Tag: Romania

Facebook Pulls Pro-Trump Network Operating From Romania

Posted on by Ivana Jeremic

Facebook on Thursday announced it had removed dozens of accounts on Facebook and Instagram operated by people in Romania who claimed to be American supporters of US President Donald Trump, Reuters reported. A few Trump fan pages also created in Romania were shut down as well.

“We removed 35 Facebook accounts, 3 Pages and 88 Instagram accounts,” reads the report in which Facebook informed of the removal of the Romanian-based accounts. 

“The people behind this network used fake accounts – some of which had already been detected and disabled by our automated systems – to pose as Americans, amplify and comment on their own content, and manage Pages including some posing as President Trump fan Pages,” the document concluded.

Besides hiding their real locations, some of the cancelled accounts presented “coordinated inauthentic behaviour” that violated the platforms’ rules, Facebook said. Some of the accounts were run by the same persons, using multiple fake identities, for example. 

The accounts promoted stories backing Trump’s re-election in November and stressing the support he was allegedly receiving from conservatives, black Americans, Christians and followers of the so-called QAnon conspiracy theory, Reuters said.

QAnon conspiracy followers believe Trump is waging a secret war against an elite of Satan-worshipping paedophiles operating in government, business and the media.

Facebook security policy head Nathaniel Gleicher said the company hadn’t determined yet if the Romanian group was motivated by money, ideology or a government directive.

“This activity originated in Romania and focused on the US. We found this network as part of our investigation into suspected coordinated inauthentic behavior ahead of the 2020 election in the US,” the company added.

The reach of the scrapped accounts seems to have been small, as they were followed by no more than a few thousand other accounts.

Romania Recognises Cyber Harassment as Form of Domestic Violence

Posted on by BIRD

As of July 9, Romania will recognise cyber harassment as a form of domestic violence under recently-adopted amendments to the country’s 2003 Law on Domestic Violence published in the Official Gazette on Monday, Romanian media reported.

The move follows a ruling against Romania in February by the European Court of Human Rights over the state’s failure to protect the Internet privacy of an abused woman whose Facebook profile and emails were accessed by her former husband.

There are frequent reports in the Romanian media of sexual violence against women and minors in which the perpetrators make first contact via social media.

Under the amendments, ‘cybernetic violence’ includes “online harassment, online messages that instigate hatred for reason of gender, online stalking, online threats, publication of information and intimate graphic content without consent, [and] … illegal interception of communications” of a digital or online nature.

The use of social networks or emailing services “with the aim of shaming, humiliating, provoking fear, threatening, [and] silencing the victim” of domestic abuse also constitutes cybernetic violence, under the new text of the law.

The changes task the National Agency for Equality of Opportunity between Women and Men with promoting research in the field of artificial intelligence that would help “prevent potential risks of technologies that perpetuate sexism, gender stereotypes and cybernetic violence”.

In an op-ed published on the news portal hotnews.ro, lawyers Monica Statescu and Simona Ungureanu hailed the amendments as “an important step in protecting a significant segment of the victims of aggressive behaviour online.”

The lawyers called for “the adoption of an explicit set of rules that incriminate any violent online activity regardless of the relation between the victim and the aggressor”.

Romanians Behind Cyber-Fraud Ring Plead Guilty in US

Posted on by Ivana Jeremic

Fifteen defendants including several Romanians have pleaded guilty before a US judge of involvement in a multi-million dollar scheme to defraud US citizens through online auctions of non-existing goods, a US Justice Department statement issued on Monday by the US embassy in Bucharest said.

The defendants, many of whom were extradited from Romania in 2019, are yet to be sentenced in the US. Most of them operated from the city of Alexandria in Teleorman Country near the border with Bulgaria, in the south of Romania, court documents show.

The syndicate was active from 2013 and most of its members were arrested in 2018 in Romania.

They typically made money posting ads of cars that didn’t exist and convincing American victims to “send money for the advertised goods by crafting persuasive narratives, for example, by impersonating a military member who needed to sell the advertised item before deployment,” the statement read. To carry out the fraud, they created fictitious online accounts, often using stolen identities of US citizens. 

They also delivered fake invoices issued in the name of reputable companies to make the transactions look legitimate, and went as far as setting up call centres operated by ring members who impersonated customer support agents to assure victims of the authenticity of the ads.

The latest to plead guilty did so last week before a court in Kentucky. 

One suspect, Bogdan-Stefan Popescu, 30, who operated a carwash in Bucharest at the time of the events, admitted to managing the ring’s activities by distributing “the language and photographs for fake advertisements as well as usernames and passwords for IP address anonymizing services” used to defraud its victims in the US.

Popescu said he connected members of the syndicate with those “who would impersonate eBay customer service representatives over the phone”. Starting from 2013, he also oversaw Bitcoin transactions with the money obtained from the frauds, the plea documents show.

Another who last week pleaded guilty was Liviu-Sorin Nedelcu, 34, who posted fake vehicle ads online using fictitious entities to sell vehicles. Once Nedelcu and his co-conspirators convinced victims to purchase falsely advertised goods, they sent the victims invoices for payment that appeared to be from legitimate sellers, such as eBay Motors,” the US statement read. Nedelcu and his co-defendants “engaged in a sophisticated money laundering scheme to convert the victim payment into Bitcoin”.

