The following questions are meant to help spark the conversation:
- How do we communicate safely? What are the risks that HRDs face when using information communication technology? How aware are HRDs of these risks? How are HRDs using ICT proactively for security and well-being, instead of reactively?
- How does communication support the well-being and security of HRDs?
- Is information communication technology security fully integrated into security? If not, why not?
Share your thoughts, ideas and stories to this discussion thread by adding your comments below, or responding to existing comments.
HRDs are so savvy when it comes to taking the new technology tools and applying them to human rights campaigns (see our dialogue on Information Activism: Turning Information into Action for lots of examples). But in addition to using information communication technology (ICT) tools for human rights campaigns, there are ways that ICT tools can be used to help keep human rights defenders safe and connected. A few examples include:
There are undoubtedly security risks for human rights defenders when using ICT tools (which I am sure that we will cover in another conversation thread). But I am curious to find out from you all what other examples are out there of the use of ICT tools to keep defenders safe and supported? What ideas do you have for future uses of ICT tools?
Great questions Kristin, I look forward to this discussion!
Just to add to your thoughts, I just attended a wonderful panel at Grantmakers without Borders on Women, Activism and Technology.
One of the discussions that came up with this -- with activist technology options developing so quickly, governments and others are just as rapidly developing ways to counteract them. What is secure one day is potentially compromised the next.
Skype is a good example of this (though recognizing that it was never truly secure in the first place). But the recent Microsoft purchase of Skype raises the real concern that in future, it could be compromised as a somewhat secure communications tool.
So, how do we stay ahead of the curve? How do we remain flexible in our ability to learn about new tools, adopt them, and just as quickly be prepared to shift over to another tool when we need to?
Jane
Thanks, Kristin, for starting this conversation off. Jane, I can defintely relate to not being able to keep up with ever-changing technology! At times I think we feel so overwhelmed by the security concerns-not to mention the other work on our plates- that we don't undertake the simple precautions. I think making sure that computers are not in plain view, that we have updated passwords and that we take extra precautions when working in internet cafes, for example, can go a long way to increase security. Tactical Technology Collective's ONO videos have some good, simple tips about how to increase IT security.
Additionally, it seems that organizations that support HRDs - like grantmakers - need to look at their own systems and be sure that they aren't putting partners at further risk. Technology brings us closer to our grantees by allowing us to communicate with them on a regular basis and grantmaking organizations increasingly rely on technology to monitor and evaluate the work of our partners. In our excitement around these new ways to connect, we need to be sure that these actions do not make our partners more insecure. Maybe IT professionals working at grantmaking organizations can be supported to learn more about the risks faced by human rights defenders and how to mitigate them. Does anyone know of organizations -international advocacy groups, grantmaking organizations, etc.- that have developed expertise around IT security on their staff that can advise their colleagues as well as their partners? How has it worked?
Hi Jesse - thanks so much for raising these questions. I have wondered the same thing - how can donors and other institutions/organizations that are working to support the work of human rights defenders - be sure that they aren't putting defenders at greater risk by their communication? I keep imagining some sort of checklist or questionaire that could guide these kinds of supportive organizations through the process of identifying where the risks are and what steps can be taken to mitigate the risk...
Would love to hear if anyone has heard of resources, tools or organizations that address these concerns! Perhaps there are groups out there that are working on something like this? Please share your ideas!
Thanks, Kristin! Another resource from Tactical Technology Collective that we have been using is their Flash Cards and Slogan Cards. We have used their flashcards to develop checklists that we can use as grants program officers when we are traveling or we can share with our partners. The slogan cards are nice for starting conversations and thinking about basic security measures. They have these resources in English, French and Arabic now.
It would be great to see what other tools organizations use!
Tactical Tech have produced a number of brilliant guides for human rights defenders.
"Security in-a-box is a collaborative effort of the Tactical Technology Collective and Front Line. It was created to meet the digital security and privacy needs of advocates and human rights defenders. Security in-a-box includes a How-to Booklet, which addresses a number of important digital security issues. It also provides a collection of Hands-on Guides, each of which includes a particular freeware or open source software tool, as well as instructions on how you can use that tool to secure your computer, protect your information or maintain the privacy of your Internet communication."
