SEEsummary #43

November 2020

Issue no. 43 of the SEEsummary, published on 3 December 2020. This issue covers Internet governance and digital policy developments that occurred in South Eastern Europe and the neighbouring area (SEE+) in November 2020. Also included: an overview of Moldova IGF and a list of upcoming events and opportunities in December.

Country contributors to this issue: Andreea Belu, Katarina Gevorgyan, Marko Paloski, Vasile Popa. Editors: Meri Baghdasaryan, Maja Calovic, Neli Odishvili, Veronica Stefan, Sorina Teleanu. Coordination and final editing: Olga Kyryliuk. Design: Charalampos Kyritsis.

Telecommunications infrastructure

Reportedly, in a letter sent to European Commission Executive Vice-President, Margrethe Vestager, telecom company Huawei challenged the legislative proposal which is considered by the Romanian authorities and aimed at the exclusion of certain companies from the provision of 5G equipment unless certain conditions are met. Namely, if adopted the rules would require 5G equipment suppliers to pass through a pre-authorisation regime. The company also pointed out that such deliberations come as a follow-up to previous arrangements with the U.S. in the field of 5G security. Huawei argues that the proposed rules are contrary to the fundamental European Union principles, inter alia, legal certainty, predictability, and sincere cooperation, while also depriving the company of the right to appeal. Recently, Romanian Prime Minister Ludovic Orban clearly spoke against cooperation with Huawei. The Romanian parliament is expected to pass the legislation in early December, with a public tender for the construction of 5G networks scheduled for 2021. Among other SEE countries that signed respective 5G Clean Network declarations with the U.S. are Bulgaria, Kosovo*, North Macedonia, and Slovenia.

In November, the global association of mobile operators GSMA released its findings and recommendations related to 5G deployment in Russia. According to preliminary forecasts, around 20 percent of all mobile connections in the country will be based on 5G technology by 2025. However, the deployment plans can be significantly hindered by two factors: the governmental approval process, and over-restrictive rules for the placement of transmitting radio facilities and exposure to radiofrequency electromagnetic fields (RF-EMFs), which might increase operating costs by ten times and require from telecom operators to install from three- to five-times more base stations. Moreover, according to the safety guidelines of the International Commission on Non-Ionizing Radiation Protection (ICNIRP), there are no health risks related to using mobile phones or living near base stations. Therefore, in order to support smooth and efficient 5G deployment in Russia, it is recommended that authorities prioritise international rules elaborated by the ICNIRP over the  current national RF-EMFs standards.

The Serbian Ministry of Trade, Tourism and Telecommunications signed the first contracts with four telecom operators (Telekom Serbia, Orion Telekom, SBB, and Sat Trakt) for the deployment of broadband networks in uncovered rural areas. The initiative is intended to facilitate access to fast and stable Internet in nine Serbian municipalities, covering 34 settlements with more than 5.5 thousand households. This, in turn, is expected to accelerate the digital inclusion of rural communities by enabling them to easily access online opportunities in areas such as education, entrepreneurship, culture, etc. The initiative is part of a broader project whose first phase is intended to enable broadband coverage for a total of 600 settlements with around 90 000 households, and which is expected to be completed in 2022.

Greece urged its citizens to reduce Internet usage during the peak hours after the state school e-learning system crashed. Greek Education Ministry reported that the incident was likely related to the Webex video-conferencing platform, and reassured that the state networks remained fully operational. The increased traffic can be explained by a shift to online studies due to the new wave of COVID-19 restrictions. Given the situation, the Greek authorities advised citizens to minimise Internet consumption during the peak hours (from 9 am to 6 pm), namely to avoid using online entertainment applications, social media, or video calls.

