Category: Digital rights

Secure Comms: Cracking the Encrypted Messages of Balkan Crime Gangs

Posted on by Ivana Jeremic

When Serbian police arrested the leaders of a notorious crime gang in the first few days of February this year, in the search for evidence they seized 44 mobile phones equipped with an encrypted messaging app created by Canada-based Sky ECC.

Sky ECC described itself as “a global leader in secure messaging technology”, helping to keep a host of industries safe from identity theft and hacking. Law enforcement authorities in the United States and Europe, however, say it was created with the sole purpose of facilitating drug trafficking and had become the messaging app of choice for transnational crime organisations.

Using equipment that President Aleksandar Vucic said Serbia had “borrowed from friends”, police managed to access the app. What they found was gruesome, and damning – photos of two dead men, one of them decapitated.

Led by Veljko Belivuk, the gang – part of a group of violent football fans – is suspected of drug trafficking, murder and illegal weapons possession.

Belivuk and his associates, who remain in custody but have not yet been charged, allegedly used the app to organise criminal activities, and to brag about their exploits. In this, they were not alone.

On March 9, three days after Vucic displayed the photos, police in Belgium and the Netherlands made what Europol described the next day as a large number of arrests after secretly infiltrating the communications of some 70,000 Sky ECC devices and, from mid-February, reading them ‘live’.

On March 12, US authorities indicted Jean-Francois Eap, chief executive officer of Sky Global, the company behind Sky ECC, and Thomas Herdman, a former high-level distributor of Sky Global devices, accusing them of conspiracy to violate the federal Racketeer Influenced and Corrupt Organizations Act, RICO. Eap issued a statement denying any wrongdoing.

Critics of the government under Vucic say Belivuk had long acted with impunity, protected by reported ties to a number of senior governing officials.

Serbia boasted of a “war” on organised crime. But the timing of Belivuk’s arrest and the operation against Sky ECC raises fresh questions about what preceded the Serbian police swoop – whether Serbia acted alone, or was prompted to do so by evidence unearthed elsewhere.

Either way, the downfall of Belivuk and Sky ECC has shed new light on the lengths Balkan crime gangs have gone to evade surveillance, and the challenge facing authorities to strike back. It has also fuelled talk of the need to criminalise such software, raising alarm among some who say this would punish legitimate users, from political dissidents to investigative journalists.

The Serbian Interior Ministry and Security Intelligence Agency, BIA, did not respond to requests for comment.

“Organised crime groups from the Balkans have adapted quickly and cleverly in recent years to innovate and use technology to their advantage,” said Walter Kemp, director of the South-Eastern Europe Observatory at the Global Initiative Against Transnational Organised Crime.

While some still carry cash across borders or use wire transfers, others are using encrypted communication tools, laundering money through cryptocurrencies and elaborate financial schemes and branching into cyber and cyber-enabled crime, Kemp told BIRN. 

“But while criminals are first-movers and quick adapters in using technology, law enforcement agencies are lagging behind.”

This message will self-destruct


Screenshot: skyecc.com

Founded in 2008, Sky ECC surged in popularity after messages sent via another encrypted messaging service, EncroChat, were intercepted and decoded in a French and Dutch-led operation in mid-2020, leading to the arrest of over 800 people Europe-wide and the seizure of drugs, guns and large sums of suspect cash.

Sky devices offered self-destructing messages, an encrypted vault and a panic button in the event the user believed the device had been compromised. Sky ECC was installed exclusively on secure devices from Apple, Google and Blackberry, which could be bought online. All that was required of a user was to pay a subscription.

At the time of the police operation, three million messages per day were being sent via Sky ECC. Roughly 20 per cent of its 170,000 users were in Belgium and the Netherlands, with the greatest concentration in the Belgian port of Antwerp, a popular destination for illegal drugs arriving in Europe from South America. 

Europol, the European Union’s police agency, said that information acquired from “unlocking the encryption” of Sky ECC would help solve serious and cross-border organised crime “for the coming months, possibly years.”

For Balkan clients, there were three websites promoting the app in languages of the region – skyecceurope.com, skyeccbalkan.com, skyeccserbia.com.

It is unclear if these operated under the umbrella of Sky Global or were independent distributors.  BIRN contacted them but did not receive any reply. The website of Sky Global is also now in the hands of authorities. BIRN was unable to reach the company for comment.

Serbian nationals arrested in France and UK

Sky and EncroChat devices were, until recently, easy to find on Serbian and Croatian advertising sites, their price ranging from 600 euros to 2,200 euros depending on the type of phone and subscription. Subscriptions were commonly paid with cryptocurrency, to avoid leaving a trace.

A police official in Bosnia and Herzegovina said they were also in use among criminals there.

“They use those special apps and providers you can’t interfere with, and there’s no trace of their existence in the phone. The use is legal here,” the official, who declined to be named, told BIRN.

While police were unable to intercept the communication, he said, in some cases an arrested person would confess to using such apps and provide access.

A senior Interpol official, who spoke on condition of anonymity, said Balkan drug gangs were using EncroChat to communicate with South American cartels concerning the trafficking of drugs to Europe.

French authorities had been investigating EncroChat since 2017, stepping up efforts in 2019 and secretly installing an implant on all EncroChat devices disguised as a system update. The implant caused the device to transmit all data that had not been erased to a French police server and to Europol and collected data created after the device had been compromised.

The company eventually alerted users but millions of messages had already been intercepted.

Dutch and French police as well as Europol declined to give any further details regarding possible connections to Balkan crime gangs, citing the ongoing nature of the investigation.

A French newspaper report on March 27, however, said that a Serbian national had been arrested in a suburb of Paris following the Sky ECC operation on suspicion of selling its devices. In the UK, reports say another Serbian, 29-year-old Milos Bigovic, pleaded guilty in a UK court in August 2020 after he was arrested trying to smuggle cocaine hydrochloride into southern England on a cruise ship, his communications having been intercepted in the operation against EncroChat.

In Serbia, some criminals went further; in 2019, when police busted a major marijuana farm that had been run with the help of several security service officials, investigators found that those involved had communicated via a custom-made app called ‘Razgovor’ [Conversation].

Those arrested handed over their phones, apparently confident that police would not discover the app hidden behind the calculator interface. They were wrong and police, according to the indictment, gained access to conversations in which the suspects agreed on the production and distribution of drugs.

Admissible in court


Members of Veljko Belivuk’s group are being transferred for interrogation with a strong police presence. Photo:mup.gov.rs

It remains unclear whether foreign authorities supplied Serbia with evidence against Belivuk and Co obtained as part of the operation against Sky ECC, or if Serbia only harvested content from the devices it seized in the arrests.

Bearing in mind that most of the content sent via Sky devices disappeared soon after being sent, it is doubtful police in Serbia were able to recover much from the seized devices.

Authorities in Serbia did not respond to BIRN’s questions.

In the case of intercepted communication, for it to be used as evidence in court the police must have had prior court permission to conduct surveillance. It is not known whether Belivuk and his gang were under court-sanctioned surveillance. BIRN asked the court but was told such information cannot be disclosed.

The issue came before a UK court in February, when appeals judges rejected an attempt to prevent prosecutors from using as evidence messages sent via EncroChat.