It includes chapters including: How to use mobile phones as securely as possible; How to destroy sensitive information; How to protect yourself and your data when using social networking sites.
The free guide can be viewed and downloaded here
https://security.ngoinabox.org/
Other toolkits they have delevloped for NGOs are
Mobiles in-a-box is a collection of tools, tactics, how-to guides and case studies designed to help advocacy and activist organisations use mobile technology in their work.
http://mobiles.tacticaltech.org/
Message in-a-box is full of tools and tactics for communicating your cause.
http://www.tacticaltech.org/messageinabox
<p>There are quite a number ways using mobiles for remote worker alerts.</p>
<P>One service example is 'Lookout call' designed initially for midwives. To operate the service, midwives use a normal mobile phone linked to a centralised computer system. Before they visit a patient, they use their phones to update the computer with their destination and route details. In the event of an incident occurring the system automatically calls for back up and provides location details of the affected member of staff. </div><p>Midwives update the computer before each appointment with their movements (for example, I am starting a 60 minute patient visit) and leave a spoken message with their location details. The computer system then uses these updates to initiate countdown timers for each midwife. If a midwife then fails to send another update within the specified time set, the computer first checks for a false alarm by sending a text message. If the midwife still does not respond to this message, team leaders or managers are contacted,</p><p>The service also features a panic facility that can be used in emergency situations. By pressing a single button, the mobile phone automatically speed dials through to the police.<br><br>http://www.c3.co.uk/lookout-call.aspx</p><p>A simpler system along these lines could be set up by any organisation. For example, the remote worker texts in to say where they are and how long they expect to be. Then at the end of the specified time if the remote worker has not texted back to confirm they have concluded the visit and are ok then triggers can be set to alert colleagues. A system like this could be set up using Front line SMS <a href="http://www.frontlinesms.com/">http://www.frontlinesms.com</a></p>
Thanks, Mike, for sharing these examples and ideas for how to use mobile phones as a tool to alert people when a defender is in danger! It's really helpful to learn about how others are using mobile phones in this way. If anyone else has examples, please share them!
Your mention of Frontline SMS reminds me another free and open source tool called FreedomFone.
Freedom Fone makes it easy to build interactive, two way, phone based information services using interactive audio voice menus, voice messages, SMS and polls. The DIY platform is accessible, user-friendly, low-cost, global and does not require Internet access for users and callers alike. It takes advantage of audio to address language and literacy barriers when reaching out to the millions of people living on the margins of the information society.
This tool has been applied to many different contexts - mostly to share or receive information via mobile phones. Could we use this tool to share and recieve information about self-care and security for human rights defenders? Could we use this tool to create a network of defenders to support each other where people could hear recorded messages and also leave messages for others? I guess what I mean is, can we take this kind of online forum approach to asking questions, sharing resources and supporting each other - and bring it to mobile phone users? We know that many more people have access to mobile phones than have access to the internet. Could we (by "we" I mean this community concerned about self care and security) create a 1-800-SELFCARE hotline for defenders? Just a thought.
I know these are linked elsewhere on this website, but I wanted to be sure they made it to this thread of the conversation.
Sharing with you the strategic online activism toolkit we produced with the APC WNSP which includes a section on security. http://www.violenceisnotourculture.org/files/Strategising%20Online%20Act... We are currently fundraising for the translation of this toolkit into core languages.
The APC WNSP http://www.apcwomen.org/ in collaboration with the Global Coaltion on WHRD, ISIS-International http://www.isiswomen.org/ and the Global Campaign to Stop VAW in the name of culture http://violenceisnotourculture.org will be organising a workshop specifically on online security and WHRDS in Manila next month and in Africa in September.