Weeks before, on May 19, Vlad-Calin Nistor, 33, also pleaded guilty. He confessed to being the founder of a Bitcoin exchange company based in Romania and to having “exchanged over $1.8 million worth of Bitcoin for co-defendant Bogdan Popescu.” Another member of the ring, Beniamin-Filip Ologeanu, 30, also from Romania, worked with others to post advertisements in auction websites such as eBay and classifieds online service Craiglist and conspired with the gang US-based associates to launder the proceeds.

Insults, Leaks and Fraud: Digital Violations Thrive amid Pandemic

Posted on by Ivana Jeremic

From January 26 to May 26, BIRN collected information about 163 cases of breaches of digital rights in Bosnia and Herzegovina, Croatia, Hungary, North Macedonia, Romania and Serbia.

Sixty-eight of the cases related to the manipulation in digital environment, while 25 related to publishing falsehoods and unverified information with the intention to damage someone’s reputation.

BIRN’s monitoring of digital rights, developed together with the SHARE Foundation, has shown that ordinary people were the most affected by such violations, with members of the public being the target in 126 of the cases.

State institutions or state officials violated digital rights in a total of 37 cases, meanwhile.

States rarely addressed the abuses arising from these violations, and in 45 cases, the perpetrators were not identified, while 139 of the total of 163 cases were not resolved.

Eight cases were the result of pressure related to the publication of information, 12 were linked to insults and unfounded accusations and 11 were hate speech and discrimination.

Medical and personal data breaches featured in 18 cases, computer fraud was registered on 11 occasions, while the destruction and theft of data and programs happened in three cases.

Beyond the countries listed above, BIRN noticed an unprecedented rise of digital violations in Montenegro and Turkey, where there were arbitrary arrests and data breaches.

Hackers, data breaches and illegal processing


Infografic: BIRN

Leaked documents, fake websites and the publication of people’s personal and health data have been commonplaces during the ongoing pandemic, but the scale and consequences of the breaches and of the illegal processing of data has yet to be established.

Speculation about the number and identity of COVID-19-infected people led to the mass exposure of personal and private data on social media and messaging platforms. In some cases, the leaks were small in terms of data, but had potentially serious consequences, particularly in situations in which patients’ personal data was revealed.

The most serious cases were reported in Croatia, North Macedonia and Montenegro.

In March in Croatia, a message containing a list of infected patients was shared among people living on the island of Murter, mostly through messaging apps.

Illegal personal data processing and privacy breaches took place in North Macedonia as well. The country’s Agency for Personal Data Protection filed criminal charges against an unknown person for publishing the personal data of people living in the town of Kumanovo.

The public in Serbia became concerned when it was discovered that the login credentials for Serbia’s information system for analysis and storage of health data during the pandemic were publicly available on a health institution website for eight days.

Citizens of Montenegro suffered most from stigmatisation due to a number of leaks of COVID-19 patients’ records. The infected patients’ identities were revealed in posts on social media, sparking hate speech against them.

Individuals who were violated self-isolation measures were also targeted, and often, it was governments that were revealing their personal information.

In Bosnia’s Serb-dominated entity, Republika Srpska, authorities launched a website on which they published the names of people who did not follow the entity’s self-isolation measures. The list can still be found online.

As a measure against the spread of the coronavirus, Montenegro’s government published a list of individuals who were put in self-isolation after  returning home from abroad. The lists, structured by municipalities, include the individuals’ names, surnames, the date when they were put into isolation, and their home addresses. The list was only removed a month after it was published.

People were also targeted by hacker attacks and fraudulent messages or emails, usually trying to collect their personal information or request payments to foreign banks or crypto-currency accounts, as cybercriminals took advantage of the public concerns and confusion created by the pandemic.

Scams, phishing campaigns and cyber-attacks exploiting people’s fear of COVID-19 were most common in Croatia, Serbia, Hungary, North Macedonia and Romania. The Romanian cybersecurity giant Bitdefender said in March that such attempts at fraud “have risen by 475 per cent in March as compared to the previous month”, and were expected to keep increasing.

Threats, hate speech and discrimination


Infographic: BIRN 

While some countries limited the scope of the freedom of speech during the pandemic, some people used their online freedom to unleash threats, insults, discriminatory posts and hate campaigns.

BIRN’s overview looked at several categories of violations:

  • Hate speech and discrimination
  • Threatening content and the endangerment of security
  • Insults and unfounded accusations
  • Falsehoods and unverified information directed towards the damaging of reputations

In total, more than 15 per cent of all the cases that were monitored included one of these violations. The largest number –

This type of online behaviour was often combined with the use of fake accounts and the paid promotion of false content.

The people most commonly affected by the digital violations that were monitored were journalists, medical professionals and people in quarantine.

Discriminatory posts and acts were directed mostly towards refugees, Chinese and Jewish people, women and the Roma community, with the largest number of such cases occurring in Hungary.

Gender-based discrimination was reported in Serbia, where the victims were predominantly politically-engaged individuals and journalists who criticise the government.

Threats and calls for violence against the police in Serbia and Bosnia and Herzegovina were found on Facebook. In both cases, authorities reacted promptly and perpetrators were identified and detained. In North Macedonia two police officers were fined for having taunted and offended people on social networks.

Violations related to damaging reputation predominantly affected governments’ political opponents, independent media and journalists.

Serbia was the country with the largest number of posts aimed at damaging the reputation of independent journalists. In three of four cases of publishing falsehoods, the journalists who were targeted were women.

Journalists were also targeted in North Macedonia and Hungary.

Pressure and arrests for publishing information


Infographic: BIRN 

Due to the highly controlled media landscape and poor level of media literacy in the countries that were monitored, the public was overwhelmed with contradictory information and had much more difficulty in recognising false and misleading information during the pandemic than usual. At the same time, the public’s need for timely and proper information had never been bigger.

