In Azerbaijan journalist gets 15 days in prison over a Facebook post

Anar Abdulla was sentenced to 15 days in prison over a Facebook post, according to OC Media reporting. But the charges pressed against the journalist accuse Abdulla of hooliganism and disobeying the police – the most common charges used against civic activists in Azerbaijan.

On September 14, Abdulla wrote a short post on his personal Facebook profile accusing the heads of administrative offices, of deceiving President Ilham Aliyev, while the people pay the price for it.

According to OC Media, the journalist was summoned to the police on October 5 for a “preventive conversation” however Abdulla was handcuffed and detained. The hearing that took place on October 6, where the journalist was sentenced to 15 days was closed to the local press. 

Speaking to OC Media, Abdulla’s lawyer, Zibeyda Sadigova, said, her client denied both charges. During the hearing, police alleged that the journalist disobeyed police orders and used profane language against the officers. Police pressed charges against the journalist as a result.  

In addition to hooliganism and disobeying police, politically motivated criminal charges used against civil society representatives include drug possession and illegal business activity. 

inauthentic pages target independent news platform – will Facebook take notice [part 3, the case of Azadliq Radio]

After The Guardian’s expose on Facebook overlooking trolling activity in Azerbaijan (and elsewhere) earlier this year, one would think that the platform would finally take notice and address how the platform is abused by trolls and the actors operating them. Instead, the loopholes remain and from the looks of it, the platform is doing little to address the use of Facebook Pages – at least in the case of Azerbaijan as pointed out here and here – to target independent media. The most recent example is this Facebook post, shared by Azerbaijan Service for Radio Liberty. The post, is a caricature by Gunduz Aghayev, addressing the rising cost of fuel in the country. Under the post, 549 comments to be exact claim all sorts of things – that the radio is biased, is lying, the economy is doing great, that the State Oil Company (SOCAR) knows exactly what it’s doing, etc. A closer look at the comments reveals that each belongs to a user operating a fake Facebook page. Earlier this month, AIW reported about Azerbaijan’s very own troll factory

Will Facebook take notice this time? 

Hacks and compromised accounts continue to target journalists and activists in Azerbaijan [updated September 13]

Account compromise, website hacks, DDoS attempts, phishing are just a handful of tactics used to target journalists, rights defenders, and activists in Azerbaijan. 

Here is a list of new cases: 

Earlier in July, Azerbaijan Internet Watch reported a phishing attack that targeted some of the civil society activists. Following a forensic investigation carried out in partnership with Qurium, it was possible to confirm that the email was indeed a virus. According to preliminary conclusions, “the e-mail included a link to malware, with the capability of webcam and Desktop recording, execution of windows commands (WMI) as well as extraction and uploading of selected files from the victim’s computer.

Then the civil society was targeted with another phishing, this time the sender pretended to be the National Endowment for Democracy inviting recipients of the email to apply for a Pegasus Grant. 

Preliminary forensic results indicated that the malware sent around in this email was similar to a phishing campaign from 2017, that was widely covered and reported by Amnesty International: 

The victims and targets identified, as well as the political theme of bait documents, indicate that the campaign is largely targeting human rights activists, journalists, and dissidents. This campaign also aligns with findings by VirtualRoad.org in their report, “News Media Websites Attacked from Governmental Infrastructure in Azerbaijan”, which links some of the same network address blocks with “break-in attempts” and “denial of service attacks” against several independent media websites

The malware that was observed is not sophisticated, and is in some manner extremely crude. However, combined with social engineering attempts and an unprepared public, these tactics can remain effective against many targets.

The same month, Azerbaijan Internet Watch received confirmation that the former political prisoner, Tofig Yagublu’s Facebook profile was subject to numerous hacking attempts. 

In early August, former leader of the opposition Musavat party, Isa Gambar reported that all of his social media accounts were compromised including his Facebook profile, Facebook page, and Instagram account. 

The hackers, who took hold of Gambar’s Facebook profile, changed settings, recovery emails, and an affiliated phone number, and have since then shared irrelevant posts. 

On August 27, the website for popular platform HamamTimes was hacked. The team behind the platform, reported all of its content removed, suspecting that the hackers used the site’s vulnerability as a result of weak security protocols in place. So far, HamamTimes, managed to restore all of the website’s archive of stories however its hosting remains vulnerable to new targeting. 

HamamTimes was targeted before as reported by Azerbaijan Internet Watch in a mass phishing attack. 

On September 4, editor of anews.az news website, Naila Balayeva, reported that her Facebook account was compromised. The hacker switched the email account and the phone number originally registered for the profile. Although Balayeva was able to restore access to her email and change the emails, according to the journalist, the hacker continues to use Facebook as the owner often deleting posts that are critical either of the police or the government institutions.  

Anews.az and Balayeva were targeted before. Last year, several Facebook pages affiliated with the website were hacked. 

While it was possible to provide assistance in some of the cases, the response from platforms like Facebook, especially in the case of Gambar has been slow and at times, comical. So far, twice, the platform requested new emails not associated with the platform or any of its apps and twice, Gambar sent proof of identity.  

[Update] On September 9, political activist Bakhtiyar Hajiyev was reportedly threatened by Baku Police Chief Alekper Ismayilov over a Facebook post, that Hajiyev wrote the same day. The post, Hajiyev wrote on Facebook was addressing the Ministry of the Interior, specifically the Minister of the Interior, Vilayat Eyvazov. The activist alleged the ministry was delaying a response to his complaint submitted 50 days ago over a street hooligan. 

[From Hajiyev’s post on Facebook published on September 9, 2021] Instead of investigating why my Ministry of the Interior cannot question street hooligan, who is refusing to speak to them, humiliating police officers who show up at [the hooligan’s] home, Vilayat Eyvazov is going after me for reminding [the Ministry] of my complaint and is threatening me with arrest, death and blackmailing.  

The activist told Turan News Agency that he was summoned to the police on September 9 where Baku Police Chief, Alekper Ismayilov allegedly told Hajiyev less he removes the Facebook post, the activist would face a greater punishment than arrest. 

On September 12, Gubad Ibadoglu, Azerbaijani academic, and an economist reported that his Facebook profile and page were compromised. In an interview with Turan News Agency, Ibadoglu said despite his attempts to strengthen the security of his accounts, they were compromised anyway. “I got a message this morning that my password was changed using my own computer. This means that the hackers of the Azerbaijani government, even in London,” Ibadoglu told Turan. The fact that he received a notification informing him that his computer was the device from which the passwords were changed, means the device was infected with a virus containing some form of keylogger. It won’t be the first time, this type of information extraction is used to target Azerbaijani civil society. 

[Update] In September, online news platform Toplum TV, reported it lost 16k followers on its Facebook page. 

Azerbaijan’s troll factory revealed

Ever since 2013 revelations about Russia’s troll factory, many in Azerbaijan wondered whether the country’s leadership too operated its very own troll factory. Unlike its Russian version, known as the Internet Research Agency, there was only anecdotal evidence of whether this was really the case in Azerbaijan. There were no former “factory” employees who came forward or undercover journalists who temporary worked there and exposed the work carried out later. Not until this month anyway. An investigation against the executive director of the State Media Support Fund Vugar Safarli now reveals that the suspicions were valid after all. And that upon specific instructions a group of “bloggers” were responsible for monitoring Facebook and leaving comments under posts that were critical of the government or relevant government institutions. 

The investigation is part of a criminal case launched against Vugar Safarli who until recently headed the State Fund for Media Development in Azerbaijan. Safarli was arrested in 2020 on charges of money laundering (allegedly 20million AZN) and abuse of authority.

On September 2, Azerbaijan Service for Radio Free Europe, Azadliq Radio published parts of the testimony by Safarli where the former government official implicates not only that the government did indeed deploy trolls but that several high ranking officials including then Presidential advisor Ali Hasanov and former head of the Presidential Administration Ramiz Mehdiyev were well aware of this. Moreover, the building from where trolls operated belonged to Hasanov himself. 