Just some observations and suggestions on existing resources on online security and where are some of the gaps. We find most of those mentioned here very useful. In fact we borrowed a lot from these when we were producing our toolkit. HOwever, we are far from reaching that delicate balance between the tech-ie language and language that would make the technology accessible to a typical, non-English speaking activist who has very limited access to the technology. We probably also need to segmentize resources and knowledge tools. I recommend more of these 101-type of instructional material on online security specifically for each of the ICT media. Toll-free Hotlines for IT support are also very useful. And lastly, translation of resources in various languages.
one method we use to address the effect of being overwhelmed by security of information and communication is dividing the whole process into understandable parts. human rights defenders (HRDs) would start by getting acquainted with smaller parts (like: how to protect your computer from malware, how to create and maintain secure passwords, how to protect the sensitive files on your computer, how to destroy sensitive information, etc.). so later they can use those simpler parts in managing more complex tasks (like: how to keep your Internet communication private, or how to remain anonymous and bypass censorship on the Internet). it takes time and practice to learn and incorporate those procedures into anybody's work. i think that for HRDs the essential addition to this learning process is the ability to reach out for consultation with the expert. as some of the nuances of the digital security are not clear. of course there are many challenges of the relationship between HRDs and security experts (like: trust, communication, availability, language, distance to expert, etc.). but otherwise it is very hard to imagine that HRDs would "stay ahead of the curve".
i think organizations that support HRDs have a crucial part to play in protection of the HRDs. we need to apply very high standards of security to our information storage and exchange systems, to our internal communications and to the communications with HRDs. each field mission, each grant given to HRD is an opportunity to strengthen their security. we need to spend time and resources on raising our staff's awareness of those issues. we need to be able and need to take time to raise the awareness and spread the skills related to security among HRDs in the field. the tools and guides are available (most for free). many tools are described in the resources mentioned above in this dialogue. and there are other in case those would not fit the specific need of HRDs or supporting organisation.
of course we can "create a 1-800-SELFCARE hotline for defenders". in fact hotlines like this already exists. it takes time to spread the news about the hotline and develop the trust of HRDs that by calling these they will change anything practical in their situation. some of the challenges we try to address with our hotline are: how to offer a channel of communication that will not put HRD in greater risk? how to minimise the cost of HRD using this channel of communication?
there are mobile phone based alert systems used by HRDs (for example in Colombia and Mexico). also GPS mobile phone tracking devices are becoming less and less costly (like USD50). they show exact location of the person carrying them. they are simple to use and have wide range of features including the SOS button that the person can press to activate the call for help. of course they are bringing new concerns of the security of the person carrying them (similar to the mobile phones people carrying). and of course there needs to be somebody on the other side who will know what to do and will be able to do it in case of the need.
Hi Wojtek,
Great to have you on the dialogue and thank you for your comments! I think it is really helpful to talk about IT security by breaking it down into understandable parts -- and this also echoes Jesse's comments about keeping it simple.
On organizations supporting hrds and their ability to communicate safely and hold information safely -- do you know of good resources/trainings that are happening that are specific to these types of international human rights organizations/grantmakers?
Finally, to follow up on your comment about hotlines:
It is great that hotlines like this exist -- could you let us know more about them? So far, it seems that we only know about the Frontline hotline (I haven't yet heard of any others), but not about any places human rights defenders could call if they are facing a crisis that is related to mental health or physical health (that is not clearly connected to a classic 'security' incident). So, if there is a defender who has been violently attacked and needs psychological support and medical care, some support mechanisms exist.
But if a defender is suffering from a longer term issue (as Becky refers to in another post, such as PTSD) or if a defender has discovered a serious health issue or has an accident, it is always much harder to find support. It would be great to hear more thoughts if those mechanisms and hotlines exist for these issues -- I think this is also something that Saira from UAF was asking about in a broader sense when she was asking if any organizations are supporting larger 'sustainability' issues for defenders.
Thanks for any more insights (and if anyone else wants to jump in!)
Hello All - my work is in the field of compassion fatigue, a secondary traumatic stress syndrome that can distress the life of a caregiver/defender. I love that the word "sustainability" has surfaced. To me, as a lifelong caregiver, being able to continue to do the caregiving work we do is the secret to a better world. If we suffer the effects of PTSD or compassion fatigue, we become ineffectual providers of quality, compassionate care. Unfortunately, many caregivers/defenders learn about these maladies too late. I believe the best answer is to invade our junior colleges, universities, medical schools and trade schools and offer courses on these subjects. I have presented a one unit compassion fatigue course at my local community college and the response has been overwhelmingly positive from both the students and the professor. What a shame for students to put so much time, energy and money into their chosen caregiving profession only to "check out" due to depression, compassion fatigue or PTSD. Unfortunately, it happens very often and I feel can be avoided with early awareness, education and resources.
