Hackers, lawmaker put reporters at risk in Ukraine

New York, May 11, 2016 — The Committee to Protect Journalists today condemned the publication of the personal details of thousands of journalists and media workers who have reported from eastern Ukraine. CPJ also denounced a member of the Ukrainian parliament’s praise for that action.

A group of hackers on May 7 announced on a website called Myrotvorets (Peacemaker) that they had breached computers pro-Russian separatists in eastern Ukraine used to keep track of journalists they had allowed to work in the region, and published a database containing the names, affiliations, and contact information of more than 7,000 individuals. The database includes 4,508 local and international journalists and media workers who have reported from the conflict zone. According to CPJ research, the separatists have been collecting journalists’ contact information as part of an accreditation process even though their authority over eastern Ukraine is not internationally recognized.

The Ukrainian Prosecutor General’s Office on Wednesday announced that it had opened an investigation into the publication of the journalists’ names and contact information under article 171.1 of the Ukrainian Criminal Code, which covers “obstruction to journalism.”

The hackers wrote that they did not know what the consequences of their action would be, but added, “Be certain: It is important to publish the list because these journalists collaborate with terrorist guerillas.”

Oksana Romanyuk, head of the Institute for Mass Information, a press freedom group in Kiev, told CPJ that the hackers’ actions had remained largely unnoticed until Tuesday, when Anton Geraschenko, a member of Ukraine’s parliament, praised them on the social media site Facebook. Geraschenko suggested that Ukraine’s authorities should introduce specific actions to “counter Russian propaganda.”

Geraschenko’s recommendations included: “imposing control over broadcast programming and cable networks to prevent distribution of information that could destabilize Ukraine’s sovereignty and territorial integrity;” “imposing control over accreditation of reporters, specifically those from Russia;” “deportation of reporters found in breach of national laws;” and “developing legal and technical resources to block online content that incites to violence and destabilizes Ukraine’s national security.” He published the recommendations on his Facebook page, which had more than 156,000 followers when CPJ accessed it on May 11.

“Publishing journalists’ private contact details puts them at risk. At worst this action could be read as a thinly veiled call to target them,” CPJ Europe and Central Asia Program Coordinator Nina Ognianova said. “That a member of parliament should praise these reckless actions is galling. Instead of heralding attempts to intimidate journalists, politicians and officials should track down those responsible and show there is no place for these tactics in Ukraine.”

In a statement published on Wednesday, a group of Ukrainian and international reporters and press freedom activists condemned the release of their contact information, saying it violated Ukraine’s privacy laws, the nation’s constitution, and the European Convention on Human Rights. According to the statement, journalists started receiving threats by phone and email after the list was made public.

The signatories – reporters with Ukrainian broadcaster Hromadske TV, the Moscow-based newspaper Novaya Gazeta, Polish daily Gazeta Wyborcza, the BBC, The New York Times, The Daily Beast, The Economist, and others – said that by obtaining accreditation from the separatists, they were able to inform the public of the crimes committed in the area, including the downing of a Malaysian Airlines plane over the region in July 2014.

The journalists also said that in 2014 alone, at least 80 journalists were detained by eastern Ukrainian separatists in connection with their work and that some of them were tortured. They urged the hackers to remove the list from the Internet, and asked Ukraine’s law enforcement agencies to investigate.

CPJ urges journalists on the list to take extra precautions for securing their email accounts and digital information. In 2012, CPJ published a Journalist Security Guide which includes a chapter on technology security. The guide is available in in nine languages, including Russian.