“Ali Hasanov told me that the new rented space, will have internet bloggers who will work from there. And indeed there were a few, who sat there, working unofficially,” Safarli reportedly said in his statement according to Azadliq Radio reporting. 

“We were especially paying a closer attention to Facebook. Each of us operated a large number of fake profiles, which we used to leave comments. These comments were planned ahead of time. We would receive them in the morning. And that’s why often these comments were similar to each other as they were posted from different profiles,” shared one of the former employees who spoke to Azadliq Radio on condition of anonymity.

But leaving comments en masse was not the only requirement. “The Presidential Administration would send us topics of the day that we had to research and prepare material on. Then those materials were posted on various pro-government media platforms and published on pro-government television,” explained anonymous blogger in an interview with Azerbaijan Service.

Over the years, authorities denied any involvement in mass trolling or deployment of troll armies including Ali Hasanov himself who was known among government critics as the “King of trolls.” He repeated this as he was exiting office in January 2020 in an interview with BBC Azerbaijan service: “There is no army of trolls in Azerbaijan. There is simply the public supporting the president.” 

That public supporting the president was also mentioned by current member of the parliament Zahid Oruc, who told Azadliq Radio in a phone interview that “the party does not see millions of citizens who defend the leader of the current government as trolls.” 

Oruc did not directly deny operation of troll armies in Azerbaijan. Instead he said, “the party considered it incorrect to present massive number of comments written on various platforms and coordinated from from one single location as a government policy.”

Previously the ruling part of New Azerbaijan denied operation of troll armies in Azerbaijan. Most recently the ruling party was exposed in a series of investigations released by The Guardian.   

A month prior to the release of The Guardian investigation Azerbaijan Internet Watch published this story exposing how some 500 inauthentic accounts on Facebook (almost all of them were set up as pages) targeted a Berlin-based online news platform Meydan TV and this story uncovering a similar pattern of targeting against another independent online news platform Mikroskop Media.

That the ruling government in Baku deployed trolls was not at all surprising. Surely, activists had their own suspicions for the years having relied on Internet and specifically the social media platform Facebook as the government silenced dissent offline. As the crackdown against Azerbaijan’s civil society intensified and culminated with the arrest of some of the high profile civil society activists in 2014 as well as targeting of independent news platforms, including Azadliq Radio, internet and specifically social media platforms became the remaining avenues for freedom of speech advocates who took to the platform to criticize the policies and decisions of the official Baku. Independent online news platforms, continue to rely on Facebook, Instagram, and YouTube to disseminate news as many of their websites are blocked for access in Azerbaijan.

Will Safarli’s exposure of the former government officials and their direct involvement in running a troll army change anything? Highly unlikely as the government of Azerbaijan survives on its greatest political tool – denialism.

The State of Internet Freedom in Azerbaijan, a legal overview

This is part five and the final installment, in a series of detailed legal reports and analyses on existing legal amendments, and new legislation affecting privacy, freedom of expression, media, and online rights in Azerbaijan and their compliance with international standards for freedom of expression.  

This final report, “The State of Internet Freedom in Azerbaijan, a legal overview” was prepared in partnership with human rights lawyer, Emin Abbasov. It is a comprehensive overview, of the existing legal framework in Azerbaijan on internet freedoms.

The following report identifies gaps within the legislation, policy, and practice that fail to comply with international legal standards in the field of internet freedoms.

As such, the aim of the report is to:

  • identify and report key developments concerning internet freedoms covering the period between 2020-2021;
  • analyze and review legislation, policies, and practices in line with international standards;
  • provide recommendations to strengthen and develop legislation, policies, and practices already in place;

Executive Summary

Azerbaijan’s track record on freedom of expression and freedom of the media has been on a steady decline according to a number of key reports by international media freedom watchdogs. This has been the case especially since 2014.

The most recent rankings by the Reporters Without Borders’ Press Freedom Index in 2020, place Azerbaijan at the bottom of the index, where the country ranks 169 out of 180 countries monitored. Freedom House’s annual Freedom on the Net report ranked Azerbaijan in 2020 as “Not Free.”  

From a legal perspective, despite routine calls on the government of Azerbaijan to ensure the domestic legislation and its application comply with international standards, particularly in line with the ECtHR case-law requirements on freedom of expression, media, and internet rights, the legislative authority, continues to adopt restrictive new bills that further deteriorate fundamental rights and freedoms.

During the reporting period, the parliament in Azerbaijan adopted several amendments to existing national legislation, imposing further restrictions and increasing state control over the internet.  In the meantime, relevant authorities failed to carry out effective and prompt investigations and prosecution into the cases of blackmailing and online sexual harassment against activists and politicians. Further, the government prepared a draft law on the media, with proposals to license Internet televisions and radios, and a new media registry with strict requirements for journalists, media owners, and media platforms. 

The report also identifies the government’s failure to present, sufficient mitigation policies to remove the infrastructural barriers related to internet access when switching to online education during country-wide restrictions imposed in March of last year as a result of COVID19. These barriers were more profound in remote areas of the country where access to the internet is poor due to inadequate infrastructure and among economically vulnerable populations.      

Finally, this report concludes that domestic legislation in Azerbaijan does not provide effective safeguards for the protection of the rights and freedoms of people online. On the contrary, it gives law enforcement a wide range of powers while failing to provide an independent review mechanism neither by the courts nor by other independent institutions over the exercise of those unlimited powers.

In response to these challenges, the report offers a number of recommendations for the government to improve its domestic legislation in line with international standards with the view of better protection of individuals’ rights and freedoms online. The full PDF report can be accessed here. Below are some of the key findings.

Key Developments between January 1, 2020June 31, 2021

  • The Cabinet of Ministers adopted a decision No.22 on January 29, 2020, approving the “Rules of the organization of operation of the information system on activity against foreign technical intelligence,” and “Level of access of information resources of state bodies within the information system on activity against foreign technical intelligence.” However, the specifics of these rules and what they entail were not disclosed;
  • Azerbaijan tightened control over online content, specifically the definition of “prohibited information”. On March 17, 2020, the parliament amended the Law of the Republic of Azerbaijan On Information, Informatization and Protection of Information (30-VIQD). According to the amendment, “prohibited information” includes false information endangering human life and health; causing significant property damage; mass violation of public safety; disruption of life support services; and of financial, transportation, communication, industrial, energy, and social infrastructure facilities; or leading to other socially dangerous consequences.”
  • During the reporting period, the number of attacks and direct targeting against activists, politicians, and their family members with intimate photos, videos, and personal messages that were leaked online, increased significantly;[1]
  • On June 29, 2020, the Parliament adopted amendments to the Law on Telecommunications and appointed the Ministry of Transport, Communications and High Technologies as an administrator of domain name registration in Azerbaijan;[2]
  • On September 27, 2020, authorities in Azerbaijan imposed restrictions on access to the internet by limiting the speed of the internet, blocking access to social media platforms and messenger services such as WhatsApp, Telegram, and others during the second Karabakh war;[3]
  • On January 13, 2021, the government established Azerbaijan State Agency for Media Development, according to the Presidential decree “On deepening media reforms in the Republic of Azerbaijan” [signed on January 12, 2020]. The agency was given broad powers to control the online media landscape;[4]
  • The Government announced a new draft law on media with provisions to license Internet TV channels;
  • Azerbaijan parliament members announced plans to draft a new law on Hate Speech.

