OONI measurements indicate censorship remains

In its most recent measurement report, the Open Observatory of Network Interference [OONI] concludes that “while social media censorship in Azerbaijan appears to have been lifted, the media censorship remains.” These and other findings are based on the recent measurement report produced in partnership with OONI. 

Here are some highlights.

Blocked websites

The news websites that presented signs of blocking in Azerbaijan (between December 2020 to February 2021) include:

🛑 azerbaycansaati.tv – at the time of blocking azerbaycansaati.tv in 2017, the Government of Azerbaijan claimed “a number of articles published” by the news website “included calls aimed at ‘forcible change of the constitutional order,’ ‘organization of mass riots,’ and other illegal activities.” 

🛑 www.24saat.org – a more detailed report about how 24saat.org was blocked can be found in this report, published by Qurium in 2017. 

🛑 www.abzas.net – DDoS attacks against abzas.net commenced on January 12, 2017, and lasted for eight days. During five full consecutive days, the website remained inaccessible until it was finally migrated to VirtualRoad.org’s secure hosting infrastructure.

🛑 www.azadliq.info – as a hosting provider for azadliq.info Qurium published this report about initial signs of blocking against this online news platform. The website was attacked numerous times according to documentation and forensic reports by Qurium. The technology deployed in these DDoS attacks was Allot and Sandvine DPI gear.

🛑 www.azadliq.org – the news website which represents the Azerbaijan Service for Radio Free Europe, was blocked on March 27, 2017. 

🛑 www.gununsesi.org – signs of DPI technology used in blocking gununsesi.org were once again documented by Qurium.

🛑 www.kanal13.tv – was among blocked websites in 2017 while its editor prosecuted [charges were dropped three years later.] 

🛑 www.meydan.tv – was also among the websites that were blocked in 2017 together with azerbaycansaati, azadliq.info and others. 

🛑 www.occrp.org – in response to the leaks about Azerbaijan Laundromat published by the Organized Crime and Corruption Research Project [OCCRP], the government of Azerbaijan suspended access to OCCRP’s website.

There is no official data on the number of blocked websites in Azerbaijan. The Ministry of Communication, High Technologies and Transportation has so far failed to provide accurate lists. This in itself is a violation of Article 13.3.6 of the Law on Information, Informatisation and Access to Information, which requests the Ministry to prepare a list of blocked websites if it has blocked access to a resource and the court upheld this decision.

In July 2018, the Prosecutor General’s Office launched criminal investigations against four news websites: criminal.az, bastainfo.com, topxeber.az and fia.az. The former two were accused of “knowingly spreading false information,” while the latter two were accused of “spreading unfounded, sensational claims in order to confuse the public.” Criminal.az is an independent website, known for its coverage of crime-related news, while bastainfo.com is affiliated with the opposition party Musavat. The latter two are run-of-the-mill online news websites.

In addition to the usual suspects, video streaming service Vimeo appeared to be briefly blocked during the testing coverage:

Circumvention

Several circumvention tool websites appear to have been interfered with in Azerbaijan during the testing period, as illustrated below:

The good news are that access to social media sites and apps was restored during the testing period. The following chart shows that while WhatsApp and Telegram were blocked in November 2020, both apps (along with Facebook Messenger) have been accessible in recent months:

How you can help?

If you are interested in contributing to these tests you are welcome to try the following instructions. 

Azerbaijan among top VPN users worldwide according to recent reports

Azerbaijan ranked among the top countries where VPN services were in high demand last year between September and November during the 44-day war between Armenia and Azerbaijan. According to Proprivacy and NordVPN research “global events in 2020 have caused surges in VPN demand, as citizens from Belarus to Hong Kong set out to secure their online privacy and protect themselves from censorship and persecution for their online activities.” Azerbaijan was among the top ten countries where interest in VPN providers spiked in 2020.

Source: https://proprivacy.com/privacy-news/vpn-spikes-2020

“In late September, as the violent clashes between Azerbaijan and Armenia continued to escalate over the Nagorno-Karabakh region, the Ministry of Transport, Communications and High Technologies of Azerbaijan took action to restrict internet access across the country. Extensive social media restrictions were put in place that took down major communications services, including: Facebook, WhatsApp, YouTube, Instagram, Twitter, Zoom, Skype, Messenger,” said the joing report.

In a different report Azerbaijan was once again among the top countries where the biggest increase of VPN usage was recorded. “On September 29, NordVPN saw online privacy tool usage increased by 148 times due to internet access restrictions,” said the report. 

