Tag: Social media

Facebook Pulls Pro-Trump Network Operating From Romania

Posted on by Ivana Jeremic

Facebook on Thursday announced it had removed dozens of accounts on Facebook and Instagram operated by people in Romania who claimed to be American supporters of US President Donald Trump, Reuters reported. A few Trump fan pages also created in Romania were shut down as well.

“We removed 35 Facebook accounts, 3 Pages and 88 Instagram accounts,” reads the report in which Facebook informed of the removal of the Romanian-based accounts. 

“The people behind this network used fake accounts – some of which had already been detected and disabled by our automated systems – to pose as Americans, amplify and comment on their own content, and manage Pages including some posing as President Trump fan Pages,” the document concluded.

Besides hiding their real locations, some of the cancelled accounts presented “coordinated inauthentic behaviour” that violated the platforms’ rules, Facebook said. Some of the accounts were run by the same persons, using multiple fake identities, for example. 

The accounts promoted stories backing Trump’s re-election in November and stressing the support he was allegedly receiving from conservatives, black Americans, Christians and followers of the so-called QAnon conspiracy theory, Reuters said.

QAnon conspiracy followers believe Trump is waging a secret war against an elite of Satan-worshipping paedophiles operating in government, business and the media.

Facebook security policy head Nathaniel Gleicher said the company hadn’t determined yet if the Romanian group was motivated by money, ideology or a government directive.

“This activity originated in Romania and focused on the US. We found this network as part of our investigation into suspected coordinated inauthentic behavior ahead of the 2020 election in the US,” the company added.

The reach of the scrapped accounts seems to have been small, as they were followed by no more than a few thousand other accounts.

Turkish Ruling Party Announces Strict Controls on Social Media

Posted on by Ivana Jeremic

The Justice and Development Party, AKP announced on Tuesday that it will bring in a long-awaited new law to regulate social media more strictly and potentially impose large fines and bandwidth reductions on companies that do not comply with government demands.

“Closing social network providers is not our first priority. We have five levels of sanctions,” Ozlem Zengin, the AKP group deputy chairperson, told media.

She added that other countries such as the US, Germany and France are eyeing similar regulations but said that “there is still not an agreement on social media regulations [in international law]”.

“Violations of the right of privacy require sanctions,” Zengin added.

The new law will require social media companies to appoint an official representative in Turkey who will answer the government’s demands including the removal of “harmful content” in a timely manner.

If an official representative is not appointed or the demands are not answered, there are a series of potential penalties.

A company will first face a fine of 10 million Turkish lira fine (1.27 million euros) and then of 30 million lira (3.80 million euros).

If it still does not comply, it will face an advertisement ban for three months.

As a final sanction, its bandwidth will be halved and then cut by 95 per cent.

Citizens also can apply to social media companies if they claim their rights have violated and in this case, the fine will be 5 million lira (636,000 euros).

President Recep Tayyip Erdogan warned of harsh new regulations several weeks ago after he was angered by insults to members of his family on social media.

“Such platforms don’t suit this country and our people. That’s why we want these social media platforms completely shut or controlled after bringing the issue to our parliament,” Erdogan said on July 1.

Opposition parties and human rights groups see the new law as the president’s latest attempt to control media platforms and silence his critics.

The Turkish government has earlier asked social media companies to move their servers to Turkey.

The new regulations might result in these companies quitting the Turkish market, experts have warned.

The draft law on social media was introduced in April but was then postponed because of the COVID-19 pandemic.

The law is expected to come to parliament soon, before the summer recess.

Montenegro Activist Grilled for Facebook Post on Serbian Protests

Posted on by BIRD

Montenegrin police on Thursday questioned the civic activist and member of the “Odupri se (Resist)” movement, Omer Sarkic, for a Facebook post about the recent protests in Serbia.

In an ironic post, Sarkic called on the opposition Democratic front to stage protests in front of the Serbian embassy in Podgorica over police brutality against protesters in Belgrade. He stated a fictional press release in which the DF warned that it will resist police brutality in Serbia as it does in Montenegro.

“I explained to the police officer that my post was ironic, as I wanted to show that part of the opposition and Montenegrin media are silent about the protests in Belgrade. It’s sad that some police officer who was reading my Facebook posts didn’t understand what my nine-year-old son understood,” Sarkic said.

Serbian police this week have clashed with thousands of angry protesters in Belgrade and other cities against the official handling of the coronavirus crisis and the announced re-imposition of restrictive measures, including a curfew this weekend.

In Belgrade, they used tear gas to disperse the crowds. In Kragujevac, protesters smashed the windows of the local police building. Protesters in Novi Sad threw rocks and rubbish bins at the windows of the ruling Progressive Party facilities, at Radio Television of Vojvodina and at city hall.

Cameras caught numerous examples of the Serbian police using excessive force, with several attacks on journalists also reported.

But the violence in Serbia has thrown the mainly pro-Serbian opposition parties in Montenegro off balance. On July 8, Democratic Front MP Marina Jocic insisted that the police in Belgrade had been abused by the protesters, claiming there was no police brutality.

The Front has strong political ties with Serbian President Aleksandar Vucic and his Serbian Progressive Party, SNS.

On June 25, Sakic was arrested with two opposition Democratic Front MPs and dozens of opposition supporters after violent protests rocked several towns in Montenegro.

