For the second year in a row, Facebook ranked first as the platform where users faced the highest number of security incidents, based on the reports submitted to the Digital Safety Helpdesk in 2022. This raises numerous concerns about Meta’s mechanisms for addressing such incidents, as well as to the efficiency of its policies in offering a safer digital environment for all.
Since its establishment in 2019, the Helpdesk has helped journalists, human rights activists, and individuals prevent or address digital attacks in West Asia and North Africa. Today, nearly three years later, the Helpdesk receives reports from the Americas, Australia, Europe, and West Africa.
In 2021, the Helpdesk received 112 reports on digital incidents that users faced across different platforms and websites. In 2022, it received almost 300 reports from 23 countries – more than double the number from the previous year.
Online users in the WANA region are increasingly facing digital threats including hacked or deleted accounts, sextortion, and hate speech and misinformation, among many others. In response to this alarming and growing trend, the Digital Safety Helpdesk has intensified efforts to increase its capacity to receive the largest possible number of cases, offer intensive training to its team, and increase working hours to include weekends and official holidays.
Our Helpdesk classified and analyzed the digital incidents received to better support victims and to understand these threats on a global scale. One of the classification mechanisms is identifying the incidents across the most popular platforms such as Facebook, Instagram, Twitter, WhatsApp, TikTok, Google and YouTube.
Since its launch in 2019, the Digital Safety Helpdesk has been assisting activists, journalists, bloggers, vulnerable groups and human rights defenders who face online threats or cybersecurity risks. Its main purpose is to enhance the security of online civil spaces by offering advice, addressing digital attacks, and mitigating the impact of digital threats.
The Digital Safety Helpdesk’s annual report summarizes the incidents received between January and December 2022, as well as the nature and percentage of threats, the methods used by attackers, the target groups, the geographic distribution of threats, and the percentage of women targeted compared to men.
Facebook Ranks First
In 2022, the Digital Safety Helpdesk received 300 reports. In 219 of these cases, users reported the incident to the Helpdesk via WhatsApp, while 69 cases were reported via email and 10 via Signal. Although Signal is a free and secure application offering end-to-end encryption, the survey showed that very few people use it, compared to other messaging applications such as WhatsApp.
The figure above shows that 52.4% of digital incidents reported by users took place on Facebook, while 30.6% happened on Instagram and 7.1% on Twitter. Meta’s policies are a main cause behind some of these figures since they clearly disregard Arabic content, which constitutes an undeniable violation of the rights of Arabic-speaking users. In fact, the Helpdesk discovered that 20.3% of the total number of cases were related to unjustified suspensions of the victims’ accounts by the company.
Samar Al Halal, Technology Unit Lead at SMEX, explains that the responsiveness of platforms varies to a large extent. “Twitter was the most responsive and the quickest to address the issue,” but that was prior to its takeover by Elon Musk, who made radical changes that constitute a serious threat to users’ digital and even physical safety. The second most responsive platform was Google, which handles YouTube and Gmail issues. Meta, which owns Facebook and Instagram, comes in last place and is “the worst” according to Al Halal, despite the fact that the majority of digital attacks are carried out on its platforms.
The Digital Safety Helpdesk also challenged the company’s decision in 45 cases and submitted 120 requests for review by humans, rather than automated systems.
Al Halal added that most cases that require complaints be referred to a higher level are primarily those targeting journalists, members of the LGBT community, and activists. As for cases of sexual extortion, cyberbullying, and digital harassment—incidents all users are exposed to regardless of their area of work—they always require the submission of such a request.
The Helpdesk team helps users submit the appeals themselves, while it undertakes the submission of the requests for review by humans.
Cases on the Rise
Contrary to popular belief, “normal” or lowkey users were targeted the most by cyberattacks in the past year (38.8%), followed by activists (25.2%), journalists (17.7%) and members of the LGBT community (6.8%).
The reports received by the Helpdesk can be classified under two categories. The first includes digital attacks targeting the account itself, such as hacking (21.8%), account suspension (20.3%) or account closure (3.2%). This indicates that online hate speech, oppression, violent terminology and threatening language are widely used in our region. The second category includes digital attacks targeting the account owner, rather than the account itself, such as sexual extortion (2%), digital harassment (6.3%) and other cases. The number of these incidents is expected to keep rising in tandem with the rise in the number of users of digital platforms.
To avoid such incidents, Al Halal recommends using a strong password, activating two-factor authentication, not clicking on links before verifying them, and always using reliable VPN applications.
Cases Disaggregated by Gender
Unlike last year’s statistics, male users facing digital incidents accounted for 62.4% of cases, while female users accounted for 37.6% of cases only.
In 29.1% of cases where women were targeted, the incident was related to the hacking of their account (29.1%).
Although women are particularly exposed to mistreatment online, Marianne Rahme, Policy Unit Lead at SMEX, explains that “this could be due to the unequal access to the internet between men and women, the fear of reporting incidents, especially in cases of sexual extortion of the voluntary sharing of photos, and the fear of the physical harm that the victim could endure if she reported the incident.”
“The number of gender-based violence cases is exceptionally high in our region, coupled with exceptionally low rates of legal accountability, which in some countries is completely non-existent. Companies’ slow response to Helpdesk cases also prevented us from containing the damage,” Rahme added.
Another serious concern is the reluctance of judicial authorities in West Asia and North Africa to protect women from gender-based violence and harassment through clear and specific laws, according to Rahme.
This is also related to the nature of assgined gender roles in our region, according to Al Halal, who said: “For example, when Palestinian journalists file complaints about account suspensions by companies, the majority of them are expected to be men, because most journalists covering the aggression in Palestine are men.”
As is the case every year, the statistics of the SMEX Digital Safety Helpdesk reveal the threats and challenges faced by different groups in our region, particularly marginalized groups. These figures show clear reluctance by two main parties in the equation. Tech companies accumulate massive profits while disregarding the risks facing users, their safety and their data confidentiality, and they continue to adopt selective and vague privacy policies that are only available in certain languages. On the other hand, the region’s governments, which claim to issue laws to combat cybercrimes when all they do is oppress their people and benefit from their deals with tech giants in the service of individual interests.
Finally, the statistics confirm that we all as users are exposed to such risks, regardless of our area of work or our place of residence. Therefore, digital safety and protection should become a daily routine through some simple steps. That said, users only bear part of the responsibility, as governments and companies also have a part to play. Governments should protect people’s data and privacy, while tech companies should develop and implement policies that support and protect users, rather than simply serve their own commercial interests.
SMEX is constantly increasing its efforts to build digital resilience in West Asia and North Africa through its annual unconference Bread&Net and by sharing advice and recommendations on how to enhance digital safety and limit cases of extortion, as well as by holding various training sessions and workshops year-round.
SMEX also offers a forensic audit service for journalists and human rights defenders that are most exposed to cyberattacks.
The internal processes of the Digital Safety Helpdesk have been designed to respond to emergencies based on their type and the team’s capacity. The team is ready to address cases from 9:00 am to 9:00 pm every day. You can contact the Digital Safety Helpdesk through the following channels:
You can view the 2022 statistics of the Digital Safety Helpdesk by clicking here.