Not surprisingly, NordVPN, a Lithuanian by origin, was among the top targeted providers by pro-government media outlets, which said the service was owned by Armenians and therefore users in Azerbaijan should avoid using this provider.  

Finally, Surfshark, analyzed 185 countries and their social media blocking practices from 2015 to the present day. There Azerbaijan is ranked among the most recent cases of social media blocking [Surfshark too was discredited by Azerbaijan media outlet as being allegedly owned by Armenians, even though the company is registered in BVI. You can check out it’s ranking here.] 

Source: https://surfshark.com/social-media-blocking

On November 10 Azerbaijan and Armenia signed an agreement to end the active phase of fighting. On November 12, the government lifted the blocking and access to all social media platforms.  

For disruptions observed throughout the 44 days read this timeline. For the country ranking in Internet Freedom, you can read the most recent report on Net Freedom by Freedom House here.

Azerbaijan September – November 2020 OONI Measurement Results

On September 27, the government in Azerbaijan introduced a series of restrictions on Internet access as a result of military operations in Nagorno Karabakh. Users in Azerbaijan were left with limited Internet access while access to a number of social media platforms, as well as communication apps, were restricted. 

Azerbaijan Internet Watch, and OONI collected data based on OONI measurements from Azerbaijan. Below is the report looking at data between September 2020 to November 2020. 

According to collected OONI data, Azerbaijan experienced the blocking of independent media websites as well as signs of potential circumvention tool site blocking. However, further OONI Prote testing is required to confirm these censorship events. Azerbaijan Internet Watch continues to monitor the situation. 

Starting on September 27, a number of social media services indicated signs of blocking in Azerbaijan. Among these were:

Whatsapp: between 27th September 2020 to 11th November 2020 , all OONI Probe WhatsApp tests showed signs of WhatsApp blocking. This is illustrated through OONI Probe WhatsApp measurements collected from multiple local networks in Azerbaijan. Previously according to the same measurements, no such instances were documented. The measurements indicated that attempted connections to WhatsApp’s registration service and web interface (web.whatsapp.com) failed. In some cases HTTP request to web.whatsapp.com succeeded while HTTPS request failed as illustrated below. 

This could be an indication of SNI based filtering of WhatsApp. We also observe that the tls_handshakes field presented failures, further suggesting that access to WhatsApp was blocked in Azerbaijan by means of SNI based filtering.

This pattern was seen across multiple ISPs in Azerbaijan between 27th September 2020 to 11th November 2020.

Telegram: Similarly to the testing of WhatsApp, OONI measurements presented signs of Telegram blocking in Azerbaijan between 27th September 2020 to 11th November 2020. But unlike WhatsApp, a few Telegram tests during this period were successful. This is illustrated through OONI Probe Telegram measurements collected from multiple local networks in Azerbaijan between 1st September 2020 to 27th November 2020. The following table illustrates OONI measurements collected from the testing of Telegram and WhatsApp on 5 different networks in Azerbaijan between September 2020 to November 2020.

We not only observed similarities between the date range of potential blocking (of WhatsApp and Telegram), but we also saw potentially similar censorship techniques, as the HTTP requests to Telegram Web (web.telegram.org) timed out as well. Similarly to WhatsApp, we observed a timeout in the TLS handshake, suggesting TLS level interference of Telegram as well. As a result, it is possible that internet users in Azerbaijan couldn’t use the Telegram and WhatsApp mobile apps (on the tested networks) during this time period (between 27th September 2020 to 11th November 2020), even though connections to the tested app endpoints succeeded.

Social media sites: apart from WhatsApp and Telegram, several social media websites presented signs of blocking as well, starting from early October 2020. These include:

It is however, important to note these sites’ limited testing coverage limits Azerbaijan Internet Watch and OONI’s confidence with respect to their blocking, and they have not been tested more recently especially after the conflict ended.

AIW and OONI continue monitoring the situation with blocking.

spotted: sandvine back at it, this time, in Azerbaijan

In August, when people in Belarus took the streets across the country in protest of election results where incumbent President Lukashenka secured yet another victory in a contested presidential election, authorities deliberately cut the internet. Quickly, experts concluded DPI technology may be in use. By the end of August, it was reported that this DPI technology was produced by the Canadian company Sandvine and supplied to Belarus as part of a $2.5million contract with the Russian technology supplies Jet Infosystems.

