- Reflect on and discuss the kind of data exchanges expose us to repression
Essentially, one can distinguish between two approaches: end to end encryption ensures that communication throughout the whole process is only accessible for the sender and the recipient. Examples of this kind of encryption include PGP for e-mails or Signal and Whatsapp. Alternatively, transport encryption ensures that data is not visible for intermediaries. However, messages stored on the servers are not necessarily encrypted, thus exposing data to the risk of being accessed by unauthorized parties. In order to use transport encryption, one should use websites with https:// which means that the content is safely transmitted through the Internet.
Virtual private network (VPN) is a technology that helps you to surf and save emails in critical environments and countries with a strong surveillance policy. This technology builds an encrypted connection to a server in a trusted environment. Therefore, you access the Internet through this trusted server, not directly through your hotel WiFi. VPN clients are included in Linux and MacOS. A VPN server needs to be set up, often you need to buy a license from one provider.
Read more on privacy protection in Competendo Privacy Protection
Similar encryption instruments for email or messenger-based communication might help Human Rights activists remain off the radar, and resist exposure to further repression. About encryption Email Encryption
- Make a list of interactions you have with the partner organisations you cooperate with and map them on a flipchart
- Identify risky points that allow for tracing/identifying and harming your partner
- Check the internet: what programs/instruments/services are in place
- Check whether your organization’s ICT use/policies are in potential conflict, with the aim of ensuring the safety and integrity of your partners
- Think about ways to interact and keep a safe communication channel
- Develop an action plan
The right to educate and actively ask for transparency, democratic participation, governance and control cannot be taken for granted, worldwide nor in all European states. The interaction and cooperation between civil society organisations may thus put partners unintentionally at risk, not only in regard to their work and fields of civil activity, but also physically. Civil society in any field of international cooperation and partnerships needs to develop a high sensitivity to communication, transaction of data, traces of finances, or for intervention of third parties.
Researcher at the Osservatorio Balcani Caucaso Transeuropa (OBCT), a think tank focused on South-East Europe, Turkey and the Caucasus located in Trento (Italy).
Read more in the Holistic Security manual: “Holistic Security is a strategy manual to help human rights defenders maintain their well-being in action. The holistic approach integrates self-care, well-being, digital security, and information security into traditional security management practices”. https://holistic-security.tacticaltech.org/