Hong Kong Police Seeks to Hack Telegram, Key Tool in Protests: Source

By Annie Wu, Epoch Times
November 6, 2019 Updated: November 12, 2019

The Hong Kong protest movement is one built on online organizing, and the police are working to find out the identities of individuals who are using social media apps to spread information on the protests.

Since mass protests began in June over a now-withdrawn extradition bill that many Hongkongers feared would be the final straw in Beijing’s encroachment over the city’s affairs, protesters have used encrypted messaging app Telegram to plan demonstrations, initiate crowdfunding efforts, and spread information about police action during protests.

The app has also been used as a doxxing ground, where users post information that could identify police believed to have acted against protesters.

One Telegram channel, “dadfindboy,” has doxxed police officers by collecting and releasing their photos and personal information: name, badge number, home address, school background, and social media handles. It has over 202,000 subscribers.

As of Nov. 7, “dadfindboy” can no longer be displayed, because it “violated Telegram’s terms of service,” according to a message that appears in the app.

Another account, “tanakayotsuba,” self-described as a “hotline for scoops,” has been accused of releasing personal information about police officers and their relatives.

Cracking Telegram

The Hong Kong Police Force has been trying to find out the identities of the people running those two Telegram accounts, including by seeking help from cyberexperts outside Hong Kong.

One cyberexpert, who wished to remain anonymous for fear of reprisal, said that over the past few months, he was repeatedly approached by senior inspectors to use “any means necessary” to uncover their identities.

In one phone call from a senior inspector, the officer asked the source whether it was possible to break Telegram’s encryption protocol to find out who the administrators behind “dadfindboy” and “tanakayotsuba” were, and where they live, with the intention of arresting them at their homes, the source said.

“They’re very desperate,” he said, adding that the police force was seeking “demigod” level access to Telegram.

He was unwilling to do it on principle, the source said, because he believed it was “Orwellian” for police to track down and punish citizens for online speech. But the task itself would also be technically near impossible. “You would need the NSA working with the CIA” to be able to do that, he said.

Telegram provides end-to-end encryption, meaning only the sender and recipient can read the messages. The company also says on its website that all data sent and received on Telegram cannot be deciphered even if intercepted by an internet service provider, owners of Wi-Fi routers the device connects to, or other third parties.

Telegram didn’t respond to a request for comment on its security measures by press time.

In two WhatsApp messages provided to The Epoch Times, another senior inspector also asked the source to find the identities of the two channels’ administrators, in addition to matching Telegram handles “with their respective registered telephone numbers.”

The officer asked if he has the “capability to map all Hong Kong telephone numbers”—a total of roughly 20 million combinations—“to their Telegram IDs, if there exists such accounts.”

This was widely speculated to be a tactic by which the police could track down protesters. This summer, a group of Hong Kong engineers warned in a widely circulated social media post that authorities could add a large bulk of phone numbers to a phone’s contacts. That phone could then connect to a Telegram channel where protests are being discussed, at which point Telegram would sync the phone’s contacts with the app. Authorities would thereby be able to tell which of the phone numbers are active in the protest chat groups.

Authorities could then compel local telecom firms to disclose the identities of those behind the phone numbers, the engineers speculated.

After this loophole was publicized, Telegram issued an update in August in which users can mask their phone numbers within the app.

The cyberexpert also showed The Epoch Times an email, sent after the mass protests began, in which the police sought his assistance in tracking Telegram accounts and messages.

Among the services they sought were: “monitoring and intelligence harvesting for Telegram names, groups, and channels” and “collection of relevant text messages, images, multi-media files and account-based information.”

In one of the previously mentioned WhatsApp messages, the police also asked for “a straight-forward platform to monitor a list of Telegram messages with URLs, and log the status of each message accordingly.”

Simon Young, a lawyer and professor at Hong Kong University’s law school, said that while it’s legal for the police to monitor social media platforms while conducting investigations—as Telegram channels are publicly accessible—asking a cyberexpert to engage in hacking would be a “problem.” “Hacking … could be a criminal offense,” he said.

Crackdown on Doxxing?

The city’s police force recently ramped up its tactics to ban the doxxing of its officers via a temporary court injunction.

First approved by the Hong Kong High Court on Oct. 25 and then amended to narrow its breadth on Oct. 28, the injunction prohibits individuals from “using, publishing, communicating, or disclosing” personal data belonging to police officers and their family members, that are “intended or likely to intimidate, molest, harass, threaten, pester, or interfere with” them.

Personal data includes names, home addresses, dates of birth, telephone numbers, social media handles, Hong Kong ID numbers, and photographs.

Those violating the injunction can be considered “in contempt of court” and fined or sent to prison.

In an Oct. 25 statement, the Hong Kong government said that since June, referring to when mass protests began, officers have been targeted for doxxing and received different forms of harassment and intimidation, such as via “telephone calls, identities being misused to apply for loans and to make online purchases, harassing Police Officers’ family members by visiting their workplaces.” 

“Some Police Officers or their family members even received letters threatening to hurt them brutally,” the statement said.

Young said that while such an injunction concerns the freedom of expression, it is “not an absolute right” and can be restricted by court order. “The question is does it [the injunction] go too far? Or does it overshoot the purpose?” he said.

The court would have to consider, for example, if there are other means by which police officers’ interests can be protected, he said.

A hearing is scheduled for Nov. 8, when the Hong Kong Department of Justice and the police chief will argue their case for a formal injunction.

Local lawmakers, journalists, and rights groups have already expressed concerns about the scope of the injunction. “It basically removes the checks and balances over police brutality,” lawmaker Alvin Yeung told media on Oct. 25.

“We have seen countless incidents over the past four months that, without public scrutiny and without the fact that we could take pictures and disclose what happened regarding police brutality, there was no way we could check and balance and scrutinize the police,” Yeung said.

Other pro-democracy lawmakers said the injunction unfairly prioritized police over other people who are doxxed due to their involvement in the protests.

There are also Telegram channels that doxx protesters. A digital analysis conducted by the think tank Atlantic Council in September found that a number of channels, including “yeeseelostandfound,” expose personal information of protesters and then submit them to China’s Ministry of State Security online portal for reporting national security crimes.

Keyboard Frontline, a local group advocating for internet freedom, said in an Oct. 30 statement that the injunction amounted to “the most extreme form of censorship,” calling it an unconstitutional regulation that should be rescinded immediately.

Meanwhile, the Hong Kong Journalists Association has argued that the injunction could restrict journalists from covering the protests. It has filed for an amendment to the injunction “to protect Hong Kong’s constitutionally protected freedoms of the press and expression,” it said in a Nov. 5 statement.

Police have already arrested and charged people for internet- and doxxing-related offenses connected to the protests.

Local media reported that in September, a local telecoms worker, Chan King-hei, was charged for using his company computer to access and disclose a police officer’s family member’s personal information. The police accused him of conspiring with “tanakayotsuba” to disclose the information on Telegram.

Chan was charged with one count of obtaining access to a computer with a view to dishonest gain, and one count of conspiracy to disclose personal data obtained without consent, according to local media reports. He was released on bail; his next court hearing is on Nov. 20.

In June, The New York Times recounted the story of how Ivan Ip, the administrator of a Telegram chat group, was arrested at his home. The police said he was arrested on suspicion of conspiracy to cause a public nuisance.

In July, police announced that they have so far arrested 9 people for “internet-related” offenses, including disclosing personal data without obtaining consent.

Frank Fang contributed to this report. 

This article has been updated to reflect the latest status of the Telegram channel “dadfindboy.”

Follow Annie on Twitter: @annieeenyc
RECOMMENDED