The Advox Netizen Report offers an international snapshot of challenges, victories, and emerging trends in technology and human rights around the world. This report covers news and events from May 10 – 17, 2019.
On May 13, WhatsApp users in multiple countries were targeted with malicious software developed by the Israeli company NSO group and deployed by governments that had purchased the software.
The software appears to have taken advantage of a technical flaw in WhatsApp, that has since been repaired. The attacks were uniquely malicious because of the ease with which they can infect a person’s device — by simply receiving a call or message, a user could unknowingly enable the software to install itself on their device, giving attackers broad access to their private communications and activities.
NSO Group is the creator of the notorious spyware Pegasus, which the company exclusively sells to governments, typically making contracts with law enforcement and intelligence agencies. Once installed, the software ostensibly allows the attacker to see and document everything that victims do and say on their devices, capturing messages, location and many other pieces of data. It has been linked to attacks on activists and journalists in Mexico, Saudi Arabia and the UAE, where it was found on a device belonging to now-jailed human rights defender Ahmed Mansoor.
In response to this and other attacks that have been documented in recent years by advocacy and tech research groups including The Citizen Lab at University of Toronto and Amnesty International, the Bernstein Institute for Human Rights at New York University and Global Justice Clinic are taking legal action in an effort to stop the company from selling this type of software. They have filed a legal challenge demanding that Israel's Ministry of Defence revoke the export license of NSO Group.
Their petition argues that NSO Group is violating international human rights law by allowing governments to target human rights activists, as opposed to aiding them solely in “fighting crime and terror,” as dictated by their licensing agreement.
NSO Group is also facing lawsuits filed by individuals accusing the company of helping the governments of Mexico and the United Arab Emirates to surveil members of civil society. Late last year, a Canada-based Saudi dissident filed another lawsuit, alleging that the software had allowed Saudi authorities to snoop on his communications with journalist Jamal Khashoggi in the lead-up to Khashoggi's October 2018 murder at the Saudi embassy in Istanbul.
Safety tips: How to protect your device and update your WhatsApp
States and companies join ‘Christchurch Call’ to curb violent extremism online
A group of government leaders, tech companies and civil society experts met in Paris on May 15 to discuss the role of the internet in preserving public safety and human rights in the aftermath of the attacks on two mosques in Christchurch, New Zealand in March 2019. Several of the governments and companies later signed a non-binding document known as the “Christchurch Call,” a set of principles and commitments concerning the creation and distribution of viral, violent content online.
Spearheaded by the government of New Zealand, the Christchurch Call aims to be “consistent with principles of a free, open and secure internet, without compromising human rights and fundamental freedoms, including freedom of expression” and indicates that any regulation resulting from the deliberations should adhere to international human rights standards. The call also urges internet companies to provide greater public transparency about their policies and processes for removing (and appealing the removal of) violent content.
Google, Facebook, Twitter and Amazon have joined the call. Alongside New Zealand and several EU governments, Australia, Canada, India, Indonesia, Japan and Senegal have signed on. The US declined to sign, with the White House citing its “respect for freedom of expression and freedom of the press.”
Somalia blocks social media for student exams
The Somali government announced that it will shut down access to social media platforms from May 27-31, in an effort to prevent secondary school students from cheating on end-of-year exams. The exam period was postponed in early May, after officials discovered that a copy of exam answers had leaked online. The secretary of education made the announcement on state television on May 13 and offered no details on which platforms would be blocked.
Amnesty International’s Deputy Director for East Africa, Seif Magango, criticized the move, arguing that Somali officials should “explore ways to secure the integrity of the exams without resorting to regressive measures that would curtail access to information and freedom of expression.”
Singapore approves ‘anti-fake news’ law
Singapore’s parliament approved the Protection from Online Falsehoods and Manipulation Act on May 8, 2019. Commonly known as the anti-fake news law, the Act gives broad, unchecked powers to government ministers to compel website administrators, internet service providers, and even private chat groups to immediately correct or remove ‘fake news’ from their domains. But the law's definition of what counts as fake or false is remarkably vague.
In a letter to Singapore’s prime minister, UN special rapporteur on the promotion and protection of the right to freedom of opinion and expression David Kaye wrote:
“I am concerned that this overbroad definition of falsehood will lead to the criminalization and suppression of a wide range of expressive conduct, including criticism of the government, and the expression of unpopular, controversial or minority opinions.”
Two men in Bangladesh arrested for non-violent Facebook posts
Two men in Bangladesh were arrested after private citizens filed lawsuits against them concerning posts they had written on Facebook. One, Henry Swapon, had criticized a local bishop. The other, Imtiaz Mahmood, had commented on ethnic conflict in the country’s Chittagong region.
Swapon is now facing charges under the Digital Security Act, a 2018 law that criminalizes various types of online speech, ranging from defamatory messages to speech that “injures religious values or sentiments.”
- Data Protection and Digital Agency for Refugees – Dragana Kaurin, World Refugee Agency
- Burned After Reading: Endless Mayfly’s Ephemeral Disinformation Campaign – Citizen Lab