source : Reporterre French citizen ecological and online newspaper. http://reporterre.net/Une-cyberaction-pour-protester-contre-le-meurtre-de-Remi-Fraisse-pourrait-mener
Three militants from the « Anonymous » collective, suspected of having led, in December 2014 and January 2015, computer attacks against institutional sites, among which the Ministry of Defence. They are summoned, on June 9th, to the criminal court of Nancy. The “hacktivists” meant to denounce the burying of radioactive waste policy and the murder of Rémi Fraisse at Sievens. But the public prosecutor upheld the charge of ”fraudulent access and maintenance” of a computer system, in “an organized gang”: the three anonymous face up to 10 years prison and 150 000 Euros fine. One more step towards criminalizing social movements ” in the name of “ fighting against cyber criminality and terrorism, and in fact illustrating a drift in security measures, and an attack against public liberties.
Their actions against scientology, their support to “Occupy Wall Street” or to the Arabic revolutions were known. And the implications of Anonymous in environmental questions? It starts on March 25, 2011, e.g. 2 weeks after the Fukushima disaster. The informal collective of hackers launch the Green Rights operation, in order to draw attention upon nuclear dangers.
Their mode of action consists , in DDoS (Distributed Denial of Service), in simple cyber attacks consisting in saturating a site, in order to temporarily make it unreachable. Several energy giants will thus be targeted, as General Electric, or BP, Enel, then EDF, whom sites will remain inaccessible for a dozen hours, causing an 8 months investigation by the DGSI (french internal security service), and leading to three arrests (in france). (1)
In December 2014, a branch of the Operation GreenRights comes to birth. The OpGPII (Operation GPII : contre les ‘grands projets inutiles et imposé’, operation UIMP : against the ‘Useless and Imposed Mega Projects’), as its name shows, aims to object to vast useless and imposed mega projects, such as the TGV line Lyon/Turin, the waterdam at Sivens, the airport at Notre-Dame-des-Landes, Center Parks at Roybon or the project “Cigéo” the deep disposal center for radioactive waste at Bure. In this framework, in the course of December 2014, DDoS attacks against websites related to Cigéo: Region council of Lorraine, General council of Meuse, and several sites of the ANDRA (National Agency for the Management of nuclear waste) are led.
A big blow is dealt on January 6th, when the hacktivists target the ministry of Defence, as an answer to the death of Rémi Fraisse, killed by a military cop on the site of the occupied zone at Sivens. The day after, 7th January, the Charlie Hebdo tragedy leads the Anonymous to stop their attack upon the Ministry, as they explain on their Twitter address. But the State doesn’t mean to let it slip. The Nancy specialized inter-regional Court is put on the case, and, after a 4 months of “DGSI” investigations, two persons are arrested in Reims and Nancy at the beginning of April, and put on probation after a 48 hours in police custody.
A person close to the occupation struggle at the ZAD (Zone to Defend) of NDDL (Notre Dame des Landes) who laughingly defines himself as a “Green Jihadist”, but in first place acts “for a different world”, will be arrested for questioning in Nantes on April 30th by an impressive police presence.(2)
The three men, suspected of attacks against Andra (National Agency for the management of atomic waste), against the Ministry of Defence and the institutional sites of Lorraine, face up to 10 years in prison and 150 000 euros fine, and are summoned to the criminal court of Nancy on June 9th.
Heavy artillery – but no harm proven
What strikes one, at first, in this case, is the means the State displayed for sites made inaccessible for a few hours.” They are using drastic measures”, sums up Etienne Ambroselli, defending counsel for the young anon from Nancy, perplexed in front of a 1400 pages record. “I am stunned by the extensive work produced in answer to acts that didn’t bring forth any established damage. It seems totally out of proportion” Same astonishment for Stéphane Vallée, the lawyer of the charged anon from Nantes : ”The means used to trace back to the source of simple DDoS are questioning. They clearly were aiming at arresting some Anonymous. Such an abundance of means can lead one to think of a “justice of exception”. And the fact that the case was entrusted to the JIRS, also gives a particular connotation.” Indeed, this jurisdiction brings together magistrates from the public prosecutor’s department, and from the enquiry, who generally work upon “complex affairs” , notably linked with “transnational organized criminality”.