The case rested on whether communications had been intercepted by French police while ‘being transmitted’ by the device or while ‘stored’ on it. As the material had been extracted from the device itself and was unencrypted, the Appeal Court found that the evidence had not been gained by ‘interception’ and was admissible, the BBC reported.

Criminalising encryption

Sky Global has denied any wrongdoing, with CEO Eap saying “We stand for the protection of privacy and freedom of speech in an era when these rights are under increasing attack. We do not condone illegal or unethical behaviour by our partners or customers. To brand anyone who values privacy and freedom of speech as a criminal is an outrage.”

But Serbian Interior Minister Aleksandar Vulin said the use of such devices should be illegal.

“It is indisputable that it is used by criminals,” Vulin said on March 7. “I am in favour of it being a crime, as I believe that the purchase of any telephone number, regardless of whether it is prepaid or postpaid, must be done with an ID card.”

“It may not stop criminals from using it, but if nothing else it will give the police another reason to arrest them and remove them from the streets.”

Some journalists and rights advocates say this is a slippery slope.

“Encryption is a tool. And like any tool, it can be used for good and for bad,” said Fabian Scherschel, a freelance journalist, writer and podcaster who has covered the topic closely.

“We’ve already seen legislation against so-called ‘hacker tools’ massively backfire and threaten to criminalise the legitimate work of IT security specialists and journalists. I have a feeling this legislation could cause similar problems. It will also, most likely, make it easier to spy on the general populace, who has no intention of using encryption to hide criminal behaviour whatsoever.”

Diego Naranjo, head of policy at the Brussels-based advocacy group European Digital Rights, EDRi, said it was important to challenge the narrative that encryption is only used by criminals.

“As any other interference with human rights, an attack on encryption or privacy-enhancing technologies needs to be prescribed by law, necessary and proportionate to the aims to be achieved in a democratic society,” said Naranjo.

He noted that the EncroChat and Sky ECC cases had demonstrated that law enforcement agencies have ways to penetrate such communication.

“We may be already in the Crypto wars 3.0, and it is up to us to ensure that encryption is perceived as a tool to ensure human rights and not something only criminals use.”

Lidija Komlen Nikolic, Serbian Deputy Appellate Public Prosecutor, warned of the dangers of criminalising the use of such apps.

“The idea is to enable state authorities, the police, to be able to find evidence more easily for the fight against organised crime or any other type of crime,” Nikolic told N1 regional broadcaster.

“But there should not be the presumption that all of us, who have devices or have software that uses some kind of encryption, are potential perpetrators of a crime.”

Facebook Clamps Down on Iranian Dissident ‘Troll Farm’ In Albania

Posted on by BIRD

Facebook removed more than 300 Facebook and Instagram accounts belonging to members of an Iranian dissident group based in Albania that had been targeting Iran and content related to Iran.

“The network violated our policy against foreign interference which is coordinated inauthentic behavior on behalf of a foreign entity,” the social media giant said in its March report, “Coordinated Inauthentic Behavior Report”, which it published on Tuesday.

According to the report, the network now taken down was very active in 2017 and in the second half of 2020.

“The people behind this activity relied on a combination of authentic and fake accounts to post MEK-related content and comment on their own and other people’s posts, including those of international news organizations like Radio Liberty, Voice of America and BBC,” said the report.

The People’s Mujahedin of Iran, MEK, is an Iranian opposition group many of whose members moved to Albania in 2013 on the advice of the US. They live mainly in a camp on the outskirts of the capital Tirana.

Facebook added that it will continue to monitor any attempts to re-establish the network by people behind this campaign.

“The operation relied heavily on fake accounts to post and amplify its messages. Some of these accounts went through repeated name changes. Other accounts used the names of deceased members of MEK. Some claimed to be located in Iran but were operated from Albania. All the accounts were overt in their support of MEK and their criticism of the Iranian government,” the report continued.

Some of the fake accounts were a decade old but most of them were created between 2014 and 2016. They were particularly active in 2017, reduced activity in 2018–2019 and resumed in 2020.

Cyber-Attacks a Growing Threat to Unprepared Balkan States

Posted on by Ivana Jeremic

It wasn’t voting irregularities or the counting of postal ballots that delayed the results of last year’s parliamentary election in North Macedonia, but an audacious denial-of-service, DDoS, attack on the website of the country’s election commission.

Eight months on, however, the perpetrator or perpetrators behind the most serious cyber attack in the history of North Macedonia have still to be identified, let alone brought to justice.

While it’s not unusual for hackers to evade justice, last year’s Election Day attack is far from the only case in North Macedonia still waiting to be solved.

“Although some steps have been taken in the meantime to improve the situation, it’s still not enough,” Eurothink, a Skopje-based think-tank that focuses on foreign and security policy, told BIRN in a statement.

“The low rate of solved cyber-crime cases is another indicator of the low level of readiness to solve cyber-attacks, even in cases of relatively ‘less sophisticated’ and ‘domestic’ cyber threats.”

Across the Balkans, states like North Macedonia have put down on paper plans to tackle the threat from cyber terrorism, but the rate of attacks in recent years – coupled with the fact many remain unresolved – point to serious deficiencies in practice, experts say. Alarmingly, Bosnia and Hercegovina does not even have a comprehensive, state-level cyber security strategy.

“I am convinced that all countries [in the region] are vulnerable,” said Ergest Nako, an Albanian technology and ecosystems expert. “If an attack is sophisticated, they will hardly be able to protect themselves.”

In the case of Albania, Nako told BIRN, “the majority of targets lack the proper means to discover and react to cyber-attacks.”

“With the growing number of companies and state bodies developing digital services, we will witness an increasing number of attacks in the future.”

Ransomware a ‘growing threat’ to Balkan states


Illustration. Photo: Unsplash/Dimitri Karastelev

The COVID-19 pandemic has underscored the threat from cyber-attacks and the impact on lives.

According to the 2021 Threat Report from security software supplier Blackberry, hospitals and healthcare providers were of “primary interest” to cyber criminals waging ransomware attacks while there were attacks too on organisations developing vaccines against the novel coronavirus and those involved in their transportation.

Skopje-based cyber security engineer Milan Popov said ransomware – a type of malware that encrypts the user’s files and demands a ransom in order access – is a growing danger to Balkan states too.

“Bearing in mind the state of cyber security in the Western Balkans, I would say that this is also a growing threat for these countries as well,” Popov told BIRN. “While there haven’t been any massive ransomware attacks in the region, there have been individual cases where people have downloaded this type of malware on their computers, and ransoms were demanded by the various attackers.”

A year ago, hackers targeted the public administration of the northern Serbian city of Novi Sad, blocking a data system and demanding some 400,000 euros to stop.

“We’re not paying the ransom,” Novi Sad Milos Vucevic said at the time. “I don’t even know how to pay it, how to justify the cost in the budget. It is not realistic to pay that. Nobody can blackmail Novi Sad,” he told Serbia’s public broadcaster.

A local company announced the following that it had “eliminated the consequences” of the attack.

In Serbia, cyber security is regulated by the Law on Information Security and the 2017 Strategy for the Development of Information Security, but Danilo Krivokapic of digital rights organisation Share Foundation said that implementation of the legal framework remained a problem.

“The question is – to what extent our state bodies, which are covered by this legal norm, are ready to implement such measures?” Krivokapic told BIRN. “They must adopt [their own] security act; they need to undertake measures to protect the information system.”