While the flow of information continued to grow immensely, states started to arrest citizens for posts on social media over the accusation they caused panic and unrest. Some countries imposed authoritarian regulations that limited the flow of information.

Members of the public, media representatives and politicians were arrested and fined for their writings on social media, often without any clear criteria. Journalists were arrested in Serbia, Kosovo and Turkey.

Arrests and fines have become one of the main tactics to counter fake news and violations of restrictions imposed by all governments in the states that were monitored. In Hungary, Serbia, Bosnia, Croatia and North Macedonia, top state officials warned the public that they faced immediate sanctions for spreading fake news amid the pandemic.

From conspiracy theories to false measures


Illustration: BIRN 

Out of 163 cases, the largest number, 68, were linked with the misuse or manipulation of information. They mostly concerned different fake news, the use of false identities online, the sharing of conspiracy theories, or posts classified by the authorities as causing panic and disorder.

Some of the topics that were misused in this way included:

  • Medicines that can cure the coronavirus, vaccines and laboratory tests
  • Disinfection procedures
  • Tips and advices on how to cure the coronavirus
  • The number of infected people
  • Information about infected people
  • Information on medical institutions and their work
  • The start of the virus and how it developed
  • State measures and actions that have never been declared nor taken
  • Supermarkets and food shortages
  • 5G
  • Other conspiracy theories
  • Online education and information relevant for students
  • Offensive posts and videos about quarantined citizens and about people who arrived from a foreign country
  • Disturbing announcements about the COVID-19 outbreak

In some countries, such as Serbia and Hungary, levels of media freedom are low, with mainstream media often spreading disinformation, while independent media are called fabricators of lies by the authorities.

Nearly 25 per cent of all cases of the misuse or manipulation of information were resolved in some way. The outcomes included:

  • Website or content removal by the state
  • A request for the removal of the problematic post
  • Detention or arrest of a person
  • Official statement about the incident or a public apology

In Romania, most cases in this category ended in content removal. In Serbia, Hungary and Croatia, arrest was the most common outcome.

Manipulated information, conspiracy theories and unfounded claims emerged en masse on social media platforms and news website when most of the countries introduced emergency measures.

Disinformation was most intensively distributed via YouTube, where content blamed the expansion of 5G technology for the COVID-19 outbreak, or blamed multinational companies or foreign governments for the pandemic. In Croatia, one person even destroyed WiFi equipment, thinking it was 5G infrastructure. Mentions of the alleged influence of 5G networks on the pandemic was noted in Romania and Serbia, both on news websites and on social media.

News websites in Serbia, Romania, Hungary and Croatia often published manipulative content that included false information.

April was the month with the largest number of cases reported in this category. Some  30 out of the total 68 cases of manipulations in the digital environment were registered that month.

Information circulating in April and May, which was manipulated or false, mainly referred to the curfew, the number of COVID-19 patients and tests, students’ exams, people in quarantined, 5G transmitters, enforced microchipping and the funding of religious communities. In almost all cases from this category, members of the public were ones affected.

The rise of ‘unknown’ attackers


Illustration: BIRN

In comparison to the cases of online violations reported before the COVID-19 outbreak, BIRN’s monitoring noted a significant rise in cases in which the perpetrators cannot be identified. The number of these cases increased tenfold on a monthly basis.

These unknown perpetrators have been creating Facebook pages, using the virus situation to persecute independent journalists and others, send fraudulent messages in order to destroy computer software systems or steal money, and creating fake website accounts to spread conspiracy theories or medical disinformation.

Unknown perpetrators have also been responsible for computer frauds, the destruction and theft of data and for making content unavailable using technical skills. Hungary had the most cases involving unknown perpetrators, mainly related to computer fraud.

Cases have also shown how states can be violators of digital rights and freedoms. The increased number of cases which ended in arrest or detention revealed the tendency of states to use more power than was necessary, particularly to arrest journalists and citizens for posts on social media.

From having double standards when it comes to reactions to fake news to using their authority to silence people, governments often acted against the interests of their own citizens. According to the monitoring findings, in almost 25 per cent of all cases, the state itself or a state official was described as the perpetrator of a violation of certain guaranteed rights or freedoms.

On the other hand, members of the public were the victims of violations in 126 cases.

Media regulations across the region have been tightened under states of emergency and journalists have been arrested on accusation of spreading misinformation about authorities’ responses to the spread of the coronavirus. Some countries, like Serbia, sought to centralise the dissemination of official information and banned certain media from regular briefings.

The first worrying legal initiative was noted in Croatia, where the government proposed a change to the Electronic Communications Act under which, in extraordinary situations, the health minister would ask telecommunications companies to provide data on the locations of users’ terminals. The legislative change is currently pending.

In Hungary, the Bill on Protection Against Coronavirus, giving the government almost total control of the flow of information about the pandemic, was adopted at the end of March. The Hungarian government also decided to limit the application of the EU’s General Data Protection Regulation, GDPR, and to extend the deadline for public institutions to provide data requested via freedom of information regulations from 15 to 45 days.

Romanian civil society organisations also drew attention to a lack of official transparency and the possibility of media freedoms being curbed by state-of-emergency provisions. Provisions enacted as part of the state of emergency to combat the spread of the coronavirus allowed the authorities to shut down websites that publish fake news and exempted the authorities from answering urgent inquiries from journalists. Access to a dozen websites has been blocked since then.

