SHDM 2 SESSION I: Digital Threats to Civic Space
Monday 11 May 2026
Statement by Dave Elseroad, Head of Advocacy & Geneva Office
Human Rights House Foundation
I am speaking today on behalf of Human Rights House Foundation, drawing on the experience of our Network of Human Rights Houses. The Network brings together human rights defenders within more than 80 organisations, active across Eastern and Western Europe, the Balkans and the Caucasus.
Many of our colleagues across the Network work in restrictive or high-risk environments. Some are displaced and work in exile. Others work in contexts where democratic institutions still exist, but pressure on civil society is becoming more systematic, including online.
The central point I want to make is this: digital threats are not peripheral to civil society space. They are now one of the key avenues through which civic space is restricted. When a defender is hacked, a journalist’s sources are exposed, an organisation’s website is blocked, spyware monitors private communications or records the intimate home life of an activist, or a smear campaign is amplified online, these are attacks on the ability of civil society to organise, communicate, document, advocate, and be trusted.
Across our Network, we see different country situations with different challenges, and we should be careful not to equate them. The risks faced by civil society in Belarus or Russia are not the same as those faced in Bosnia and Herzegovina or Serbia. But there are patterns that help us understand how digital pressure restricts civic space.
In Belarus, online association with independent media, civil society organisations, or human rights content can itself become dangerous. Social media activity, subscriptions, reposts, or sharing material labelled as “extremist” can expose individuals to administrative or criminal consequences. Even seemingly benign digital activities are used as evidence and as tools for intimidation.
In Russia, the labelling of independent organisations as “undesirable”, “extremist”, or even “terrorist” is reinforced by monitoring online activity and criminalising cooperation with those organisations. Recent HRHF reporting shows a shift from prosecuting publishers of independent information to intimidating and prosecuting its consumers and readers, including people who share links, comment in channels, or search for banned material, including via VPN. A message, donation, repost, search, or professional contact can become part of a criminal case.
In Azerbaijan, digital surveillance and online targeting sit within a wider pattern of pressure against independent journalists, human rights defenders, and civic activists. Device seizures, access to private communications, and misuse of personal data can deepen risks for people already vulnerable to detention, travel bans, and criminal charges. Some defenders have even had spy cameras monitoring them within their own homes, and the footage later used against them.
In the occupied territories of Ukraine, device checks at checkpoints or during searches can expose messages, photographs, contacts, or evidence of civic engagement. Digital traces can lead directly to interrogation, detention, or other serious consequences.
In Serbia, and Bosnia and Herzegovina digital threats are different, but nevertheless still a key issue. Online smear campaigns combined with hostile public narratives serve to reinforce pressure on independent media, activists, minority voices, and human rights defenders.
In Georgia, online attacks have accompanied restrictive legislation, administrative pressure, and attacks on protest movements. Coordinated inauthentic behaviour, trolls, and bots have been used to smear human rights defenders, with some networks reportedly taken down by Meta following work by Georgian fact-checkers. The online environment is not separate from offline political pressure. It helps create the atmosphere in which independent organisations are portrayed and labelled as “foreign agents” and threats to the state.
These examples show different levels of severity, but a common function. Digital pressure can make civic work more dangerous, more costly, and less trusted.
One of the most serious effects is self-censorship. Surveillance does not need to be visible all the time to be effective. It is enough for a defender to believe that their phone may be compromised, messages read, contacts exposed, or participation in a meeting later used against them. HRHF’s Protecting Defenders study also shows that perceived risk itself affects behaviour. People then stop communicating openly, avoid international engagement, decline media interviews, hesitate before documenting violations, and think twice before contacting victims, witnesses, lawyers, or diplomats. This weakens the information available to international institutions, including the OSCE.
Digital threats also connect directly to offline harm. In Belarus, a seized phone can expose colleagues, donors, sources, or relatives to interrogation or prosecution. In Russia, searches of phones, browser histories, banking apps, or email confirmations can turn ordinary online behaviour into legal risk, including where people used VPNs to reach blocked information. In occupied Crimea or other occupied parts of Ukraine, a photograph, contact, or message may be treated as evidence of disloyalty or cooperation with Ukrainian civil society. The digital attack may happen first, but the harm often continues offline.
