Online Media Autonomy: Security Risks and Protection Mechanisms. Walking on the Digital Edge

The report examines the state of the protection of digital rights and connected risks, such as data loss or leakage, as well as the tools for mitigating and avoiding these risks. The paper also explores the relations between conflicting values, both relevant in the digital sphere, i.e. privacy and security.

The report is based on the monitoring of cases of breach of online rights and freedom, which have witnessed a sharp rise in the past years. The monitoring was conducted between September 2014 and September 2015 in Serbia. Such cases include: arbitrary blocking or content filtering; cyber-attacks on independent online and civic media; arrests and judicial proceedings against social network users and bloggers; public opinion manipulation through the use of technology and automated systems; surveillance of electronic communication, violation of rights to privacy and protection of personal data; pressure, threats and diminishing safety of online and civic media, journalists and individuals.

After describing the top five cases detected during the monitored period (“Introduction”), the second part of the study examines the specific risks connected to the digital identity in the online sphere, which is ridden by a variety of security challenges and threats. The section thus outlines issues and possible solutions for improving the digital security for professional journalists as well as everyone dealing with sensitive information (bloggers, human rights activists, government officials, diplomats, etc.).

In part three (“Aftermath”), the study addresses the issue of consequences that cyber attacks have on online media and journalists in Serbia and on the autonomy and safety of online and citizen media. The report finds out that the main consequence of these attacks is the raise of insecurity and fear, resulting in a “chilling effect” on freedom of expression online. This can be particularly relevant for small and independent online and citizen media that cannot afford expensive cyber security experts and technical solutions for protecting their systems.

The last chapter (“Conclusion”) addresses the role of the authorities in the cases monitored and argues that the government has failed to establish trust in its abilities to protect online media, citizen journalists and activists in Serbia. It also highlights the danger of discretionary behaviors by the authorities in processing cases of cyber attacks, leading to lack of legal certainty in this field and an unsatisfactory level of the rule of law.

Finally, the report concludes with a series of recommendations aimed at improving and respecting the standards of freedom of expression in the digital sphere of Serbia, including through regulations, specific policies, international cooperation, capacity building and digital literacy.