In North Macedonia, the media faced new procedures for the issue of work permits during coronavirus curfews. The government insisted that its pandemic measures would not affect the public’s right to information, but in practice, institutions were less responsive to freedom of information requests.

In general, there was a trend among many countries to suspend freedom of information requests.

Digital rights, and rights to privacy and freedom of expression on the internet have all faced serious limitations and breaches in South-East and Central Europe. In the semi-democracies of the region, dominated by regimes with elements of authoritarianism, there is legitimate concern about disproportionate interference in citizens’ personal data and concern that recently-imposed measures are not properly tailored to achieve their objectives while causing the least possible damage to guaranteed rights.

Many people’s lives during this period have completely shifted to the online world, where harmful behaviour usually remains unnoticed by authorities preoccupied by offline violations.

During BIRN’s monitoring period, the lack of a human rights-based approach towards people in the digital environment led to discrimination, hate speech and threats. Although protection of basic human rights and fundamental freedoms should be guaranteed on the internet in the same way as it is offline, in practice we have seen an increase in the number of cases of online violations. The forms that those violations take have been evolving as well.

A lack of knowledge and understanding of the online space, and the subsequent lack of internet governance have opened a Pandora’s Box, allowing various state institutions to arbitrarily, partially and unequally interpret people’s online behaviour.

The intense nature of the battle for control of the narrative about the coronavirus has made meaningful oversight of online life and practices, and establishing accountability for online actions, harder than ever.

To read the detailed overview of our digital rights monitoring click here. For individual cases, check our regional database, developed together with the SHARE Foundation.

Romania’s Drive to Censor ‘Fake News’ Worries Activists

Posted on by BIRD

A few days ago, a Romanian MP, Liviu Plesoianu, from the opposition Social Democratic Party, PSD, asked the authorities to block access to the official presidential website, presidency.ro, which he accused of spreading fake news emitted by “a citizen named Klaus Werner Iohannis”.

Plesoianu on April 25 invoked article 54 of the decree issued on 16 March by President Iohannis declaring a state of emergency, which has been used to block access to a dozen websites since then. 

The article grants special powers to the National Authority for the Administration and Reglamentation of Communications, ANCOM, on the request of the Interior Ministry, to block access to any online news platform that publishes content “promoting fake news regarding the COVID-19 evolution and the protection and prevention measures”.

According to Plesoianu, the presidential website was itself guilty of such charges on 11 March, the day the World Health Organization, WHO, declared the coronavirus outbreak a pandemic. 

That day, Iohannis posted a speech on the website in which he said: “Even older people who have other health problems as well, generally have an acceptable condition” – and warned against calling the coronavirus a “killer virus”.

Beyond the debate about whether this assertion constituted misinformation, the MP’s request to close the website for posting “fake news” has few prospects of success, as the National Liberal Party government will not likely take such action against its presidential ally.

But Plesoianu’s stunt has raised bigger questions about the legitimacy of a legal provision that grants the government a referee role to decide what is fake news, and what content can be published or should be censored.

“Whoever decides what is fake news today can decide what is fake based on the preferences of the moment,” Cosmin Pojoranu, from the fact-checking website Factual.ro, told BIRN. 

Pojoranu expresses concerns over the opaque nature of the decision-making process when it comes to blocking access to websites. 

While it is known that ANCOM acts on the request of the Ministry of the Interior’s cluster, created to deal with the pandemic, no details have been revealed about the criteria they use to evaluate content – or if fixed criteria even exist. The public only finds out what’s happened, Pojoranu noted, “through a stark communication, when it is already done”.

Cristina Lupu, of the Centre for Independent Journalism, CJI, calls this lack of transparency “the most worrying part” of the situation. “Blocking access to sites is like a nuclear button; you need to press it with extreme attention and to explain very well how you took that decision,” Lupu told BIRN, warning of potential abuses of this kind of mechanism to censor information in the future.

‘Plan to exterminate pensioners’ and other follies

The websites that are punished for spreading fake news about the coronavirus pandemic, and the government’s response to it, have normally published what most rational persons would rapidly identify as plain lies.

One is the Orthodox Christian news platform ortodoxinfo.ro, whose access was restricted on 24 April, after it published an item of news about a supposed government plan to “kill pensioners in concentration and extermination camps”. 

The article was signed by one Paul Ghitiu and published after a Romanian official who was subsequently dismissed proposed a plan to place people over 65 in separate locations as a way to protect them from infection, while scrapping movement restrictions for the rest of the population. 


Romanian president Klaus Iohannis. Bucharest, Romania, 23 April 2020. Photo: EPA-EFE/DRAGOS ASAFTEI / ROMANIAN PRESIDENCY / HANDOUT

The authorities justified their decision to close the site, citing alleged “behavioural changes” that the article could unleash among readers.

Other sites targeted by the government’s anti-fake news campaign are bpnews.ro, romania-veche.ro and justitiarul.ro. 

Access to them was blocked after they published several stories promoting theories that denounced the pandemic as an invention of Big Pharma and “a conspiracy that pursues the introduction of chips in human bodies through vaccines”, or which accused the Romanian government of using the outbreak to push mandatory vaccination.

Programmer Ovidiu Mihalcea, one of its founders of the news portal Rubrika.ro, uses his IT skills to trace the origins of such misinformation and, together with two colleagues, elaborates a newsletter of “news about fake news”. 

Mihalcea identifies two types of websites spreading such outlandish theories. On the one hand, he said, are those who “do it just for profit”, have no clear political interest and publish “all kinds of sensationalist news”. Others are run by “people who tend to believe the ideas they promote”, mostly having right-wing nationalist views.