Key findings

  • The regulation of the internet in Azerbaijan is controlled by the Ministry of Transport, Communications and High Technologies, (MTCHT). The MTCHT is a government agency, in charge of regulating communications and the development of information technologies. It also controls the internet telecommunications infrastructure.
  • Despite the Law on Telecommunication obligating the state, to ensure healthy competition and antimonopoly activity in the field of telecommunications[7], the import and distribution of the internet in the country is mainly distributed through state companies or private companies under strict government control.[8] According to the Law on Telecommunication (Article 6) regulation of telecommunication activity in Azerbaijan is carried out by the state through broad powers, notably, through the licensing and certification of telecommunication activity, the application of tariffs for the use of telecommunication services, and radiofrequency, and etc.
  • The activities of internet service providers (ISPs) and operators are required to register with the MTCHT. According to the “Rules of registration of operators and providers of Internet telecommunication services” approved by the Resolution of the Cabinet of Ministers of the Republic of Azerbaijan [No. 427] and dated October 12, 2017, operators and providers of internet telecommunication services must register for a license by applying through the MTCHT, within 15 (fifteen) days of the start of the service.[9]  The Rule further states that in accordance with the Presidential Decree No. 507 dated June 19, 2001 “On the division of powers of search operations’ entities while carrying out search operations,” ISPs are required to have a copy of the guarantee, on the installation of special equipment that provides access to information, for search operations.[10] The Rule also requires that the operators and providers submit, approved copy (copies) of the agreement (contracts) concluded with the first subscriber (subscribers), to the registration authority namely the MTCHT.[11]
  • The State Security Service and the Ministry of Internal Affairs are authorized for the organization of search operations within the communication networks in accordance with the Rule approved by the Presidential Decree № 638 dated October 2, 2015 “On approval of the Rules on information security during search operation activities on communication networks”.[12] This respective rule was never published. According to the Constitutional Law “On normative legal acts” laws and presidential decrees signed by the President must be officially published within 72 hours after the signing.[13] The Constitutional Law also allows that certain provisions of normative legal acts reflecting state secrets are not published.[14]
  • On June 17, 2021, the National Television and Radio Council (NTRC) announced the provisions in the draft law “On Media” concerning television and radio broadcasting.[18] According to the draft law a number of restrictions on freedom of expression and information, as well as regulation of media activities is envisioned. For the purpose of this report, only those restrictions that concern and impact freedom on the internet are considered here.
  • The Council of Europe’s Committee of Ministers recommendation CM/Rec(2007)16 to its member States to promote the public service value of the Internet[19] indicates the importance of diversification of competitive market structures in internet resources and ICTs. According to the Recommendations, member states should develop, in co-operation with the private sector and civil society, strategies that promote sustainable, economic growth via competitive market structures in order to stimulate investment, particularly from local capital, into critical Internet resources and ICTs, with particular reference to: developing strategies which promote affordable access to ICT infrastructure, including the Internet, promoting technical interoperability, open standards and cultural diversity in ICT policy covering telecommunications, broadcasting and the Internet. Azerbaijan has so far, failed to meet these recommendations.
  • In the context of its Recommendation CM/Rec(2018)1 to member States on media pluralism and transparency of media ownership, the Council of Europe’s Committee of Ministers refers to the term “online media” and stresses its importance for media pluralism.  It further notes that states have a positive obligation to foster a favorable environment for freedom of expression, offline and online, in which everyone can exercise their right to freedom of expression and participate in public debate effectively, irrespective of whether their views are received favorably by the State or others.[25] Moreover, in 2012, the UN Human Rights Council adopted a key resolution on the promotion, protection, and enjoyment of human rights on the Internet, “calling upon all States to promote and facilitate access to the Internet and international cooperation aimed at the development of media and information and communications facilities in all countries.”[26]
    • So far, the relevant government institutions have failed to offer such assurances in Azerbaijan. The extent of government control and monopoly, as well as poor internet infrastructure, are reflected in numerous international reports. The 2021 Inclusive Internet Index, ranked Azerbaijan 84th globally in the “readiness category,”[27] and the country’s overall performance scores have deteriorated year on year.[28] According to June Speedtest Global Index, (results are updated mid-month for the previous month), Azerbaijan ranked 122nd out of 181 countries in the category of fixed internet speed. The country’s score improved in the category of mobile internet speed, scoring 66th place out of 137 countries ranked in this category.[29]
  • The Guiding Principles on Business and Human Rights also recognize the responsibility of business enterprises to respect human rights, independent of State obligations or the implementation of those obligations (see A/HRC/17/31, annex; and A/HRC/32/38, paragraphs 9- 10). They provide a minimum baseline for corporate human rights accountability, urging companies to adopt public statements of commitment to respect the human rights endorsed by senior or executive-level management; conduct due diligence processes that meaningfully “identify, prevent, mitigate and account for” actual and potential human rights impacts throughout the company’s operations; and provide for or cooperate in the remediation of adverse human rights impacts (see A/HRC/17/31, annex, principles 16-24).[35]
    • These internationally recognized standard-setting instruments are usually not legally binding but elaborated from different binding human rights treaties and standards. Such documents set out a number of recommendations, standards, and commitments on the regulation of Internet infrastructure, as well as the regulatory role of states in accessing the Internet. However, none are implemented in the context of Azerbaijan.
  • During the period of martial law, access to the Internet remained blocked to the public, in the absence of any administrative decisions or justifications, the guarantees associated with the decision, and clearly stated reasons for such restrictions in place.
  • Azerbaijan signed the Budapest Convention – the Council of Europe Convention against Cybercrime – in 2008 and has ratified it, in 2010.[58] The Budapest Convention is a treaty on crimes committed on the internet and on computer networks. In Azerbaijan, regulation of intelligence services and online policing online, including investigation and prosecution of offenses committed online, are regulated by the Criminal Code, Criminal Procedure Code, Law on Search and Operation, Law on Police, and Law on Prosecutors office, including other normative legal acts of the Republic of Azerbaijan. However, there is no dedicated strategy or other specific policy documents on cybercrime currently available or being developed in Azerbaijan.[59]
    • In the absence of such policies, the law enforcement agencies, especially the police, which do not have significant capacity to investigate and prosecute crimes committed online, often interferes with the freedom of expression of the social network users.
    • In recent years, the police increasingly play the role of an arbitrator in resolving public conflicts and disputes between internet users. By complaining to the police, individuals can force others (whom they are in conflict with) to delete their status and comments from social network accounts. In return, police promptly identify those who complained about/against or people who criticize the government, and especially the law enforcement agencies on social networks, forcing them to apologize to the public on camera. Police then share the apology videos with the media.[60]
  • Local civil society activists suggest that during the quarantine period, a large number of people who were held administratively or who were criminally liable for organizing and/or participating in wedding or funeral ceremonies were brought to the police stations, where their forced confessions of repentance were filmed and later broadcasted on national television channels. According to credible reports received by the Election Monitoring and Democracy Studies Center, an Azerbaijani NGO, most people did not give consent to such video recordings. As such, the broadcast of the videos took place against Article 51 of the Code of the Administrative Offenses, which prohibits the dissemination of materials (audio, video, photo) in the mass media without the consent of the person against whom the administrative proceedings are conducted.[62]
  • Such practice was also used against LGBTQI+ people at least on one occasion. In July 2020, police shared the testimonies of two persons, who were accused of allegedly promoting drug use via their TikTok accounts. The video of their forced confession was shown on state media (Azertag), to discredit LGBTQI+ people and to create a negative public image.[63]  
  • Council of Europe Committee of Ministers Declaration on Freedom of Communication on the Internet (Adopted by the Committee of Ministers on May 28, 2003 at the 840th meeting of the Ministers’ Deputies), contains ten principles. According to the seventh principle, “In order to ensure protection against online surveillance and to enhance the free expression of information and ideas, member states should respect the will of users of the Internet not to disclose their identity. This does not prevent member states from taking measures and co-operating in order to trace those responsible for criminal acts, in accordance with national law, the Convention for the Protection of Human Rights and Fundamental Freedoms, and other international agreements in the fields of justice and the police.”[68]
    • But in the case of Azerbaijan, and following the decree on amendments, no such measures were taken into account. Moreover, at the time of writing of this report, there is no information on whether this mechanism was finalized.

 Conclusions & Recommendations

The analysis of the domestic legal framework shared in this report demonstrates that the current legal framework provides law enforcement authorities with unlimited powers to operate in online spaces. The analysis also explains, how this framework empowers the state to exercise full and unchecked control over telecommunication infrastructure.

In such an environment, internet and mobile operators as well as the ISPs have no power or independence to challenge the unlimited powers of the state. Further, our analysis indicates that the legal national framework is designed in such a way, that it fully disregards or undervalues the rights of individuals online while granting authorities ambiguous powers to control everything online in the absence of an independent review of the regulatory authorities’ decisions and actions.

