The story with the largest Eurovision public viewing event disappearing from YouTube in Switzerland after a detection of one-frame subliminal messages in the footage has just become even more bizarre. After Basel City, host of the Arena Plus show at St. Jakob-Park stadium, explained the timeline of events, claiming they had flagged the incident to the National Cyber Security Centre, and then suggesting they merely complied with “measures that prevent the spread of harmful hidden messages”, NCSC confirmed to Pipeaway that they were not involved in the takedown. In fact, they will not even investigate the video as they don’t see it as a cybersecurity threat at all!
From a cybersecurity perspective, the NCSC does not see any issues with the video in questionManuela Sonderegger, National Cyber Security Centre
To rewind, Pipeaway first spotted the suspicious flash screens in Baby Lasagna act shortly after the May 17 event. One of these brief visual appearances contained a message urging secret support for jihad. The City of Basel, as the organizer, as well as the Croatian musician, both went silent as soon as we brought the topic to their attention, more than once.
However, two weeks after the original article was published on June 14, all YouTube creators who’d uploaded videos of the Arena Plus event began receiving takedown notices in Switzerland, citing government legal complaints.
In Basel City’s response, Christoph Bosshardt, Head of External Affairs and Marketing for the Canton of Basel-Stadt, explained that problematic material originated from stock footage (licensed pre-recorded video clips) and was not noticed before the show. “When the hidden frame was detected, the stock footage platform was informed, and the incident was reported to the National Cyber Security Centre”, Mr. Bosshardt said. “Whilst there was never an intention to censor the show, Basel supports any measures that prevent the spread of harmful hidden messages and does not want Arena Plus or any of its other events to be a platform for such content.”
But now, the very same National Cyber Security Centre says not only that they didn’t have anything to do with the takedown case, but that, from a cybersecurity perspective, they also don’t see any issues in the video.
Switzerland’s Cyber Watchdogs Say Baby Lasagna Video Not a Threat
“The NCSC is mandated by federal law to protect Switzerland’s critical infrastructure from cyber threats and to increase Switzerland’s cyber resilience”, said Manuela Sonderegger, Head of Information and Media at the Federal Department of Defence, Civil Protection and Sport within the NCSC.
“The NCSC is not a law enforcement agency and therefore has no investigative mandate. We are therefore unaware of why the YouTube video you mentioned was blocked, as this does not fall within our duties. We can confirm that the NCSC did not request Google/YouTube to block or restrict any content”, the agency told Pipeaway.
The statement doubles down on this point: “The NCSC has not been involved in this case and will not be looking into it, as it does not fall within our duties”.
Specifically asked about the danger of subliminal messages in the modern online environment, Mrs. Sonderegger was quite clear: “From a cybersecurity perspective, the NCSC does not see any issues with the video in question.”
“We Support Preventive Measures” – Just Don’t Ask Who Took Them
So if YouTube really did remove Arena Plus videos “to comply with local laws”, questions remain. Which laws were broken? And which government entity filed the legal complaint?
In the context of what Basel City said, Mr. Bosshardt’s statement now appears incomplete at best, misleading at worst.
Were “harmful hidden messages” harmful for the audience, or the reputation of Basel City?
The National Cyber Security Centre, the only government body Basel City claimed to communicate with, as an official competence center for cybersecurity, has firmly denied any involvement and sees no cybersecurity threat in the footage.
Also, if it took only one working day for NCSC to respond to Pipeaway’s inquiry, it surely took the same amount of time to tell the City of Basel there was no cybersecurity threat. So why did the City even mention this agency in their public statement?
Were “harmful hidden messages”, labeled as such by the City of Basel, harmful to the audiences, or harmful to the reputation of the organizer of the event, flashing unchecked footage in front of the eyes of 36.000 stadium visitors?
Of course, when YouTube mentions “government entity” requesting the blockage of certain content, this entity could have easily been the City of Basel. But if they did trigger the takedown, why did they not clearly take the responsibility for the action?
Instead of a straightforward explanation, we were left with a PR riddle: “We didn’t mean to censor, but we support preventive measures against the spread of harmful hidden messages.”
Mr. Bosshardt could undoubtedly clarify this situation. But until July 21, he is officially “out of office”.
What do you think about this drama unfolding?
Feel free to express your opinion in the comment section, and pin this article for later!