DPI (Deep Packet Inspection) is known as digital eavesdropping that allows information extraction. More broadly as explained here, DPI “is a method of monitoring and filtering internet traffic through inspecting the contents of each packet that is transmitted through an inspection point, allowing for filtering out malware and unwanted traffic, but also real-time monitoring of communications, as well as the implementation of targeted blockings and shutdowns.” 

Canadian company Sandvine is owned by American private equity firm Francisco Partners.

 

Sandvine technology has been detected in many countries across the world, including in Ethiopia, Iran, as well as Turkey, and Syria as previously reported. One other country where Sandvine technology was reportedly deployed is Azerbaijan. 

In Azerbaijan, the DPI deployments have been used since March 2017. This was reported in January 2019, when VirtualRoad, the secure hosting project of the Qurium – Media Foundation published a report documenting fresh attacks against Azerbaijan’s oldest opposition newspaper Azadliq’s website (azadliq.info). The report concluded: “After ten months trying to keep azadliq.info online inside Azerbaijan using our Bifrost service and bypassing multi-million dollar DPI deployments, this is one more sign of to what extent a government is committed to information control”.  

Another report released in April 2018 showed evidence of the government of Azerbaijan using Deep Packet Inspection (DPI) since March 2017. The report also found out that this specialized security equipment was purchased at a price tag of 3 million USD from an Israeli security company Allot Communications.

Now, according to this story reported by Bloomberg, Sandvine worked with Delta Telecom – Azerbaijan’s main internet provider and owned by the government to install a system to block live stream videos from YouTube, Facebook, and Instagram. “The social media blackout came last week after deadly clashes with Armenia. As a result, people in Azerbaijan couldn’t reach websites including Facebook, WhatsApp, YouTube, Instagram, TikTok, LinkedIn, Twitter, Zoom, and Skype, according to internet monitoring organization Netblocks,” wrote Bloomberg. 

Azerbaijan Internet Watch has been monitoring the situation on the ground since September 27, the day when clashes began. Together with OONI, Azerbaijan Internet Watch reported that access to several social media applications and websites was blocked. 

Access to the Internet remains throttled in Azerbaijan as of writing this post. Many of the social media applications remain accessible only through a VPN provider. As a result, authorities have resorted to other means in order to prevent users from using VPN services. From banks to ISPs encouraging users not to use VPN services, this account on Facebook made a list of VPNs alleging they were of Armenian origin in order to discourage users.

Azerbaijan may end up blocking more online content

Four months ago, the Plenum of the Supreme Court in Azerbaijan annulled previous court decisions issued by the Courts of Appeal and Cassation regarding five news websites that were blocked in 2017. On June 5, the Plenum sent the cases back to the Baku Court of Appeal for reconsideration.

The five media platforms include Meydan TV, Azadliq Radio [Azerbaijan Service for Radio Free Europe], Turan TV, Azerbaijansaadi, and Azadliq newspaper [not related to Azadliq Radio]. In March 2017, the Ministry of Communication [which later became the Ministry of Transportation, Communication, and High Technologies] restricted access to these online resources on the grounds these websites’ content was threatening national security and promoted “violence, hatred, or extremism” and “violated privacy or constituted slander.” The forensics carried out by an independent organization Virtual Road showed evidence of Deep Packet Inspection (DPI) technology used to interfere with access even before there was a court ruling in place. By May 2017, the Ministry had a court ruling to block access. In December 2017, the Court of Appeal in Baku upheld the court ruling from May.

The blocking of these news resources came shortly after the National Parliament of Azerbaijan adopted changes to the law on Information, Informatisation, and access to Information. With the new changes, authorities were allowed to block access to any website on the grounds it contained prohibited information, was posing danger to the state or society, and in the case, the website owner failed to remove content within eight hours of receiving the notification.

In 2017, the Ministry asked for the following in its court appeal:

  1. court order to prevent access to five platforms’ websites;
  2.  block all other resources offering access to the content (this included YouTube, Facebook, and other online resources);

In its decision, the Sabail Court ruled in favor of the first request, leaving the second demand out. The Ministry was satisfied and blocking became effective immediately. 

Three years later, the Ministry of Communication, Transportation, and High Technologies went straight to the Plenum.  According to media law expert Khaled Aghaly, the reason is that the Ministry wants to expand blocking. Considering the experience with the previous court decisions and rulings in Azerbaijan, the chances of the court ruling coming out in favor of the blocked websites are dim. 

