While my password is more sophisticated than ‘password’ – you might laugh but a recent article by suggested that’s a very common password – I know I’ve not spent enough time thinking about protecting myself online.
But with news of the hacking of the Clinton campaign, an awareness of how much information that I produce is held in ‘the cloud’, and reading stories like this about a sophisticated attempt to create a fake campaign group to hack the IT systems of organisations like Amnesty who had been raising concerns about workers rights in Qatar. I’ve started to think that I need to consider taking my digital more security more seriously.
As campaigners, we’re often working on issues where there are powerful vested interests that we’re opposing, so making sure that we’re thinking about our data security should be on our to do list. Attending CampaignCon in October it was interesting just how many campaigners at the conference were talking about it as a key concern for the work they’re doing.
For many campaigners, it’s a challenge to get the balance right. We want to collaborate with others which makes platforms like Dropbox and Google Doc invaluable, we need to use social media channels like Twitter and Facebook to get our messages out, and investing in complex cyber security can feel like an unnecessary cost when every penny counts..
It’s easy to think that you only have to worry about your digital security if you’re running some campaign on the arms trade, or in a country with a repressive government. But that’s before you start to investigate the powers that governments have over our data (see the recent Investigatory Powers Bill/Snoopers Charter passed in the UK last) or consider what new laws President Trump might implement and what that would mean for any data held in the ‘cloud’ on a US server.
2017 is the year that cyber and data security need to be every campaigners concern.
If that’s not enough to convince you – at a time when elements of the media are looking for charity scandals making sure that you’re no unwittingly writing a front page story is another reason to revisit those social media permissions.
I’m no expert at how to do this, but I’ve found the following articles really helpful as an introduction to thinking about digital security – but please do add other thoughts in the comment box below.
Step 1 – Start with some light housekeeping – I found this article from Owen Barder really helpful. It’s nothing complicated, but making sure that you’ve got two-step authentication set up, are using a password manager and thinking about where you store key information are some simple and easy steps to take.
Step 2 – Think about encryption – This is a really helpful guide to thinking about how you can tread more lightly when you’re using the internet. Again, nothing that requires lots of technical expertise, but it’s got some really useful suggestions about how to search in private or use secure message platforms like Signal to share.
Step 3 – Consider a digital detox – If you’re concerned about Google actually knowing more about you that your best friend thanks to your search history, use of Google Maps, etc. Have a look at the Digital Detox that Tactical Tech have launched. Again its’s full of really simple and easy steps you can take to take back control of your digital self
Step 4 – Review your campaigns risk – Clearly every campaign comes with a different level of risk attached to it, but this articles from Mobilisation Lab really helpful. I found thinking about this made me consider what information I’m sharing information with on email or who is on those big mailing lists I’m sharing my latest campaign dilemmas with.
Step 5 – Dive in to find out more – The Tactical Tech Collective is a brilliant place for anyone wanting to learn more about digital security – there Security in a Box project while designed for frontline human rights defenders has lots of practical ideas.
Please do use the comments box to share others thoughts, ideas and resources.