Hundreds of people joined protests in Podgorica, Niksic, Bijelo Polje, Berane, Pljevlja, and Bar after an opposition mayor in the resort of Budva was arrested for refusing to hand over power despite losing control of the local assembly.

Activists and opposition politicians accused the police of breaching their powers during the arrests in Budva, after videos were published showing officers beating people in the streets even when they were not resisting arrest. Videos showed police kicking a man lying on the ground in Budva while another showed them kicking a young man even though he did not resist arrest.

Since January, there were several cases of arrests in Montenegro linked to posts on social networks. In separate cases, two Montenegrins and one Russian citizen were arrested for spreading fake news about the COVID-19 pandemic on social networks.

On April 9, police arrested an opposition Democratic Front activist for posting fake news about the health of President Milo Djukanovic, claiming he had the coronavirus. Radovan Rakocevic, from the town of Bijelo Polje, was put in custody for 72 hours for the offence of spreading panic.

Even before the COVID-19 outbreak became more serious in Montenegro, there were arrests for spreading panic about it. On March 13, the Basic Court ordered 30 days in custody for Milivoje Brkovic for posting a message on Facebook that said state officials were hiding the real number of people suffering from the coronavirus. The country confirmed its first two cases on March 17.

Romania Recognises Cyber Harassment as Form of Domestic Violence

Posted on by BIRD

As of July 9, Romania will recognise cyber harassment as a form of domestic violence under recently-adopted amendments to the country’s 2003 Law on Domestic Violence published in the Official Gazette on Monday, Romanian media reported.

The move follows a ruling against Romania in February by the European Court of Human Rights over the state’s failure to protect the Internet privacy of an abused woman whose Facebook profile and emails were accessed by her former husband.

There are frequent reports in the Romanian media of sexual violence against women and minors in which the perpetrators make first contact via social media.

Under the amendments, ‘cybernetic violence’ includes “online harassment, online messages that instigate hatred for reason of gender, online stalking, online threats, publication of information and intimate graphic content without consent, [and] … illegal interception of communications” of a digital or online nature.

The use of social networks or emailing services “with the aim of shaming, humiliating, provoking fear, threatening, [and] silencing the victim” of domestic abuse also constitutes cybernetic violence, under the new text of the law.

The changes task the National Agency for Equality of Opportunity between Women and Men with promoting research in the field of artificial intelligence that would help “prevent potential risks of technologies that perpetuate sexism, gender stereotypes and cybernetic violence”.

In an op-ed published on the news portal hotnews.ro, lawyers Monica Statescu and Simona Ungureanu hailed the amendments as “an important step in protecting a significant segment of the victims of aggressive behaviour online.”

The lawyers called for “the adoption of an explicit set of rules that incriminate any violent online activity regardless of the relation between the victim and the aggressor”.

North Macedonia: Facebook Pages Target Users with ‘Identical Content’

Posted on by BIRD

The Atlantic Council’s Digital Forensic Research Lab, DFRLab, which works to counter disinformation online, says its researchers have found dozens of Facebook pages linked to at least 10 Macedonian news outlets, demonstrating “several characteristics pointing to coordinated activity, including the near simultaneous publication of identical content”.

While some of these Facebook “assets” acknowledged their connection to the outlets whose content they were amplifying, others had no known connection.

“The assets also demonstrated signs of inauthenticity, as they were created as various interest pages, but ultimately promoted content from news sites to which they disclosed no connection,” DFRLab said.

It added this was clearly an efficient strategy, as the pages in every network had more followers than the official Facebook pages of the promoted media outlets.

A total of four separate networks or subsets of coordinated Facebook assets were amplifying content published by some of these websites: Republika Online, Kurir, Denesen, News24, Puls 24, Galama Club, among others. 

Only one of these is a tabloid. The others publish mostly political content: one of the outlets is openly pro-opposition. The others offer more balanced reporting on internal affairs. 

DFRLab research found coordination within networks of pages, but not across the four networks. There was also no sign that North Macedonian media outlets themselves managed the inauthentic networks.

The Facebook pages were created between 2009 and 2018 and were mostly managed from North Macedonia. Some were managed from the US.

According to DFRLab’s research, some of the Facebook pages seemed connected to Adinamic Media, which publishes news sites supporting the main opposition VMRO-DPMNE party. 

This media company is believed to have links with the Hungarian pro-government public TV network, Magyar Televizio, MTV.

Researchers said the presence and success of these networks had added to the political polarization in North Macedonia ahead of early parliamentary elections due this year. 

“The use of an inauthentic network on social media may enable political forces to mislead people and spread manipulated content to garner voter support, raising a concern on the integrity of the electoral process in the country,” DFRLab said.

VMRO-DPMNE, Putin and right-Wingers

Different pages amplified the same content at the same time from the same media outlets. Red boxes highlight posts from official Facebook pages of Vistina and Republika showing simultaneous posting by official and amplifier pages. Photo: Courtesy of DFRLab

According to the research, the first network consisted of seven Facebook pages that were amplifying articles published by Republika Online, Kurir, Denesen and Vistina

Vistina is a tabloid and doesn’t cover political topics. The remaining three mainly report on political issues and feature pro-VMRO-DPMNE views. All are owned by the same media holding, Adinamic Media, which is connected to Hungary’s MTV, the report said.