The most striking example of such unlimited powers is an obligation placed on the ISPs to allow law enforcement authorities to set up special technical devices on the ISP’s infrastructure, in order to monitor users online and collect information about them. This is done in the absence of explicit legal provisions which normally would require a court order to carry out such activity, as well as in the absence of independent oversight by a regulatory body, that Azerbaijan failed to establish since 2016. As a result, the lack of an independent regulatory body in the field of telecommunications, as well as the lack of an independent judiciary that is capable of providing effective protection and independent judicial review against the government’s interferences, leaves citizens without any remedies to pursue.

Finally, this report also illustrates the weakness of the legislation on emergency powers, which at the moment fails to indicate the exact limits of government bodies during a state of emergency or war. Such loopholes allow the state authorities to exercise their exclusive powers in a way that can exceed the needs created as a result of such circumstances.

Based on the overview presented above, the following set of recommendations can help improve the overall environment of internet freedom in Azerbaijan:

  • Amend the legislation, notably the law On Information, Informatization, and Protection of Information, including the Code of Administrative Offences and Criminal Code to remove restrictions on content, such as false information, insult, and slander. Consult with the independent civil society groups to amend the legislation on content regulation in order to strengthen the national legislation and make it in line with international standards. Provide self-regulation opportunities for providers and private companies to regulate inapplicable content in online spaces;
  • Consider wider consultation and public discussions when reviewing new legislation and policy to ensure the voices of all key stakeholders are heard;
  • Avoid adopting the draft law on media, that currently requires licensing of the Internet TVs and radios. Instead, ensure the provisions of journalistic activity online is not subject to specific authorization;
  • Establish an independent National Regulatory Authority in line with international standards including, civil society organizations and other relevant stakeholders;
  • Provide effective and prompt investigation and prosecution of online harassment, and blackmailing against activists, politicians, and/or their family members;
  • Amend the Law on Telecommunications, the law on Information, Informatization and Protection of Information and Law on Private Information, including other normative legal acts to indicate what specific measures and in what circumstances the government is undertaking to exclude the anonymity of the internet users, including installing special software and hardware systems for the provision of blanket surveillance in online spaces.
  • Amend the legislation to provide effective safeguards against abuse of power of law enforcement authorities, notably, amend article 10 of the Law of The Republic Of Azerbaijan On Operational-Search Activity to ensure that a respective court decree is required for conducting online tracking, interception, and seizure of private information from the telecommunication channels about individuals;
  • Ensure that the Martial Law and the Law on Emergency Situations contain explicit provisions, notably safeguards, against the abusive application of emergency powers online. In doing so, amend the respective laws to include clear procedures of imposing any limitation over the internet and provide that such decisions are subject to effective safeguards;

[1] Azerbaijan Internet Watch, Targeted harassment via telegram channels and hacked Facebook accounts, March 9, 2021, https://www.az-netwatch.org/news/targeted-harassment-via-telegram-channels/

[2] The law on amendments to the Law of the Republic of Azerbaijan “On Telecommunications”, 29 June 2020, available (in Azerbaijani) at: http://e-qanun.az/framework/45676

[3] Azerbaijan limits internet access to prevent Armenia’s large-scale acts of provocation – short notice from the Ministry of Transport, Communications and High Technologies, available (in English) at: https://mincom.gov.az/en/view/news/990/azerbaijan-limits-internet-access-to-prevent-armenias-large-scale-acts-of-provocation-

[4] Presidential decree on deepening media reforms in the Republic of Azerbaijan, 12 January 2021, available (in Azerbaijani) at: http://e-qanun.az/framework/46675

[7] Article 11.1 of the Telecommunication law. “Operators, providers, other legal and physical persons operating in the field of telecommunication, as well device producers and suppliers are equal subjects in the creation and development of telecommunication services.”

[8] Article 3.1.8, article 11.2, and article 11.2.1 of the Law on Telecommunication

[9] The Rules of registration of operators and providers of Internet telecommunication services Available (in Azerbaijani) at: http://e-qanun.az/framework/36773

[10] Presidential Decree On the division of powers of search operations entities in the implementation of search operations, June 19, 2001, available (in Azerbaijani) at: http://e-qanun.az/framework/3569

[11] Article 3.3.3 of the Rule of registration of operators and providers of Internet telecommunication services.

[12] Presidential Decree “On approval of the” Rules for ensuring information security in the implementation of search operations in communications networks ” 2 October 2005, available (in Azerbaijani) at: http://e-qanun.az/framework/30840

[13] Article 83.1 of the Constitutional Law (№ 21-IVKQ) “On normative legal acts” dated 21 December 2010. Available (in Azerbaijani) at: http://www.e-qanun.az/framework/21300

[14] Article 82.7 of the Constitutional Law (№ 21-IVKQ) “On normative legal acts”

[18] Azadliq Radio, Internet TV channels may require a license, June 17, 2021, https://www.azadliq.org/a/internet-tv-lisenziya/31313244.html

[19] Adopted by the Committee of Ministers on November 7, 2007, at the 1010th meeting of the Ministers’ Deputies, https://search.coe.int/cm/Pages/result_details.aspx?ObjectID=09000016805d4a39

[25] The Council of Europe’s Committee of Ministers Recommendation CM/Rec(2018)1[1] to member States on media pluralism and transparency of media ownership,  (Adopted by the Committee of Ministers on 7 March 2018 at the 1309th meeting of the Ministers’ Deputies), https://search.coe.int/cm/Pages/result_details.aspx?ObjectId=0900001680790e13

[26] The promotion, protection, and enjoyment of human rights on the Internet: resolution / adopted by the Human Rights Council, https://digitallibrary.un.org/record/731540?ln=en

[27] The Readiness category examines the capacity to access the Internet, including skills, cultural acceptance, and supporting policy.

[28] The Inclusive Internet Index, https://theinclusiveinternet.eiu.com/explore/countries/AZ/

[29] The Speed Test global Index,  https://www.speedtest.net/global-index/azerbaijan#fixed

[35] Report by the Special Rapporteur on the promotion and protection of the right to freedom of opinion and expression, para., 45.

https://globalfreedomofexpression.columbia.edu/wp-content/uploads/2017/06/Kaye-Report-March-2017-AHRC3522.pdf

[58] The Law on Ratification of the Budapest Convention, available (in Azerbaijani) at: http://e-qanun.az/framework/18619

[59] Council of Europe, the status of the ratification of the Budapest Convention concerning to Azerbaijan, https://www.coe.int/en/web/octopus/country-wiki-ap/-/asset_publisher/CmDb7M4RGb4Z/content/azerbaijan?_101_INSTANCE_CmDb7M4RGb4Z_viewMode=view/

[60] On June 3, 2020, Baku residents Tatyana Ulankina, Ramin Bakhishov, Allahverdi Imanguliyev, Shirzad Shirzadov, and Taleh Bakhshiyev were detained in the Baku Metro for allegedly resisting police. Police asked that the detained individuals comply with the lawful demands relating to the rules of the special quarantine regime. A video was shot and broadcast on the website of the Ministry of Internal Affairs in which each of the detainees apologized and regretted their actions to the police department. Afterward, a criminal case was launched under Articles 139-1 (violation of anti-epidemic, sanitary-hygienic or quarantine regimes when there is a real threat of the spreading of the disease or the actual spreading of the disease) and 221 (hooliganism) of the Criminal Code, and the investigation was launched. The CCTV footage from the subway that appeared on social media showed there was a minor dispute between one person and two police officers over the wearing of a protective mask, which the person in the video claimed he had and others joined to support him, https://www.youtube.com/watch?v=EBC-l9EuiCQ&t=136s

[62] Election Monitoring and Democracy Studies Center (EMDS), Briefing Document, Measures against the COVID-19 pandemic in Azerbaijan: Deepening pressure on freedoms and Political Crisis, https://smdtaz.org/wp-content/uploads/2020/09/EMDS-briefing-22.09.20.pdf

[63] Azertag,az, People who registered on the social network “Tik-Tok” under the names “Maya” and “Banu” and posted videos promoting drug use were detained, July 23, 2020, https://video.azertag.az/video/98901

[68] Council of Europe Committee of Ministers Declaration on freedom of communication on the Internet, Adopted by the Committee of Ministers on  May 28, 2003, during the 840th meeting of the Ministers’ Deputies, https://search.coe.int/cm/Pages/result_details.aspx?ObjectID=09000016805dfbd5

The Pegasus Project and Azerbaijan – what does domestic legislation tell us about privacy of users in Azerbaijan

This is part four in a series of detailed legal reports and analyses on existing legal amendments, and new legislation affecting privacy, freedom of expression, media, and online rights in Azerbaijan and their compliance with international standards for freedom of expression.  We dedicate this report to the recent Pegasus Project investigations.  

