Digital rights violations proliferated in South-East Europe during the coronavirus pandemic

Digital rights violations proliferated in Central and South-East Europe during the coronavirus pandemic, with over half of them involving propaganda, disinformation or the publication of unverified information, monitoring by BIRN has shown.

According to Balkan Investigative Reporting Network (“BIRN”) and Share Foundation, from January 26 to May 26, there were about 163 cases of breaches of digital rights in Bosnia and Herzegovina, Croatia, Hungary, North Macedonia, Romania and Serbia. Sixty-eight of the cases related to the manipulation in digital environment, while 25 related to publishing falsehoods and unverified information with the intention to damage someone’s reputation. States rarely addressed the abuses arising from these violations, and in 45 cases, the perpetrators were not identified, while 139 of the total of 163 cases were not resolved.

Eight cases were the result of pressure related to the publication of information, 12 were linked to insults and unfounded accusations and 11 were hate speech and discrimination. Medical and personal data breaches featured in 18 cases, computer fraud was registered on 11 occasions, while the destruction and theft of data and programs happened in three cases.

Speculation about the number and identity of COVID-19-infected people led to the mass exposure of personal and private data on social media and messaging platforms. In some cases, the leaks were small in terms of data, but had potentially serious consequences, particularly in situations in which patients’ personal data was revealed.

The most serious cases were reported in Croatia, North Macedonia and Montenegro. In March in Croatia, a message containing a list of infected patients was shared among people living on the island of Murter, mostly through messaging apps.

llegal personal data processing and privacy breaches took place in North Macedonia as well. The country’s Agency for Personal Data Protection filed criminal charges against an unknown person for publishing the personal data of people living in the town of Kumanovo.

The public in Serbia became concerned when it was discovered that the login credentials for Serbia’s information system for analysis and storage of health data during the pandemic were publicly available on a health institution website for eight days.

Citizens of Montenegro suffered most from stigmatisation due to a number of leaks of COVID-19 patients’ records. The infected patients’ identities were revealed in posts on social media, sparking hate speech against them. Individuals who were violated self-isolation measures were also targeted, and often, it was governments that were revealing their personal information.

In Bosnia’s Serb-dominated entity, Republika Srpska, authorities launched a website on which they published the names of people who did not follow the entity’s self-isolation measures. The list can still be found online. As a measure against the spread of the coronavirus, Montenegro’s government published a list of individuals who were put in self-isolation after  returning home from abroad. The lists, structured by municipalities, include the individuals’ names, surnames, the date when they were put into isolation, and their home addresses. The list was only removed a month after it was published.

Here you can find more about BIRN report:

References from the Balkan Investigative Reporting Network