According to the Organized Crime and Corruption Reporting Project (OCCRP), a former senior executive at MTV, Agnes Adamik, established Adinamic Media in 2017. The company then purchased a majority of shares in three media companies in the country, mostly supporting VMRO-DPMNE.

According to some experts, these acquisitions helped Hungary’s Prime Minister, Viktor Orban, expand his and his country’s influence in the Balkans. They also supported his then ally in Macedonia, Nikola Gruevski, who obtained asylum in Hungary after fleeing a prison sentence in his home country in 2018.

The Facebook pages in this network posted almost identical articles and at the same frequency. The total number of followers of the seven pages was more than 690,000, while the official Facebook pages had less than 300,000 followers.

“This may indicate that since these outlets had not been successful in growing audiences for their official Facebook pages, they decided to create coordinated networks to amplify their content,” the researchers say.

The second network comprised 17 Facebook pages publishing content from three news outlets: Markukle, News24 and Signal. These also report political issues, but their content is not openly anti-government. 

Some publish supportive articles on Russian President Vladimir Putin, portraying him as an influential leader who upholds traditional values and helps friends in need. News24 sometimes amplified Russia Today and Sputnik videos.

As for the third network of pages, the DFRLab researchers found that the “amplifier pages … may be connected to Filip Petrovski, a right-wing presidential candidate in the 2019 North Macedonia presidential elections and a former member of VMRO-DPMNE party”.

Petrovski opposed the country’s change of name to North Macedonia and has called for the cancellation of the related Prespa agreement with Greece, signed in 2018. Petrovski also posts News24 articles on his own Facebook account.

Two pages in this network had names related to Petrovski, and their “about” sections contained details from his biography and political views.

The fourth network of Facebook assets amplified content published by two outlets, Net Medical Diet, which reports on health, and Galama. According to the research, the eight amplifier pages were managed from North Macedonia and from the US.

DFRLab also found five Facebook pages amplifying content from outlets owned by EM media, in which Adinamic Media has a majority of shares.

“Although the DFRLab was not able to identify coordination between them, there is a likelihood that EM Media was using these assets for content promotion,” the report said.

The Castle: How Serbia’s Rulers Manipulate Minds and the People Pay

Posted on by BIRD

His Twitter name is ‘Robin Xud’, a Serbian homage to the legendary English outlaw hero who robbed from the rich and gave to the poor.

And just like the Sheriff of Nottingham in the ballads of Robin Hood, Xud’s enemy resides in a castle, in this case an Internet database registered in 2017 at www.castle.rs

Staring into two monitors in a dimly-lit room, Xud – who spoke on condition BIRN did not reveal his true identity – is part of a small team of programmers tracking the online operations of Serbia’s ruling Serbian Progressive Party, SNS.

According to Xud’s band of merry men and the findings of a BIRN investigation, the Progressives run an army of bots via the ‘Castle’ working to manipulate public opinion in the former Yugoslav republic, where President Aleksandar Vucic, leader of the party, has consolidated power to a degree not seen since the dark days Slobodan Milosevic at the close of the 20th century.

With the help of the programmers, this reporter gained exclusive access to the network for several months in 2019, observing how hundreds of people across Serbia log into the Castle everyday during normal working hours to promote Progressive Party propaganda and disparage opponents, in violation of rules laid down by social network giants like Twitter and Facebook to avoid the coordinated manipulation of opinion.

It is a costly operation, one that the Progressive Party has not reported to Serbia’s Anti-Corruption Agency. But the party doesn’t foot the bill alone.

This investigation reveals that some of those logging into the Castle are employees of state-owned companies, local authorities and even schools, meaning their botting during working hours is ultimately paid for by the Serbian taxpayer.

“Right now, over 1,500 people at least are botting every day,” said Xud. “They sit there in their jobs and instead of working they spit on their people.”

‘This is not activism’


Row of campaign billboards of the ruling Serbian Progressive Party (SNS) in Belgrade, Serbia, 2020. Photo: PA-EFE/KOCA SULEJMANOVIC

The Progressive Party took power in Serbia in 2012, four years after Vucic split from the ultranationalist Serbian Radical Party and declared himself a changed man who now favours integration with the European Union after years of demonising the West.

As the opposition splintered, the Progressive Party established itself as the dominant political force with Vucic as its strongman. It is widely expected to win handsomely in parliamentary elections on June 21.

Serbia’s minister of information during the 1998-99 Kosovo war, when NATO bombed to halt a wave of ethnic cleansing and mass killing in Serbia’s then southern province, Vucic has presided over a steady decline in media freedom since taking power.

Critics find themselves shouted down and pushed to the margins, the most vocal dissenters often targeted for online abuse.

In April this year, the Progressive Party’s online escapades made international headlines when Twitter announced it had taken down 8,558 accounts engaging in “inauthentic coordinated activity” to “promote Serbia’s ruling party and its leader.”

BIRN has reported previously on how some of these accounts made their way into pro-government media, their tweets embedded in articles as the ‘voice of the people’.

This story lifts the lid on the scope of the Progressive Party’s campaign, how it directs the tweets, retweets and ‘likes’ of an army of people and how ordinary Serbs are footing part of the bill.