Background

Members of opposition political parties, independent journalists, political and human rights activists have long faced systematic pressure and persecution orchestrated by the government of Azerbaijan. The unprecedented crackdown against civil society that began in 2013, marked a new chapter, in the history of Azerbaijan’s civil society. One, marred by arrests and prosecution of high-profile activists, rights defenders, and journalists.

This systematic pressure and harassment were not only offline. It was only a matter of time, that the internet too would become a place to target activists, journalists, and human rights defenders, holding them accountable for their online criticisms on bogus accusations that often ended with lengthy jail sentences, forced apologies on public televisions (see The State of Internet Freedom in Azerbaijan report), detentions and further forms of persecution.

In a country where almost all avenues for freedom of expression and activism were eliminated, the internet, specifically online media platforms, and social media networks became new targets. To monitor discussions online, prevent citizens from accessing independent news online, or social media platforms, and to further curb freedoms online, the government of Azerbaijan embarked on a shopping spree, becoming a client of companies selling sophisticated surveillance equipment and technology.[1]

By 2021, the government of Azerbaijan has successfully deployed a Remote Control System (RCS), Deep Packet Inspection (DPI), phishing, and spear-phishing attacks often with homegrown malware. The most recent addition to a wide variety of authoritarian technology deployed in Azerbaijan is Pegasus spyware.  

The Pegasus Project

On July 18, 2021, an international consortium of more than 80 journalists from 17 media outlets revealed the Pegasus Project. Spearheaded by Forbidden Stories, a Paris-based journalism non-for-profit, with technical support of Amnesty International Security Lab, the Pegasus Project is a global investigation into an Israeli surveillance company, the NSO Group, and it’s most sought after hacking software called Pegasus.

According to the investigation, the NSO Group sold Pegasus to at least ten government clients including in Bahrain, Hungary, India, Kazakhstan, Mexico, Morocco, Azerbaijan, Rwanda, Saudi Arabia, and the UAE. Among the targets were journalists, human rights defenders, political opponents, business people, and heads of state.

“Forbidden Stories and Amnesty International had access to a leak of more than 50,000 records of phone numbers that NSO clients selected for surveillance,” wrote Forbidden Stories sharing the findings of the investigation.

On the leaked phone records, at least 1000 were identified as belonging to users from Azerbaijan. One of the media partners in the investigation, the Organized Crime and Corruption Reporting Project (OCCRP) took on to investigate numbers that belonged to users in Azerbaijan, Kazakhstan, and Rwanda.

So far, OCCRP was able to identify 250 phone numbers targeted, which belonged to reporters, [2] editors, media company owners, activists, human rights defenders, and their family members. As of July 27, OCCRP confirmed at least 80 cases of the alleged surveillance.[3]

Following the release of the investigations, international organizations, such as Reporters Without Borders, said they will pursue legal action against those responsible for this massive surveillance.[4] In Azerbaijan, some of the targeted individuals intend to appeal to local courts and then to the European Court of Human Rights, on the grounds of infringements of their right to private life.[5]

While law enforcement authorities in Hungary[6], Israel[7], France[8], the USA[9], and Algeria[10] have launched probes into suspected unlawful surveillance via Pegasus spyware, the Azerbaijani law enforcement agencies are yet to respond.

What chance do those targeted in Azerbaijan stand in pursuing legal action against the government of Azerbaijan? To answer this question, we look at the national legislation enabling the government to carry out surveillance en masse and citizens’ rights to privacy. Read the PDF report here.

Domestic framework

The right to private life is under the protection of comprehensive constitutional provisions, namely Article 32 of the Azerbaijani Constitution which guarantees that everyone has the right to the inviolability of private[11] and family life, including with respect to correspondence, telephone communications, post, telegraph messages and information sent by other means of communication. Article 32 further states that gaining, storing, using, and spreading information about the person’s private life without his/her consent is not permitted. These rights may be restricted, as prescribed by law, in order to prevent crime or to determine the truth in the course of the investigation of a criminal case. Section eight of article 32 also indicates that the scope of the personal information, as well as the conditions of their processing, collection, sharing, use, and protection, is prescribed by law.

In addition, there are normative legal acts recognizing the right to private life, including regulating the restrictions of private life in telecommunications networks.

While mentioning a catalog of rights for individuals in respect to the right to privacy[12], article 3 of the basic law on private data – the Law on Private Information,[13] stipulates that the rules for the collection and processing of personal data, concerning intelligence and counterintelligence, and operation-search activities are regulated by other respective legal acts (discussed below).

The Law on Private Information obligates the operators, to create necessary conditions for intelligence, counterintelligence, and search operations in accordance with the legislation, to guarantee relevant organizational and technical issues, and comply with the confidentiality of the methods used to conduct these activities.[14]

Along with the Law on Personal Data, the Law on Telecommunication also determines the powers of state bodies, notably subjects of intelligence and counterintelligence search operations, to collect or intercept personal data from the telecommunication channels and networks.[15]

In Azerbaijan there are two types of oversight over citizens:

  1. Extraction of information from telecom channels, i.e., interception; and
  2. Surveillance

The Law on Operation-Search Activity overseas phone tapping and information extraction from communication channels.[16]  Further, the third section of article 10 of the Law on Operation-Search Activity does not require a judicial act or supervision of higher authority while wiretapping and extracting information from technical communication channels unless there is a need to install technical devices such as voice, video, or photo recorders at the place of residence of the individuals.  

In other words, anyone in Azerbaijan can be subject to such a form of oversight.

The Law on Telecommunication obligates network operators to install special equipment, provided by the State Security Service, Ministry of Internal Affairs, and Special State Protection Service onto the telecommunication networks[17] enabling the Government to extract (intercept) data on anyone regardless of whether that person(s) is part of an investigation process or not.

The installment of special equipment within communication networks is regulated by the “Rules for equipping telecommunications operators and providers with additional technical means for conducting search operations, reconnaissance and counter-intelligence activities” issued by the Ministry of Transport, Communications, and High Technologies on  June 14, 2016.[18] The Rule obligates telecommunication operators and providers to create technical conditions for the conduct of relevant activities within the communication networks.

The Rule defines that Telecommunication Control System (hereinafter – TCS) – is special hardware and software that provides confidential control over the exchange of information of subjects targeted by the relevant measures (such as search and operation, intelligence, and counterintelligence activities), as well as all statistical data of the network. TNS consists of data extraction facilities, transport networks, and control centers.

The Rule also indicates that relevant measures in the communication networks are carried out in accordance with the requirements of the laws of the Republic of Azerbaijan “On Operation-Search Activity” and “On Intelligence and Counterintelligence Activity”.[19]

However, while the Law on Operation-Search Activity may allow secret surveillance and seizure of private information, there are no rules or procedures within the national legislation for secret surveillance and intercepting information by government agencies. There are also no clearly defined rules on determining the grounds for such surveillance and interception activities, their duration, and whether such activities can be stopped by a court or other higher state authority.

