For all that Russia is sometimes described as a ‘security state,’ of late it has seemed painfully easy to shine a light onto corners it would rather keep dark, from the identity of the officers sent to try and murder Alexei Navalny to the undisclosed assets of Kremlin insiders.
To a considerable extent, this is down to Russia’s thriving black market in data, so no wonder the state finally seems to be trying to crackdown.
The market in confidential data is so large that it has even spawned its own word, ‘probiv,’ loosely translated as to search or look up, but really means abusing privileged access to databases, typically through work, from law enforcement to financial services, to access confidential information for sale.
This could be whole snapshots of databases, to an individual’s flight history, credit information or even phone records.
Jealous spouses use this to monitor their other halves, businesspeople use it to dig into potential investors’ backstories, and criminals use it for blackmail. However, this kind of information has also been used to striking effect by investigative journalists to uncover stories the authorities would rather remain hidden.
In particular, the Russian online newspaper The Insider, working with the Dutch-registered ‘citizen journalism’ outfit Bellingcat, have pulled off a series of investigative coups, from identifying the GRU military intelligence officers responsible for the attempted assassination of Sergei Skripal in the UK to detailing the plot to murder Navalny.
These investigations have often hinged on the use of probiv, from accessing flight information to identify the FSB officers shadowing Navalny to checking the passport and residence records of alleged security personnel.
There is, of course, an ethical dilemma involved in the knowing use of stolen personal data, much of which is bought from darkweb brokers. The advocates of this practice cite the public interest defense and also the fact that it is justified by the deceptive and even murderous activities they are uncovering. (Rather prissily, many Western news outlets that say they do not use, let alone buy stolen information — but gladly report what others who do discover.)
Either way, it speaks to an interesting paradox about Russia. This supposed security state — and one in which there are, to be sure, draconian laws on the control of information and the prosecution of those breaching safeguards — is actually characterized by what one could call ‘subversive transparency.’
In part, this is simply a by-product of high levels of internet usage, and the inevitably bleed of information into the online world as a result. Russian soldiers have since 2019 been banned from using smartphones on duty, for example, after pictures and selfies on sites such as Vkontakte undermined official claims that none were in the Donbas.
More broadly, though, it reflects the extent to which the problem originates especially within the structures and cultures on which the state itself relies.
Those very same hackers to whose services the Kremlin often turns, also crack and leak official emails and databases, In 2016, for example, two senior figures within the FSB’s own Information Security Directorate were arrested for being part of the hacker collective Shaltai-Boltai, that leaked materials on senior government figures. Since then, hackers have revealed details of top secret FSB programme such as Fronton, tools able to take over ‘smart’ household devices.
Those very same officials and businesspeople who inveigh against such practices also use strategic leaks in their political and economic rivalries.
Indeed, while Navalny’s Foundation Against Corruption assiduously uses available property records and corporate accounts, Russian and foreign, there is the pervasive suspicion that some of its investigations may have been helped along by leaks from those happy to see their competition humbled.
Those very same security officers meant to be protecting the nation’s data, are actually the most enthusiastic in monetizing the capacity for probiv their positions offer.
Certainly so far it is law enforcers who appear under suspicion for the Navalny leaks. Already, a police major from St. Petersburg has apparently been arrested for allegedly selling flight record data on the Navalny poisoners, obtained via Search-Magistral, the national police database. It has also been reported that a lieutenant in Samara is likewise under charges.
There are also apparently changes being made to the procedures for clearing searches of Search-Magistral and other databases, and especially on downloading materials.
This is, frankly, long overdue as probiv has long been an issue (and a profitably sideline for many security officers). It is, after all, going to be very difficult to change the culture of impunity for such widespread corrupt perks — arguably even more for FSB than police officers — and so technical and procedural safeguards are more likely to have a quicker impact.
However, the authorities are clearly out to ensure that it is not just dealing but receiving the fruits of probiv that should become dangerous. On 27 Feb., Myaile Machyulite, a journalist for the online outlet Baza, was detained, again in St Petersburg, in what sounds very like a sting, with the promise of information that ‘might interest her very much’ as the lure.
It’s also worth noting that this goes both ways, with the state or at least its allies and affiliates willing to ‘dox’ their enemies — releasing private details and documents online.
Last month, for example, the anonymous Telegram channel Komi-Telega published documents relating to freelance reporter Elena Solovyova. These included her tax forms and, perhaps indicatively, a copy of a contract she had with U.S. government media agency RFE/RL. Komi-Telega’s commentary called her a ‘parasite’ and a ‘foreign agent’ engaged in ‘dark financial deeds.’
The panopticon society
Certainly the revelations about the identities of Russian intelligence officers and their actions — including the relationship of the alleged murderer in Berlin of Chechen Georgian Zelimkhan Khangoshvili with the FSB — has been a distinct embarrassment for them.
However, before Westerners get too smug, it is worth noting that even if Russia’s system is especially leaky, all intelligence agencies are having to grapple with life in the panopticon age. The day when an agent could be given a new identity with a new haircut, a new set of documents are long since gone. In an age of ubiquitous cameras, facial recognition software and biometric visas, no one can be reinvented so easily.
Besides, anyone without a history of incautious drunk-tweets, embarrassing university Facebook photos or holiday snaps on Instagram stands out. All of us beyond the truest Luddites leave an online trail that it is hard to recreate. Once, spies would take the identities of dead children, soon perhaps artificial intelligence systems will be ‘farming’ series of fake, off-the-shelf online identities for agents to adopt.
The Russians have suffered most sharply from this not just because of probiv but also because they are more active in their foreign intelligence operations and attempts to deny facts on the ground.
However, from Wikileaks to the use of social media posts to show that the European Border and Coast Guard Agency, Frontex, was involved in illegal ‘pushbacks’ of refugees in Greek waters (another Bellingcat investigation), this is something Western government are also going to have to come to terms with.
If anything, Russia is simply showing the rest of the world a key truth of the panopticon era: nothing stays secret forever.