- By David KennerDavid Kenner is the Middle East editor at Foreign Policy. He is based in Beirut, Lebanon, and has been with FP since 2009 (a long time, he knows). He worked for FP previously in Cairo, where he covered the early days of the Arab Spring, and before that in Washington. He has attended Georgetown University and the American University of Beirut and has reported from Libya, Egypt, Gaza, Turkey, Lebanon, and Iraq.
In Bahrain, all it takes is clicking on the wrong link to end up in jail. A new report prepared by Bahrain Watch, an activist organization critical of the ruling monarchy, details how the Bahraini government creates fake Twitter accounts to reveal the identity of anonymous anti-regime tweeps — and then prosecutes them on the basis of "secret evidence."
Here’s how it works. Dozens of shell accounts — many designed to impersonate top figures within the Bahraini opposition — have tweeted links to anonymous Twitter users who comment on Bahrain. The links include spyware that reveals the user’s IP address, which the government can use to identify the name and street address of the person behind the account. From there, it’s simple police work: The government can raid the house and build a case against those living there, usually on charges of "insulting the king." In total, Bahrain Watch found that more than 120 accounts were targeted by the government in this way.
With the government having crushed large street demonstrations in the capital, the online debate has become the new front line of the revolt. In May, five men were sentenced to a year in prison for violating Article 214 of Bahrain’s penal code, which prohibits "offending the emir [king] of the country, the national flag or emblem." During the trial of one of those men, Ammar Makki Mohammed al-Aali, an official for the Bahraini police’s Cyber Crime Unit said that his IP address was obtained through "a private way I cannot reveal."
But the government’s tactics are not only repressive — they’re inexact. A Twitter user other than the one being targeted may click on a publicly available link, or the targeted user may click on the link — but do so while using a connection not registered in their name, directing the government to someone else’s IP address. Take the case of Mahdi al-Basri, a lawyer who was sentenced to a year in prison in May for operating the anti-regime account @karrana14. However, one of the account’s operators said Basri was not involved — the account operator had merely clicked on a "suspicious link" while using Basri’s Internet account.
The monarchy in Manama makes a show of being different from the other "Arab Spring" regimes — but by using tools that are both authoritarian and catch civilians up in a broad dragnet, its tactics look pretty familiar.