Further, when analyzing the national legislation, it becomes clear, that a number of rules about the organization of search operations by law enforcement agencies, as well as the placement of surveillance and tapping devices within the telecommunication infrastructure have not been published. For example, the “Rules for ensuring information security in the implementation of search operations in communications networks” approved by Presidential Decree No. 638 on October 2, 2015, is not disclosed.[20]

As mentioned, earlier, interference with the right to personal data within telecommunication networks is carried out by the representatives of the search and operation, intelligence, and counterintelligence authorities. The technical and organizational conditions for the provision of the search operation, intelligence, and counterintelligence activities within communication networks are determined by the State Security, and in cases where relevant to the Ministry of Internal Affairs, together with the Special State Protection Service of Azerbaijan.

Infringement of privacy is prohibited under the Criminal Code (Article 156). Illegal collection of information, documents containing such information, visual materials, audio recordings, as well as their sale or transfer to another person is punishable by a fine in the amount of 1,000 to 2,000 AZN (approximately 600-1200USD); by public works ranging from 240 to 480 hours; or by correctional labor for up to one year. In cases where the same offense was/is committed by an official using his/her official status, the crime is punishable by restriction of liberty for a period of up to two years or by imprisonment for a term of up to two years with or without deprivation of the right to hold a certain position or engage in certain activities for up to three years.[21]

The Criminal Procedural Code provides that the investigation of the infringement of privacy is carried out in the form of a public-private prosecution upon the complaint of the victim or by the initiative of the prosecutor when the committed crime affects the interests of the state or society.[22]

Compliance with international standards

The right to protection of personal data is not an autonomous right among various rights and freedoms covered by the Convention. The Court has nevertheless acknowledged that the protection of personal data is of fundamental importance to a person’s enjoyment of his or her right to respect for private and family life, home, and correspondence, as guaranteed by Article 8 of the Convention (Satakunnan Markkinapörssi Oy and Satamedia Oy v. Finland [GC], 2017, § 137; Z v. Finland, 1997, § 95).

According to the Court’s established case-law, the requirement that any interference must be “in accordance with the law” will only be met when three conditions are satisfied: the impugned measure must have some basis in domestic law and, with regard to the quality of the law at issue, it must be accessible to the person concerned and have foreseeable consequences.[23]

Non-availability of any official information or confirmation on the scope and form of the surveillance and interception of mobile devices through the Pegasus spyware may also raise specific issues concerning the difficulties on recognizing the victims’ status within the framework of national laws. 

However, the relevant case-law of the ECtHR is relatively flexible on the subject of recognition of the victim’s status. The ECtHR, therefore, accepts that an individual could, under certain conditions, claim to be the victim of a violation occasioned by the mere existence of secret measures or of legislation permitting secret measures, without having to allege that such measures had been in fact applied to him or her.[24]

Further, considering that domestic legislation does not require any judicial act or does not provide any independent oversight over the interferences to the right to privacy, there is little information about the form and scope of the interception and surveillance of individuals’ privacy within telecommunications networks in Azerbaijan. This is also contrary to the well-established standards of the ECtHR concerning the issue of personal data collected by means of various methods of secret surveillance. The fact that various government institutions are vested with powers and authority – as provided by domestic laws — to listen to anyone at any time on telecommunication networks, in itself does not meet the requirements of the qualitative law enshrined in the case-law of the European Court.

The ECtHR considers the requirements of the Convention, notably in regard to foreseeability, to not be exactly the same, in the special context of interception of communications for the purpose of police investigations.

According to the ECtHR case law,  the Convention’s “quality of law” concept, requires, that domestic laws – notably those allowing state interference with rights and freedoms – satisfy the requirements that domestic laws, should be sufficiently accessible and foreseeable.

The requirement of foreseeability means that the national law must be sufficiently clear in its terms, in order to give citizens an adequate indication of the circumstances and conditions for which public authorities were empowered to resort to this secret and potentially dangerous interference with the right to respect for private life and correspondence. Consequently, the law must indicate the scope of any such discretion conferred on the competent authorities and the manner of its exercise with sufficient clarity, having regard to the legitimate aim of the measure in question, and to give the individual adequate protection against arbitrary interference (Malone v. the United Kingdom, 2 August 1984, §§ 67 and 68, Series A no. 82. See also Kennedy v. the United Kingdom, op. cit., § 152).[25]

In this regard, within the framework of the European Court’s supervision function under the Convention’s standards, the ECtHR’s authority to verify the compliance of online surveillance regimes with the Convention’s standards would provide effective protection.

In recent Grand Chamber judgment in the case of Big Brother Watch and Others v. the United Kingdom (application nos. 58170/13, 62322/14 and 24969/15) the ECtHR held unanimously, that there had been a violation of Article 8 of the European Convention (right to respect for private and family life/communications) in respect of the regime for obtaining communications data from communication service providers noting that assessment of interceptions and obtaining of private information from the telecommunications networks should be made at each stage of the process of the necessity and proportionality of the measures being taken; that bulk interception should be subject to independent authorization at the outset when the object and scope of the operation were being defined; and that the operation should be subject to supervision and independent ex post facto review.

We conclude, that based on the above analysis of the loose interpretation and at times overt national legislation, it is important to take these cases of surveillance and interception to the ECtHR for the purpose of assessing the country’s legal framework and its (in)applicability with the ECtHR’s case law.  

[1] Internal company documents show Azerbaijan’s Ministry of National Security purchased Hacking Team’s Remote Control System (RCS) surveillance spyware via a California-based intermediary called Horizon Global Group in 2013 for an initial payment of €320,000. https://www.occrp.org/en/daily/4136-azerbaijan-bought-hacking-team-s-surveillance-spyware-leaks-reveal

[2] Turan, Pegasus has been spying on Azerbaijani journalists and activists over years, July 19, 2021, https://www.turan.az/ext/news/2021/7/free/politics_news/en/5975.htm/001 

[3] OCCRp, People Selected for Targeting by Azerbaijan,

https://cdn.occrp.org/projects/project-p/?_gl=1*rnxzxn*_ga*MjEyNTY0MTgzMS4xNjI3NDE1OTE1*_ga_NHCZV5EYYY*MTYyNzQxNTkxMy4xLjEuMTYyNzQxNTkyNy40Ng..#/countries/AZ

[4] Turan, The organization in defense of press freedom “Reporters without Borders” is outraged by the fact that 200 journalists from 20 countries are being spied on with the help of the Israeli spy system Pegasus, July 2021, http://www.turan.az/ext/news/2021/7/free/politics_news/en/6042.htm/001

[5] Voice of America, Interview with Bakhtiyar Hajiyev, July 20, 2021, https://www.amerikaninsesi.org/a/bəxtiyar-hacıyev-avtoritar-rejimlər-hətta-ən-yaxın-çevrəsinə-güvənmir/5972455.html

[6] Al Jazeera, Hungary prosecutors open investigation into Pegasus spying claims, July 22, 2021, https://www.aljazeera.com/news/2021/7/22/hungary-prosecutors-open-investigation-into-pegasus-spying-claims

[7] Al Jazeera, Israel launches commission to probe Pegasus spyware: Legislator, July 22, 2021, https://www.aljazeera.com/news/2021/7/22/israel-launches-commission-to-probe-pegasus-spyware-legislator

[8] Euractive, France launches investigation into Pegasus spying allegations, July 22, 2021, https://www.euractiv.com/section/cybersecurity/news/france-launches-investigation-into-pegasus-spying-allegations/

[9] Reuters, FBI probes use of Israeli firm’s spyware in personal and government hacks – sources, July 22, 2021,  https://www.reuters.com/article/us-usa-cyber-nso-exclusive-idUSKBN1ZT38B

[10] The Star, Algeria launches probe into Pegasus spyware claim, July 22, 2021, https://www.thestar.com.my/tech/tech-news/2021/07/23/algeria-launches-probe-into-pegasus-spyware-claim

[11] Constitution of the Republic of Azerbaijan, https://static2.president.az/media/W1siZiIsIjIwMTgvMDMvMDkvNHQzMWNrcGppYV9Lb25zdGl0dXNpeWFfRU5HLnBkZiJdXQ?sha=c440b7c5f80d645b

[12] According to article 7 of the Law on Personal Data, individuals have the right to require a legal justification for the collection, processing, and transfer of their personal information to third parties, and information on the legal consequences for the subject of the collection, processing, and transfer of such information to third parties; to get acquainted with the content of personal information collected about himself/herself in the information system; to learn the purpose, the period and methods of collecting and processing personal information about himself/herself; to demand clarification and destruction of personal data collected and processed in the information system, except for the cases established by the legislation; to demand a ban on the collection and processing of personal data about himself/herself and etc.