Furthermore, digital threats do not stop at national borders. Transnational repression is an important part of this discussion. A defender may be physically outside the country, but still within reach of the state’s coercive power. For many defenders in our Network, exile or displacement abroad does not lead to complete safety. Belarusian defenders working from Vilnius or Warsaw may be physically outside Belarus, but their advocacy can still be monitored online and used to pressure relatives or colleagues inside the country. Russian civil society actors in exile may still face collective risks if contacts inside Russia are identified through digital communications, public events, online cooperation, donations, or leaked correspondence.
This particularly matters for the OSCE. If engagement with the OSCE exposes defenders or journalists to reprisals, then the system must be able to respond robustly, ensuring the costs to actors carrying out reprisals is high.
The tools themselves are an important element in this discussion. Online platforms can amplify smear campaigns against journalists, defenders, minorities, and civil society organisations, with little protection offered to those targeted. Online activity can create an appearance of public hostility and make civil society actors seem isolated or illegitimate.
There is also a gender dimension. Women defenders and journalists are often targeted with gendered disinformation, sexualised threats, doxxing, and attacks on their families or reputation.
The protection gaps are clear. Surveillance and censorship technologies have developed faster than the safeguards designed to control them. Spyware, surveillance, platform blocking, VPN restrictions, and large-scale data collection can be deployed with limited transparency and weak oversight. Laws may be vague, poorly enforced, or misused in the name of national security, extremism, counter-terrorism, or public order.
Accountability remains weak. Victims often do not know who targeted them, what tool was used, or how to prove it. Investigations are rare and remedies are limited. Tools developed in one jurisdiction may be used in another to target journalists, defenders, political opponents, and diaspora communities. Participating States should not allow their markets, companies, or procurement systems to contribute to repression elsewhere.
Support for civil society is also too often reactive. A hacked account, smear campaign, blocked platform, cut-off donation channel, and legal threat can together force an organisation to reduce its work, stop communicating, or close entirely.
So what should be done?
Participating States should strengthen legal safeguards against unlawful and arbitrary surveillance and censorship. Surveillance and restrictions on access to information must be lawful, necessary, proportionate, time-bound, and subject to independent oversight. Vague references to national security, extremism, counter-terrorism, or public order should not be used to justify monitoring civil society or people seeking independent information.
There must be stronger accountability for the misuse of spyware and surveillance. This includes independent investigations, access to remedy, parliamentary and judicial oversight, transparency around procurement and deployment, stronger export controls, and meaningful due diligence requirements. Companies should not be able to sell tools that are then used to identify, intimidate, prosecute, or silence civic actors.
Platforms and technology companies must take more responsibility for harms that affect civic space, including faster responses when issues arise and meaningful engagement with trusted civil society actors who understand local contexts and threats.
Human rights defenders and journalists need access to tailored digital security expertise, legal support, psychosocial care, safe communication tools, secure equipment, and emergency assistance. But this support should not be framed as a substitute for state responsibility. Resilience is necessary because threats exist. It is not an excuse to tolerate those threats.
The OSCE must establish a formal mechanism to monitor and report on reprisals against human rights defenders and journalists for engaging with the OSCE. Such a mechanism would address a real protection gap. If defenders are targeted because they engage, the OSCE needs a clearer way to identify, document, and respond.
Finally, OSCE institutions, participating States, donors, and international organisations should review their own digital practices, so they do not undermine civil society security through insecure channels, unnecessary digital traces, or overly broad information-sharing.
Let me conclude with the wider point. Protecting civic space in the digital age requires more than helping civil society adapt to danger. It requires constraining the misuse of digital power. States must stop using surveillance, criminalisation, and digital intimidation to restrict legitimate civic activity. They must protect those targeted, investigate violations and abuses, provide remedies, and ensure that private companies are not allowed to turn a blind eye to the repression of civil society actors.
Civil society will continue to adapt. But adaptation is not enough. Digital threats to civic space are human rights threats. They require legal safeguards, institutional oversight, corporate accountability, international protection, and sustained solidarity with those most at risk.
Thank you.
