Black Code sheds light on the commercialisation of cybercrime through the development of surveillance malware by security companies for sale to governments. Referring to Orwell’s seminal work 1984, Shehabi notes that Orwell had perhaps not anticipated that the tools of surveillance used by Big Brother, such as smartphones and social media, would in fact be owned by the surveilled, thus making the job easier.
* * *
When Big Data meets Big Brother, journalists and activists become collateral damage. Nick de Pencier (Four Wings and a Prayer, Watermark) explores the intersecting barriers between state surveillance and citizen “sub”veillance (described as “subverting surveillance” by one of the film’s subjects) in his new documentary Black Code, screened last week in London as part of the Human Rights Film Festival. The screening, presented in partnership with watchdogs Canadian Journalists for Free Expression (CJFE), Privacy International and Liberty, exposes the abuse of surveillance technology by governments and state institutions to monitor citizens working with human rights, the latter ranging from guerrilla journalist collectives in Brazil to Tibetan monk activists under attack from China.
Shot in a series of montages exploring cases in Sweden, Ethiopia, Tibet, Brazil, Syria, Pakistan, and India, the documentary dissects the way in which data is recorded, harvested, and used against citizens to infiltrate civil society, curtail free speech, and crack down on protests. It follows Citizen Lab, a media and technology lab at the University of Toronto, led by surveillance expert Prof. Ronald Deibert, which uncovered Ghostnet in 2009. The Ghostnet cyber-spying operation, carried out by Chinese associates, infiltrated 1,295 computers in 103 countries, including government embassies, and was discovered when the Dalai Lama’s computer was hacked under this protocol. The documentary follows Tibetan monks living in exile in Dharamshala, India, who have faced torture and assault and continue to be under surveillance from the Chinese government.
Dr. Ala’a Shehabi, co-founder of Bahrain Watch, who was present for the panel discussion post the screening, calls the widespread surveillance against human rights watchers documented in the film an “act of war.” She was among the 77 journalists out of the 80 citizens targeted by Finspy, a malware created by Gamma Group, a cybersecurity company, which the state had used to monitor her work. Unlike the Snowden leaks, which focused on the tools and extent of state surveillance, Black Code sheds light on the commercialisation of cybercrime through the development of surveillance malware by security companies for sale to governments. Referring to Orwell’s seminal work 1984, Shehabi notes that Orwell had perhaps not anticipated that the tools of surveillance used by Big Brother, such as smartphones and social media, would in fact be owned by the surveilled, thus making the job easier.
From Bahnhof, the server company based in a Swedish Cold War bunker that initially hosted Wikileaks, to Midia Ninja, an independent collective of guerrilla journalists formed during the Rio riots to report on police violence not reported by state-leaning mainstream media, the film also traces how citizens are using the same technology of documentation to fight back against state control. In one instance, Midia Ninja used the internet hivemind to collect footage from their audience and help bail out Bruno Ferreira Teles, an arrested protestor accused of bombing the police with a Molotov cocktail during the Rio riots. Their outreach resulted in one of the largest audience participation exercises, where smartphone and camera footage from multiple sources was used to piece together Bruno’s trajectory during the protests. They found that not only had he not committed the crime, but that it was in fact undercover police at the protests who had thrown the Molotov to instigate the violent crackdown on protesters after.
Most, if not all of the interviewees in the film, have faced targeted attacks – including assault, illegal incarceration, and torture – by government based on the data harvested on them. I meet with Nick post the screening of the film to find out the encryption measures he took while shooting a film where the subjects are or were previously monitored by the state.
MANISHA GANGULY: How much time did the entire process take from inception to distribution?
NICK DE PENCIER: Well, I researched on this for a year, and Ron [Ron Deibert, whose book the film is based on] and I agreed to do it two weeks before the Snowden leaks happened . We just finished the final edit last September. I was really happy when Citizen Four [the documentary by Laura Poitras following the circumstances surrounding Edward Snowden’s leaks when it happened] came out because we were careful not to overlap, and there was so much to cover anyway.
