Digital privacy 101 for activists

From DevSummit
Revision as of 23:32, 28 November 2017 by Evelyn (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Lowest hanging fruit

Be stingy with your information. Ask “why do you need XYZ sensitive information?”

Evaluation your own risk

Change your philosophy: doing the obvious “pre-digital” security practices

Know where your phone is

Lock up your laptop

Be sensitive to the information in your wallet or personal bag

Physical Security

Internal needs assessment “Threat Profile” and explore security trade-offs or compromises

Be aware of the items that can help “GEO locate” you

Ex: License plate

Activist Framework: Be sensitive to WHAT YOU ARE DOING + WHO YOU IMPACT + Level of RISK you create or contribute to.

Implementing security options and the RISKS you can still experience

Ex: You may use an encrypted email but the accounts you are receiving messaging may not – this means you are still at risk.

SINGNAL Messenger

SHARED via SIGNAL = When sensitive information is share

BROKEN SIGNAL

CARTOON EXAMPLE:

How to protect specific populations such as children and elderly?

DON’T EVER TRUST A COMPANY TO PROTECT YOUR IDENTITY

Your relationship with Facebook : you are the product

Any time you get a free service, you are the product-information that will be sold for a profit.


Balance between privacy and convenience

Evaluate individual risk and make a decision to protect privacy or engage with convenience.

Simple Tools: Privacy Bagger, Ad Blocker

Ask yourself: Does this entity NEED to know XYZ information

Low hanging fruit: Birthday (re- establishes your identity)

Example: Adopt a fake birthday

Know how much data they are collecting and where they are collecting it from.

Advice for Non-profit youth media organization: Explore all the WAYS your ORG. puts your CONSTITUENTS at risk.

Establish shelf life for data: What types of data do we collect and how long do we need it?

What will it COST to keep it secure? Can we AFFORD IT?


Existing Question: What should I accept with COOKIES?

How much do I trust Encrypted Email?