A counter-productive approach?

Besides questioning the legitimacy of the methods that the authorities are applying to curb the transmission of fake news, journalists and activists also doubt the efficiency of the approach they have adopted.

CJI’s Cristina Lupu has received many pieces of content promoting disinformation these days, and said most do not come in the form of links to websites like those that have been cancelled but as messages on WhatsApp and social media.

“The closure of some sites has only a cosmetic effect and does not resolve the problem,” said Lupu. 

Pojoranu concurs, seeing the closure measures as a drop in the ocean. He advocates educating the public to discern real news from aberrations like those making the rounds these days. “There are too many sources on the internet, you would need to close half of the internet,” he says, describing the repressive approach to misinformation. “You would need an army, a ministry of censorship,” he added.

Moreover, Pojoranu believes that blocking access to fake news websites can have “a boomerang effect” and amplify the reverberation of some content that would otherwise reach a much more limited number of people. 

“You risk making it become mainstream,” he said about the consequences of such false information making it into traditional media when it informs people about official reprisals. 

Efforts to silence these obscure and often marginal sources, he argued, might paradoxically encourage more people to believe in conspiracies about the government’s control of information.

Some Balkan States Waging ‘Crusade’ Against Media, Report Warns

Posted on by BIRD

Media freedom in Turkey, Bulgaria and Montenegro is the worst in the region, according to the 2020 World Press Freedom Index, published on Tuesday by Reporters Without Borders – but other Balkan countries have largely failed to improve.

“In southern Europe, a crusade by the authorities against the media is very active,” the report warns.

Turkey holds 154th place out of 180 countries worldwide in Reporters Without Borders’ media freedom rankings.

“Turkey is more authoritarian than ever,” the report says, noting an increase in media censorship, particularly of online outlets, despite the release of a number of imprisoned journalists.

Bulgaria is ranked in 111th place, and the report notes that despite international pressure, public radio management suspended experienced journalist Silvia Velikova, a government critic.

This highlighted the lack of independence of Bulgaria’s public broadcasting media and the hold some political leaders have over their editorial policy.

In Montenegro, which is ranked 105th, the report notes no progress, adding that authorities favour pro-government outlets while exercising pressure against other media outlets and journalists.

“In May 2018, investigative journalist Olivera Lakic was shot in the leg. Like in many previous physical attacks on journalists, Lakic’s case is still unsolved,” the report adds. It also mentioned the recent arrests of three journalists on suspicion of causing panic and disorder by publishing fake news.

Serbia is ranked in 93rd place. “After six years under the leadership of Aleksandar Vucic… Serbia has become a country where it is often dangerous to be a journalist and where fake news is gaining in visibility and popularity at an alarming rate,” the report notes.

It says that the number of verbal attacks by politicians on media has risen sharply, and that officials increasingly use inflammatory rhetoric against journalists.

It adds that the assailants who set fire to the house of investigative journalist Milan Jovanovic have yet to be convicted.

North Macedonia is ranked in 92nd place, an improvement on last year, which the report mostly attributes to the attempts for better self-regulation and the publishing of a register of professional online media.

But it also notes that municipal authorities are still able to place advertisements, which remains a tool for financial pressure on media outlets, and that the ruling party, the Social Democrats, have advertised their government’s achievements.

Moldova retains 91st position and the report notes an “extremely polarised” media landscape, with continuing concerns about ownership.

“The media empire built by former billionaire and Democratic Party boss Vladimir Plahotniuc has lost its influence but has been quickly replaced by a media group affiliated to the Democratic Party’s rival, the pro-Russian Party of Socialists,” the report says.

Albania is ranked 84th in the world, down two places from last year, a result of recently-adopted laws against defamation and tightened regulation of online media which could result in censorship and make journalists more vulnerable to government pressures.

Kosovo is ranked 70th by Reporters Without Borders, with the report noting that media in the country remains divided among ethnic lines, and that many outlets are not financially stable.

“Some of the shared concerns are physical and verbal attacks on journalists, cyber-attacks on online media as well as the lack of transparency of media ownership,” the report says.

Greece’s place in the Reporters Without Borders press freedom index, 65th, remains unchanged this year.

Croatia moves up five places and is now ranked 59th, but the report notes that the government is still meddling in the affairs of the national broadcaster, HRT, the defamation is still criminalised and that investigative journalists are often the targets of harassment campaigns.

Bosnia and Herzegovina is ranked 58th, also scoring a five-point rise. The report says the further collapse of public service broadcasters in the country is one of the main weaknesses, along with the polarised political climate, marked by constant verbal attacks and nationalist rhetoric, which “has created a hostile environment for press freedom”.

Romania is ranked 48th in the global index – the best position of all Balkan countries – but the report highlights some continuing shortcomings.

“The attitude towards journalism and free speech that prevails within the state and the political class continues to encourage censorship and self-censorship,” it says.

“The media’s funding mechanisms are opaque or even corrupt, and editorial policies are subordinated to owner interests. The media have gradually been turned into political propaganda tools and are routinely subjected to surveillance by the security services,” it adds.

The report marks Norway, Finland and Denmark as the three best countries in the world for press freedom, while Eritrea, Turkmenistan and North Korea are at the bottom of the list of 180 countries.

Reporters Without Borders says the report shows that the decade ahead will be “decisive for the future of journalism, with the COVID-19 pandemic highlighting and amplifying the many crises that threaten the right to freely reported, independent, diverse and reliable information”.

