Serbia

Once upon a FOIA, a group of researchers got their hands on 2,000 pages of bureaucratic bedtime reading from Serbia’s data protection overseers. Their aim? To expose the country’s surveillance architecture. Spoiler: it’s less Big Brother, more “nosy landlord with a master key to every flat”. Here’s what they found: Metadata mania: Every call, text, and pixel of mobile data generates metadata – and Serbia’s telcos are required to store it all for 12 months. That’s every call you’ve made, every base station you’ve connected to, and even what phone model you’re using (yes, they know your burner’s a Nokia 3310). Who’s watching?: The police, civil spies, military spies – all lining up at the metadata buffet. Some go through official channels (paperwork, court orders), while others are gifted magical software logins with unlimited access to the nation’s digital exhaust pipe. Who needs due process when you’ve got root access? Slightly illegal hobbies: In a fun twist, one carrier just hands over everyone’s metadata to the intelligence agency daily. Another gave the same spooks a direct line into their data centre. Both activities have the same legal standing as Monopoly money – i.e., none – and violate both Serbian and international law. But hey, what’s law if no one enforces it? Wiretapping 2.0: Classic phone tapping’s had a glow-up. Now it’s called “interception of electronic communications” and comes with a healthy dose of legalese and plausible deniability. Telcos are even required by law to buy spy gear and hand it to the intelligence agency. Then they get to pay for the maintenance, too. Talk about state-sponsored gaslighting. Geo-stalking as a service: Thanks to cell towers and triangulation, your phone’s location can be pinpointed in real-time. This info is happily made available to state organs, complete with bespoke tracking devices and BIA’s sole discretion. If you thought you were off-grid, surprise – you’re on three grids at once. Conclusion In Serbia, surveillance isn’t just a tool – it’s an entire shadow industry, built into the very bones of mobile infrastructure. The lines between legal oversight and unchecked spying are not so much blurred as enthusiastically redacted. And while mass surveillance is technically illegal, all the loopholes are working overtime. ...

You might think the internet is a swirling cloud of decentralised freedom. Bless. In reality, it’s a tangled mess of invisible choke points, centralised bottlenecks, and nosy gatekeepers. The SHARE Foundation decided to trace where data from Serbia actually goes, and surprise! It’s not very far before it ends up in the hands of a small handful of companies, countries, and—let’s be honest—potential eavesdroppers. One router to rule them all Start with a simple web visit. Your request doesn’t just zip off to its destination—it checks in at the SBB TelePark in Belgrade, where all local traffic passes through a single router. That’s right. If you wanted to spy on everything Serbians do online (purely theoretically, of course), you’d only need to sit at one choke point. And funnily enough, ISPs are legally obliged to do just that. Because what’s a little metadata hoarding between friends? ...

Once upon a time, the internet was supposed to be a free, democratic utopia. Instead, it’s become a glorified panopticon run by Silicon Valley landlords where everyone’s shouting, no one’s listening, and half the “people” aren’t even real. Twitter: Where trolls go to war Serbian elections on Twitter looked less like democratic discourse and more like a pub brawl between colour-coded tribes. Add a few trolls, some anonymous hitmen-for-hashtags, and voila—you’ve got state-sanctioned smear campaigns wearing sock puppet accounts. ...

Welcome to Serbia’s digital political theatre, where every heroic rescue is staged, every dissenting meme vanishes mysteriously, and every comment section is a gladiator arena for astroturfed loyalists. It starts with a snowstorm, a suspiciously well-timed TV crew, and a future prime minister trying out for the role of Balkan Superman. The internet responds with mockery. The government responds with takedowns. Thus begins the SHARE Foundation’s journey documenting over 300 cases of digital shenanigans—think DDoS attacks, creepy surveillance, and disappearing videos—courtesy of state-sanctioned (or suspiciously adjacent) actors. ...

The internet, that magical realm where nothing is free, least of all you. Every click, scroll, and half-hearted Google search fuels an invisible economy built on surveillance capitalism, where your digital footprints are harvested, packaged, and sold to the highest bidder. The Orwellian reality of online tracking George Orwell’s *1984* warned of a world where you could never know if you were being watched. Joke’s on him—today, we know we’re watched constantly, and we still click “Accept All Cookies.” ...

Mobile apps are those delightful little spies we willingly invite into our pockets. Sure, they promise convenience, entertainment, or maybe just a way to kill time, but their real business model? Hoovering up your data like a Roomba on steroids. The Great Permission Heist Terms of Service & Privacy Policies are not agreements—they’re hostage notes written in legalese. The average Privacy Policy is 2,518 words long (because transparency is best served as an unreadable wall of text). Reading all the policies for your installed apps would take 16 hours—or roughly the time it takes to regret your life choices. “Free” apps are the worst offenders. They’re not free—you’re just paying in personal data instead of cash. Pre-installed apps are the ultimate betrayal. Your carrier forces them on you (looking at you, Serbian media apps), and you can’t even delete them. Net neutrality? More like net absurdity. “But why do they need all these permissions?” Great question! Here’s what your apps really do with them: ...