The Bylock trap: preventing bias in the judicial system
Following the July 15th coup attempt in Turkey, Turkish authorities claimed to be able to trace hundreds of thousands of people that they accused of participating in the failed coup attempt by cracking the rickety security features of a little-known smartphone messaging application called ByLock. The app is allegedly the communication tool for the Fethullah Gülen Terrorist Organisation (FETÖ).
The investigations determined that 123,000 people were using ByLock. Later Turkey’s Constitutional Court ruled that ByLock was indeed an evidence of membership of the organisation and many people were arrested for having the app on their smartphones.
While investigations into ByLock users were ongoing, the investigators discovered that 11,480 smartphone users were directed to the app without their knowledge. The prosecutors started releasing the 11,480 people who seemed like ByLock users because of "trap programs," changing the course of the investigation, as well as bringing justice to thousands.
Tuncay Beşikçi is one of the engineers who uncovered the apps that downloaded ByLock on the users' smartphones without their knowledge. Beşikçi studied forensic engineering in England. He has served as an expert on many Turkish court cases. We interviewed Mr. Beşikçi for Ahval.
"ByLock is a mobile application. It was available for free download for iPhone and Android on App Store and Google Play. You only need an account to download it. (And you already have an account) since you have an account to use the smartphone."
"When you look at the content, it is 100 percent organisational correspondence. Unlike Whatsapp, where you need the other user's cell phone number to connect, you need to know the other party's nickname to establish communication. This is one of the features that distinguishes ByLock from WhatsApp."
Beşikçi says that ByLock's primary purpose was to be able to oversee the internal correspondence among the organisation’s members.
"It was mainly used for communication. But those who wrote the program could access the correspondence. It seems like that was the purpose; surveying and controlling the members of the organisation. Otherwise, they could've used WhatsApp or Telegram. Except if they did, they could not watch over the content of the texts. The development process of the program coincides with the Dec. 17-25 corruption scandal against the government. It takes about three months to develop a program like this. The first version was released in March 2014. Maybe it was a failsafe for Dec. 17-25, a plan B if you may.
"Around the time ByLock was released, two of (Turkish science institute) TUBITAK's employees resigned. There is an ongoing investigation into these individuals. They went abroad. Looking at the timeline, it fits. And the program that automatically installs ByLock to smartphones is older than ByLock. These two former employees are the designers of those programs. All of this happened right after a major operation at the justice and police departments (related to the corruption scandal). Maybe that operation was the reason they released the messaging app.
"They started adding innocent people to ByLock as well. We are told that there are certain imams that they want to protect. This is consistent with the idea of secretiveness. Because if only the core staff of 3-5,000 people had access to the program, it would be straightforward to close in on them. It is a lot more challenging to find them among 251,000. There are millions of messages.
"We also found other [similar] programs. We also found their ties to some terrorist organisations. 150,000 people downloaded the application (I was investigating at the time). A huge figure. I was terrified. But fortunately, it was used in that capacity for only three months. I called the prosecutor. I told him about these programs that directed the users to ByLock. A team was set up in Ankara. We had meetings with that team. And eventually, it was resolved the way I suggested. We started looking at how people were accessing Bylock."
Beşikçi thinks that this is the end of it. He believes that the main bulk of the victims of these spy programs were acquitted. "There might be more spy programs. But I doubt it. Maybe there are other apps. We're not aware of any such apps but theoretically it is possible."
Beşikçi also responded to critics of his work.
"The (accused) organisations had been claiming that ByLock could not be submitted as evidence. ByLock is evidence. It was used by (this terrorist) organisation. So was the content. We only tried to clear the accidental users of wrongdoing. The critical point here is that these spy programs are linked to the [terror] group. We figured out that this was a conspiracy. We have proven that all of this was planned by this organisation. Now the remaining users of ByLock are the ones using it for the terrorist plots.
"Saving 11,480 people from unfair accusations made me feel very happy. Many of these people and their relatives are sending prayers, gifts. We became like a family (with them)."