Central and Eastern Europe Freedom of Information Rights ‘Postponed’

Posted on by BIRD

Citing the fight against COVID-19, authorities in a number of Central and Eastern European countries have extended the amount of time state bodies have to respond to freedom of information, FOI, requests, part of what media watchdogs say is a worrying crackdown on press freedom since the onset of the pandemic.

Media regulations across the region have been tightened under states of emergency and journalists have been arrested on accusations of spreading misinformation concerning the response of authorities to the spread of the novel coronavirus. 

Some countries have sought to centralise the dissemination of official information and banned certain media from regular briefings. 

FOI requests, a vital tool for journalists, have also fallen victim to the virus response; in Moldova, public officials have been allowed to decide alone whether or not to respond, while in Serbia, officials can refuse to respond to questions that are not related to the pandemic. In some cases, state bodies have been told they can delay responding until after a state of emergency has been lifted.

The measures have come in for criticism from rights organisations and raised suspicion that governments are trying to avoid public scrutiny of their response to the pandemic, which in many countries has been slow, chaotic and hampered by shortages of protective equipment for frontline medical staff.

Governments have an obligation to “ensure that measures to combat disinformation are necessary, proportionate and subject to regular oversight,” Dunja Mijatovic, human rights commissioner at the Council of Europe said on Friday.

Describing access to information as a “collateral victim” of government responses, Mijatovic said: “Despite the fact that timely information is essential for the public to understand the danger and adopt measures at a personal level to protect themselves, the filtering of information and delays in responses to freedom of information requests have been observed in several member states.”

Her statement followed a letter to the CoE from ten rights organisations that promote press freedoms and freedom of speech, among them Reporters Without Borders and the International Federation of Journalists, urging the 47-member body to take urgent measures against countries they accused of exploiting the crisis to curb essential freedoms.

Deadlines extended in Romania and Moldova


Romanian President Klaus Iohannis. Photo: EPA-EFE/ROBERT GHEMENT.

In European Union member Romania, President Klaus Iohannis signed a decree on March 16 declaring a 30-day state of emergency, which included a provision doubling the amount of time state institutions have to answer FOI requests.

Media outlets including Dela0.ro have reported that several local branches Health Ministry departments have cited the fight against COVID-19 in refusing to provide information to journalists or deferred questions to the communications office created by the Interior Ministry to centralise information about the crisis.

Likewise in neighbouring Moldova, authorities on Friday tripled the amount of time public bodies have to respond to FOI requests, from 15 days to 45. Media researcher and Independent Press Association, API, journalist Mariana Jacot told BIRN that when she had asked for public information from the Health Ministry she was told that ministry officials have more important things to deal with.

FOI right postponed in Serbia

In Serbia, the government has also extended the deadlines for state institutions to respond to a range of requests, including FOI requests to which institutions now have 30 days to respond once the state of emergency in the country is lifted.

Last week, for example, the Ministry of Trade, Tourism and Telecommunications told BIRN it would respond to an FOI request submitted by BIRN, “within the legal deadlines upon the termination of the state of emergency.”

Serbia’s Commissioner for Information of Public Importance and Personal Data Protection, Milan Marinovic, welcomed the government’s measure in a statement on March 25. 

Marinovic, who was nominated to the post last year by the ruling Serbian Progressive Party of President Aleksandar Vucic, said the move addressed a “number of concerns regarding the course and the calculation of deadlines during a state of emergency.”

His predecessor, however, questioned the way in which the measure was adopted.

“The government can adopt that regulation only when the parliament cannot meet due to objective reasons,” Rodoljub Sabic told BIRN. “The notion that parliament sessions cannot be held now is completely unsustainable, it is complete legal nonsense.”

The Serbian parliament was dissolved on March 15 after the government banned all gatherings of more than 50 people. 

Referring to the trade ministry’s response to the BIRN FOI request, Sabic said: “Your right has practically been postponed.”

“Of course they can answer you. The regulation does not ban it, it only extends the deadlines. If they want, they can answer you.”

“Unfortunately, the regulation puts them in a position where they don’t have to answer the request. They can postpone your right until the state of emergency is over,” he said. “It all comes down to that body’s goodwill.”

Public debate in Montenegro amid pandemic


Delia Matilde Ferreira Rubio, chair of the board of directors of Transparency International. Photo: EPA-EFE/ALESSANDRO DELLA VALLE.

In Montenegro, rights groups have deplored a decision by the government to press ahead with public consultation on proposed amendments to the country’s law on access to information despite the restrictions imposed on public life amid the pandemic.

On March 31, civil society organisations and journalists called for a postponement, arguing that the lockdown had made participatory debate impossible.

The following day, the chair of Transparency International, Delia Ferreira Rubio, warned that any non-emergency legislative measure that requires public consultation should be postponed until full, active participation can be guaranteed.

Nevertheless, the Ministry of Public Administration called for written comments on the amendments to be submitted via the ministry’s official e-mail address by April 13.

The non-governmental Institute Alternative, which promotes good governance and democracy in Montenegro, urged the ministry to wait until the pandemic had passed.

“There is no reason to rush and have a bad discussion during the pandemic,” Stevo Muk said in a press release on April 3. “Especially since neither the government nor the parliament is functioning in a regular way.”

This article was changed on April 7 to amend the time Moldovan authorities have to respond to FOI requests.

Romania’s State of Emergency Raises Media Freedom Concerns

Posted on by BIRD

The Centre for Independent Journalism, CJI, an NGO that promotes media freedom and good practices in journalism, has raised concern that provisions enacted as part of the state of emergency to combat the spread of the coronavirus in Romania could hamper journalists’ ability to inform the public.