[13] Law on Private Data, http://e-qanun.az/framework/19675

[14] Article 10.5, Law on Personal Data

[15] Article 39, Law on Telecommunication (article 10.5 of the Personal Data is repeated in article 39 of the Law on Telecommunication)

[16] Article 10, Law on Operation-Search Activity, http://e-qanun.az/framework/2938

[17] Under the Telecoms Law and the conditions of telecom licensing and registration, telecom operators and providers must cooperate with the law enforcement authorities and install special equipment and software programmes allowing them access to information under the undisclosed technical rules adopted by the Presidential order on October 2, 2015. The Law on Telecommunication, article 39., Paragraph 1 of the article states: “operators, providers are obliged to create conditions for conducting search operations, intelligence and counter-intelligence activities in accordance with the law; to provide telecommunications networks with additional technical means in accordance with the conditions established by the relevant executive authority; to resolve organizational issues, and to keep secret the methods used in conducting these events.” Paragraph 2 of the article states: “The operator, the provider shall be liable for the violation of these requirements in accordance with the law.”

[18] http://e-qanun.az/framework/33275

[19] Article 1.5.7. “Rules for equipping telecommunications operators and providers with additional technical means for conducting search operations, reconnaissance and counter-intelligence activities”, issued by the Ministry of Transport, Communications and High Technologies,   June 14, 2016

[20] The Presidential Decree No. 638, October 2, 2015, http://e-qanun.az/framework/30840

[21] The Criminal Code of Azerbaijan, http://e-qanun.az/framework/46947

[22] The Criminal Procedure Code of Azerbaijan, http://e-qanun.az/framework/46950

[23] Kennedy v. the United Kingdom, op. cit., § 151; Rotaru v. Romania, op. cit., §52; Amann v. Switzerland, op. cit., § 50; Iordachi and Others v. Moldova, op. cit.; Kruslin v. France, § 27; Huvig v. France, § 26; Association for European Integration and Human Rights and Ekimdzhiev v. Bulgaria, op. cit., § 71; Liberty and Others v. the United Kingdom, op. cit., § 59, etc.

[24] National security and European case-law, Council of Europe / European Court of Human Rights, 2013, para., 9., https://rm.coe.int/168067d214

[25] National security and European case-law, Council of Europe / European Court of Human Rights, 2013, page 2,  https://rm.coe.int/168067d214

religious activist pressed with drug charges over criticism of the government online

Razi Humbatov, a member of a religious movement “Muslim Unity” went missing on July 7. Two days later, his whereabouts were confirmed to Meydan TV, by a human rights organization “Defense Line” as well as Humbatov’s lawyer, Javad Javadov. According to the human rights organization spokesperson Rufat Safarov, and the lawyer, Humbatov was taken to the Ministry of Internal Affairs’ main department for Combating Organized Crime where he was charged with drug possession charges. 

Speaking to Meydan TV, Rufat Safarov from the “Defense Line” said, there were allegations of torture against the religious activist. 

Humbatov’s lawyer said he intends to file a number of complaints including violation of rights, and withholding of information on Humbatov’s whereabouts. 

The “Muslim Unity” said in a statement shared on Facebook that Humbatov is not a drug user, nor did he ever sell drugs. If anything, he actively engaged in anti-drug campaigns. The movement indicated that the real reason behind his detention is the critical posts of the government Humbatov often shared on his Facebook.

On July 8, Humbatov was sentenced to four months in pre-trial detention. In a hearing on July 14 at the Baku Court of Appeals, the judge ruled against Humbatov’s release. 

If convicted, Humbatov is facing up to 12 years in prison reported Meydan TV. 

A number of international watchdogs have reported about torture and prosecution of scores of “Muslim Unity” members, including the movement’s leader Tale Bagirzade who was sentenced to twenty years in 2017.

Azerbaijan ranks 122 on Speedtest Global Index

Ookla’s monthly speed test index is in and according to its June report, Azerbaijan took 122nd [out of 181 countries] and 66th place [out of 137 countries] on the fixed broadband and mobile internet speed list respectively. Last year Azerbaijan ranked 111th and 60th for the same indicators in the month of August.

Azerbaijan indicators. Screenshot taken from https://www.speedtest.net/global-index/azerbaijan#fixed

Experts remain critical when it comes to the quality and performance of internet speeds in the country.

In an interview with Meydan TV, economist Natig Jafarli said the indicators are “disgraceful”.

“With this speed, they still want to be able to have distance learning and hold online classes. This is [low speed] precisely why students across the country last year were unable to attend online classes. And we are even seeing the consequences yet. The extent will be felt in years to come,” Jafarli told Meydan TV.

The economist, also said, that, unlike its neighbors, the internet in Azerbaijan is expensive.

Speaking to Azadliq Radio, Azerbaijan Service for Radio Liberty, the head of Azerbaijan Internet Forum, Osman Gunduz said, the poor quality of Internet access in Azerbaijan has been a continuing problem over the years. One way to improve the current situation is by setting up an independent oversight argues Gunduz. “At the moment, the Ministry for Transportation, Communication and High Technologies has its own internet providers in the market. There are also private ISPs as well. However, there is no independent oversight. This leaves the ministry solely in control of giving out the same orders and decisions across the market despite the Ministry’s promises to end this monopoly shortly after its leadership was replaced.”

In the meantime, it is the users in the country who are paying the price. Complaints of slow internet speeds across the country and lack of access altogether in remote parts of the country are ongoing with little or no changes to the situation.

 

journalists, rights defenders, activists targeted with Pegasus – a global investigation

An international collaborative reporting on the #PegasusProject released simultaneously by a number of international media, including The Guardian, the Wire India, the Washington Post, and OCCRP among 12 others, the global investigation documents how NSO Group, an Israeli surveillance company, sold Pegasus, a hacking software, to authoritarian regimes to target human rights activists, journalists, and lawyers across the world based on an investigation into a massive data leak. The investigation and the list were coordinated and obtained by the Paris-based journalism nonprofit Forbidden Stories and advised by Amnesty International.

Among the countries revealed to be using Pegasus was also Azerbaijan.

Ever since traces of surveillance technology were revealed to be in use to targeted civil society in Azerbaijan, there were suspicions that among the technology deployed, was also Pegasus. The most recent investigation, confirms these suspicions.

The data leak, containing some 50,000 phone numbers also showed that some of the people identified as owners of the targeted phone numbers were people of interest by clients of NSO since 2016.

According to OCCRP, at least 1000 of those numbers are from Azerbaijan.

“Reporters spent months establishing the identity of the people behind the numbers, and succeeded in verifying nearly a quarter. While NSO Group describes itself as a company that helps governments detect and prevent terrorism and crime, the list of Azerbaijanis selected for targeting shows how the tool was systematically abused. All but a few of the numbers identified by reporters belonged to journalists, activists, lawyers, and members of the country’s beleaguered opposition.

Of the 245 Azerbaijani phone numbers on the list that were identified, a fifth belonged to reporters, editors, or media company owners.”

In its response, NSO Group, “claimed the data used by reporters was misinterpreted and that it does not allow its clients to abuse its software, which, it reiterated, is meant only to surveil criminals and terrorists,” while not responding to specific questions about Azerbaijan.

“NSO describes its customers as 60 intelligence, military and law enforcement agencies in 40 countries, although it will not confirm the identities of any of them, citing client confidentiality obligations. The consortium found many of the phone numbers in at least 10 country clusters, which were subjected to deeper analysis: Azerbaijan, Bahrain, Hungary, India, Kazakhstan, Mexico, Morocco, Rwanda, Saudi Arabia and the United Arab Emirates. Citizen Lab also has found evidence that all 10 have been clients of NSO, according to Bill Marczak, a senior research fellow.”

