Digital security threats to civil society organisations – and how to deal with them

/ February 11, 2015

Citizen Lab and Collin Anderson’s joint submission to the UN Special Rapporteur on freedom of opinion and expression highlights the developing digital security threats faced by civil society organisations:

‘Even when Western governments are aware of active digital espionage operations conducted by foreign governments against civil society, they may not attempt to intervene or notify the victims—and may seek to utilize the exfiltrated information for their own ends.

According to newly released Snowden documents, US, Canadian, and UK intelligence agencies discovered an ongoing hacking campaign against victims including “Chinese Human Rights Defenders,” “Tibetan Pro-Democracy Personalities,” and “Uighur Activists.” They monitored the data gleaned by the hackers for content of interest, taking no steps to prevent further compromise of the victims.’

The document argues that encryption and anonymity tools need to be ‘democratised’ so that civil society organisations can build them into their daily workflows. Even so:

As encryption and other forms of secure technologies become more ubiquitous, society must also address the market for advanced spyware and other “work-arounds” that will spring up to undermine such digital security solutions.

The submission then includes an overview of civil society organisations’ key needs when using digital communications, the threats to each of these activities, and which encryption and anonymity tools are available to help mitigate those threats (from page 13 onwards (PDF)).

This resource is being developed, and Citizen Lab is encouraging members of the technical community, civil society, journalists, and others to critique its form and content. Do you think about all these threats when writing your project risk assessments, and have you identified any particularly useful solutions?

About the contributor

Tom started out writing and editing for newspapers, consultancies and think tanks on topics including politics and corruption in sub-Saharan Africa and Asia, then moved into designing and managing election-related projects in countries including Myanmar, Bangladesh, Rwanda and Bolivia. After getting interested in what data and technology could add in those areas and elsewhere, he made a beeline for The Engine Room. Tom is trying to read all of the Internet, but mostly spends his time picking out useful resources and trends for organisations using technology in their work.

See Tom's Articles

Leave a Reply

Related /

/ May 17, 2019

From Consensus, to Calls to Action: Insights and Challenges From #5daysofdata

/ May 17, 2018

Why accessibility matters for responsible data: resources & readings

/ January 24, 2018

RD 101: Responsible Data Principles