It is a cloudy and rather cold day of October in a city that shall remain unnamed. I am meeting with Hisham Almiraat, a professional doctor and well respected democracy, human rights, and digital rights activist from Morocco. He is currently in self-exile fighting some unjust charges that could land him up to five years of prison. Hisham is an old acquaintance of mine, and while the occasions to meet in person have always been rare, our paths crossed in circumstances that were rather unfortunate several years ago.

Hisham is part of the first generation of what he calls “digital dissidents” from his country, young people who found through blogs and the Internet a mean for intellectual liberation and political manifestation, in ways that were otherwise unavailable to them before. In the light of the Arab Spring, Hisham co-founds a citizen media outlet called Mamfakinch, which soon becomes one of the central resources for the people of Morocco to report and learn about what is happening in the streets of their cities, while the state media blacks out.

Hisham Almiraat. Photo by Claudio Guarnieri.

In the Summer of 2012 Mamfakinch is targeted with a computer attack with the intent of violating the computers of its members and infecting them with a powerful spy software called “Remote Control System” produced by the Italian company Hacking Team. That is when I learn of Hisham and his colleagues, and through my work with Citizen Lab, University of Toronto, end up first meeting him. The discovery of the attack against Mamfakinch was significant, as one among the very first documented cases of computer attacks using European-made technology for the persecution of political activists and journalists.

We sit down in a crowded and loud pub, mostly lightened by candles, and we talk for few hours, about the Internet, technology, and their roles in modern society and in one’s political life. I know all the ins and outs of the computer attack he and his colleagues suffered, but I want to learn more about what led to it and what happened afterwards. What brought him to the political engagement that is very much asking for his own freedom now, and how — especially recently — has technology played such a central role in the events that unfolded and that ultimately brought us both here, sitting at this table, in a night of Autumn.

Hisham can speak at length about the history of Morocco, and analyzes with deep insight all the mechanics of an entire region that was caught by surprise as the Arab Spring unleashed across the entirety of North Africa. In what many called the Facebook Revolution, the Internet certainly played a crucial part in amplifying the cry for democracy as well as, as Hisham tells me, to inscribe from the very beginning the guiding principles of a massive protest movement that was to be non-violent. Technology did play a role in mobilizing and organizing people, and possibly expedited the spread of the movement through other countries, but it was also simply a tool in the hands of younger generations who years before started getting politicized. Soon enough, technology itself was turned against them as a mean to suppress the outburst of dissent of those years.

I ask Hisham what is the turning moment for him, and he tells me the story of how it all started.


It’s 2009. As you told me, Le Monde and its partner get in trouble in Morocco as a result of publishing an opinion poll, which revealed the 91% of the population was happy with the conduct of the current king. The protest campaign “I am the 9%” is born. How is this moment significant for you and generally for Morocco, in the light of the Arab Spring soon to come?

It was the first instance I can recall when a community of progressive-minded bloggers took action and, pretty spontaneously, turned the nascent power of social media to their advantage. If I was to give a metaphor, it’s like sitting in the dark, knowing there are other people in the room — you can hear them breath, you can hear them move and talk but you can’t quite identify them. All of a sudden someone strikes a match and for a little while, while that flame is still going you get to see everybody’s faces.

It was that kind of a revealing moment. And it was a coming of age of a generation of bloggers who, frustrated as they were, by the systematic subjugation of the press, took it upon themselves to challenge, criticize and scrutinize power.

So there it was, the first fait d’armes of a small but significant group of early digital dissidents that will play a major role in mobilizing and coordinating the efforts of a much larger movement, the so-called February 20 Movement, that will emerge in the fateful year of 2011.

You guys realize it is necessary for a critical citizen media outlet to exist, and Mamfakinch comes to exist. Do you remember when and how you and your colleagues come to that realization?

It was outrage that created the first spark — outrage against the Moroccan government and its propaganda machine. A week before pro-democracy street protests were planned, the official state news agency, MAP, published a communiqué claiming that people they identified as protest leaders were calling off the demonstration. It was a blatant lie. We thought, if a publicly-funded news agency supposed to inform citizens, is spreading lies, maybe we could do something about it. Maybe it was time we launch our own “people’s news agency”. And that’s how the idea for a website came up.

How big and what was the real objective of Mamfakinch, as the Arab Spring then starts getting prominent in Morocco as well?