The DDoS, legally defined as “ fraudulent access and maintenance, hindrance and/or alteration of a computersystem that treats personal data managed by the State”, is within the framework of the 1988 Godfrain law which establishes a global repression of cyber fraud (3). A legislation recently strengthened by the November 2014 law against terrorism, which creates aggravating circumstances when the actions are committed “in organized gang”. If that term fails to define the Anonymous collective, described by the militant called out at Nantes, as “an idea, a banner, without leader or hierarchy”, that question will probably be at the core of the legal battle to come. For Joseph Breham, the lawyer for ”Triskel” in the case of EDF hacking, “an organized gang requires more than two people, a hierarchy and a plan of action. But in habitual practice, three persons in question are enough for the circumstance of organized gang to be retained, as in the present case. The actions led here are a form of civil disobedience enabling citizen debating. And it really questions the notion of ”organized gang”.
“Tango down !”
Beyond semantic questions, this trial is looming as eminently political . In which are notably questioned the freedom of thought and of speech around highly sensitive cases (the GPII/UIMP), which prompt a cutting popular opposition, be it “in real life” or on the web. Sit-ins, demonstrations, occupations and sabotages enabling to create a balance of power with the State in social and environmental fights these last years, have been countless. “This case creates bridges between different struggles” Etienne Ambroselli notes. For him, his client is “a young man of his time, who is no computer scientist, but rather an whistleblower.”
And if DDoS is pointed out by the authorities, as part of the arsenal of computer fraud, it is considered by the hacktivists as a means of political action, legitimate among others, and rather “soft” that doesn’t damage the targeted site itself. Besides, it is an object of revendication on twitter, using most of the time the expression “Tango down”, which in military jargon means that the target has been shot down.
While looking on the chat IRC Anonymous, those places of discussing dedicated to such or such operation, one learns that DDoS are compared to ”digital sit-ins”, or “blockades”. A speaker –anonymously, needless to say- on the channel of #operationgreenrights , says :”in 1995, the netstrike was invented by an Italian group. It enabled everyone to take part to a DDOS action simply by the refreching of a page at a given time by a large number of persons.” A form of DDoS , an easy to manage tactic for all. And that doesn’t make of users potential criminals. The first “netstrike” back in 1995 meant to protest against the nuclear trials of Mururoa atoll.” It is urgent to explain the fundamental difference between a “hacktivist” who fights for his ideas, and a simple ”cracker” whose aim is to make money, says again and again this user on IRC.
Moreover, at a time when UNO asks the international community to take measures in order to protect nuclear plants from potential cyber threats (4) it seems capital to prove discernment as to the nature of the attacks. “Hacktivism often appears as a ragbag, mixing all sorts of cyber criminalities aiming at political purpose” also says Felix Treguer, co-founder of “la Quadrature du net”. He has just published a juridical analysis upon the cyber fraud penal right (5) in which he condemns the confusion and inconsistency concerning those questions.
“Protest actions like DDoS are set on the same level as the “cyberattacks” led by State protagonists, which leads to procedures and penal actions of exception.” As the part played by the DGSI, notably in the Greenrights case concerning which, and according to him, ”mobilizing agents from intelligence services seems totally out of proportion, particularly at a time when a number of political leaders point out the lack of means displayed against anti-terrorism” moreover, a DDoS or the distortion of the site of a firm such as EDF –to stick, for instance, on the home page a protest display, also typical of the hacktivist action repertoire– are much more severely penalized than their equivalents from the physical world” says again Felix Tréguer.
Lastly, that graduate excuses himself “for the lack of understanding of technical and social internet realities, that affect some of the magistrates”, and “that leads them to emphasize the nature and seriousness of the facts they are blamed for, and to see in commonplace activities a know-how that would be the prerogative of a delinquent elite in the womb of the hacker world”. It is what happens for the militant arrested in nantes: he is accused for, among other things, the use of proxys, of servers intended to become anonymous, the creation of a twitter account intended to claim his actions, the part he took at an IRC debate, or the use of nickname on the internet, normal and common acts among many Internet users, claimed by many as legitimate and necessary in an era of generalized surveillance.
Will the trial to come, postponed after the lawyers requests, enable to bring an evidently necessary evolution as to jurisprudence concerning cyber activism, or will it be the occasion for new repressive drifts?
The answer in a few months.