Act Daily News
In between being blindfolded, locked in solitary confinement, and interrogated in a wheelchair whereas she was on a starvation strike following her late September arrest, Negin says she had a realization: Iranian officers have been utilizing her personal Telegram chats, cellphone logs and textual content messages to incriminate her.
“They told me ‘Do you think you can get out of here alive? We will execute you. Your sentence is death penalty. We have evidence, we are aware of everything,’” stated Negin, whose title Act Daily News modified at her request, for her security.
Negin, who says she has been accused by Iranian authorities of operating an anti-regime activist group on Telegram (an allegation she denies), stated she has “some friends” who have been political prisoners. “They put in front of me transcribed printouts of my phone conversations with those friends,” she stated, and “questioned me on what my relationship with those people were.”
Negin thinks Iranian brokers hacked into her Telegram account on July 12, when she realized one other IP tackle had accessed it. While Negin was in jail, she stated, Iranian authorities reactivated her Telegram account to see who tried to contact her and reveal the community of activists with whom she was in contact.
Negin was one among lots of of protesters detained at Iran’s notoriously brutal Evin jail in northern Tehran within the first few weeks of demonstrations following the demise in custody of Mahsa Amini. Amini, a 22-year-old lady, had been apprehended by Iran’s morality police for apparently not sporting her hijab correctly.
As protests unfold within the nation, a lot of the eye has targeted on the Iranian authorities’s efforts to shut down the web. But behind the scenes, some fear the federal government is utilizing expertise in one other means: accessing cellular purposes to surveil and suppress dissent.
Human rights activists inside and outdoors of Iran have been warning for years concerning the Iranian regime’s capability to remotely entry and manipulate protesters’ cell telephones. And tech firms might not be properly geared up to deal with such incidents, specialists say.
Amir Rashidi, Director of Digital Rights and Security on the human rights group Miaan Group, stated the strategies described by Negin match the Iranian regime’s playbook.
“I myself documented many of these cases,” he stated. “They have access to anything beyond your imagination.”
Act Daily News has reached out to the Iranian authorities for remark about Negin’s allegations however has not heard again.
The Iranian authorities might have used comparable hacking ways to surveil the Telegram and Instagram accounts of Nika Shahkarami, the 16-year-old protester who died after an indication in Tehran on September 20. The Iranian authorities have all the time denied any involvement in her demise, however a earlier Act Daily News investigation discovered proof suggesting she was detained on the protests shortly earlier than she went lacking.
Iranian authorities nonetheless haven’t responded to Act Daily News’s repeated inquiries about Nika’s demise.
At least one tech firm, Meta, has now opened an inside inquiry into exercise on Nika’s Instagram account after her disappearance, Act Daily News has discovered.
After Nika went lacking, her aunt and different protesters instructed Act Daily News that her common Instagram and Telegram accounts had been disabled. Every week later, her household discovered that she was lifeless. But the thriller over who had deactivated her social media accounts remained.
On October 12, two of Nika’s pals seen her Telegram account briefly again on-line, they instructed Act Daily News. Nika’s Instagram account was additionally briefly restored on October 28, greater than a month after her disappearance and demise, in keeping with a screengrab obtained and verified by Act Daily News.
As with Negin’s case, the reactivation of Nika’s accounts raises questions on whether or not Iranian authorities have been chargeable for accessing her social media profiles, allegedly to phish different protesters or compromise her after her demise.
“Telegram is everything in Iran,” defined Rashidi. “It was more than just a messaging app before being blocked and still they managed to maintain their presence in Iran by just simply adding a proxy option in the app.”
“If users don’t have access to anything because of censorship, they still have access to Telegram,” he continued. “As results there are a lot of users’ data in Telegram and that’s why the Iranian government is interested in hacking Telegram.”
There are alternative ways the federal government may achieve entry to an individual’s accounts or their community of contacts, in keeping with specialists. Negin, for instance, stated authorities “kept creating Telegram accounts using my SIM card, in order to see who I am in contact with.” In different circumstances, authorities may try to co-opt the two-factor authentication course of, which is designed to supply larger safety by texting or emailing a login code.
“Usually what happens is, they do the target phone number, then they send a login request to Telegram,” Rashidi instructed Act Daily News. “If you don’t have 2-step verification, then they will intercept your text message, read the login code and easily get into your account.”
That’s why some Iranian activists cheered when Google launched Google Authenticator within the nation in 2016. It’s a two-step verification course of that provides a layer of safety for cell phone customers.
Crucially, nonetheless, the Iranian regime doesn’t even want telecommunication firms to work with them, in keeping with Rashidi. “The Iranian government is running the entire telecommunication infrastructure in Iran,” he stated.
After Nika’s disappearance, Meta launched an investigation into whether or not Nika herself had disabled the account or whether or not another person was accountable. The investigation lasted 9 days, from October 6 to October 14, in keeping with a supply at Meta who spoke to Act Daily News on situation of anonymity.
The conclusion: “While we can’t share specific details about Nika Shahkarami’s account for privacy and security reasons, we can confirm Meta didn’t originally disable it,” a Meta spokesperson instructed Act Daily News.
Meta additionally confirmed to Act Daily News that Nika’s account “was briefly reactivated and memorialized for less than 24 hours” on October 27 “as a result of an internal process error, which we addressed by re-disabling the account.” Meta instructed Act Daily News it discovered this error after Act Daily News reached out for this investigation.
Meta additionally stated it acquired route from Nika’s household by way of one of many firm’s trusted companions in Iran that they wished Nika’s Instagram account to remain offline.
However, references in Iranian state media point out authorities did entry Nika’s Instagram account and direct messages, stating they’d permission from the judiciary to entry them.
A relative of Nika, who wished to stay nameless for concern of repercussions, instructed Act Daily News the Tehran prosecutor’s workplace has been holding Nika’s cellphone since her demise. “We went to the prosecutor’s office and found out that Nika’s phone is with Mr Shahriari (name of the prosecutor); I saw with my own eyes that it was in their hands,” the member of the family stated.
Meta’s investigation highlights each the seriousness of the case and the constraints that American tech firms seem to have in addressing activists’ issues about Iran’s dealing with of accounts.
Mahsa Alimardani, senior web researcher at Article 19, a freedom of expression group, additionally raised issues about Telegram. “One time we asked them to reverse some edits that were done on a person’s account after her death, and they were not helpful. They didn’t get back to us. They didn’t try to fix the issue. No kind of support or help into that,” Alimardani stated.
In response to Act Daily News’s request for remark, Telegram spokesperson Remi Vaughn stated: “We routinely process dozens of similar cases referred to us by activists from trusted organizations and disable access to compromised accounts. In every case we’ve investigated, either the device had been confiscated or the user had unwittingly made such access possible — by not setting a 2-Step Verification password or using a malicious app impersonating Telegram.”
“In countries with authoritarian rule, such as Iran, authorities can potentially intercept any SMS message,” Vaughn continued. “It is therefore important for users to enable Two-Step Verification, which requires an additional user-created password to be entered whenever logging in, in addition to the SMS login code. It is also important that such users use official Telegram apps from trusted sources.”
“To protect protesters, we have blocked thousands of posts that had attempted to deanonymize protestors and could have reached hundreds of thousands if not for our intervention. We are always proactively monitoring public-facing parts of our platform to find such misuse,” she concluded.
“Tech companies must work with civil society,” Rashidi stated. “There are so many issues that they can work with us on them to make sure these platforms are safe, especially for those who are at risk.”