“This is not about activism, where a person writes what he wants or what he believes in,” said Xud. “These people have tasks; it is literally written what they need to criticise and how to criticise”.

The Progressive Party did not respond to questions submitted by BIRN for this story. However, in early April, after the Twitter announcement, Slavisa Micanovic, a member of the party’s main and executive boards, took to the platform to dismiss claims about a “secret Internet team” within the party, saying everything was public and legitimate.

“What exists is the Council for Internet and Social Networks, established in the party congress of 2012 and which can be found in the Statute and deals with promoting the party on the Internet and social networks,” Micanovic tweeted.

Reporting for duty

One August day in 2019 began like this:

At 7.56 a.m., a user named Nada Jankovic logged into the Castle from the town of Negotin, near Serbia’s eastern border with EU members Romania and Bulgaria. “Good morning, duty officer,” Jankovic wrote. Minutes later, in Sabac, just west of Belgrade, Dusan Ilic joined in with the words, “Good morning all”.

The bots had reported for duty, each entering the Castle system via a private account.

Xud and his team first accessed the Castle in January 2019 via an account with a weak password.

The Castle, they found, links to all Facebook and Twitter accounts operated by each user – frequently more than one per user – and lists five Twitter profiles they are obliged to follow: the official accounts of the ruling Progressive Party, President Vucic and Interior minister Nebojsa Stefanovic, as well as the accounts of two Progressive Party officials – deputy leader Milenko Jovanova and Micanovic.

‘Daily performance reports’ contain the name of the user, the municipality where they logged in and the extent of their activity on a given day: comments, likes, retweets and shares.

Points are allocated depending on how busy a user has been, though it is not clear whether this translates in rewards.

“The system is designed to follow every step the bot takes, from morning to night,” said Xud. “Everything is recorded in the Castle.”

Once logged on, the bots await their instructions.


Active users inside Castle system. Screenshot: BIRN

On August 2, it was to shoot down criticism of Vucic’s appearance the day before on a pro-government private television channel called Pink

Vucic had caused a storm when he read from classified state intelligence documents the names of judges and intelligence officials who he alleged had approved covert surveillance against him between 1995 and 2003, a period when Vucic, then a fierce ultranationalist, was in and out of government.

Critics accused him breaking the law by quoting from classified files.

So the Castle kicked in, with the following instruction:

“When replying to this and similar tweets, use this guideline: According to the Law on Data Secrecy (Article 9), the President of the Republic has the authority to extend the secrecy deadline (Art. 20) and revoke the secrecy seal (Art. 26) if it is in the public interest.”


An example of a guideline for Twitter in Castle system. Screenshot: BIRN

Days later, on August 5, a picture of Vucic started doing the rounds on Twitter in which he wore sneakers that critics said were worth 500 euros. The Castle turned its sights on his political opponents, Dragan Djilas and Vuk Jeremic; one bot tweeted, “Where did Djilas get half a million euros in his account from?”

In the space of just one day that BIRN monitored, the Castle bots were sent 60 different Twitter posts they were instructed to combat; the majority were posted by opposition leaders Djilas, Jeremic, Bosko Obradovic, Sergej Trifunovic, Dragan Sutanovac, Zoran Zivkovic and Velimir Ilic.

The Castle ‘special bots’ in charge of issuing instructions stressed the need to avoid detection; in late January 2019, users received a link to a statement by Vucic in which he condemned insults directed by his former mentor, the firebrand Radical Party leader Vojislav Seselj, at a female MP from the opposition Democratic Party, Aleksandra Jerkov.

The instruction read: “We are writing comments on this news in the sense: He (Vucic) did not apologise, because there is nothing to apologise for. He condemned the insults as he would for anyone, unlike the opposition which supports opposition leaders who call women derogatory names.”

“Write in your own words,” it stressed. “DO NOT COPY THE GUIDELINE!!!”


Instruction to defend Vucic. Screenshot: Robin Xud

Botting while at work, on the taxpayer dime

Among those receiving such guidelines is Milos Jovanovic, a former public sector employee in the youth office of the local authority in Cukarica, a municipality of the Serbian capital, Belgrade, but now deputy director of the Gerontology Centre in Belgrade, which helps care for the elderly.

Jovanovic is paid out of state coffers. But according to BIRN monitoring, last year he spent much of his working day logged into the Castle. He declined to comment when contacted by BIRN.

Fellow Castle users are Mirko Osadkovski, employed in the local authority in Zabalj, northern Serbia, as a member of the Commission for Statutory Issues and Normative Acts and a local councillor, and Damir Skrbic, head of the communal services in the municipality of Apatin near the western border with Croatia.

Osadkovski did not reply to emailed questions. Skrbic declined to comment when reached by phone.

But they are not the only ones.

The Castle database contains the names of at least two Progressive Party people elected to the local assemblies of Vrsac, near the Romanian border northeast from Belgrade, and Sabac – Milana Kopil and Nenad Plavic respectively.

Kopil responded that she would not comment for BIRN. “As someone who supports the policies of Aleksandar Vucic, I have absolutely nothing positive to say about BIRN,” Kopil said. Plavic said he would only talk after the June 21 election.

Then there are those employed in public enterprises such as state-owned power utility Elektroprivreda Srbije, and others who work in schools.