Political battles waged in cyber space


Illustration. Photo: Unsplash/Stephen Phillips

North Macedonia was the target of a string of cyber attacks last year, some attributed to a spillover of political disputes into cyber space.

In May 2020, a Greek hacker group called ‘Powerful Greek Army’ hacked dozens of e-mail addresses and passwords of employees in North Macedonia’s finance and economy ministry and the municipality of the eastern town of Strumica.

The two countries have been at odds for decades over issues of history and identity, and while a political agreement was reached in 2018 tensions remain. Similar issues dog relations between North Macedonia and its eastern neighbour Bulgaria, too.

“Cyber-attacks can happen when a country has a political conflict, such as the current one with Bulgaria or previous one with Greece, but they are very rare,” said Suad Seferi, a cyber security analyst and head of the Informational Technologies Sector at the International Balkan University in Skopje.

“However, whenever an international conflict happens, cyber-attacks on the country’s institutions follow.”

Bosnia without state-level strategy


Illustration. Photo: Naipo de CEE

In Bosnia, the state-level Security Ministry was tasked in 2017 with adopting a cyber security strategy but, four years on, has yet to do so.

“Although some strategies at various levels in Bosnia are partially dealing with the cyber security issue, Bosnia remains the only South Eastern European country without a comprehensive cyber security strategy at the state level,” the Sarajevo office of the Organisation for Security and Cooperation in Europe, OSCE, told BIRN.

It also lacks an operational network Computer Emergency Response Teams (CERTs) with sufficient coverage across the country, the mission said.

The Security Ministry says it has been unable to adopt a comprehensive strategy because of the non-conformity of bylaws, but that the issue will be included in the country’s 2021-2025 Strategy for Preventing and Countering Terrorism.

So far, only the guidelines of a cyber security strategy have been adopted, with the help of the OSCE.

Predrag Puharic, Chief Information Security Officer at the Faculty for Criminalistics, Criminology and Security Studies in Sarajevo, said the delay meant Bosnia was wide open to cyber attacks, the danger of which he said would only grow.

“I think that Bosnia and Herzegovina has not set up the adequate mechanisms for prevention and reaction to even remotely serious attacks against state institutions or the citizens themselves,” Puharic told BIRN.

The country’s defence ministry has its own cyber security strategy, but told BIRN it would easier “if there were a cyber-security strategy at the state level and certain security measures, such as CERT”.

‘Entire systems jeopardised’


A laptop screen displays a message after it was infected with ransomware during a worldwide cyberattack. Photo: EPA/ROB ENGELAAR

Strengthening cybersecurity capacities was a requirement of Montenegro when it was in the process of joining NATO in 2019, prompting the creation of the Security Operations Centre, SOC.

According to the country’s defence ministry, protection systems have detected and prevented over 7,600 ‘non-targeted’ malware threats – not targeted at any particular organisation – and more than 50 attempted ‘phishing’ attacks over the past two years.

“In the previous five years several highly sophisticated cyber threats were registered,” the ministry told BIRN. “Those threats came from well-organised and sponsored hacker groups.”

Previous reports have identified a scarcity of cyber experts in the country as an obstacle to an effective defence. Adis Balota, a professor at the Faculty of Information Technologies in Podgorica, commended the strategies developed by the state, but said cyber terrorism remained a real threat regardless.

“Cyber-attacks of various profiles have demonstrated that they can jeopardise the functioning of entire systems,” Balota said. “The question is whether terrorists can do the same because they are using cyberspace to recruit, spread propaganda and organise their activities.”

This publication was produced with the financial support of the European Union. Its content is the sole responsibility of BIRN and does not necessarily reflect the views of the European Union nor of Hedayah.

In COVID-19 Fight, Free Speech Becomes Collateral Damage

Posted on by Ivana Jeremic

At first, journalist Tugay Can had no idea why he had been taken in for police questioning on March 25 last year in the Turkish port city of Izmir. Then cybercrime officers told him he was suspected of spreading fear and panic because of a report he wrote, published two days earlier, about COVID-19 outbreaks in two community health centres in the city that were subsequently quarantined.

“After I confirmed it with my sources, I reported the situation”, Can, who at the time worked for the local Izmir newspaper Iz Gazete, told BIRN.

Pressed to name his sources, Can refused. Hours of questioning resulted in a charge of spreading fake news and causing panic. The case was dropped several months later, but Can’s chilling experience was far from a one-off. 

According to the media rights watchdog Reporters Without Borders, Can was among 10 Turkish editors and reporters interrogated just in March of last year concerning their coverage of the pandemic that had just begun. 

“Governments are using the pandemic as an advantage over freedom speech,” Can said.

Turkey is well-known for its jailing of journalists, but it was not the only country in the region to employ draconian tools to control the pandemic narrative. Nor have journalists been the only targets.

BIRN has confirmed dozens of cases  in which regular citizens have faced charges of causing panic on social media or in person. There are indications the true number of cases runs into the hundreds.

Whether dealing with accurate but perhaps unflattering news reports or with what the World Health Organisation called last year an “infodemic” of false information, governments have not hesitated to turn to social media giants to get hold of the information that could help them track down those deemed to be breaking the rules.

“Every government has a duty to promote reliable information and correct harmful and untrue allegations in order to protect the personal integrity and trust of citizens,” said Tea Gorjanc Prelevic, head of the Montenegrin NGO Human Rights Action.

“But any measure taken to combat misinformation should not violate the fundamental right to expression.”

Internet sites shut down

Illustration: Unsplash.com

Battling an invisible enemy, governments across the region have sought to restrict information while cracking down on media reporting or social media posts that deviate from the official narrative. ‘Misinformation’ has been criminalised.

Some of these restrictions were part of the states of emergency that were declared; others were introduced with new legislation that outlasts any temporary emergency decrees.

But who draws the line between the right to free speech and the need to preserve public order?

In its November 2020 COVID and Free Speech report, the Council of Europe rights body cautioned that “crisis situations should not be used as a pretext for restricting the public’s access to information or clamping down on critics.” 

But that’s precisely what has happened in some countries.

In Hungary, the Penal Code was amended to criminalise the dissemination of “false or distorted facts capable of hindering or obstructing the efficiency of the protection efforts” for the duration of a state of emergency, first between March and June and again since November.

Parliament subsequently passed a bill making it easier for governments to declare such emergencies in future. In March, the government introduced punishments of one to five years in prison for spreading “falsehoods” or “distorted truth” deemed to obstruct efforts to combat the pandemic. 

Similar restrictions were imposed in Bosnia’s mainly Serb-populated Republika Srpska entity and in Romania. 

In Bucharest, the government closed down a dozen news sites for promoting false information concerning the pandemic.

The Centre for Independent Journalism, CJI, an NGO that promotes media freedom and good journalistic practices, has raised concern that provisions enacted as part of a state of emergency between mid-March and mid-May 2020 to combat the spread of the novel coronavirus in Romania could hamper the ability of journalists to inform the public.

“The most worrying aspect of all this is, from my perspective, the limitations to the access to information of public interest,” said CJI executive director Cristina Lupu.

“The lack of transparency of the authorities is a very bad sign and the biggest problem our media faces now,” Lupu told BIRN, lamenting the fact it left the public without “access to timely information.”

In March 2020, the Organisation for Security and Cooperation in Europe, OSCE, raised concern about what it said was the “removal of reports and entire websites, without providing appeal or redress mechanisms” in Romania.

