7 April 2020
Artem Kozliuk, internet activist, head of the NGO Roskomsvoboda, co-founder of the Digital Rights Centre, member of the expert council of the State Duma Committee on Information Policy, Technology and Communications, in conversation with Darya Kozlova
During the coronavirus pandemic, many countries have begun using tracking technology to monitor quarantine measures and identify people who were in contact with those who have fallen ill. However, in this emergency situation, human rights and freedoms are often trampled on.
Specialists from the ‘Roskomsvoboda’ project have launched an interactive map of digital rights restrictions brought about by the pandemic. A significant number of countries on the world map are now marked in red, meaning that digital restrictions have already been introduced in them. As well as China, Russia and Iran, several European countries, including Spain, France, the UK and Italy, are marked in red. ‘Novaya Gazeta’ talked to Artem Kozliuk, head of ‘Roskomsvoboda’, about how the coronavirus will change the attitude of states towards mass surveillance and whether it is possible to resist the collapse of digital freedoms.
Can we say that the pandemic has ‘untied hands’ in many nations in terms of electronic surveillance of their populations?
Definitely. To create the map, we consulted local and international media sources, together with official information published by the authorities, in order to understand where measures are being taken to control citizens and what types in different countries. This includes geolocation tracking, use of facial recognition systems, and the obligation to install software, etc. It is clear from the map that it’s not only Russia, China and other Asian countries which have introduced measures to restrict citizens’ rights and freedoms, but also the USA, Latin American countries and Europe. All this has been introduced under the pretext of fighting the pandemic. Of course, many of these measures are justified in the context of the fight against coronavirus, but society needs to be sure that they will be curtailed again after the pandemic. There’s a great danger that Russia, as well as China and Iran, will not end their technological surveillance, but will extrapolate it to other areas of their activities.
Where are the worst-case scenarios developing currently?
It’s worth calling out China. Russia has taken its own path: QR codes and route tracking. In various regions, you now need to get permission to travel about. A facial recognition system – beyond public control – is being developed in Moscow. In Kazakhstan, people who have had contact with people who have the virus, or who are ill themselves, have to install special software. In some countries, citizens are being monitored by drones, while in other countries special regulations are being introduced. The situation is changing daily. If, on one day, there is no data on a particular country, by the next day we might have got new information and be able to highlight it in red on our map. However, we can’t rank countries according to what extent civil rights and freedoms are being trampled on, since restrictions are affected by many different factors. In places were laws are more liberal, the measures that have been introduced may be completely justified by local legislation.
What kind of monitoring techniques are used most often?
Facial recognition systems and phone tracking. This also includes censorship in the media and on social networks. Several states are very sensitive to information they consider fake. Furthermore, even in Russia the media often itself tries to publicly challenge decisions [of authorities]. By way of explanation they maintain that they were taken out of context, in addition to which there was grounds to publish the data. Such restrictions are the type of censorship introduced in the midst of the pandemic.
Various tracking applications have appeared even in Spain and Great Britain. What are they exactly? Are they similar to “Social Monitoring” which was developed in Russia?
Their functionality might vary slightly, but as we are seeing, state applications can be pretty crude, rudimentary inventions, as was the case with “Social Monitoring” when it launched in Moscow. It was immediately found to contain a huge number of bugs, which put users at risk of having their confidential information lost. This is one of the tangible components. Due to this, substantiation of all the nuances is virtually impossible, with technical investigations needed to compare applications: how much one or another programme encrypts traffic, to what degree of accuracy they gather data in accordance with local legislation.
Restrictions are being introduced in both Asia and Europe as well as America. However, the key difference lies in the fact that, in more democratic nations, the likelihood of phasing out such measures after the pandemic subsides is far greater than in non-democratic ones. In democratic regimes there is public oversight and a more adequate judicial system. If a citizen of any European country feels that their rights have been infringed, they are more likely to be able to defend their interests in court, than those in Russia or China.
If we look at the example of “Social Monitoring”, could installing such applications become standard practice further down the line as part of the law on mandatory pre-installation of Russian software?
Yes, you’re spot on there. Therein lies the main task [for human rights defenders]: that of ensuring that the basic technological methods which appeared in the midst of the pandemic don’t wind up being used in the mainstream and come to invade our existence. Otherwise, we really would be heading towards a dystopia.