In August last year, the Nis-based portal Juzne vesti published the ‘testimony’ of an unnamed Progressive Party member and former member of the party’s ‘Internet team’ who said that the bots had been organised by party officials with the intention of creating a false image of public satisfaction with the government. He also said that most of the bots were employed in public companies and risked dismissal if they did not follow orders.

Costly operation

The website http://castle.rs/ was first registered in October 2017. Its ownership has not been visible since the privacy clause for this domain was activated. But there is ample evidence that it is controlled by the Progressive Party, not least the IP address.

According to the IPWHOIS Lookup tool on ultratools.com, the IP address found in the code of a mobile application that existed in Castle, 77.46.148.99, was registered in March 2016 at the same address as the party’s Belgrade headquarters in Palmira Toljatija Street. It is one of eight IP addresses leased by the party, from 77.46.148.96 to 77.46.148.103.


SNS as an owner of the IP addresses. Screenshot: WHOIS

The ultimate owner is Telekom Srbija, a state-owned telecommunications company.

BIRN asked Telekom Srbija how much the Progressive Party pays for use of its static IP addresses and when the lease agreement was made. The company replied:

“Telekom Srbija has a commercial contract with the SNS, just as we have commercial contracts with thousands of other legal entities. We repeat, we cannot disclose the details of contracts with our customers.”

However, Andrej Petrovski, a cyber forensics specialist and Director of Tech at the Belgrade-based SHARE Foundation, which works to advance digital rights, said such an operation “does not come cheap.”

“Apart from renting a certain server or buying it and physically keeping and maintaining it – which is the more expensive operation – they also need to buy a domain, a certificate for protection of communication and fixed IP addresses,” Petrovski told BIRN.

“They need administrators who will administer the database and of course there is the cost of the people who work, who are managed through that application.”

Successive Serbian governments have used their hold on power to fill public sector bodies with party loyalists, and the Progressives are no different.

Petrovski said he doubted any other political party had the resources to mount a similar operation on such a scale.

“At the moment, I don’t think any other political party has the money to invest in something like this or is big enough to have an efficient system,” he said. “SNS is proud to have the most activists and to be the largest party in Serbia. It’s logical they are the only ones with the resources and the need for such a tool.”

Hidden costs


Supporters of Serbian progressive party wait in the sun in front of the Serbian national assembly building in Belgrade, Serbia, 2017. Photo: EPA/KOCA SULEJMANOVIC

Political financing laws in Serbia require parties to report their expenses to the Anti-Corruption Agency, which is tasked with preventing financing abuses.

But the Progressive Party’s financial reports since 2013 make no explicit mention of the money spent to create and maintain the Castle system.

“In itself, it is not against the law on financing political activities for a party to buy such software or pay activists to work on it, but it must be recorded in the financial reports,” said Nemanja Nenadic, programme director at the Serbian chapter of Transparency International.

“If it is not recorded financially, then that is a problem.”

“If it was paid for by someone other than the party itself, then it should have been reported as a gift, as a contribution given to the political party by the person who made the payment,” Nenadic told BIRN.

BIRN asked the Anti-Corruption Agency whether the Progressive Party had ever reported such costs. In its response, the Agency cited all obligations a political entity has in terms of reporting its holdings and expenses, but did not comment on the specific case.

Mladen Jovanovic, head of the National Coalition for Decentralisation, which promotes civic participation in local politics, said there was a simple explanation for how some of those working on Castle are paid: from state coffers via public sector jobs.

“The flow of money needs to be checked,” said Jovanovic, whose coalition follows the misuse of public money in Serbia. “That’s the task of the prosecution, because we’re talking about corrupt work that damages the budget.”

“That old dream of all totalitarian regimes, that all citizens say what the leader thinks, has been realised in virtual time by creating in essence virtual citizens.”

On the receiving end


Illustration. Photo: Unsplash/camilo jimenez

Like any other political party, the Progressive Party does not deny promoting itself on social media, but says its ‘Internet team’ is made up of party activists no different from those canvassing for support on the streets.

But BIRN’s analysis of the Castle database shows that the bots do not stop at promoting the party; they frequently target public figures, including journalists and NGO activists.

Zoran Gavrilovic, a researcher for the think-tank Bureau for Social Research, BIRODI, experienced this first hand after he appeared on television to discuss his findings with regards the ruling party’s dominance of the media landscape in Serbia.

Facing a string of insults and threats via Twitter, Gavrilovic responded with the tweet: “A bot is a person who, of free will or due to blackmail, abuses the right to free speech in online and offline space. Botting is a corrupt form of behaviour directed against the public, governance, freedom of speech and the rights of citizens.”

Speaking to BIRN, Gavrilovic said lawmakers should act to rein in such behaviour.

“I look at it as like the para-military formations of the 1990s [during the Yugoslav wars]. There’s no public debate. You are simply an enemy who should be spat on and kicked immediately. It is a para-political organisation.”

The Castle, however, is not the Progressive Party’s first attempt at manipulating public opinion in Serbia via social media.

In 2014, Xud and his fellow programmers uncovered an application called ‘Valter’, after the popular 1972 Yugoslav film about Partisan resistance fighters, Walter Defends Sarajevo.

Unlike the Castle, which works via the Internet, Valter was installed on the home computers of activists and members of the Progressive Party’s Internet team.


