Working for Human Rights, Staying Digitally Secure
Digital security lays at the heart of our cooperative project to support Human Rights work in a digital age. Since the launch of the project in May and following the kick-off of the Digital Human Rights Lab (DHRLab) in October, there have been some developments and experiences we want to share.
Hacks, malware, phishing, scams, cyberattacks, surveillance tools. At some point, we all might have heard of them: threats on the Internet that we need to be secure from. Yet, very often the ways of dealing with such digital perils are no less confusing. In the spur of the moment, only few people might know what is actually hidden behind the terms ‘anti-virus software’, ‘multi-factor authentication’, ‘encryption’ or ‘virtual private network’.
This short piece is not supposed to be another summary of digital threats and the means to confront them. In fact, there is already an abundance of helpful curricula and manuals online, such as the Surveillance Self-Defense Guide designed by the Electronic Frontier Foundation or Front Line Defender’s Security in a Box. Conversely, this text will touch upon our experiences and two difficulties when making efforts to stay digitally secure: Firstly, the challenge not to lose focus but to find adequate and context-specific solutions and, secondly, time.
In the last months, digital security has been a recurring and very relevant issue in our work. To start with, we as Future Challenges have outlined and established our own secure digital infrastructure. Apart from that, our Ugandan partners have placed the issue on the agenda of the recently launched Digital Human Rights Lab (DHRLab). For the kick-off event of the joint project we are implementing with betterplace lab, Pollicy and GIZ Uganda, different organizations working in the field of Human Rights came together and sounded out possibilities of cooperation as well as relevant topics for digital Human Rights activism. One of the three working groups or Communities of Practice (CoP) created during the event particularly emphasizes digital security. In the beginning of November, a first security workshop took place in Kampala. Facilitated by Daniel Moßbrucker from the Deutsche Welle Academy, seven members of the CoP ‘Digital Security’ carried out a needs assessment and explored the use and feasibility of different solutions to be safe from potential digital threats – the same as we at Future Challenges did a month earlier in Berlin.
Knowing and modeling threats is the first challenge of ensuring digital safety. As noted, there is a lot “out there”, both concerning perils as well as solutions. Unsurprisingly, one quickly runs the risk of losing focus, whether as an organization or an individual. Thus, it is – in a first step – crucial to model potential threats and detect possible adversaries. After having thought in threat scenarios, it is time to develop – in a second step – a specific and adjusted security concept. Differently put, the process is primarily about attuning tools and solutions to your digital starting point and concrete needs.
In the process of setting up and implementing our own security infrastructure, we realized the importance of a second challenging factor: time. On the one hand, it actually took us some time to identify threats we may face, search for online as well as offline tools, and cooperatively think about solutions. On the other hand, we experienced first-hand that implementing a strategy once decided on is similarly time-consuming. To give a rather simple example, it can be an afternoon task to create proper passwords and to enable a two-factor authentication in order to secure accounts.
Alas, digital security does not come along as a one-size-fits-all solution. On the contrary, seeking digital safety in a world of potential threats is a constant process of analyzing, modeling, and learning. As Future Challenges, we are part of this process, and are actively engaged in making Human Rights work a more secure endeavor.