Access and development

Since November, mobile users in North Macedonia have an option of using Google’s RCS (Rich Communication Services) system, offering users advanced SMS features and allowing them to see when their counterpart is typing or a message is read, as well as to send larger files, create group chats, share geolocation, make video and audio calls. Essentially, a standard SMS app is getting the features intrinsic to all modern messengers and becomes free of charge.  Technically operators need to incorporate support for this system into their networks, and only after that users can try it by installing Google’s Messages application for SMS on their devices. In order to be able to communicate via the RCS system, both users have to install the app. Makedonski Telekom introduced the service as a pilot until 31 December 2020.

Greek startup Biopix-T developed a hand-size mobile COVID-19 detection device called Iris. It functions as a mini-laboratory, detecting COVID RNA anywhere, including airports, offices, houses, in a matter of 30 minutes. The trials of Iris revealed the same accuracy as for standard COVID-19 tests, with 97 percent of correctly identified positive samples, and 100 percent of the negative ones. The device was developed using 3D printing and funded through a European Commission grant. Iris is predicted to cost less than EUR 1000 and be available for purchase in 2021.

Content policy & Freedom of expression

Turkey imposed six fines of ten million Turkish Liras (EUR 1.1 million) on top social media companies, including Facebook, YouTube, Twitter, Periscope, Instagram, and TikTok, for a failure to appoint country representatives, which are expected to deal with the Turkish courts’ orders related to blocking or removal of content. Any such removal has to be completed within 48 hours. The continuous failure to appoint a representative will lead to even bigger fines, a ban on advertising, and up to 90 percent bandwidth restrictions. On the contrary, if companies comply with the new rules, all restrictions will be lifted and only one-fourth of the fine will be due for payment. At the moment, only the Russian social media platform VKontakte appointed its country representative. In the October issue of the SEEsummary we reported about new Turkish social media law coming into force and some of its key requirements.

Cybersecurity and cybercrime

The Coordination Center for .RU/.РФ (the registry operator for the country code top-level domains (ccTLDs) of the Russian Federation) and the Belarusian Presidential Operations and Analysis Center (the registry operator for .BY and .БЕЛ – the ccTLDs of Belarus) signed a Memorandum of Cooperation to Counteract and Prevent Violations on the Internet. The memorandum will enable the two parties to support each other and exchange information and experience in countering and preventing offences in cyberspace, such as phishing, unauthorised access to information systems, and the spreading of malware and botnets.

A joint operation involving the Romanian Police, the U.S. Federal Bureau of Investigations, Europol, Eurojust, and Bitdefender led to the dismantling of a cybercrime group based in Romania. The group was specialised in the development and commercialisation of cyber threats able to evade security solutions installed on the infected devices. Those interested in launching sophisticated attacks were provided with services enabling them to modify dangerous files so as not to be detected by security solutions. Such services were available on dedicated platforms at prices ranging between USD 40 and USD 150.

The National Computer Emergency Response Team (CERT) of the Croatian Academic and Research Network (CARNET) identified a leak of over 23 000 databases, including 47 000 user accounts with the top-level domain .hr. Out of them at least 24 000 users have their passwords available in plain text and not protected in any way. Allegedly, the attack originated from the private hacking forum Cit0Day.in used by attackers to collect usernames, email addresses, and passwords in plain text. Overall, it accommodated more than 226 million unique user accounts. The National CERT sent notices to the owners of compromised accounts with instructions on how to protect their accounts to avoid further damage.

Capacity development

In North Macedonia, the National Center for Computer Incident Response, a part of the Agency for Electronic Communications, launched two educational campaigns titled “Protect the Internet” and aimed at raising citizens’ awareness of cybersecurity. The first campaign consists of six educational videos addressing some of the most common computer scams such as phishing attacks, online shopping, malware, access to age-inappropriate content, personal data protection, and passwords. The videos explain the basics of the listed fraudulent activities online and provide guidance on how to protect yourself from becoming a victim. The second campaign is more interactive and intends to explain the basics of cyber hygiene to children as the most vulnerable group of Internet users.