The Venice Commission, the CoE’s advisory body on constitutional affairs, stressed that even in emergency situations, exceptions to freedom of expression must be narrowly construed and subject to parliamentary control to ensure that the free flow of information is not excessively impeded. 

“It is doubtful whether restrictions on publishing “false” information about a disease that is still being studied can be in line with the [Venice Commission] requirement unless it concerns blatantly false or outright dangerous assertions,” it said.

Instead of prevention, fines and prison terms

Early on in the pandemic, the Republika Srpska government issued a decree allowing it to introduce punitive measures, including fines, for spreading ‘fake news’ about the virus in the media and on social networks during the state of emergency.

According to the decree, anyone using social or traditional media to spread ‘fake news’ and cause panic or public disorder faced possible fines of between 500 and 1,500 euros for private individuals and 1,500 and 4,500 euros for companies or organisations. It is not known how many people have been fined. The decree was dismissed in April.

In Montenegro, Article 398 of the Criminal Code, introduced in 2013, foresees a fine or a prison sentence of up to 12 months for the spreading of false news or allegations which cause panic or serious disturbances of public order or peace. For journalists, the punishment runs to three years in prison. The law was hardly used until protests erupted at the end of 2019 over a controversial religious freedom law.

In July 2019, long before the pandemic, North Macedonia’s government unveiled an action plan to deal with ‘fake news’, and doubled down in March 2020 with a vow to punish anyone deemed to be sharing disinformation about the novel coronavirus.

Skopje-based communications and new media specialist Bojan Kordalov said authorities would be better off focusing on prevention and raising awareness.

“It is necessary to build a system of active and digital transparency, as well as to create a real strategy for fast and efficient two-way communication of institutions with citizens and the media, which means highly-trained and prepared staff for 24-hour monitoring and publication of official and credible information to the public,” Kordalov told BIRN.

In Turkey, media censorship, particularly of online outlets, has increased since the onset of the pandemic, according to a report published in November by the Journalists’ Association of Turkey.

According to the report, between July and September 2020 alone, RTUK, the state agency for monitoring, regulating and sanctioning radio and television broadcasts, issued 90 penalties against independent media, including halts to broadcasting and administrative fines.

The government also passed several new draconian laws concerning digital rights and civil society organisations, forcing social media companies to appoint legal representatives to respond to government demands, including those requiring the closure of accounts or deleting of social media posts.

It is not known how many people were investigated or arrested under the new measures, but administrative fines during the pandemic totalled roughly one billion Turkish liras, or 115 million euros.

‘Fake news’ arrests

Illustration: Unsplash.com

In North Macedonia, fake news stories shared on social media ranged from a report that a garage was being used as a COVID-19 testing facility to health authorities being accused of negligence that led to the death of two sisters from COVID-19 complications. One fake story claimed food shortages were imminent.

According to the country’s Ministry of Interior, by September 2020 authorities had acted on a total of 58 cases stemming from the alleged dissemination of fake news related to COVID-19. Thirty-one cases were forwarded to prosecutors and criminal charges have been pressed in three, a ministry spokesman told BIRN.

In Serbia, the penalty for the crime of causing disorder and panic is imprisonment for between three months and three years, as well as a fine. According to Serbian Interior Ministry, in the first two months of the pandemic dozens of people were charged.

After she broke news about the disarray in the Clinical Centre of Vojvodina, Serbia’s northern province, Nova.rs reporter Ana Lalic was questioned by police and her home was searched.

In neighbouring Montenegro, a heated political row over a disputed law on religions saw some people arrested for spreading panic even before the country confirmed its first case of COVID-19.

BIRN was able to confirm 14 cases in which journalists, editors and members of the public were arrested for causing panic.

Similarly in Turkey, the interior ministry investigated, fined and detained hundreds of people in the first few months of the pandemic over their social media posts. Later, however, the ministry stopped publishing such data.

Critics say the government was determined to muzzle complaints about its handling of the pandemic and the economy.

“Turkey in general has a problem when it comes to freedom of speech,” said Ali Gul, a lawyer and rights activist. “The government increases its pressure because it does not want people to speak about its failures.” Ali Gul.

In Croatia, no journalist has been charged with spreading fake news during the pandemic, but that’s not to say there was not any misleading information.

“Without any hesitation, I can say that, unfortunately, a large number of citizens have been involved in spreading false news,” said Tomislav Levak, a teaching assistant and PhD candidate at the Academy of Art and Culture in the eastern Croatian city of Osijek. “But in my opinion, in most cases, it is actually unintentional because they do not think critically enough.”

The Interior Ministry said that it had registered 40 violations of Article 16 of the Law on Misdemeanors against Public Order and Peace, “which are related to the COVID-19 epidemic”.

Rise in state requests to social media giants

The transparency reports of Facebook and Twitter shed light on the scale of government efforts to find and track accounts suspected of spreading panic.

According to Twitter, in 2020 emergency disclosure requests – when law enforcement bodies seek account information – accounted for roughly one out of every five global information requests submitted to Twitter, increasing by 20 per cent during the reporting period while the aggregate number of accounts specified in these requests increased by 24 per cent.

Turkey accounts for three per cent of all government requests for information from Twitter.

In the first six months of last year, Turkey registered a 160 per cent increase in emergency requests compared to the same period in 2019.

North Macedonia saw a 175 per cent increase.

In terms of removal requests, they multiplied several times over from Serbia, Turkey and Poland.

As for Facebook, Turkey last year submitted 6,171 requests, a threefold increase from 2019. In 4,904 cases, Facebook disclosed data, compared to 1,513 cases in 2019. Poland made 4,572 requests, up from 3,397 in 2019, and received information back in 2,666 cases, compared to 1,902 the previous year.

When it comes to legal process requests – when states ask for account information to aid an investigation – Turkey and Poland lead the region with 6,143 and 4,200 requests respectively, roughly double the numbers in 2019.

Compared to the same period in 2019, Facebook data shows a significant rise in all sorts of requests from most countries in the region.

In terms of preservation requests – when law enforcement bodies ask Facebook to preserve account records that may serve as evidence in legal proceedings – Bosnia and Herzegovina registered an increase of just over 150 per cent. 

Turkey accounts for 3.55 per cent of and Poland 2.63 per cent of all government requests for information from Facebook. 

Lawsuits designed to silence

And if that wasn’t enough, some media faced lawsuits that watchdogs say were designed simply to stop the free flow of information – a so-called SLAPP, or Strategic Lawsuit Against Public Participation, the purpose of which is to censor or intimidate critics by burdening them with the cost of a legal defence.

In Poland, the publisher and journalists of the weekly Newsweek Polska were subjected to a SLAPP for their reporting on Polish clothing company LLP, owner of the Reserved brand, which the weekly said had been sending masks bought in Poland to its factories in China despite a severe shortage in Poland.

The company is seeking damages of €1.37 million, an apology, the removal of articles about LPP published on March 22 and a “ban on disseminating claims that suggest that the company’s position on this matter is untrue.”

The case is ongoing. 

Also in Poland, a court dismissed lawsuits brought against media outlet Wyborcza by Polish KGHM, one of the world’s biggest producers of copper and silver, over stories revealing that the company had paid huge sums of money for worthless masks from China.