Valter software from 2014. Screenshot: Robin Xud

Valter was eventually replaced by Fortress, but when the Serbian portal Teleprompter reported on its existence in April 2015 hackers managed to take down the text and eventually the entire site, which no longer exists. Teleprompter no longer exists.

While the Progressive Party did not respond to a request for comment on this story, Vucic did hit back when Twitter took down the almost 9,000 accounts it accused of “inauthentic coordinated activity” to promote him and his party.

“I’ve no idea what it’s all about, nor does it interest me,” he told a news conference on April 2. “I’ve never heard that anyone on Twitter ever had anything positive to say about me.”

Such denials ring hollow for people like Xud. “People have to know that something like this exists,” he said.

Andjela Milivojevic is a Serbian investigative journalist, specialising in reporting about corruption and crime. For nearly ten years, she worked for the Centre for investigative journalism of Serbia and is now a freelance reporter for several media outlets in Serbia and Kosovo.

This article has been produced as part of the Resonant Voices Initiative in the EU, funded by the European Union’s Internal Security Fund – Police. The content of this story is the sole responsibility of BIRN and can in no way be taken to reflect the views of the European Union.

Hungarian Police Accused of Abusing Powers to Arrest Critics

Posted on by BIRD

Police in Hungary on Wednesday at 6am detained an opposition politician, János Csóka-Szűcs, in Gyula, a small town in Békés County, the media outlet Magyar Narancs reported.

Csóka-Szűcs is the local leader of an opposition movement called the Kossuth Circle and a supporting member of the Momentum party.

Police raided his home and seized his mobile phone and computer, and he was detained and interrogated at the local police station.

Csóka-Szűcs was told that he was being questioned because of a Facebook post from April 20 that he published in a local group “Uncensored chatroom of Gyula,” which was suspected of fear-mongering.

He may face charges under a recent amendment to the criminal law that introduced punishments of one to five years in jail for spreading “falsehoods” or “distorted truth” deemed to obstruct the efforts to combat the pandemic.

This amendment was the part of the controversial Coronavirus Bill, which critics said gave almost “dictatorial” powers to the Prime Minister, Viktor Orbán.

In response to the arrest, the opposition Democratic Coalition said it was organising an “online demonstration”.

Katalin Cseh, an MEP from the Momentum movement, asked people on Twitter https://twitter.com/katka_cseh/status/1260528932392259587 to share the story of Csóka-Szűcs. She accused the police of abusing the law to detain critics of the Orbán-led government.

On April 20, when anti-government demonstrations were held in Budapest, and in the town of Gyula, Csóka-Szűcs shared a call for the demonstration, adding that “1,170 beds were emptied in Gyula as well” to deal with the pandemic.

His post referred to the country-wide anti-pandemic measure during which 60 per cent of all hospital beds were freed up to deal with COVID-19 patients.

In fact, in the local hospital, about 1,200 beds had been duly freed up. But, with this sentence, Csóka-Szűcs had allegedly “obstructed efforts to combat the pandemic”.

Csóka-Szűcs spent four hours in detention at the police station and had to walk home; police did not take him home despite the fact that he is disabled.

This was the second arrest in Hungary for fear-mongering in two days. On Tuesday, a 64-year-old man was detained by police near Szerencs in Borsod county.

He was questioned over a Facebook post he published on 28 April in which he had criticized the government’s anti-pandemic measures, claiming it had deliberately lifted the curfew restrictions at the peak of the pandemic to cause mass infections. He also addressed “Our dear dictator, our dear leader”, saying: “You are a cruel tyrant, but remember, all dictators have failed so far.”

The man, called András, talked later to 444 media outlet about his interrogation.

According to a statement on 5 May, police in Hungary had initiated 83 proceedings on suspicion of fear-mongering and 26 on suspicion of threatening public danger since the pandemic started.

For more information on the state of digital rights and violation amid the pandemic, check BIRN’s digital rights monitoring database.

Facebook Takes Axe to Pages Showing ‘Inauthentic Behaviour’

Posted on by BIRD

Facebook’s April 2020 Coordinated Inauthentic Behaviour Report, published on May 5, said a total of eight networks of accounts, Pages and Groups were removed in the last month for violating the social media giant’s policy against foreign and domestic interference. 

The report said that these influence operations were “coordinated efforts to manipulate public debate for a strategic goal where fake accounts are central to the operation”.

The media giant said it was working to stop coordinated inauthentic behaviour in the context of domestic and non-state campaigns as well as behaviours acting on behalf of a foreign or government actor.

Two of the removed networks, originating from Russia and Iran, were focused on international issues and were trying to interfere in Bosnia and Herzegovina, Hungary and Serbia, the report said.

As for Russia, Facebook removed 46 Pages, 91 Facebook accounts, 2 Groups, and 1 Instagram account “for violating the policy against​ ​foreign interference​ which is​ ​coordinated inauthentic behaviour​ on behalf of a foreign entity”. 

It said this activity originated not only from Russia but from the Donbass region in eastern Ukraine and the Russian-annexed Crimean Peninsula. The people behind it posted in Russian, English, German, Spanish, French, Hungarian, Serbian, Georgian, Indonesian and Farsi, focusing on a wide range of regions around the world.

“The individuals behind this activity relied on a combination of authentic, duplicate and fake accounts – many of which had been previously detected and disabled by our automated systems. 