We were frankly inspired by what other activists were doing in other countries in the region. Our aim was to circumvent the Moroccan media blackout over protests so that our countrymen and women know what was happening. We also wanted to offer a platform for dissident voices that were totally sidelined by state-owned media. Our ambition was also to do investigative work. And we did break stories related to corruption and nepotism within the regime. And while we never claimed to be objective (we were clearly on the side of the pro-reform, pro-democracy movement) we tried to abide by a set of self-imposed ethical rules.

At it’s early stage, the project was run by a dozen individuals. The early success of Mamfakinch (over a million unique visitors during the first weeks after launch) led to an influx of contributors. At some point we were about 30 individuals running the project as a collective with no hierarchy to speak of, and a very fluid publishing process.

People would approach us to join the collective. If a candidate is endorsed by two members or more she gets in. People who want to publish were free to do so but had to respect an editorial charter that, among other things, valued non-violence and democratic values.

Hisham and I speaking. Photo by Daniel Moßbrucker, edited by Claudio Guarnieri.

“Almiraat” isn’t your real name. Was it a conscious choice for you to use a pseudonym? Did anonymity play any role in Mamfakinch’s operations? Was there a sense of risk involved in your work?

It wasn’t a conscious choice at the beginning. Almiraat (“The Mirror” in Arabic) was the name I chose for my first blog that I started in 2007. It then became my pseudonym because everybody started calling me Almiraat. But then I realized how convenient it was not to use your real name, especially when you write critically about the Moroccan government. You can get into real trouble if they ever find out who you are.

When, a couple of years later, I and a couple of friends co-founded Mamfakinch, it became clear that we may very well end up in the cross-hairs of the government at some point down the road. In fact, most contributors to the site volunteered time and effort on the condition that their identity was to be protected.

In 2012, Mamfakinch is attacked with Hacking Team software. Before that incident, did you and your team perceive surveillance as a threat? Did you have indications of Moroccan investment in surveillance technology as a mean for repression?

Before the incident, there was a sense that the identity of the contributors to the website, much of whom put their careers in line to provide valuable input to us, needed to be protected. But we never realized what kind of capacity our adversary might have. And quite frankly, we never thought much of the government’s ability against us. We underestimated it. We were probably conscious of the fact that there were security vulnerabilities with regards to how to make a website that is collectively run, secure. Password management for example was always a problem. But we always trusted each member of the group to do their bid.

It turned out we were up against a highly sophisticated kind of a threat. We knew, as early as 2011, that Morocco was up to something when it was revealed that it spent €2 million in taxpayers money to purchase a mass surveillance system from French company Amesys. But even then we were not particularly alarmed — and maybe we should have.

Why do you think Mamfakinch was attacked and why in that particular moment?

We were attacked a couple of days after the website was awarded the Google-Global Voices Breaking Borders award. The award was a recognition of our efforts to use the Internet as a way of promoting public debate and democratic values. But it was probably also the moment when we became too visible for the regime’s taste. There were also other factors likely at play: the fact that the attention of international media was turning away from Morocco, focusing more of the unfolding tragedy in Syria and Yemen. Another likely motive is the fact that during that summer of 2012, Mamfakinch broke a series of stories pertaining to police brutality against protesters and exposed a high profile corruption and nepotism case against a minister in the government.

In other words, Mamfakinch was becoming a serious thorn on the side of the regime that they needed to do away with.

Do you remember the day you were attacked? Can you describe what happened? Where were you?

I remember it was early in the morning. I opened my email as I would everyday. And there was this one email that stood out. It claimed to be from a whistleblower — someone who claimed (judging from the subject line) to send us a scoop they wanted it published. I guess I was lucky that morning because I was late for work so I never really opened it myself. Later in the day I learned that all the co-editors received the very same email. Most of them opened it. The file was empty. We didn’t make much of it that day. It was only a few days later that our tech guy raised the issue again. We learned that during that same week other activists in the region, especially in Bahrain, were hacked via infected emails. Our tech guy suggested almost jokingly that maybe we should look into that empty file. We did. It so happens that we knew just the right people who could help. We knew the Citizen Lab in Toronto did similar research work for activists in other parts of the world so we thought they were the right people to approach. And indeed, after a couple days, the diagnostic came back. It was a virus — and not any kind of virus for that matter.

How did you feel both individually and collectively as you realize that Mamfakinch was indeed in the crosshair of the government?

The first feeling is one of angst. You fear for the people who trusted you with their personal information and whose careers, and maybe even lives, you might have now put in harm’s way. But then this feeling is quickly overcome with anger because you know that this unique project that you’ve invested so much on and that you built on trust, has received a deadly blow. There was little chance that we could come out of this unscathed.

