On March 25, 2014, Human Rights Watch (HRW) released “‘They Know Everything We Do’: Telecom and Internet Surveillance in Ethiopia”, which describes the extensive use of surveillance technology by the government of Ethiopia. This report, which includes in-depth interviews with persons targeted by surveillance and former government officials, details the technologies used to conduct surveillance on opposition activist and journalists, both in Ethiopia and abroad.
As a part of the report, Citizen Lab collaborated with HRW to conduct network measurement tests for Internet censorship in July and August of 2013. These measurements were obtained through tools and methods for Internet censorship research we have developed as part of the OpenNet Initiative. This testing found dozens of websites to be blocked, including those of opposition parties, critical bloggers, and independent media. In total, 1,411 unique URLs were tested in 19 separate tests run over 7 days. Of these, 62 different URLs were identified as blocked. Consistent with past testing results, such websites were not blocked transparently, and instead were blocked using methods (primarily injected RST packets) which are difficult for an average user to distinguish from transient network problems.
In addition to censorship testing, HRW’s report also draws on Citizen Lab’s past research into the use of surveillance technology in Ethiopia and against the Ethiopian diaspora community. This includes our February 2014 report, ‘Hacking Team and the Targeting of Ethiopian Journalists’, which documents a targeted attack against an overseas Ethiopian independent satellite news media outlet using commercial surveillance malware created by Italy-based Hacking Team. The report also refers to Citizen Lab’s research into the use of another surveillance malware package, FinFisher by Munich-based Gamma International GmbH, which described the use of compromised images of an Ethiopian opposition group to target users.
The full list of URLs found blocked in Ethiopia in July/August 2013, as well as the full list of URLs tested, can be found here:
URLs tested in July/August 2013
- [Google Docs]
URLs found blocked in July/August 2013
- [Google Docs]