“The most worrying aspect of all this is, from my perspective, the limitations to the access to information of public interest,” Cristina Lupu, executive director of the CJI, told BIRN.

“The lack of transparency of the authorities is a very bad sign and the biggest problem our media is confronting now,” said Lupu, adding that this has negative consequences for the public “who don’t have access to information on time”.

Romania’s President Klaus Iohannis declared a state of emergency across the country on March 16.

The measure, which will be in force for 30 days and can be extended with the approval of parliament, has raised concerns that it might be used to keep information secret.

One of its provisions gives the government power to remove from the public arena information considered to be false, a prerogative that authorities have used in at least three time since March 16.

Although the news sites and articles that were targeted were clearly false, the Organization for Security and Co-operation in Europe, OSCE, warned on Monday about the emergency powers “the removal of reports and entire websites, without providing appeal or redress mechanisms”.

“I share the preoccupation of the Romanian authorities to combat the dissemination of false information related to the health crisis,” the OSCE’s media freedom representative, Harlem Desir, said in a statement.

“However, at the same time, I want to recall the importance of ensuring the free flow of information, which is a key component for providing the public with information on the vital measures needed to contain the virus, as well as the respect for the right of the media to report on the pandemic and governmental policies,” he added.

The OSCE warned of the risk posed by the fact that the government can decide what is fake news and what is legitimate reporting, and that the special extended powers granted under the state of emergency could be used to unduly restrict the work of journalists.

The CJI has started a project called The Newsroom Diary to allow journalists to air “frustrations” about working under the state of emergency.

The lack of responses from official institutions is one of the most common challenges reported in the diary, which is published daily on the CIJ Facebook page. The time in which institutions are obliged to answer requests from journalists has doubled under the state of emergency.

Romania: From ‘Hackerville’ to Cybersecurity Powerhouse

Posted on by BIRD

First there was Guccifer, real name Marcel Lazar Lehel, who hacked the email accounts of the Bush family in the United States; then came Hackerville, the moniker given to the town of Ramnicu Sarat due to the international cybergangs it was home to.

Fairly or not, hackers put Romania on the global online map, honing their skills to strike Internet users and companies in the West, particularly the US.

But today, 30 years since the fall of communism, IT and cybersecurity firms are looking to tap the same rich vein of ambition, ingenuity and education that made Romanian hackers so feared and famous.

“Romania is currently one of the largest pools of talent in the IT&C space,” said Bogdan Botezatu, senior e-threats analyst at Romanian antivirus and cybersecurity giant Bitdefender. 

“Based on our tradition in STAMP [Software Testing Amplification] and research, universities deliver engineers, reverse engineers, people who are highly skilled in IT.”

Romania, he said, is already internationally recognised in the field of cybersecurity, and has the potential to play an even greater role.

Made in Romania – a global leader in cybersecurity

Bitdefender is one of the global leaders in cybersecurity, with more than 500 million customers worldwide and a network of research labs in Romania – the largest such network in Europe – to combat online threats.

Some 40 per cent of the antivirus and digital security companies on the market currently use at least one technology developed by Bitdefender. Such success is unparalleled in Romania, a European Union member state where almost no other company has a significant international footprint.

From Bucharest and other Romanian cities, Bitdefender’s experts have led or participated in operations to halt some of the most damaging cyber attacks the world has seen in recent years. 

In 2018, Bitdefender partnered with Europol, Interpol, the FBI and police in a number of EU countries to take down a group of hackers – believed to be from Russia – behind a ransomware called GandCrab. The inventors of the malware sold it on to other hackers who used it against private and corporate users.


View of the Bitdefender’s central headquarters in Bucharest. Photo: BIRN

“It became such a large phenomenon that half of the ransomware attacks happening at that moment were caused by GandCrab,” Botezatu told BIRN. 

“We managed to decrypt [the computers of] 60,000 victims, saving the victims around 70 million dollars.”

Despite its unusual level of sophistication, GandCrab was created as a way for the private individuals behind it to steal other people’s money.

Another type of cyberthreat, however, is state-sponsored and is known among experts as Advanced Persistent Threats, or APTs. 

The goal in this case is to undermine the functioning of key strategic foreign infrastructures or steal secret information from other states. That was the purpose of NotPetya, or GoldenEye, which emerged in 2017 as the work of hackers suspected to have been working for the Kremlin.

These hackers infected the update servers of an accountancy product widely used in the Ukrainian state administration. Everytime a Ukrainian public servant updated the program, the virus entered his or her computer and encrypted all its files. 

The virus had a worm component and quickly contaminated the entire networks to which infected computers were connected, bringing, for example, the Kiev metro to a halt and shutting down at least one airport, several banks and the radiation monitoring system at Chernobyl.

It spread globally, including to Romania, where Bitdefender took charge of the preliminary investigation that led to the identification of the virus after its researchers identified a pattern in the threats suffered by many users of their antivirus products. 

‘You can’t trace them back’

Like the rest of the former Soviet bloc, Romania spent more than four decades under communism, when education placed a premium on scientific and technological training. 

That expertise – and a resourcefulness developed under communism and during the painful transition to capitalism and democracy after 1989 – is now at the disposal of the EU and NATO as they try to combat cyber threats from Russia and other countries vying for a geopolitical upper hand.

And the Romanian state is doing its bit too, via bodies like the Romanian Information Service, SRI, an intelligence agency that took part in investigations that led to the 2018 exposure of Russian state involvement in a cyber espionage and warfare group called Fancy Bear. 