In Turkey, a court granted a take-down request by pasta producer Oba Makarna over a report that 26 of its factory workers in the south-central city of Gaziantep had tested positive for COVID-19. According to the court ruling, while the report was true, it damaged the company’s commercial reputation.

In its report, the CoE warned that restrictions introduced during the pandemic could give rise to increased use of civil lawsuits, particularly defamation cases.

While their use did not increase dramatically during the height of the pandemic, there is some concern that pandemic-related reporting will be subjected to SLAPP lawsuits and defamation cases in the future, it said.

Pandemic Leads to Rise in Cyber Abuse of Children in Albania

Posted on by Ivana Jeremic

Thousands of children in Albania are at greater risk of harm as their lives move increasingly online during the COVID-19 pandemic, UNICEF and local experts warn.

The closure of the country in March last year due to the spread of the novel coronavirus, including a shift to online schooling, has led to an increase in the use of the Internet by children, some of them under the age of 13.

According to a 2020 UNICEF Albania study titled “A Click Away”, about 14 per cent of children interviewed reporting experiencing uncomfortable online situations, while one in four said they had been in contact at least once with someone they had never met face-to-face before.

The same study said that two in 10 children reported meeting in person someone they had previously only had contact with online, and one in 10 children reported having had at least one unwanted sexual experience via the internet.

A considerable number of those who had caused these experiences were persons known to the children.

UNICEF Albania told BIRN that, after the closure of schools and the introduction of social distancing measures, more than 500,000 children found themselves faced with a new online routine. Online platforms suddenly became the new norm.

“If before the pandemic 13-year-olds or older had the opportunity to gradually become acquainted with social media, communication applications or online platforms, the pandemic suddenly exposed even the youngest children to information technology,” the office told BIRN.

Growth in child pornography sites

According to another report, by the National Centre for Safe Internet and the Centre for the Rights of the Child in Albania, there has been an alarming rise in reports of child pornography sites on the Internet.

This report, titled ‘Internet Rapists: The Internet Industry in the Face of Child and Adolescent Protection in Albania’, is based on data obtained from the National Secure Internet Platform, National Helpline for ALO Children 116-111 and the National Centre for Secure Internet in Albania.

“The number of reported sites of child pornography has reached a record 6,273 pages, or 600 times more than a year ago,” the report states.

It said that “40 per cent of the cases of pornographic sites, videos or even images with the same content are with Albanian children, while over 60 per cent of the cases of pornography are with non-Albanian children”.

The 15-17 year-old age group is most affected by cyber incidents, it said.

Cybercrime experts at the Albanian State Police also told BIRN: “There has been a general increase in criminal offenses in the area of ​​cybercrime.”

In August last year, UNICEF Albania published another study, “The lost cases”, noting that between 5,000 and 20,000 referrals are made annually by international partners such as Interpol, Europol and the National Centre for Missing and Exploited Children to the cybercrime department of Albanian police regarding the possession, distribution, production and use of child sexual abuse materials in Albania.

But according to official data of the Ministry of Interior, between 2016 and 2018, only 12 cases were investigated under Article 117 of the Criminal Code, ‘pornography with minors’, and only one case was ended in conviction.

Facebook, Twitter Struggling in Fight against Balkan Content Violations

Posted on by Ivana Jeremic

Partners Serbia, a Belgrade-based NGO that works on initiatives to combat corruption and develop democracy and the rule of the law in the Balkan country, had been on Twitter for more than nine years when, in November 2020, the social media giant suspended its account.

Twitter gave no notice or explanation of the suspension, but Ana Toskic Cvetinovic, the executive director of Partners Serbia, had a hunch – that it was the result of a “coordinated attack”, probably other Twitter users submitting complaints about how the NGO was using its account.

“We tried for days to get at least some information from Twitter, like what could be the cause and how to solve the problem, but we haven’t received any answer,” Toskic Cvetinovic told BIRN. “After a month of silence, we saw that a new account was the only option.” 

Twitter lifted the suspension in January, again without explanation. But Partners Serbia is far from alone among NGOs, media organisations and public figures in the Balkans who have had their social media accounts suspended without proper explanation or sometimes any explanation at all, according to BIRN monitoring of digital rights and freedom violations in the region.

Experts say the lack of transparency is a significant problem for those using social media as a vital channel of communication, not least because they are left in the dark as to what can be done to prevent such suspensions in the future.

But while organisations like Partners Serbia can face arbitrary suspension, half of the posts on Facebook and Twitter that are reported as hate speech, threatening violence or harassment in Bosnian, Serbian, Montenegrin or Macedonian remain online, according to the results of a BIRN survey, despite confirmation from the companies that the posts violated rules.

The investigation shows that the tools used by social media giants to protect their community guidelines are failing: posts and accounts that violate the rules often remain available even when breaches are acknowledged, while others that remain within those rules can be suspended without any clear reason.

Among BIRN’s findings are the following:

  • Almost half of reports in Bosnian, Serbian, Montenegrin or Macedonian language to Facebook and Twitter are about hate speech
  • One in two posts reported as hate speech, threatening violence or harassment in Bosnian, Serbian, Montenegrin or Macedonian language, remains online. When it comes to reports of threatening violence, the content was removed in 60 per cent of cases, and 50 per cent in cases of targeted harassment.
  • Facebook and Twitter are using a hybrid model, a combination of artificial intelligence and human assessment in reviewing such reports, but declined to reveal how many of them are actually reviewed by a person proficient in Bosnian, Serbian, Montenegrin or Macedonian
  • Both social networks adopt a “proactive approach”, which means they remove content or suspend accounts even without a report of suspicious conduct, but the criteria employed is unclear and transparency lacking.
  • The survey showed that people were more ready to report content targeting them or minority groups.

Experts say the biggest problem could be the lack of transparency in how social media companies assess complaints. 

The assessment itself is done in the first instance by an algorithm and, if necessary, a human gets involved later. But BIRN’s research shows that things get messy when it comes to the languages of the Balkans, precisely because of the specificity of language and context.

Distinguishing harsh criticism from defamation or radical political opinions from expressions of hatred and racism or incitement to violence require contextual and nuanced analysis.

Half of the posts containing hate speech remain online


Graphic: BIRN/Igor Vujcic

Facebook and Twitter are among the most popular social networks in the Balkans. The scope of their popularity is demonstrated in a 2020 report by DataReportal, an online platform that analyses how the world uses the Internet.

In January, there were around 3.7 million social media users in Serbia, 1.1 million in North Macedonia, 390,000 in Montenegro and 1.7 million in Bosnia and Herzegovina.

In each of the countries, Facebook is the most popular, with an estimated three million users in Serbia, 970,000 in North Macedonia, 300,000 in Montenegro and 1.4 million in Bosnia and Herzegovina.

Such numbers make Balkan countries attractive for advertising but also for the spread of political messages, opening the door to violations.

The debate over the benefits and the dangers of social media for 21st century society is well known.

In terms of violent content, besides the use of Artificial Intelligence, or AI, social media giants are trying to give users the means to react as well, chiefly by reporting violations to network administrators. 

There are three kinds of filters – manual filtering by humans; automated filtering by algorithmic tools and hybrid filtering, performed by a combination of humans and automated tools.

In cases of uncertainty, posts or accounts are submitted to human review before decisions are taken, or after in the event a user complaints about automated removal.