“They used fake accounts to post their content and manage Groups and Pages posing as independent news entities in the regions they targeted,” the report said, adding that the networks posted ​about geopolitical and local news including topics such as the military conflict in Ukraine, the Syrian civil war, the annexation of Crimea, NATO, US elections, and more recently the coronavirus pandemic​. ​

Facebook’s investigation linked the activity to people in Russia and Donbass as well as to two media organizations in Crimea, NewsFront and SouthFront. 

Following the report, SouthFront dismissed the claims that it offered misleading coverage concerning the coronavirus pandemic and said it does not operate from Crimea, calling it all “blatant lies”.

A total of $3,150 was spent for ads on Facebook and Instagram and was paid for primarily in US dollars, Russian rubles, and Euros, the report added.

Facebook also removed 118 Pages, 389 Facebook accounts, 27 Groups, and 6 Instagram accounts originating from Iran. 

This activity was focused on a wide range of countries globally, including Algeria, Bangladesh, Bosnia, Egypt, Ghana, Libya, Mauritania, Morocco, Nigeria, Senegal, Sierra Leone, Somalia, Sudan, Tanzania, Tunisia, the United States, Britain and Zimbabwe.

These accounts, the report said, “sometimes repurposed Iranian state media content and posted primarily in Arabic, Bengali, Bosnian, and English about geopolitical and local news relevant to each region including topics like the civil war in Syria, the Arab Spring protests, the tensions between Libya and Turkey, criticism of Saudi involvement in the Middle East and Africa, Al Qaeda’s actions in Africa, the Occupy movement in the US, criticism of US policies in the Middle East and the 2012 US elections.”

As for the people behind the coordinated activity, the Facebook investigation found links to the state Iranian Broadcasting Corporation. 

The remaining six networks of accounts, Pages and Groups​ that were also taken down were based in the US, Georgia, Myanmar and Mauritania, and were targeting domestic audiences in their home countries. 

In total, Facebook removed 732 accounts, 793 Pages, 200 groups and 162 Instagram accounts. The report said they were also sharing misinformation about the COVID-19 pandemic.

“All of the networks we took down … in April were created before the COVID-19 pandemic began, however, we’ve seen people behind these campaigns opportunistically use coronavirus-related posts among many other topics to build an audience and drive people to their Pages or off-platform sites. 

“The majority of the networks we took down this month were still trying to grow their audience, or had a large portion of engagement on their Pages generated by their own accounts,” the report noted.

Tech Giants Urged to Preserve Blocked Content About Virus

Posted on by BIRD

A total of 75 signatories, including Balkan Investigative Reporting Network, BIRN, have signed a letter asking social media and content-sharing platforms to preserve all data they’ve blocked or removed during the coronavirus pandemic and make it public for researchers and journalists in the future.

“We understand that many platforms have increased their reliance on automated content moderation during the pandemic, while simultaneously removing misinformation and apparently inaccurate information about COVID-19 at an unprecedented rate,” the letter, published on Wednesday, says.

However, the signatories argue that this data will be of great importance to researchers, journalists as well as people working in public health. 

“This is also an unprecedented opportunity to study how online information flows ultimately affect health outcomes, and to evaluate the macro- and micro-level consequences of relying on automation to moderate content in a complex and evolving information environment,” the letter reads.

The signatories ask companies to preserve all data on content removal including but not limited to information about which takedowns did not receive human reviews, whether users tried to appeal takedowns as well as reports that were not acted upon.

They also ask companies to produce transparency reports with information about content blocking and removal related to the novel coronavirus as well as to allow researchers and journalists to access this data, recognizing that privacy will need to be ensured. 

“It will be crucial to develop safeguards to address the privacy issues raised by new or longer data retention and by the sharing of information with third parties, but the need for immediate preservation is urgent,” the letter further reads.

The letter will be sent to social media giants and companies including Facebook, Twitter, Google, Pinterest, Wikimedia, Reddit, Vimeo, Verizon Media and Microsoft.

Apart from BIRN, other organisations that signed the letter included the Center for Democracy & Technology, the Committee to Protect Journalists, Reporters Without Borders, Syrian Archive, PEN America and others. 

Ever since the COVID-19 outbreak started, a lot of information about the virus has spread online, including potential disinformation, fake news and conspiracy theories. 

In a bid to curb this disinformation, many social media outlets have started deleting such content. At the end of March, for example, Facebook deleted a video from Brazilian President Jair Bolsonaro in which he claimed that hydroxychloroquine was effective in treating the COVID-19. 

Twitter also deleted a tweet about a homemade treatment by Venezuelan President Nicolás Maduro, while YouTube banned conspiracy theory videos linking COVID-19 symptoms to 5G networks. 

Turkish Plan to Muzzle Social Media Delayed by Pandemic

Posted on by BIRD

As Turkey, like the rest of the world, struggles with the coronavirus pandemic, its government plans to take another step to further restrict digital rights in the country.

A draft law will create new responsibilities for answering the government’s demands on their content for social media giants such as Twitter, Facebook and Instagram and popular messaging apps like WhatsApp and Messenger.

The law on social media was dropped from the parliamentary schedule on Tuesday to make way for more urgent bills on the economy and health amid the COVID-19 pandemic. But civil society groups and opposition parties fear it will be back before long.

