it added.
In a typical case of these kind of attacks, hackers “code data such as the patients’ medical records” making it impossible for the doctors to treat the patients or perform surgeries.
“As it has happened in Romania, the management of a hospital can be forced to pay a ransom to decode the data” to be able to save the patient.
Hackers also sell patients’ data for up to $400 per medical record on the deep web. Those who buy this information normally use it for frauds.
Bitdefender has decided to offer free assistance to medical institutions so they can step up their security during the coronavirus crisis. Hospitals, clinics and other medical centres can ask for help at the Bitdefender site. www.bitdefender.com/freehealthcaresecurity
Are you interested in topics related to freedom of information, data protection and cybersecurity? Find out more on our interactive platform, BIRN’s Investigative Resource Desk (BIRD).
BIRD Community
Are you a professional journalist or a media worker looking for an easily searchable and comprehensive database and interested in safely (re)connecting with more than thousands of colleagues from Southeastern and Central Europe?
We created BIRD Community, a place where you can have it all!
