State hijacking of social media is getting worse

WELCOME to Connected Rights, your fist in the air of digital rights news and analysis.

SOCIAL MEDIA HAS BEEN HIJACKED TO INFLUENCE elections in at least 18 countries over the past year, according to Freedom House’s latest Freedom on the Net report: http://bit.ly/2yZcOku

“The Chinese and Russian regimes pioneered the use of surreptitious methods to distort online discussions and suppress dissent more than a decade ago, but the practice has since gone global. Such state-led interventions present a major threat to the notion of the internet as a liberating technology,” the organisation said, pointing to Venezuela, the Philippines and Turkey as countries that now “employ armies of opinion shapers to spread government views, drive particular agendas, and counter government critics on social media.”

And yes, obviously the United States is on that list of affected countries.

More broadly, Freedom House said nearly half of the 65 countries it assessed over the last year had “experienced declines” in online freedom. Thirteen countries “made gains, most of them minor”.

The big problems at the moment are social media manipulation, censors cutting off connectivity and restricting live video-streaming, restrictions on VPNs, and technical and physical attacks on media and activists.

IN RELATED NEWS, EL PAIS REPORTED that Russian influencers used social networks – particularly accounts associated with the chavist movement in Venezuela – in an attempt to deepen the Catalan crisis: http://bit.ly/2zGNWNv

YOUTUBE HAS STEPPED UP ITS CENSORSHIP OF “EXTREMIST” VIDEOS that don’t even show or advocate violence. Now, if the video features people or groups that the Americans or British have designated as terrorists, it gets taken down, according to Reuters: http://reut.rs/2AI35M5

Early victims of the new policy have included videos featuring the now-dead al-Qaeda recruiter Anwar al-Awlaki, which pre-date his advocacy of violence and merely discuss the history of Islam. This looks like YouTube giving in to pressure from the US and UK governments in an attempt to ward off heavier legislation. However, the implications are worrying to say the least.

It all seems quite reminiscent of the time the Thatcher government banned the broadcast of the voices of Sinn Féin leaders (broadcasters ended up overdubbing the voices, which in turn inspired this classic The Day Today sketch: http://bit.ly/2zKcWBF).

Want to support this newsletter? If so, thanks so much! Here’s my Patreon page. Many thanks to those who are already contributing.

WEBSITE-BLOCKING COULD BECOME MORE PREVALENT IN THE EU, thanks to a new consumer protection law: http://bit.ly/2zZJomq

The law is intended to make it easier for authorities in EU member states to crack down on rogue sellers and other rip-off artists. However, it says the authorities must have the last-resort power to order hosting providers to remove or block access to websites, and to order domain registries and registrars to hand over domain names.

As Pirate Party MEP Julia Reda has pointed out, this will necessitate the creation of such mechanisms in some EU countries for the first time – some countries already have these mechanisms in place, but the new law is a regulation, which means it has to apply evenly across the bloc.

Reda warned that the new rules risk “being abused later on for any number of other purposes, including censorship.”

FACEBOOK NEMESIS MAX SCHREMS IS TRYING to make class actions a thing across Europe, in a landmark case that’s now with the Court of Justice of the European Union. However, the court’s advocate-general has given a mixed opinion on how the case should proceed: http://bit.ly/2z3YZBy

The court’s top advisor essentially said Schrems should be able to sue Facebook for privacy violations in his native Austria as a consumer – Facebook had argued he was not a consumer, because he uses his account for professional purposes too, and could therefore not sue it in his home court. However, the AG also said Schrems couldn’t sue the firm on behalf of other people too.

It remains to be seen what the court itself decides, but if it goes with the advice, Schrems would have failed in his quest to introduce class action privacy lawsuits to the European stage.

ITALY NOW HAS A DATA RETENTION LAW that will force communications providers to store records of their users’ activities for a whopping six years. This surely won’t pass muster with the Court of Justice: http://bit.ly/2zIXbgt

FRENCH MILITARY INTELLIGENCE ILLEGALLY STORED the data of a French journalist, Camille Polloni, for six years, a court has ruled: http://lemde.fr/2zKHPZq

AN UPDATE ON THE DISRUPTJ20 FACEBOOK CASE (see http://bit.ly/2wLKIny): The American Civil Liberties Union, which is assisting activists in their fight against the Justice Department, said on Monday that it had won a partial victory.

The DC Superior Court has limited the DOJ’s request to ensure that they don’t get to snoop through third-party communications and stuff about people’s political activity. The DOJ has also agreed to not demand details of everyone who liked or shared the group’s anti-Trump posts. However, the account’s administrators will still see their accounts examined, as investigators look for evidence about people who participated in riots on Trump’s Inauguration Day.

“Our clients, who have not been charged with any crime, expect that when they send private Facebook messages about, for instance, their medical history or traumatic events in their lives, those messages will remain private unless the government shows probable cause to search those particular messages, which it has not done,” said ACLU senior staff attorney Scott Michelman.

If you’d like me to write articles for you about digital rights issues, speak at your event or provide privacy advice for your business, drop me an email at david@dmeyer.eu.

CONNECTED TOYS ARE A SECURITY RISK, according to the British consumer group Which?: http://bbc.in/2AHhlW7

Yes, we already know this, but Which? is calling on specific manufacturers to stop selling toys that have proven security problems. This include the Furby Connect, the i-Que robot, Toy-fi Teddy and Cloudpets, and the problem lies in the insecure Bluetooth link that the toys use to talk to connected apps.

Furby Connect maker Hasbro says there’s no problem, because an attacker would have to make a lot of effort to spy on the device. However, security expert Alan Woodward said: “To produce these toys is bad enough, but to then stock them as a retailer knowing that they are potentially putting children at risk is quite unacceptable.”

APPLE’S FACE ID SECURITY MECHANISM is foolproo… oh no it isn’t, according to a Vietnamese security outfit called Bkav, which claims to be able to fool the iPhone X’s biometric authentication system with a mask: http://for.tn/2ANBj1A