Although the Ministry has not explicitly mentioned any of the platforms or names of other resources that have shared content from these blocked news outlets, Aghaly explains that in the new complaint the Ministry claims that the blocked news resources continue to share their content online using other “resources” and that other media platforms also share the content from these blocked platforms. It is possible that the Ministry is looking for ways to not only prevent access to more online news sites but also, access to social media platforms of Azadliq Radio, Meydan TV, and others.

Can individual social media accounts and/or content be blocked? 

Technically it can. There are previous instances where Facebook did limit access to certain content. This was the case in Thailand in 2017 when Thai users of the social media platform no longer had access to a video that showed the country’s king at a mall in Germany, his tattoos exposed and accompanied by one of his mistresses. According to this Vice story, Facebook blocked the video based on Thailand’s government legislation that deems it insulting to the king and in violation of the country’s laws banning criticism of the monarchy. 

Another option to prevent access is on an ISP level. An example would be what happened in Kazakhstan in 2019 when the government there instructed local ISPs to force their users into installing a government-issued certificate on all their devices, and in every browser. With this certificate installed, the government had access to users’ HTTPS traffic that normally would keep it anonymous. In case, users refused to install the certificate, they were blocked from accessing the internet altogether. At the time, the Kazakh Ministry of Digital Development Innovation and Aerospace said the measure was “aimed at enhancing the protection of citizens, government bodies and private companies from hack attacks, internet fraudsters and other  types of cyber threats.”

Similarly, “mobile service providers instructed their customers to install encryption software on mobile phones that would allow security services to intercept data traffic and circumvent email and messaging applications’ encryption.”

It is worth noting that ISPs in Azerbaijan are bound to the government for the main internet backbone provider in Azerbaijan is government-owned Delta Telekom. In addition, the history of collaboration between mobile operators and the Ministry of the Interior is full of examples when private information of customers was handed over and as a result, led to further targeting. 

Impunity for all these user violations is rampant.

arqument.az remains blocked

On December 24, 2019, the administrative-economic court in Baku rejected the claim by arqument.az against Transportation, Communication and High Technologies ministry. Arqument.az took the ministry to court following its decision to block arqument.az inside the country.

The website’s editor Shamshad Agayev intends to appeal the decision.

Arqument.az was blocked on August 8, 2018, following a decision issued by Sabail District Court. A few days later, Baku Court of Appeal annulled district court’s decision.

But arqument.az was blocked once again in April 2019 after publishing coverage of protests in Jalilabad district. The website was also subject to cyber attacks after being blocked.

Activist’s YouTube channel down

On December 5, Shakir Zade, Azerbaijani activist living abroad, reported his YouTube channel was taken down by the platform following takedown requests made by Milli TV, Qanun TV and AnTV.

Following the incident, it was possible to identify that Milli TV and Qanun TV were working together, however, since the incident, it has been not possible to locate the admins of either of the YouTube channels or the Milli TV YouTube channel.

On December 10, it was still possible to see, two email addresses that were connected to each of the YouTube channels – chikogame40@gmail.com (Qanun TV) and efs9797@mail.ru (Milli TV). However, since Zade’s channel was restored, this information appears to be missing, as well as any traces of Milli TV on YouTube. The following message appears when using the previous link associated with Milli TV.

Zade also said, he was reached out by the admin of AnTV who informed Zade, his personal account was hacked during the reporting and that it was not the original owner of the channel who reported Zade’s YouTube channel.

This is not the first time, YouTube accounts, Facebook accounts, or Instagram accounts have been taken down by the companies following “takedown requests” by contentious users in Azerbaijan.

Update: December 19, 2019

Shakir Zade’s YouTube account was once again reportedly taken down by the YouTube platform after a series of “copyright violation” reports sent in by AnTV and Qafqaz News accounts.

The alleged victim who claims the videos were a copyright violation is registered at samxalceferli94@gmail.com and samxalofficial194@gmail.com. administers AnTV and Qafqaz News.

Update: January 3, 2020

YouTube once again has closed down Shakir Zade’s YouTube channel, on what seems like yet another false copyright violation report.

This time, Milli TV appeared to have a new email: alihasanov.gov.az@gmail.com. Ali Hasanov is a former aid to the president. He was known prior to his dismissal as the man behind media censorship in Azerbaijan. He was dismissed on November 30, 2019 as part of alleged reforms introduced by the president Ilham Aliyev.