RightsCon Tunis 2019

MRAs, Incels and More: Should They Be Included Under Violent Extremists? (Breakthrough Trust)

Description: This session will be talking about gender based violence on the internet and the impact it can have offline. It ties in with the current debate around violent extremism and why, though there is a lot of literature around violent extremists in cases of religion or racial politics, there is surprisingly little in terms of gender. This is despite the fact that gender actually plays a very crucial role in many cases of violent extremism and by ignoring it, we miss the gendered nuances of violence. This is despite the fact that the in the last few years, there has been a recognition of figures and communities online which actively propagate violence against women as a ideology and yet face little consequences for it. Examples can range from people like Roosh V, Eliot Rodgers (the man behind the Isle Vista killings) and to the everyday average troll. With our experience working in India, we will also be referring to the Indian specific context to this issue. Attendees can expect an open minded discussion on this topic and a push towards greater sensitivity and understanding of gender based violence on the internet.

Speaker: Saswati Chatterjee

The use of biometric data to identify terrorists: best practice or risky business? (University of Minnesota)

Description: Developing and implementing tools aimed at reliably identifying terrorist groups and individual terrorists has long been one of the cornerstones of counter-terrorism action. Collection and exchange of information related to the movement of such persons has increasingly been prioritized with the rise of the ‘foreign fighters’ phenomenon, in particular as a response to the perceived change in the international risk environment linked to having such foreign fighters, formerly affiliated with ISIL, its satellites and other groups, return to their countries of origin or travel to other conflict zones.

To address relevant challenges, the Security Council adopted resolution 2396 requiring, among others, that States “develop and implement systems to collect biometric data […] in order to responsibly and properly identify terrorists, including foreign terrorist fighters”. This session will explore implications of the obligation to use biometric technologies and data as a counter-terrorism measure by 1) addressing the ramifications of the legislative action by the Council from the point of view of global governance and the rule of law, and 2) outline relevant human rights concerns with particular emphasis of the impact of over-broad definitions of terrorism and related offenses in this regard; and challenges linked to data-sharing, including across borders.

Speaker: Krisztina Huszti-Orban

How a nationwide phishing campaign in Venezuela continues to put dissidents at risk (Venezuela Inteligente)

A portal associated with the Venezuelan opposition led by Juan Guaidó, was created to register volunteers interested in helping with the distribution of humanitarian aid. It has become a target of a phishing campaign led by those aligned with the Nicolás Maduro government.

We detected that CANTV, the largest internet service provider in Venezuela owned by the government of Nicolás Maduro, was redirecting users visiting the website to another server hosting a visually identical malicious website which is not owned or controlled by the legitimate site administrators of voluntariosxvenezuela.com. we estimate that tens of thousands of people submitted their data to the malicious cloned website.

We were able to verify that the redirection to the malicious website happened even when using DNS servers that were not CANTV servers (like, when using Google’s 8.8.8.8) using DNS response injection. Our research also directly attributed the campaign to two government institutions. In addition, our research also discovered multiple domains that are similar to social media sites and popular websites that could be used in future phishing campaigns (or have been used already) to collect user data.

The personal data collected used to fuel further victimization by publishing personal details and using them to fuel fake news.These developments are worrying because they point to an increased sophistication in digital attacks linked to and originating from the government of Nicolás Maduro. This dramatically increases the need for both users and website administrators to take preventative measures to avoid falling into this type or similar phishing campaigns.

Speaker: Andrés E. Azpúrua