By 
The European Commission issued a retention order to TikTok on December 6, 2024, mandating the need to keep all data related to the Romanian elections for further investigations. This order comes a few days after Romanian’s president Klaus Iohannis ordered to declassify SRI’s (Romanian’s Intelligence Service) recent investigation.
Russian Interference in Romanian Elections
The Romanian Intelligence Service (SRI) accused Russia of election interference. They also confirmed a state actor attack against government infrastructure that supported the election process. The Romanian election was hosted by AEP and Romanian’s special communication services STS.
Moldova recently experienced interference in their election. Romania, their neighbor, confirms that they were also targeted by a cyber attack during their own election on November 24. This attack revealed political manipulation of the democratic process. In what now seems to be a large-scale marketing campaign targeting the already vulnerable population that was repulsed by the establishment, and voted more against the current political climate than with a specific candidate.
The TikTok Connection
The interference in Romanian elections was more visible on TikTok, where ultra-nationalist candidate Calin Georgescu appeared ‘out of nowhere’, ending the first row of elections from the first place.
The candidate received so much boosting on TikTok that he became the 9th most viral account on the day of the elections.
SRI’s first document revealed:
Calin Georgescu was helped by a TikTok network of 25.000 accounts, coordinated on Telegram and Discord.
The Romanian’s Intelligence stated:
An interesting and important aspect is that no common technical resources were used, therefore there were no shared IP addresses between the accounts. A complex, well-orchestrated operation hid its bot network by assigning each TikTok account a unique IP address.
On 22 of November, with 2 days before the elections, TikTok answered AEP (Permanent Electorate Authority) confirming the visual blocking of access of various reported clips, without removing of the videos, but denying access on Romanian region. What was later uncovered by AEP is the fact that the videos could be accessed by the Romanian public even in the day and after elections.
In addition to promoting Calin Georgescu, TikTok revealed a massive promotional campaign over the last two weeks for the POT (Young People’s Party): a 2023 party that endorsed Georgescu and secured 5% of the vote, gaining entry into the Romanian parliament.
Calin Georgescu self-advertised as a people’s candidate, stating with every occasion that he declared to AEP (Permanent Electorate Authority) a 0 RON campaign budget for the elections, and the fact that he did not spend a dime on them, everything being made by volunteers.
It was later uncovered by SRI, but we have to give credit to a subreddit r/programare because they uncovered the same thing: TikTok account “bogpr” was used by a Romanian citizen “Bogdan Peschir” to finance the election campaign.
The “0” RON election campaign
Photo: cugetliber.ro
Now, we later realize that the Prime Minister Marcel Ciolacu also knew about this campaign, and stated bluntly a few days ago “you guys just have to follow the money”.
Using the FameUP platform, SRI uncovered the payments for 381.000 USD in the span of 24.10-24.11.2024.
There, Romanian influencers were attracted by the FA Agency, a South African agency that offered 1000 Euro for distributing an already made video.
Subsequently, we learned that several high-follower influencers were paid tens of thousands to either directly or indirectly support candidate Calin Georgescu. And gladly we couldn’t found this out if they didn’t argue because each received different sum based on negotiations or number of reach.
All in all, the candidate Calin Georgescu had a preferential treatment for TikTok, because it was not labeled as a political candidate.
Interestingly enough, in a mass guerilla political campaign, is now clear that Calin Georgescu’s following and TikTok fame did not rise organically.
SRI’s second document revealed:
The second document is where the cybernetic attack was disclosed. The state actors allegedly had managed to either get credentials to STS servers or breach by exploiting access vulnerabilities. The state actor’s identity remains undisclosed.
SRI found out that credentials for “bec.ro”, “Roaep.ro” and “registrulelectoral.ro” were posted on a Russian platform used by hackers. Confirmation came from a private Telegram group that posts about compromised credentials and breaches.
Fortunately, this attack did not affect the election process, because the platforms breached were used only to list and display the real time voting data.
However, this is not really good news, no breach is good news. We are already used to state actors blowing up proportions when breaching, and the affected parties minimizing risk as much as possible, until other leaks or information is later found out to point that the breach was actually with larger impact. Either in the dark web, or in the public space.
For now, we’ll take this word for granted.
In total, SRI disclosed more than 85.000 cybernetic attacks. We imagine a lot of automated tools for scanning were used.
Kremlin denied the accusations.
Digital Services Act Framework
IAB Switzerland
What is the Digital Services Act?
The DSA represents the EU’s framework for digital platform regulation. As with recent regulation documents such as Cyber Resilience Act, it establishes clear accountability mechanisms for online platforms.
Particularly, those platforms classified as Very Large Online Platforms (VLOPs) with over 45 million monthly EU users are directly referenced in DSA.
Non-compliance carries significant penalties: up to 6% of a company’s global annual turnover.
Why Does the DSA Matter for Elections?
Electoral integrity stands as a primary concern for the DSA.
Nowadays, especially given the growing concerns about ultra-nationalism but more importantly foreign interference in European politics. Ultra-nationalism, as we can observe, is a trend that grows in the EU rapidly affecting not only Romania, but the majority of countries: France, Germany, Spain, Sweden, to only name a few.
The political matter is complex and not our jurisdiction.
However, we can focus on state actor interference in European politics instead.
We Europeans have heard about it before but didn’t give it much importance because it was happening in distant countries. Until now, when it happened in Romania and forced us to accept the fact that the estimated number of ultra-nationalists voters is unexpectedly high, accounting for 35-40% of the electorate. A number that was not taken into consideration by external manipulation.
Going back to DSA, the Act mandates platforms to implement systematic risk assessments and maintain strict monitoring of potential threats to electoral processes.
But How Does DSA Enforcement Work?
Enforcement depends on regulators and coordinators. The European Commission oversees the Very Large Online Platforms (VLOPs). Smaller platforms are handled by national Digital Services Coordinators.
What Triggered DSA Investigation?
In TikTok’s case, and as stated earlier, declassified information revealing potential Russian interference in Romanian elections, prompted the Commission’s action.
New Electoral Guidelines Under DSA
The Commission requires VLOPs to establish dedicated internal teams with adequate resources for monitoring interference risks before, during, and after elections. These teams must maintain real-time monitoring of platform activities and potential manipulation attempts.
Preservation Requirements
Political Advertising Transparency
Under the new framework, platforms need to maintain a publicly accessible, searchable repository of political advertisements.
Recommender System Documentation
TikTok must preserve complete technical documentation of its recommendation algorithms. This includes detailed specifications of content ranking criteria, user interaction processing methods, and the complete system architecture that influences content distribution during electoral periods.
Inauthentic Behavior Controls
Detailed records of how it detects coordinated campaigns need to be kept and disclosed to the EU. This encompasses sophisticated network analysis data and pattern identification systems that flag potential manipulation attempts across the platform.
Political Content Monetization
Their documentation should cover all aspects of political content monetization, including violation records, undisclosed sponsored content tracking, and monetary transactions related to political messaging. This especially applies to influencer campaign documentation, where commercial partnerships may obscure political content.
Conclusion
One thing is for sure, at the moment, the losing party is the one playing by the rules.
Update at 3:00 PM: The Romanian CCR (Constitutional Court of Romania) has nullified the Romanian elections, effectively resetting them.
Featured Photo: picture alliance / NurPhoto | Jacques Silva
Further reading:
- Meta’s Role in Romania’s 2024 Election: A Critical Analysis of Platform Oversight
- Romania’s Electrica Group Responds to Cybersecurity Incident