Durov’s visit to Azerbaijan

When Pavel Durov, Telegram’s founder, was detained in France, the first thing I noticed was that he had arrived in France from Azerbaijan. Naturally, the first question that came to mind was what Durov was doing in Azerbaijan. Thanks to his assistant Julia Vavilova or Juli Maletc, as she is known on Instagram, that question was answered in a few stories in Vavilova’s highlights titled “Azeri.”

Instagram screenshot

Durov did appear to visit the Cyber Security Center at the Ministry of Digital Development and Transport. As per the center’s website, it claims: 

The center, established with the support of PASHA Holding group of companies to strengthen the country’s cyber security capabilities, will play the role of the main center for training highly qualified professionals and trainers in this field. It is planned to train more than 1000 people within three years at the Azerbaijan Cyber Security Center, which started its activity on 28 March 2023. At the same time, thanks to the training of 15 trainers at the center, the training of cyber security specialists will be expanded in our country in the future.

Professional teaching staff from Israel, which is considered one of the world’s leading countries in the region in the field of cyber security, will arrive in Azerbaijan and provide trainees with knowledge and skills covering the latest cyber security threats, trends and best practices.

The center has classrooms, training rooms, simulation rooms and laboratories equipped with state-of-the-art technology and equipment. Students will be able to conduct research in these labs and develop various cyber security products.

There are a few interesting points about this text. First, the PASHA holding group of companies, which, in the words of the Organized Crime and Corruption Reporting Project (OCCRP), is “a conglomerate with interests in banking, as well as construction, insurance, travel, and investments,” owned by Arif Pashayev, the father of the first lady Mehriban Aliyeva. Indeed, with all the baking and other relevant businesses, the PASHA group must ensure none of its user data or transactions are compromised. Unless, of course, it’s the opposite – to cover what OCCRP and others have exposed in various investigations as the lucrative financial schemes that benefit the first family. The answer to this question is a topic for another story. 

The second interesting point was mentioning Israel and its “teaching staff.”  For pundits following Azerbaijan’s path towards digital authoritarianism, seeing Israel’s name mentioned as “the world’s leading” country in “the field of cyber security” is no surprise. After all, the Azerbaijani government has long benefited from Israel’s surveillance technology, about which I have written at first here and then more at length here.  

Finally, regarding students working in the lab, could part of their skill development also include hacking accounts, DDoSing independent news platforms, phishing, and engaging in targeted harassment online, as well as trolling? In 2023, AzNet Watch published this legal overview of the lack of remedies in Azerbaijan to protect targets in cases of online harassment: 

There is another body of review within the Ministry of Digital Development and Transport concerning cyberattacks – the Cyber Security Service. While the cyber security service does not possess sanctions against authorities, it does have the authority to review the cyberattack claims and issue general warnings concerning cyberattacks. Furthermore, this body may inform other investigative authorities if the problem concerns these authorities […] In addition, the Cyber Security Center is not an adequate remedy in practice. This body is also not independent and has no relevant investigative legal powers. Consequently, criminal law and administrative law remedies are not effective. In such cases, civil law remedies also cannot be effective due to the burden of proof issues

So what is the point of financing a center when it is not even independent and its use is rather dubious? In any case, perhaps a topic for yet another AzNet Watch investigation. 

Finally, knowing all that is known about the Telegram app, especially regarding the platform’s poor track record regarding safety, privacy, data storage, lax standards, and lack of content moderation, combined with his visit to the center that lacks independence and whose purpose remains dubious, what was this visit about? AzNet Watch will continue exploring answers to this question, but in the meantime, Az-Net Watch has documented numerous examples of civic activists being targeted via Telegram channels in the past. Here are just a few of them: 

another telegram channel, another public targeting campaign March 2023

exiled blogger continues to receive threats June 2022

in Azerbaijan a telegram channel mobilising a movement, to target LGBTQI March 2021

Facebook page, advertising telegram channel, targeting a woman activist March 2021

targeted harassment via telegram channels and hacked Facebook accounts March 2021

Amnesty International statement calls to stop gender-based reprisals in Azerbaijan May 2021