Human rights watchdogs, experts and the opposition suspect the government of President Recep Tayyip Erdogan is using the coronavirus crisis to place further controls over social media.

Experts warn that the planned measures would have serious consequences for tech companies’ activities, and may result in some leaving the country.

The draft law on social media has been sent to the business world and unions for consultation, but the opposition is sure it will come back to parliament soon.

“Erdogan’s intention is to close down the social media with this draft law. They will try to bring the draft law [back to parliament] at the first possible chance,” Garo Paylan, an MP from the pro-Kurdish People’s Democratic Party, HDP, told the media on Tuesday.

A day earlier, the director of the Turkish branch of Human Rights Watch, HRW, Emma Sinclair-Webb, wrote: “Not content with simply cracking down on individuals for critical social media posts, Erdogan’s presidency is now intent on using the COVID-19 crisis as a pretext to exert direct control over social media platforms.”

Emre Kursat Kaya, a security analyst with the Istanbul-based Centre for Economics and Foreign Policy Studies, EDAM, says times of pandemics are usually compared to wartime periods for a reason.

“People are pushed to make a choice between their individual freedoms and more security from public authorities. Most of the time, it is the latter that prevails. Not many questions are asked and debates around issues are mostly avoided as the crisis requires rapid responses,” Kaya told BIRN.

New law creates long list of obligations


Turkish President Recep Tayyip Erdogan in Ankara, Turkey, 2020. Photo: EPA-EFE/STR

The draft law obliges foreign social media companies with high internet traffic to appoint an official representative in Turkey to answer authorities’ demands concerning the content on their platforms.

Companies will need to respond to communications from the authorities about their content within 72 hours and compile and notify officials of all removed or blocked content in three-month periods, the draft law says.

More importantly, the companies will also be asked to store data belonging to Turkish users within the country.

If they fail to respond to official requests within 72 hours, they will face penalties up to 135 million euros. Companies that do not compile the removed or blocked content, or do not store data in Turkey, could be fined up to 675 million euros.

The draft law also says that companies that do not follow the government’s new rules could face having their bandwidth halved after 30 days by a court order, and then reduced by 95 per cent if they continue to flout the rules for another 30 days.

“The Turkish authorities have long demanded to have official representatives of online service providers,” Kaya noted.

“This demand was linked to a wish to accelerate the removal of unlawful content from online platforms. But even without having a representative in Turkey, these platforms tend to respond to removal requests quite rapidly, and faster than the 72 hours expected by the text,” he added.

Kaya said the first two aspects of the proposed law would not have such a big impact on how fast content is deleted, but “will only add another layer of pressure on online service providers by taking their representatives as responsible”.

He added: “What’s more worrying …  is the third aspect, which basically requires data localization from online service providers.

“This is highly problematic as there is no precedent of such action from these global companies and this could result in them simply leaving the Turkish market,” he continued.

Companies may quit market rather than obey


Two Turkish women try to get connected to the Twitter in Istanbul, Turkey. Photo: EPA/TOLGA BOZOGLU

Taylan Yıldız, a former Google analyst and member of the Istanbul Municipal Council from the opposition Good Party, said that the draft law has many open-ended articles, and it will mostly affect people with pro-opposition ideas and opposition parties.

In March alone, 433 Turkish citizens were detained because for social media posts that allegedly spread fake or manipulative news on the coronavirus pandemic.

At least four people were arrested or fined for their social media posts, including Fikri Saglar, a former lawmaker from the main opposition Republican People’s Party, CHP.

A legal investigation was also started against Omer Gergerlioglu, an HDP MP, because of his social media posts on the effect of the pandemic on Turkey’s overcrowded prisons.

“Companies are left with only two options. They will stop their operations in Turkey, or they will block every content following the government’s complaints,” Yildiz wrote in his personal blog.

Yildiz said that if social media companies withdraw operations from the country, “Turkey will become introverted and will face a disconnection with the rest of the world”.

Turkey previously blocked several social media companies because of their refusals to delete some content.

Court rulings blocked Twitter several times in 2014, though the ban was later lifted following an agreement between Twitter and the government.

As of 2018, Twitter reported that the Turkish government accounted for more than 52 per cent of all content removal requests worldwide; Twitter only answered 4 per cent of the government’s requests.

Turkey also banned the social information platform Wikipedia for more than two-and-a-half years because of content that the government wanted removed. In a surprise decision, the Constitutional Court lifted the ban on January 15, 2020.

“If the legislation passes as it stands, the main issue for social media providers will be the demand for data localization. This is practically impossible, as it would mean an additional financial burden and unavoidable security risks for these companies,” Kaya, from EDAM, said.

He said the demand for data localization was not unique to Turkey, so if companies concede it to Turkey, they will face pressure to do the same for many other countries. “Sadly, this will probably result in many of them leaving the Turkish market,” he predicted.

The worldwide online payments system PayPal ceased all of its operations in Turkey for similar issues in 2016. “Facebook, Twitter and WhatsApp could follow in PayPal’s footsteps and disable the use their applications in Turkey,” Kaya concluded.

BIRD Community

Are you a professional journalist or a media worker looking for an easily searchable and comprehensive database and interested in safely (re)connecting with more than thousands of colleagues from Southeastern and Central Europe?

We created BIRD Community, a place where you can have it all!

Join Now