Among identified journalists and activists on the list are:

  • Khadija Ismayilova, journalist
  • Sevinc Vagifgizi, journalist, Meydan TV
  • Fatima Movlamli, activist/journalist
  • Ilkin Rustamzade, activist, and his former wife Amina
  • Nine current and former journalists from Azadliq.info
  • Bahaddin Haziyev, editor, “Bizim Yol” newspaper
  • Elkhan Shukurlu, editor-in-chief of Strateq.az
  • Avaz Zeynalli, editor-in-chief of Khural
  • Anar Orujov, founder of Kanal 13
  • Aziz Orujov, director of Kanal 13
  • Rauf Arifoglu, editor in chief of Musavat newspaper
  • Mehman Huseynov, former political prisoner, and citizen journalist
  • Bayram Mammadov (who died in Istanbul earlier this year) and Giyas Ibrahimov – the graffiti prisoners (Mammadov, his father, and Ibrahimov’s mother are all on the list

According to OCCRP, the list also includes “more than 40 Azerbaijani activists and their family members on the list. Their presence on the list begins in 2019.”

In its report, the Washington Post writes, “the list does not identify who put the numbers on it, or why, and it is unknown how many of the phones were targeted or surveilled. But forensic analysis of the 37 smartphones shows that many display a tight correlation between time stamps associated with a number on the list and the initiation of surveillance, in some cases as brief as a few seconds.”

“The numbers on the list are unattributed, but reporters were able to identify more than 1,000 people spanning more than 50 countries through research and interviews on four continents: several Arab royal family members, at least 65 business executives, 85 human rights activists, 189 journalists, and more than 600 politicians and government officials — including cabinet ministers, diplomats, and military and security officers. The numbers of several heads of state and prime ministersalso appeared on the list.

Among the journalists whose numbers appear on the list, which dates to 2016, are reporters working overseas for several leading news organizations, including a small number from CNN, the Associated Press, Voice of America, the New York Times, the Wall Street Journal, Bloomberg News, Le Monde in France, the Financial Times in London and Al Jazeera in Qatar.”

How does Pegasus work

According to Access Now, since 2016, some 46 countries were identified where NSO Group’s Pegasus has been in use. “Reports from Access NowCitizen Lab, and others all show that an alarming number of people targeted using Pegasus have been journalists, lawyers, and activists, whose only crime was speaking out against and reporting on the injustices in their home countries.”

In March of this year, AIW reported on a France-based blogger, whose phone too may have potentially been infected with Pegasus. At the time, there was only suspicion and no conclusive evidence. While this still may be the case, three months later, it is now confirmed, that not only the government in Azerbaijan has been using various methods, to crack down on dissent with arrests, intimidation, and physical threats against civil society, but that it has been doing so using authoritarian technology including Pegasus.

new report documents a decade of censorship in Azerbaijan

On July 16, Qurium Media Foundation released a report, “A Decade of Efforts To Keep Independent Azerbaijani Media Online”. 

The report highlights the work carried out by Qurium since 2010 assisting targeted independent and opposition online news platforms in Azerbaijan. “For more than a decade, Qurium has monitored and mitigated a wide range of cyberattacks against the websites and since 2016, no less than twenty forensics reports have been released to document our findings,” reads the new report.

Denial of Service attacks

During five years (2010-2015), Qurium mitigated dozens of denial of service attacks against Azerbaijani media, and was forced to invest in mitigation hardware and to increase its Internet capacity. Commercial mitigation of denial of service was not possible for Azeri media organizations as the average cost for such services was close to 1,000 Euro/month for a small website.

During 2014-2016, several corporate efforts made Denial of Service more difficult for the attackers, both Cloudflare (2014) and later Google (2016) started to offer free protection to journalists and human rights groups and many stress testing services (aka “booters”) since then were dismantled by FBI, such as the infamous VDOS Booter and the Mirai botnet.

After three years of research of development (2014-2017), Qurium built its own mitigation hardware and upgraded its Internet capacity by a factor of 200. Although the Denial of service attacks slowly had decreased since 2017, new challenges emerged. Internet Network Interference.

Internet Network Interference

In late 2013, a new type of challenge emerged when we discovered that websites artificially were slowed down. Instead of blocking the websites that clearly would expose the motivations and those responsible for the disruptions, the websites were slowed down by limiting the amount of bandwidth available to reach them. Qurium was forced to develop a method to detect “Internet Congestion” and to keep moving affected websites to other IP addresses to keep them online. Other large providers, such as Akamai, hosting other Azeri media was also slowed down and was unable to respond effectively to the challenge.

Exposing a coordinated cyberwar strategy

Starting from 2017, the cyberwar landscape changed. 

During that year, we received customized denial of service, pen testing and vulnerability scans and the first reports of targeted malware.

A series of diverse attacks and forensics analysis including tracing back the source of a malware sent to journalists helped us to confirm that new Ministry of Transport, Communications and High Technologies and the “hacker community” built around the government, sponsored cybersecurity events were actively targeting our hosted media.

After hosting and protecting Azeri media for almost seven years, we had no doubt about the actors behind the attacks, and could publicly document that a “State Actor” was orchestrating diverse forms of cyber attacks.

Deep Packet Inspection

Also in 2017, a new method used against independent and opposition media was identified by Qurium – the Deep Packet Inspection or shortly DPI. 

In April 2017, we identified that new technical means were implemented in several operators to block some of the websites. The Azeri authorities had invested in Deep Packet Inspection equipment to block the media outlets once and for all.

By the end of April 2017 Qurium learned that there were a court order against some of our hosted media organizations. To our surprise, the websites under Deep Packet Inspection were many more than the ones mentioned in the court order. The court order stated that the listed websites (Azadliq.info, Azadliq.org, Azerbaycansaati.com, Meydan.tv and Turan TV) were “creating threats to the legitimate interests of the state and society” and must therefore be blocked.

After two years of research between 2017-2019, Qurium identified the use of DPI hardware from Allot Communications and Sandvine inside several operators in Azerbaijan.

Website flooding, phishing, and more

By 2018, many of the “stress testing services” often used to launch the Denial of Service attacks had been dismantled world wide. The attackers were forced to find new alternatives to conduct their traffic floods aiming to take the websites offline. During another forensic investigation we traced back this new source of denial of service to Russian Fineproxy (Region40). By identifying the service provider used to conduct the attacks, we could not only expose their business practices but also their management that kindly disabled the account of the attacker.

In late 2018, Denial of Service became a second priority in the strategy to harass Azeri media and once again other means were needed.

By April 2020, Qurium could finally link the denial of service attacks launched using Fineproxy service with the very same threat actor from the Ministry of Internal Affairs: sandman. Access to sandman github account provided us with a good insight of the toolset that was being used against online media and journalists in Azerbaijan.

A final report of our findings showed even more advanced capabilities, like the ability to create fake SMS or hijack SMS sent to the journalists giving the attackers the ability to take control over their social media accounts.

Phishing remains a major attack vector against journalists and human right activists, the latest phishing campaign in early July 2021 impersonated human rights watch so as to implant a malware capable of recording the desktop and webcam or exfiltrate all important documents of the victims.

Conclusion

What started in 2010 and went on for years with Denial of service attacks using third party stress testing services was extended with more sophisticated attacks in 2017 including targeted phishing and the introduction of dedicated hardware to block the websites using technologies as DART from Allot and PCEF from Sandvine.

The national blocking of many websites, not always supported by legal court orders, has been weaponized to limit visibility of the media in the country. Despite our multiple efforts to provide alternatives to make the content available, the blocking has had a huge impact in the revenue creation of the alternative media and the growth of readership.

After the introduction of Internet blocking by means of more sophisticated deep packet inspection against alternative websites in 2018, many of the blocked media opted to increase their presence in Facebook but that has proven to be an advantageous situation for the Azeri government and their secret cyber operations as Facebook has showed a bad track record in dealing with “coordinated inauthentic behavior” in the country.

You can read the full report here.