thank you Jane :-) we are making sure that all of our protection coordinators that are interacting with the HRDs in the field are able to conduct at least awareness raising sessions related to digital security. we are also talking now to some organisations who support HRDs to help them improve security standards of their internal and external communications. and to work out the model, and maybe conduct (sort of) training of trainers for them. so they could help to pass those skills on to their contacts in the field. the challenge here is that any given support organisation needs to be convinced that digital security is vitally important in their work. this idea needs to have a practical backing both from the top of the organisation management and also readiness of the staff to make (sometimes significant) effort to learn, change their habits and keep those changes.
i was too careful with my sentence. i don't know other hotline per se. of course, there are organisations that do great work in protecting HRDs and they have their ways of contacting HRDs. i would actually be very curious to hear how others organise their contacts and what security standards they have over this communications.
interesting and very difficult psychological element of the digital security is that when communication or information is protected well you don't get to hear much about this. we only know for sure about failures and disasters. and only when they surface...
I think that breaking down ICT security into understanable parts is exactly the right approach. Like anything worth learning, it can't be taught in a day. In fact, one of the most important lessons should be that security risks change over time, and sometimes just staying in sight of the curve is a victory.
Another point I'd like to make, particularly as gender is a cross-cutting theme throughout this dialogue, is the importance of connecting HRD with trainers who can help cut through fear and gendered reactions to technology. On a very simple level, ensuring there are female as well as male trainers for mixed-group trainings is critical. I also think that there sometimes needs to be more of a bridge between technologists and human rights defenders. The two groups speak differenent languages and have different perspectives ... intermediaries are important to help translate meaning across the gap.
Thanks for mentioning this, Emily! This point about needing to strengthen the bridge between technologists and human rights defenders and what this means for female defenders. This is a concern that I don't think has been addressed in this dialogue, yet.
As we know, more and more human rights defenders are using technology in their work. We also know that women are often under represented when it comes to the study of technology. So, what does this mean for female human rights defenders? Are these defenders missing some of the important information regarding technology and communication security?
As Emily mentions, one important step is to include women in the trainings, and include women as trainers. How else can we be sure that women defenders are as well-informed about the technology and communication risks, and male defenders? How else can we ensure that women are not putting themselves at risk when utilize new ICT tools?
Two organizations come to mind when associating safety and well being with those who provide care to others:
Traumatology Institute (www.psyclink.com) and Green Cross Academy of Traumatology (www.greencross.org). The Traumatology Institute was founded by Anna Baranowsky, PhD, and is located in Toronto, Canada. The Green Cross Academy is connected with Dr. Charles Figley, the world's leading traumatologist. The Green Cross Academy is an international humanitarian assistance organization that mobilizes resources and personnel to assist in relief efforts. They provide both trained traumatologists and compassion fatigue service providers. Technology is widely used in both organizations. Those interested in receiving certification and training in the field of compassion fatigue and/or traumatology can do so online. When a disaster, such as the tsunami in Japan, occurs, technology is used to put out a call for those who are available to deploy to the area. Technology allows both organizations to move swiftly and efficiently to gather caregivers and provide assistance to those in need as quickly as possible.
Thanks Patricia for these resources!
You also raise an interesting and important aspect of communicating (and as you say 'associating') with human rights defenders/activists -- beyond the physical/internet/classic communications security -- how do we also ensure that we are communicating in ways that are equally emotionally safe and respectful.
I am a big fan of Charles Figley's work, I have so far found it most relevant to the experiences of human rights defenders (and I think they also conduct online training courses, which, for those of us who aren't trained counselors, is a really helpful resource). I haven't had as much time to look at the Traumatology Institute, so will definitely check them out.
Jane
I was really glad to see a section of this topic devoted to the role of technology and overall security, and there are great comments and resources in this section.
One of my biggest take-aways from working with human rights defenders over the past few years is how critical it is for human rights defenders to learn basic digital literacy and security. An important component of both is assessing the benefits, risks and trade-offs of using any one particular tool. This can differ widely from country to country, so there will never be a one-size-fits-all solution. Rather, I hope that human rights defenders can be empowered with the information they need to protect their data and communication. Just as threats to physical security require deciding which doors to lock and routes to take, so do HRD need to understand how to protect information and share it in a safe way.