“Today, we primarily rely on AI for the detection of violating content on Facebook and Instagram, and in some cases to take action on the content automatically as well,” a Facebook spokesperson told BIRN. “We utilize content reviewers for reviewing and labelling specific content, particularly when technology is less effective at making sense of context, intent or motivation.”

Twitter told BIRN that it is increasing the use of machine learning and automation to enforce the rules.

“Today, by using technology, more than 50 per cent of abusive content that’s enforced on our service is surfaced proactively for human review instead of relying on reports from people using Twitter,” said a company spokesperson.

“We have strong and dedicated teams of specialists who provide 24/7 global coverage in multiple different languages, and we are building more capacity to address increasingly complex issues.”

In order to check how effective those mechanisms are when it comes to content in Balkan languages, BIRN conducted a survey focusing on Facebook and Twitter reports and divided into three categories: violent threats (direct or indirect), harassment and hateful conduct. 

The survey asked for the language of the disputed content, who was the target and who was the author, and whether or not the report was successful.

Over 48 per cent of respondents reported hate speech, some 20 per cent reported targeted harassment and some 17 per cent reported threatening violence. 

The survey showed that people were more ready to report content targeting them or minority groups.

According to the survey, 43 per cent of content reported as hate speech remained online, while 57 per cent was removed. When it comes to reports of threatening violence, content was removed in 60 per cent of cases. 

Roughly half of reports of targeted harassment resulted in removal.

Chloe Berthelemy, a policy advisor at European Digital Rights, EDRi, which works to promote digital rights, says the real-life consequences of neglect can be disastrous. 

“For example, in cases of image-based sexual abuse [often wrongly called “revenge porn”], the majority of victims are women and they suffer from social exclusion as a result of these attacks,” Berthelemy said in a written response to BIRN. “For example, they can be discriminated against on the job market because recruiters search their online reputation.”

 Content removal – censorship or corrective?


Graphic: BIRN/Igor Vujcic.

According to the responses to BIRN’s questionnaire, some 57 per cent of those who reported hate speech said they were notified that the reported post/account violated the rules. 

On the other hand, some 28 per cent said they had received notification that the content they reported did not violate the rules, while 14 per cent received only confirmation that their report was filed.

In terms of reports of targeted harassment, half of people said they received confirmation that the content violated the rules; 16 per cent were told the content did not violate rules. A third of those who reported targeted harassment only received confirmation their report was received.  

As for threatening violence, 40 per cent of people received confirmation that the reported post/account violated the rules while 60 per cent received only confirmation their complaint had been received.

One of the respondents told BIRN they had reported at least seven accounts for spreading hatred and violent content. 

“I do not engage actively on such reports nor do I keep looking and searching them. However, when I do come across one of these hateful, genocide deniers and genocide supporters, it feels the right thing to do, to stop such content from going further,” the respondent said, speaking on condition of anonymity. “Maybe one of all the reported individuals stops and asks themselves what led to this and simply opens up discussions, with themselves or their circles.”

Although for those seven acounts Twitter confirmed they violate some of the rules, six of them are still available online.

Another issue that emerged is unclear criteria while reporting violations. Basic knowledge of English is also required.

Sanjana Hattotuwa, special advisor at ICT4Peace Foundation agreed that the in-app or web-based reporting process is confusing.

“Moreover, it is often in English even though the rest of the UI/UX [User Interface/User Experience] could be in the local language. Furthermore, the laborious selection of categories is, for a victim, not easy – especially under duress.”

Facebook told BIRN that the vast majority of reports are reviewed within 24 hours and that the company uses community reporting, human review and automation.

It refused, however, to give any specifics on those it employs to review content or reports in Balkan languages, saying “it isn’t accurate to only give the number of content reviewers”. 

BIRN methodology 

BIRN conducted its questionnaire via the network’s tool for engaging citizens in reporting, developed in cooperation with the British Council.

 The anonymous questionnaire had the aim of collecting information on what type of violations people reported, who was the target and how successful the report was. The questions were available in English, Macedonian, Albanian and Bosnian/Serbian/Montenegrin. BIRN focused on Facebook and Twitter given their popularity in the Balkans and the sensitivity of shared content, which is mostly textual and harder to assess compared to videos and photos.

“That alone doesn’t reflect the number of people working on a content review for a particular country at any given time,” the spokesperson said. 

Social networks often remove content themselves, in what they call a ‘proactive approach’. 

According to data provided by Facebook, in the last quarter of 2017 their proactive detection rate was 23.6 per cent.

“This means that of the hate speech we removed, 23.6 per cent of it was found before a user reported it to us,” the spokesperson said. “The remaining majority of it was removed after a user reported it. Today we proactively detect about 95 per cent of hate speech content we remove.”

“Whether content is proactively detected or reported by users, we often use AI to take action on the straightforward cases and prioritise the more nuanced cases, where context needs to be considered, for our reviewers.”

There is no available data, however, when it comes to content in a specific language or country.

Facebook publishes a Community Standards Enforcement Report on a quarterly basis, but, according to the spokesperson, the company does not “disclose data regarding content moderation in specific countries.”

Whatever the tools, the results are sometimes highly questionable.

In May 2018, Facebook blocked for 24 hours the profile of Bosnian journalist Dragan Bursac after he posted a photo of a detention camp for Bosniaks in Serbia during the collapse of federal Yugoslavia in the 1990s. 

Facebook determined that Bursac’s post had violated “community standards,” local media reported.

Bojan Kordalov, Skopje-based public relations and new media specialist, said that, “when evaluating efficiency in this area, it is important to emphasise that the traffic in the Internet space is very dense and is increasing every second, which unequivocally makes it a field where everyone needs to contribute”.

“This means that social media managements are undeniably responsible for meeting the standards and compliance with regulations within their platforms, but this does not absolve legislators, governments and institutions of responsibility in adapting to the needs of the new digital age, nor does it give anyone the right to redefine and narrow down the notion and the benefits that democracy brings.”

Lack of language sensibility

Illustration. Photo: Unsplash/The Average Tech Guy

SHARE Foundation, a Belgrade-based NGO working on digital rights, said the question was crucial given the huge volume of content flowing through the likes of Facebook and Twitter in all languages.

“When it comes to relatively small language groups in absolute numbers of users, such as languages in the former Yugoslavia or even in the Balkans, there is simply no incentive or sufficient pressure from the public and political leaders to invest in human moderation,” SHARE told BIRN.   

Berthelemy of EDRi said the Balkans were not a stand alone example, and that the content moderation practices and policies of Facebook and Twitter are “doomed to fail.”

“Many of these corporations operate on a massive scale, some of them serving up to a quarter of the world’s population with a single service,” Berthelemy told BIRN. “It is impossible for such monolithic architecture, and speech regulation process and policy to accommodate and satisfy the specific cultural and social needs of individuals and groups.”

The European Parliament has also stressed the importance of a combined assessment.

“The expressions of hatred can be conveyed in many ways, and the same words typically used to convey such expressions can also be used for different purposes,” according to a 2020 study – ‘The impact of algorithms for online content filtering or moderation’ – commissioned by the Parliament’s Policy Department for Citizens’ Rights and Constitutional Affairs. 

“For instance, such words can be used for condemning violence, injustice or discrimination against the targeted groups, or just for describing their social circumstances. Thus, to identify hateful content in textual messages, an attempt must be made at grasping the meaning of such messages, using the resources provided by natural language processing.”