Privacy and data protection

Last month we reported about the complaint filed by a Belgrade-based non-profit human rights organisation, SHARE Foundation, against 16 international companies for their non-compliance with the Personal Data Protection Law in Serbia. While Viber was the first to react and appoint a local data protection representative, it was recently followed by four other companies, namely Booking.com, Netflix, Snap Inc., and Yandex. All four notified the Commissioner for Information of Public Importance and Personal Data Protection of their decision to appoint respective representatives. The interests of Booking.com and Netflix will be represented by Mikijelj, Janković and Bogdanović law firm, while those of Snap Inc. and Yandex – by Živković Samardžić law firm. Both law firms will serve as a point of reference for any matters related to personal data protection as performed by four foreign companies. The Commissioner or any individual can contact the law firms to make sure that personal data processing is conducted in compliance with the law. The Commissioner once again encouraged other foreign companies to follow the example and appoint their representatives in Serbia.

In November, 12 civil society organisations from across Europe launched the ‘Reclaim your face’ campaign, concerned about the increasing use of facial recognition technology (FRT) in public spaces. The organisations call on public authorities and private companies to be transparent about their use of FRT, and to ensure respect for fundamental human rights. They also call for a ban on biometric mass surveillance. Serbia-based Share Foundation joined the campaign, warning about the human rights implications of the deployment of facial recognition cameras on the streets of Belgrade. The organisation calls on the Serbian government, parliament, and other competent bodies to ban without delay the use of biometric surveillance that endangers human rights and freedoms in public spaces. It also demands transparency from the Ministry of Interior on the purchase of FRT and its use across Belgrade.

National & Youth IGFs

National IGF

In November, Moldova hosted its first national Internet Governance Forum (MIGF) that was held as a two-day conference bringing together both in-situ participants in the Digital Park in Chisinau and online participants via the Zoom platform, including guests from Canada, the U.S., Romania, Ukraine, and Russia. With this initiative, Moldova joined a network of over 120 national and regional IGFs all over the world. MIGF covered a broad variety of topics, namely Internet governance and digital transformation, privacy and freedom of speech, COVID-19 challenges and opportunities, right to Internet access, trust and security online, national roadmap and regional cooperation, artificial intelligence, GDPR compliance, cybercrime and cyber hygiene, and many others. During the whole event, interpretation was provided into three working languages: Romanian, Russian, English. MIGF was organised by Comunitatea Internet Association, and supported, among others, by the Government of the Republic of Moldova, Internet Governance Forum Support Association, ICANN, Internet Society, RIPE NCC, Global IGF, SEEDIG, SecDev Foundation, etc. The recordings of the sessions can be found in the archive of RealitateaLIVE.md for the dates of 23-24 November.

Upcoming opportunities

Upcoming deadlines

In preparation for the 2021 meeting of the European Dialogue on Internet Governance (EuroDIG), stakeholders are invited to respond to a call for issues and submit suggestions for Internet governance issues to be discussed at EuroDIG 2021. The meeting is scheduled to take place on 28–30 June 2021 in Trieste, Italy. The proposals can be submitted via the EuroDIG website by 6 December 2021.

RightsCon, one of the leading global events on human rights in the digital age, announced its call for proposals for the 10th annual meeting that will take place online on 7-11 June 2021. The program categories include such topics as Artificial Intelligence, Automation and Algorithms, Civil Society Resistance and Resilience, Data Protection and User Control, Internet Shutdowns and Network Disruptions, and many more. The proposals can be submitted through the event portal by 19 January 2021.

Upcoming events

30 November – 3 December 2020 Online

10-12 December 2020 Online

Editorial note

The SEEsummary is produced on a best effort basis, by our team of volunteer editors and contributors. Each month, the editors scan local and regional media, as well as websites of public institutions and other organisations, and compile what they find to be some of the most significant digital policy developments.

The SEEsummary does not claim to be a comprehensive source of information. Despite our efforts, we may miss some things happening across the region. To help us cover as many significant developments as possible, we invite you to share with us news from your countries.