How big was your crew when shooting in sensitive areas?
Well, I’m a cinematographer by profession, so I was shooting this alone, usually with a GH4 or C300, and switching to a Ninja for shooting the bits with computer screens. While traveling, most of the camerawork was hand-held because I didn’t even carry a tripod and sometimes I hadn’t managed to find one even on the third day of shoot. I let the mechanics of production be dictated by the material. Before travelling, I would wipe everything and hide the footage on my laptop under an old drama series in case of airport or security checks.
A lot of the interviews you did, for instance the one with Wjd Dhnie on his torture by the Syrian police using the “flying carpet,” deals with extremely traumatic memories. How did you get some of your subjects to feel comfortable talking about these on camera?
Before shooting or traveling to these locations to meet my subjects, it was really hard to do comprehensive research due to the nature of these things. I gave it a lot of time – the biggest part of the job is to have an exchange of trust and vulnerability, and if it’s not there I won’t do it. I’m a terrible liar. For me, it’s about building up that relationship, and exchanging vulnerability.
What measures did you take while shooting the film to secure the footage from your interviews, considering much of the information is sensitive and implicates foreign governments?
When I was travelling initially during production, I used a software called Truecrypt. But somewhere in the middle of filming, it became known that the encryption in it may not be foolproof because some of the algorithms had been compromised, so there was a pause in production. Luckily, I had mostly finished the sensitive areas of the documentary by then, so it didn’t affect me much.
Throughout the filming process though, I used PGP, encrypted all my emails, used Tor: standard off-the-shelf kind of things. I wasn’t an expert and often failed and cursed. In a way, I thought that was good because I represented the average user and not the expert. However, I was surrounded by experts, and there’s a whole other movie that can be made around the psychology and mnemonics of passwords, which I found fascinating when researching for this film. We live in a world of passwords, and this is one of the solutions from the equations of surveillance.
You were tackling extremely sensitive topics which have affected or will affect foreign governments. Did you personally face any intimidation when you were working on the film?
I may not have known if I was under surveillance. But since the film has yet to be screened in the countries’ institutions/governments it implicates, I have yet to face any intimidation. But it could be because I was flying under the radar due to the different places I went to. I’m used to traveling with a journalist visa, but my research showed that in some places it would not be granted, so I filmed under a tourist visa with a very small kit.
Were any of your subjects aware of being under surveillance when you interviewed them?
I was very careful while shooting this film, and it is my sincerest hope that there are no repercussions for any of those people. I made sure that the subjects I was engaging with knew the situation and potential implications. I have deliberately left some footage/interviews out because I wasn’t satisfied in my mind that I wouldn’t be breaking the first principle of “do not harm” by engaging them. In a lot of cases, I interviewed people who are far braver than me – certainly the Tibetan monks – people who are out there publicly denouncing the crimes of the establishment already. That’s when I felt more at ease, knowing they already had a public profile.
One of the main reasons used by the state to justify mass surveillance is national security. How do you respond to this in the context of your film?
I think there’s a bar, and of course governments have legitimate concerns around national security due to real threats. But it’s where on the bar governments, under the excuse of national security, overstep their reach. In most of the instances in the film, the surveillance wasn’t used for national security.
Moreover, if those levers of knowledge exist to spy on state enemies, can we really trust the state to not abuse them, without checks and transparency? The people I’ve aligned with on this film would say the scales are tipping towards government overreach and need to come back to a more human rights-based set of structures that control them.
The next screening of Black Code is on 6th April at TIFF Bell Lightbox Toronto as part of the Human Rights Film Festival. The screening will be followed by a discussion with film director Nick de Pencier and Professor Ron Deibert, Director of Citizen Lab.
* * *
Note: Images posted courtesy of Mongrel Media.