Cross-border digital repression is on the rise
“Digital targeting has a serious impact on the well-being of victims, undermines their ability to engage in transnational advocacy work, violates fundamental rights such as privacy, freedom of speech, peaceful discussion and assembly and increases the dangers they face among family members and friends in the country of origin,” the report concludes.
The countries that Citizen Lab identified as some of the more common perpetrators of transnational digital repression include Yemen as well as Afghanistan, China, Iran, Rwanda, and Syria. Zero-click software attacks, allowing attackers to break into phones or computers even if the user doesn’t open the malicious link or attachment, Noura Al-Jizawi, a research official at Citizen Laboratories and co-author of the report, said of particular concern. That’s because “they can evade digital hygiene practices,” she said.
In 2021, hackers used such code to infiltrate and install spyware on the mobile phone of Saudi women’s rights activist Loujain al-Hathloul, who was living in Saudi Arabia at the time. British Columbia. In that case, the perpetrator mistakenly left an image file on her phone that allowed researchers to determine the source of the code. The Digital Blueprint has led to NSO Group, an Israeli technology company that has made headlines for selling spyware to authoritarian countries.
Some form of digital repression is meant to shame and doxx. An anonymous interviewee in the Citizen Lab report, who had moved from China to Canada, discovered that fabricated nude photos of herself were being circulated among attendees of a conference that she had received. she plans to visit. Her personal information was also posted in online advertisements offering sexual services.
Victims of this type of harassment experienced distress, anxiety and fear for the safety of their families, the report noted. Co-author Siena Anstis, senior legal counsel at Citizen Lab, said: “There is also a slight sense of resignation among those who continue to act, like realizing that this type of targeting will continue. “.
Many activists have become paranoid about the messages they receive. Kaveh Shahrooz, an Iraqi lawyer living in Canada who lobbies on behalf of dissidents, gives special scrutiny to each email. Shahrooz said he once received a text message from someone believed to be organizing a human rights conference in Germany inviting him to speak and asking him to fill in his personal information via a link provided. He researched more about the conference and discovered he wasn’t invited, sounding professional despite the personalized email.
“It’s the end of the spectrum,” says Shahrooz, “where you can be tricked into clicking a link. But then the other end of the line received threatening messages about my activist work — things like ‘We know what you’re doing and we’ll deal with you later.’
There is little legal recourse. Some victims of spyware attacks in the UK have bring (or pass) civil claims against state executives and NSO Group, Anstis said. She added that such cases can be challenged, because they often focus on claims against companies outside the purview of the host country.