Hattotuwa said that, in general, “non-English language markets with non-Romanic (i.e. not English letter based) scripts are that much harder to design AI/ML solutions around”.

“And in many cases, these markets are out of sight and out of mind, unless the violence, abuse or platform harms are so significant they hit the New York Times front-page,” Hattotuwa told BIRN.

“Humans are necessary for evaluations, but as you know, there are serious emotional / PTSD issues related to the oversight of violent content, that companies like Facebook have been sued for (and lost, having to pay damages).”

Failing in non-English

Illustration. Photo: Unsplash/Ann Ann

Dragan Vujanovic of the Sarajevo-based NGO Vasa prava [Your Rights] criticised what he said was a “certain level of tolerance with regards to violations which support certain social narratives.”

“This is particularly evident in the inconsistent behavior of social media moderators where accounts with fairly innocuous comments are banned or suspended while other accounts, with overt abuse and clear negative social impact, are tolerated.”

For Chloe Berthelemy, trying to apply a uniform set of rules on the very diverse range of norms, values and opinions on all available topics that exist in the world is “meant to fail.” 

“For instance, where nudity is considered to be sensitive in the United States, other cultures take a more liberal approach,” she said.

The example of Myanmar, when Facebook effectively blocked an entire language by refusing all messages written in Jinghpaw, a language spoken by Myanmar’s ethnic Kachin and written with a Roman alphabet, shows the scale of the issue.

“The platform performs very poorly at detecting hate speech in non-English languages,” Berthelemy told BIRN.

The techniques used to filter content differ depending on the media analysed, according to the 2020 study for the European Parliament.

“A filter can work at different levels of complexity, spanning from simply comparing contents against a blacklist, to more sophisticated techniques employing complex AI techniques,” it said. 

“In machine learning approaches, the system, rather than being provided with a logical definition of the criteria to be used to find and classify content (e.g., to determine what counts as hate speech, defamation, etc.) is provided with a vast set of data, from which it must learn on its own the criteria for making such a classification.”

Users of both Twitter and Facebook can appeal in the event their accounts are suspended or blocked. 

“Unfortunately, the process lacks transparency, as the number of filed appeals is not mentioned in the transparency report, nor is the number of processed or reinstated accounts or tweets,” the study noted.

Between January and October 2020, Facebook restored some 50,000 items of content without an appeal and 613,000 after appeal. 

 Machine learning

As cited in the 2020 study commissioned by the European Parliament, Facebook has developed a machine learning approach called Whole Post Integrity Embeddings, WPIE, to deal with content violating Facebook guidelines. 

The system addresses multimedia content by providing a holistic analysis of a post’s visual and textual content and related comments, across all dimensions of inappropriateness (violence, hate, nudity, drugs, etc.). The company claims that automated tools have improved the implementation of Facebook content guidelines. For instance, about 4.4 million items of drug sale content were removed in just the third quarter of 2019, 97.6 per cent of which were detected proactively.

When it comes to the ways in which social networks deal with suspicious content, Hattotuwa said that “context is key”. 

While acknowledging advancements in the past two to three years, Hattotuwa said that, “No AI and ML [Machine Learning] I am aware of even in English language contexts can accurately identify the meaning behind an image.”
 
“With regards to content inciting hate, hurt and harm,” he said, “it is even more of a challenge.”

According to the Twitter Transparency report, in the first six months of 2020, 12.4 million accounts were reported to the company, just over six million of which were reported for hateful conduct and some 5.1 million for “abuse/harassment”.

In the same period, Twitter suspended 925,744 accounts, of which 127,954 were flagged for hateful conduct and 72,139 for abuse/harassment. The company removed such content in a little over 1.9 million cases: 955,212 in the hateful conduct category and 609,253 in the abuse/harassment category. 

Toskic Cvetinovic said the rules needed to be clearer and better communicated to users by “living people.”

“Often, the content removal doesn’t have a corrective function, but amounts to censorship,” she said.

Berthelemy said that, “because the dominant social media platforms reproduce the social systems of oppression, they are also often unsafe for many groups at the margins.” 

“They are unable to understand the discriminatory and violent online behaviours, including certain forms of harassment and violent threats and therefore, cannot address the needs of victims,” Berthelemy told BIRN. 

“Furthermore,” she said, “those social media networks are also advertisement companies. They rely on inflammatory content to generate profiling data and thus advertisement profits. There will be no effective, systematic response without addressing the business models of accumulating and trading personal data.”

Online Petition Urging Netflix to Recognise Kosovo Gains Momentum

Posted on by Ivana Jeremic

An online petition calling on the US online streaming platform Netflix to recognise Kosovo as separate from Serbia has received over 23,000 signatures since its launch on Tuesday and caught public attention in the country.

“When Kosovars log in on Netflix, their location appears as if they were in Serbia, even though they use Netflix from the Republic of Kosovo,” the organiser, Sovran Hoti, wrote in the petition.

Kosovo-based Netflix users “cannot even verify their phone number because Kosovo does not appear on the list of countries with their phone entries,” he added.

“Netflix is a US company, and since the US recognises Kosovo, shouldn’t Netflix add Kosovo as a country on their streaming service as well?” he asked.

Kosovo declared its independence from Serbia in February 17, 2008 but its statehood remains contested.

The country has been recognised by more than 110 countries so far but Serbia has vowed never to recognise it and is supported in this by powerful allies, including Russia and China. Five EU member states have also withheld diplomatic recognition.

“The propaganda by Serbia to undermine Kosovo in the international arena continues, especially in major online platforms. This needs to change. Serbia has no jurisdiction in Kosovo and its institutions, and our independence cannot be undermined by them,” Hoti said in his petition.

The petition has caught the attention of leading politicians and cultural figures in Kosovo itself. Acting President Vjosa Osmani went on Twitter to support the initiative.

Kosovo citizens “deserve to be recognised for this [streaming Netflix]. It’s about time you put the Republic of Kosovo on your map”, she said, referencing the company directly.

Other personalities such as former Deputy Prime Minister Haki Abazi and the co-founder of the Prishtina Film Festival, Fatos Berisha, have also joined the call.

No Quick Fix to North Macedonia Telegram Scandal

Posted on by Ivana Jeremic

Authorities in North Macedonia face an uphill battle to confront the dangers of online harassment, experts warn, following a public outcry over the reappearance of a group on the encrypted messaging app Telegram in which thousands of users were sharing explicit pictures and videos of women and girls, some of them minors.

The group, known as ‘Public Room’, was first shut down in January 2020, only to re-emerge a year later before it was closed again on January 29. Reports say new groups have since popped up, their membership spreading to neighbouring Serbia.

Authorities in the Balkan state have mooted the possibility of banning Telegram altogether and criminalising the act of stalking, making it punishable with a prison sentence of up to three years.

The case, however, has exposed the many layers that authorities need to address when it comes to preventing online harassment and sexual violence. And experts in the field say it will not be easy.

“This type of danger is very difficult to handle, given that many countries in the world have had the same or similar problems as North Macedonia,” said Suad Seferi, a cybersecurity analyst and head of the IT sector at the International Balkan University in Skopje.

Seferi cited blocks on Telegram in countries such as Azerbaijan, Bahrain, Belarus and China, but cautioned against following such a route given the risk of it being construed as censorship by those using the app for its primary purpose of simple communication.