There are different ways of referring to a mandatory application, including the altogether innocuous-sounding: “Epidemiological situation monitoring” or “health monitoring”. [The state] can require all those registered with medical institutions to use it. Subsequently, it appears that the application gathers geotagging data, records our movements and data relating to our contacts and who we have been in touch with. All this is done under the guise of safeguarding our health.
In Russia all this could become compulsory, having changed somewhat to reduce the impact on public opinion. Usually, that’s how it always is when a government introduces tough measures. They are always justified either by protection from terrorism or protection of children and other good purposes. That is not a trend exclusive to Russia.
A couple of days ago in the State Duma deputy Anton Gorelkin put forward a proposal to slow the functioning of a number of foreign Internet services because of the epidemic. Can that measure be considered a violation of digital rights?
Yes, his proposals directly contradict the notion of network neutrality. Until now Russia has always supported network neutrality: Internet-related companies – providers, telecom operators – must not give priority to one or another source of traffic. If that happens it could have economic and technological consequences. In European countries many telecoms operators also want to introduce prioritisation of traffic for video calls or messengers. Literally, if you want to use Skype, WhatsApp or watch serials on Netflix then pay an additional fee or the signal will be very slow or the operators will stop it altogether. If you haven’t paid additional fees, then live without messengers or Netflix.
However, in countries where attempts have been made to breach network neutrality there are also public protests. Many IT companies are putting up resistance. This is a very dangerous trend that could become universal after the pandemic. If that does happen we shall find ourselves in a world where the state will decide whether to give an adequate bandwidth for YouTube or not. Today we have a pandemic, tomorrow we may have political upheavals.
Probably there are people who try to make money off the back of technological approaches to controlling the spread of the virus?
This is a very important question – who are the beneficiaries of the violations of our digital rights? When various restrictive laws are introduced in Russia, all too often behind them can be seen the interests of various state corporations that make money from these technological decisions. Among these companies are those that build data storage facilities, develop software, and so on. Of course, the large scale introduction of technological surveillance will be of interest to those who have long ago taken a seat at the government feeding trough and who benefit from government contracts. Such companies always exist: for some wars are a calamity, for others it is an essential source of income. This is a moral choice.
Can a “sovereign internet” law come into full effect during a pandemic?
There are relatively few people discussing a “sovereign internet” at the moment. Maybe they’ve put things on hold for a while because the government has shifted its attention to something else. On the other hand, it’s been clear for a while that the government won’t be able to implement the law. The law went into effect on 1 November last year, but even then no one expected that it would work here in Russia, that Vladimir Putin would have a red button in his office that he could use to turn off the Internet.
The fact of the matter is, other bills that monitor the Internet are implemented in the very same way here — the “Yarovaya package,” for one, has not yet entered the active phase. No storage has been created to process the data from all Internet traffic, the law to monitor VPN is not very effective, and the law on deanonymizing messenger users does not work. And as it stands, these laws have been implemented for over a year.
In this context, a “sovereign internet” law is even more of a failure. It’s clear that it couldn’t be fully implemented in one year. But the individual elements the law mentions are now being constructed, training is being carried out, and it’s likely that more modern means of filtering traffic are being established.
We’ll also be able to see self-contained manifestations of the law during the pandemic. Internet shutdowns, for example, if there is sudden unrest among people across the country. It’s hard to imagine that now, of course, but there are altercations. For example, someone brought masks to doctors but wasn’t let in, and there was a conflict with law enforcement [this is a reference to the arrest of Anastasiya Vasileva, leader of the Doctors’ Alliance, on 3 April in the town of Okulovka, in Novgorod region, where she brought personal protective equipment for doctors — D.K.]. People are being fined for parking their cars [also on 3 April, a resident of Ufa was fined for violating self-isolation — D.K.]. If there are flare ups like these, then the authorities can apply a specific element of sovereign Runet and disconnect the network in specific regions. Now, this can be done as ordered by Roskomnadzor, in the blink of an eye.
What will happen to our digital rights once the pandemic has ended?
I can’t predict what new kinds of technology may appear in the future (at the moment, satellite Internet deserves attention). However, now there’s a risk that the privacy of communication will be violated, that there will be full-on censorship, restrictions on the right to movement, and violations of the right to privacy in our personal lives, by means of the implementation of a facial recognition system on which there is no public consensus in the world. There is also no civilian oversight or understanding of how video tracking violates our rights and freedoms.