What do you think was the real objective of the attack? Was it to identify your sources? Was it instigate fear in the members of Mamfakinch as they realized they were being watched? And what do you think was the most significant damage?

The initial objective of the government was, I think, to surreptitiously identify the people behind the project. Once identified it would be easy to intimidate them or attack them and discredit them. They were unlucky because we were able to seek help and identify the attack. But then again, the harm was done. Whether the regime was able to identify our members or not was no longer relevant. What lingered in everybody’s mind was that they were capable of doing it. And that possibility in and of itself is a victory for the government because the fear of being surveilled torpedoed the trust in the project, and effectively put an end to it. That’s how harmful this kind of technology is: it poisons the well.

What happened after the attack? Did Mamfakinch survive?

Once we discovered the attack we became acutely aware of the urgency of implementing digital security measures. But again, the harm was done. It didn’t matter whether our machines were clean or not, or whether we used encryption or not. They proved they could do it once. It means they can do it again. That put off a lot of people who volunteered contribution to the website. After a couple of months we went down from a team of about 30 regular contributors and co-editors into.. 3 people struggling to keep the website alive.

After a while it was clear the project could not survive. There was just not enough people willing to come forward. We had to close.

With your experience, how effective do you think that digital surveillance can be to curb citizen journalism and protest movements?

In the mid-2000, when blogging and social media peaked as a means of citizen journalism and activism, governments were still playing catch-up. They first tried to apply to the Internet what they were used to do offline: in other words, mainly trying to block websites and content they didn’t like. But that didn’t work as people always found a way to circumvent censorship.

But then, especially after the Arab spring, autocratic governments realizing the disruptive power of the Internet decided they needed to control it. That’s when we’ve seen a kind of public-private partnership emerging as mainly western-based companies, realizing they can make loads of money selling spying technology to repressive regimes, came to the rescue.

Surveillance was the perfect answer for those regimes: short of actually spying on the activities of every single one of their citizens they can instill the fear of being watched in the heart of every Internet user. If you know you can be watched you tend to self-censor and suppress your own expression.

That’s how you turn the Internet, thought-of initially as an inherently democratic tool, into an Orwellian mass surveillance nightmare.

Couple of years later, you and some colleagues start a digital rights organization in Morocco called Association des Droits Numeriques (ADN). Was being subject to digital surveillance what led you into working more in that area of human rights?

The fact of being a target has certainly played a role. Most importantly also, was the realization that without a political front, the battle for the Internet was going to be lost. It is important to protect personal information using technical fixes like encryption. But it’s also important to challenge power and to speak to power, to inform users, to challenge privacy violations in court and build a platform for civil society to express its concerns when it comes to Internet-related legislation and governance issues.

At some point, the Moroccan government cracks down on ADN, and you are charged with destabilization of state security. What happened? Why are you being prosecuted?

I think we are being given the Oscar for our whole careers as activists. By that I mean that what happened to us is only part of a larger post-Arab Spring crackdown on civil society actors in Morocco and across the region, targeting especially people who were intimately involved with the pro-democracy movement back in 2011. The Moroccan government were probably waiting for the opportunity to silence our work and they found it convenient to charge us now that the world attention is focused elsewhere.

What happened is that, in partnership with the UK-based Privacy International we published a report, in 2015, documenting multiple cases of unlawful electronic surveillance conducted against Moroccan academics, journalists and human rights activists. Three days after the report was published, the government opened a criminal investigation against me and ADN’s vice-president on charges of “Libelous accusations against a government body” and of “reporting a false crime”. Those charges carry up to 5 years in jail.

Another criminal investigation was later launched against me and some of my closest collaborators on a project called StoryMaker — a mobile app developed by a Dutch NGO, Free Press Unlimited, to help journalists and activists publish newsworthy stories. I was coordinating the training on the app and facilitating digital security training for vulnerable journalists and activists whom we taught how to use tactics like encryption.

Because of my involvement in that project I was later charged with “Undermining State security”, a charge punishable by an additional 5 years.

Do you think there is a brighter future for Morocco and the region? And will the people this time be ready?

I think when the next Spring comes, and I’m sure it will come, people will be ready, learn from our experiences, prepare for the worst and hope for the best.


Hisham remains optimistic. His difficult condition hasn’t affected his spirit at all, and he rather seems more determined and inspired than ever. It is late night now, we hug, wish good luck to each other, and part ways. Hopefully next time we meet we shall instead celebrate his hopes becoming reality.