“The government could try and reach an agreement, or communicate with Telegram to close specific channels or seek cooperation in prosecuting the perpetrators of such acts,” he told BIRN.

Law not being applied


An image showing the Telegram messenger app. Photo: EPA-EFE/MAURITZ ANTIN

The phenomenon has triggered heated debate in North Macedonia; a number of victims have spoken out publicly about how some of the 7,000 users of Public Room shared explicit, private photos of them or took pictures from their social media profiles and shared them alongside the names and phone numbers of the victims.

One of them, 28 year-old Ana Koleva, met Justice Minister Bojan Maricic over the weekend to discuss her own harrowing experience after her pictures began circulating in the Telegram group and elsewhere and she was bombarded with unwanted messages and phone calls.

Some victims, including Koleva, said they appealed to the police for help but were bluntly dismissed.  One reason given by police was that they were unable to act unless the victim was a minor.

Critics say the group’s re-emergence exposes the failure of authorities to stamp it out in the first place.

“The ‘Public Room’ case revealed the inertia and inability of the authorities to act in such cases of violence and harassment of women and girls,” said Skopje-based gender expert Natasha Dimitrovska. “Although there are laws, they are not implemented.”

North Macedonia’s law on prevention and protection from violence against women and domestic violence also defines sexual harassment and especially online sexual harassment.

“This is in line with the Istanbul Convention, which states that all forms of sexual violence and harassment should be sanctioned,” said Dimitrovska. “In addition, endangering someone’s security and sharing and collecting other people’s personal data without permission are crimes that are already regulated by the Criminal Code.”

She told BIRN that it was imperative that authorities grasp the fact that whatever goes on online has repercussions offline.

“There is no longer a division between offline and online,” she said. “What happens online also has profound consequences in real life. Girls and women who are sexually harassed online are also restricted from accessing and expressing themselves freely in public.”

“What’s even worse is that everything that is online remains there forever and is widely available, so with online harassment it’s even more frightening in the sense that it will remain there for a long time and haunt the victim.”

‘Scary viral dimensions’


Illustration. Photo: Markus Spiske/Unsplash

Cybersecurity experts caution that it is extremely difficult to control or monitor content on platforms such as Telegram, which has become notorious for similar scandals.

In the US and the UK, there are laws against ‘revenge porn’, in which people share explicit pictures of their former partners as a form a retaliation. Six years ago, only three US states has such laws in place. They have since spread to at least 46.

Privacy and data protection expert Ljubica Pendaroska said some public ‘supergroups’ can have up to 200,000 members, which massively increases the chances of privacy violations.

“Usually, in the communication in such groups, the spectrum of personal data related to the victims is supplemented with address of residence, telephone number, information about family members, etc, Pendaroska told BIRN.

“So the invasion of privacy gets bigger and usually goes out of the group and the network, taking on really scary viral dimensions.”

Importance of raising public awareness

To combat such acts, experts advocate raising public awareness about privacy and how to protect it – particularly among parents and children – and punishing violations in a timely manner.

“From experience, young people know a lot about the so-called technical aspects, capabilities and impacts of social networks and applications, but little about their privacy and especially the potential social implications of what is shared in the online world,” said Pendaroska, who also serves as president of Women4Cyber ​​North Macedonia, an initiative to support the participation of women in the field of cybersecurity.

“Our concept is to avoid occasional action but commit to consistent and continuous education of women about the potential risks that lurk in the online world,” she told BIRN, “because that’s the only way to achieve long-term results and to raise awareness.”

“Therefore, our plan is within each project or activity that we implement, to include exactly that component – through various activities and tools to educate women, because awareness is key.”

North Macedonia Threatens to Block Telegram Over Pornographic Picture Sharers

Posted on by Ivana Jeremic

North Macedonia’s authorities on Thursday threatened to block the messaging app Telegram over the activities of a group of more than 7,000 users who have been sharing and exchanging explicit pictures and videos of girls – some of whom are underage.

Some users even wrote the names and locations of the girls. Others have shared photoshopped images taken from their Instagram profiles.

Prime Minister Zoran Zaev said the authorities would not hesitate to block Telegram if they had to – and if the messaging app didn’t permanently close this and similar groups.

“If the Telegram application does not close Public Room, where pornographic and private content is shared by our citizens, as well as child pornography, we will consider the option of blocking or restricting the use of this application in North Macedonia,” Zaev wrote in a Facebook post.

The group, called Public Room, was first discovered in January 2020. The authorities then said that they had found the organisers and had dealt with the matter.

However, a year later, the group has re-emerged, sparking a heated debate in North Macedonia over police inaction.

Several victims whose pictures and phone numbers were hacked and used have complained about what happened to them – and about what they see as lack of action of the part of the authorities in preventing it.

“I started receiving messages and calls on my cell phone, Viber, WhatsApp, Messenger and Instagram,” one 28-year-old victim, Ana, recalled in an Instagram post.

“I didn’t know what was happening or where it was coming from. The next day, I received a screenshot of my picture, which was not only posted in Public Room but shared elsewhere. I didn’t know what to do. I panicked, I was scared, I’d never experienced anything like that,” she added.

But the woman said that when she told the police about what happened, they told her they couldn’t do much about it, since she wasn’t a minor.

North Macedonia’s Minister of Interior, Oliver Spasovski, said on Thursday that the police had arrested four people in connection with the revived group and had launched a full-scale investigation.

“We have identified more people who will be detained in the coming period, so we can reach those who created this group, and also those that are abusing personal data within the group. We are working on this intensively with the Public Prosecutor,” Spasovski told the media.

However, following closure of the group on Thursday, there have been reports that some of its users are opening new groups where they continue the same practices.

Prime Minister Zaev said users of this and similar groups needed to heed a final warning.

“I want to send a message to all our citizens who are sharing pictures and content in that group [Public Room] … to stop what they are doing that and leave the group,” said Zaev on Facebook.

“At the end of the day, we will get the data, you will be charged and you will be held accountable for what you do,” he concluded.

Online Impersonation is a Crime, Romanian Court Rules

Posted on by Ivana Jeremic

Romania’s High Court of Cassation and Justice ruled on Tuesday that pretending to be someone else on Facebook is an offence punishable under the country’s criminal law.

The ruling arose from the case of a man sentenced to three years and eight months in prison for blackmail, digital fraud and breach of privacy for posting intimate images of his ex-girlfriend on a social network and opening pornography site accounts in her name.

According to the indictment, the man created the false social network account after threatening his former girlfriend in December 2018 that he would publish several videos of them having sex, as well as pictures in which she appeared naked, if she did not resume the relationship with him.

The case reached the High Court after the Court of Appeal in the Transylvanian city of Brasov in central Romania asked for its opinion about whether “opening and using an account on a social network opened to the public” to publish real “information, photographs, video images, etc.” could be considered digital fraud as defined by article 325 of the criminal code.

The High Court concluded that “opening and using an account on a social network open to the public, using as a username the name of another person and introducing real personal data that allows for that person’s identification” meets the requirements to be considered as digital fraud.

The Brasov court referred the case to the High Court because other Romanian courts had previously reached different and contradictory conclusions in similar cases.

BIRD Community

Are you a professional journalist or a media worker looking for an easily searchable and comprehensive database and interested in safely (re)connecting with more than thousands of colleagues from Southeastern and Central Europe?

We created BIRD Community, a place where you can have it all!

Join Now