Check out Global Voices’ special coverage of the global impact of COVID-19.
Cases of arbitrary arrests, surveillance, phone tapping, privacy breaches and other digital rights violations have drastically increased in Central and Southeast Europe as governments started imposing emergency legislation to combat the COVID-19 outbreak. Belgrade-based Balkan Investigative Reporting Network (BIRN) and the digital rights organization SHARE Foundation have started a blog titled ”Digital Rights in the Time of COVID-19” documenting these developments.
In response to the coronavirus pandemic, some governments are enhancing surveillance, increasing censorship, and restricting the free flow of information. In many cases, the government-imposed restrictions flouted human rights standards.
The BIRN and SHARE blog also includes a feature inviting the public to submit reports of incidents to their database. Bojan Perkov, policy researcher at the SHARE Foundation, wrote a summary of their findings, noting the following:
Dosadašnja saznanja dve organizacije pokazuju da su najproblematičniji višestruki problemi sa privatnošću osoba u karantinu, širenje dezinformacija i opasnih zabluda u vezi sa virusom u onlajn medijima i putem društvenih mreža, kao i povećanje internet prevara.
The information gathered by the two organizations so far shows that the most problematic [violations] are multiple issues involving the privacy of people who are put under quarantine, spread of disinformation and dangerous misconceptions regarding the virus in the online media and via social networks, as well as the increase of internet scams.
The data gathered by the two organizations through the blog's database feature indicate that in just over the last two weeks, 80 people have been arrested, some of them jailed, for spreading fake news and disinformation, with the most draconian examples in Turkey, Serbia, Hungary and Montenegro.
Governments in Montenegro and Moldova made public the personal health data of people infected with COVID-19, while official websites and hospital computer systems suffered cyber-attacks in Croatia and Romania. Some countries like Slovakia are considering lifting rights enshrined under the EU General Data Protection Regulation (GDPR), while Serbia imposed surveillance and phone tracking to limit freedom of movement.
Potentially infected citizens have been obliged to submit to new forms of control by law. In Serbia since the declaration of a state of emergency was declared and all citizens arriving from abroad must undergo quarantine. During a March 19 press conference, President Aleksandar Vučić stated that the police is “following” Italian telephone numbers, checking which citizens use roaming and constantly tracking their locations. This was specifically aimed at members of Serbian diaspora who returned from Italy and are supposed to self-isolate in their homes. He also warned the people who leave their phones behind that the state has “another way” of tracking them if they violate quarantine, but didn't explain the method.
In neighboring Montenegro, the National Coordination Body for Infectious Diseases decided to publish the names and surnames of people who must undergo quarantine online, after it determined that certain persons violated the measure, and as a result “exposing the whole Montenegro to risk.” Civic alliance challenged this measure through a complaint submitted to the Constitutional Court of Montenegro.
In Croatia, concerned citizens developed a website samoizolacija.hr (meaning “Self-isolation”), which allegedly enabled anyone to anonymously report quarantine violators to the police. The site was been subsequently shut down, and the Ministry of Interior initiated criminal investigations against suspected violators of privacy rights.
Crisis Headquarters of the Federation of Bosnia and Herzegovina issued a recommendation on how to publish the personal data of citizens who violate the prevention measures, as government institutions at cantonal and local level started publishing data about people in isolation and self-isolation, including lists of people identified as infected by the coronavirus. In response, on March 24, the Personal Data Protection Agency of Bosnia and Herzegovina issued a decision forbidding the publication of personal data of citizens tested positive for the coronavirus or those subjected to isolation and self-isolation measures.
The above cases of publication of health data online involve direct violation of the laws that designate them as protected at the highest legal level.
Perkov also raised the issue of whether these measures are effective, in particular because this puts people in danger. In Montenegro, infected people whose identities were revealed on social networks, have been subjected to hate speech.
Dalje, da li je ideja javno posramljivanje ljudi koji ne poštuju samoizolaciju ili smanjenje broja prekršaja? Kriterijumi proporcionalnosti i neophodnosti takođe su na veoma tankim osnovama i bez adekvatne opravdanosti. Mogu se postaviti pitanja da li je zaista neophodno objaviti imena svih građana u samoizolaciji po adresi stanovanja javno na internetu i da li je to jedini način da se obezbedi poštovanje zakona.
Furthermore, is the idea behind such measures the public shaming of people who disrespect the obligation for self-isolation or the reduction of number of violations? The criteria of proportionality and necessity have not been properly respected and their adequacy had not been justified. One can question whether it is really necessary to publish the names of all citizens under self-isolation with their home addresses online, and whether this is really the only way to ensure respect for the law.