Also known as Sofacy or APT28, Fancy Bear targeted governments and civil society organisations in countries including the Netherlands, Britain, Germany, Romania and the US.


Bogdan Botezatu from Bitdefender. Photo: BIRN

Botezatu said the fact that the infections happened between 9 a.m. and 5 p.m. Moscow Standard Time led investigators to conclude they were being launched from government offices, said Botezatu of Bitdefender, which uncovered the campaign in 2015.

“Behind these kinds of attacks there is a country, and particularly the intelligence community of that country,” said General Anton Rog, head of SRI’s Cyberint centre.

“Of course, governments don’t act directly; through their intelligence services, they infiltrate or create these cybercrimes groups in a way that you can’t trace them back to say that they work with an information service.”

Most APT attacks, Rog told BIRN, are mounted in order to steal sensitive information. “It is a modality of espionage,” he said, “but through cables and cybernetic tools.” 

SRI’s Cyberint centre relies on tip-offs from foreign agencies, technology that recognises abnormal online activity and cyber informers.

Hybrid attacks

Sometimes the dividing line between financial-motivated attacks and APTs becomes blurred, as in the case of the malware family known as Cobalt Strike.

Cobalt Strike was used by the so-called Carbanak group from Russia and Ukraine to extract more than one billion euros from around 100 banks in over 40 countries, including Romania.

“The technology used is [characteristic of an] APT, but the motivation is strictly financial,” said Botezatu. 

Bitdefender conducted ‘post-mortems’ at two of the affected banks. Botezatu said the malware was “extremely sophisticated”, managing even to access the banks’ payment systems.

“With that level of access, the nefarious individuals authorise fraudulent bank transfers, raise the balance of mule accounts or command affected ATMs to spit out the money for them,” Europol said in a statement on the arrest in Spain of alleged Carbanak leader ‘Denis K’ in a 2018 operation that Romania took part in.

“Our suspicion is that… these attacks are used to make money to sponsor strategic attacks,” said SRI’s Rog. “In our evaluation, we take into account the fact that these groups have members who are in contact with governments or information communities,” he told BIRN, noting the costs and human and technical resources needed to develop malware like Cobalt Strike.

“They [governments] don’t want to spend money from their budget, they want to steal money from other countries and sponsor strategic attacks with it,” Rog said.

Strong cybersecurity “ecosystem”

To strengthen security at home and boost Romania’s role in the global cybersecurity game, SRI’s Cyberint centre says it is trying to create “an ecosystem” already being nurtured by courses offered by Cyberint at several universities across the country.

Likewise, Bitdefender partners with universities and high schools in training the next generation.

They may be people like Alexandru Coltuneac, a White Hat Hacker so called because of his transition from developing an Internet virus as a teenager to using his self-taught skills to help giants like Google, Facebook, PayPal, Microsoft and Adobe test their product security.

“I have set myself a target,” Coltuneac told BIRN. “I want to find at least one vulnerability in a product of each big company.”

Coltuneac, who is one of a number of Romanian White Hat Hackers recognised by Google and other companies as stars of ‘bug hunting’, now runs his own company together with a colleague.

Called LooseByte, the firm offers businesses cybersecurity tests and services to improve their protection levels.

Coltuneac said he finds pleasure in outsmarting the world’s best professionals.

“It’s a way of doing hacking without harming anyone,” he said.

Hackers Step up Cyberattacks on Hospitals amid Pandemic

Posted on by BIRD

Romanian cybersecurity giant Bitdefender said on Friday that online attacks linked to Covid-19 “have risen by 475 per cent in March as compared to the previous month”, and the numbers are expected to keep increasing until the end of the month .

“Almost one third of the Covid-19-related attacks target public authorities and healthcare institutions,” Bitdefender said in a statement.

One of the medical centres targeted was a hospital in the Czech Republic currently being used for tests against coronavirus.

Bitdefender’s security specialist Filip Truta said that “the cyberattack thwarts efforts in fighting the pandemic”.

Hackers usually infect computers by fooling medical institutions’ personnel with “information about medical procedures and therapies to treat COVID-19 infections”, said Bitdefender. Such messages are mostly sent in the name of institutions such as the World Health Organisation.

The statement mentions the US, Turkey and France as the most targeted countries in the world. Romania was the ninth more targeted country.

“Cyberattacks against hospitals can bring to a halt their activity if, for example, the medical data of the admitted patients is blocked,” Bitdefender said.

“Over time, attackers have repeatedly infected the computers with ransomware and then have asked for a ransom to give back the access to the data,” it added.

In a typical case of these kind of attacks, hackers “code data such as the patients’ medical records” making it impossible for the doctors to treat the patients or perform surgeries.

“As it has happened in Romania, the management of a hospital can be forced to pay a ransom to decode the data” to be able to save the patient.

Hackers also sell patients’ data for up to $400 per medical record on the deep web. Those who buy this information normally use it for frauds.

Bitdefender has decided to offer free assistance to medical institutions so they can step up their security during the coronavirus crisis. Hospitals, clinics and other medical centres can ask for help at the Bitdefender site. www.bitdefender.com/freehealthcaresecurity

Are you interested in topics related to freedom of information, data protection and cybersecurity? Find out more on our interactive platform, BIRN’s Investigative Resource Desk (BIRD).

BIRD Community

Are you a professional journalist or a media worker looking for an easily searchable and comprehensive database and interested in safely (re)connecting with more than thousands of colleagues from Southeastern and Central Europe?

We created BIRD Community, a place where you can have it all!

Join Now