The security and ethics of live mapping in repressive regimes and hostile environments (updated February 15)
Some Standby Task Force (TF) volunteers have recently been involved in mapping events around the demonstrations taking place in North Africa (Tunisia, Egypt and Sudan), at the specific request of local activists. None of these activities have called for a full deployment of the Task Force, but they have raised some important questions. There may be a time when we are asked as a community to take on live mapping in a repressive regime or hostile environment. There will undoubtedly continue to be Task Force volunteers who individually engage in supporting mapping in such environments.
This post aims to start a discussion on the two critical issues to be considered for live mapping in repressive regimes and hostile environments: security and ethics. These are just some initial thoughts; please comment on this post with your views.
Activists operating in repressive regimes are well aware of the risks they are running when they organize demonstrations or speak out about an issue. However, many activists are new to online reporting and organizing, and may be unaware of the particular risks of operating on the internet. In particular, activists are not always clear on what online actions will enable the authorities to identify them and what the consequences can be. One activist recently said: “What’s the point in protecting my identify on the net? They’ll know who I am if I go to a demonstration anyway.” We would suggest that it is very important to have control over when you are or are not to be identified with a particular action.
Thus, as an online community, it is our responsibility to advise any activists operating on the ground of the risks they may be running online and how they can mitigate them. This is in line with the TF Code of Conduct where we state:
“Safety: I will use as guideline principle for all my activities in the TF the Do No Harm principle. I will place the highest priority on the safety of the general public. I will not engage in any activity that could potentially endanger the affected populations that are source and target of reports and information during specific disaster response operation I am involved in.”
Here is a summary of the advice we could provide on security with regards to communicating, organizing and reporting. – UPDATED (MARCH 18): thanks all for the advice left in the comments section, now included below.
Security in online communication: normal email accounts (gmail, yahoo, etc) can be easily hacked, so everyone should be encouraged to move to alternative means of online communication. Some useful tips:
- Everyone working on the project needs to have TOR or similar independent security software on their computer (this protects other users from viewing what websites you have accessed). If the main TOR site is blocked, try one of the mirror sites.
- If vulnerable websites are visited (e.g. gmail, yahoo, etc), always use https proxies if available
- If sensitive websites have been visited (before installing TOR), delete all browser history. Your browser history can still be found, but this makes it a little harder.
- Everyone working on the project needs to get a Hushmail e-mail account. This is free online email that is safer than most email providers. There was one case in Canada where Hushmail agreed to hand over information on email accounts, but it seems unlikely that a similar request from a repressive regime would solicit the same response. Independent security systems (described in 1) are better than third party ones, but Hushmail is a good start.
- All passwords needs to be transformed into Passphrases and all caches (saved passwords) need to be deleted from browsers
- All sensitive content needs to be deleted *permanently* from normal email account
- Skype is a relatively safe way to communicate (as long as no-one has your password!). Skype-to-skype voice calls cannot be recorded, but the audio compression system used in skype allows phrases to be identified with an accuracy of between 50% and 90%, even with encryption applied. All skype chats are encrypted. However, it is possible to see who you are talking to and your skype chats are stored in your skype account (but it would be very difficult for someone to access them). It is best to download skype in a safe environemnt, since skype downloads are not made through a secure connection, which means that other sites can masquerade as the main site and offer compromised versions of the software. A separate SkypeID should be created for senstive content to minimize risk. All sensitive content needs to be deleted from normal Skype account (including deleting chat history and call history). Always be sure that the contacts you are talking to are correct and not someone impersonating them.
- If instant messaging services are used (Google Talk, MSN, AIM etc), use an encryption service called Off The Record (OTR). You can read more about OTR here. An easy way to use OTR is to install Pidgin (together with the relevant OTR encryption for your instant messaging client) or Adium (comes with OTR built in).
Security in online organizing: it is important to communicate to activists that although social media such as facebook and twitter may be effective, they are also very unsafe. Some useful tips:
- All sensitive content needs to be deleted from Facebook page
- If using Facebook, use a false name and no pictures
- Public groups on Facebook should not be trusted at face value, they could be planted by the government. Secret groups on Facebook are not safe (they can also be hacked)
- A profile needs to be created on Crabgrass, a secure social networking platform
- If local activists want to use twitter, tweets should be relayed over skype to activists outside the country who can tweet safely
- If vulnerable websites are visited (e.g. facebook, twitter), always use https proxies if available
Security in reporting: online and local activists should have a discussion early on to identify an effective and safe strategy for reporting from the ground. Some useful tips:
- Mobile phones are very unsafe for communication. Every time you call or text, you send out both the SIM card details (IMSI / TMSI) and the mobile phone handset details (IMEI) . If mobiles phones are used, always use codes to communicate and change frequently SIM card and handset.
- If FrontlineSMS is used, change location of the computer every time the software sends information to Ushahidi and don’t use it from home
- In particularly hostile environments, do not use SMS, twitter or web-forms to report information. Email reports should come from and to a hushmail account. Skype can also be used to relay messages.
- Developing a trusted network of reporters early on may be critical in these environments, particularly since deliberate misinformation can be a concern
- Avoid circulating video or images that clearly show people who did not consent to their circulation.
- Remove or obscure portions of content that identify and endanger citizens, for example by blurring faces.
At the end of this post, you will find a list of useful documents on online security in case you want more detailed information. Finally, remember that all volunteers are personally responsible for not divulging any sensitive data as set out in the TF Code of Conduct:
“Integrity: I will maintain the confidentiality of all internal communications and information intended solely for TF coordinators and volunteers. I will maintain confidentiality particularly on data relative to:
- Personal phone numbers and e-mail addresses of the sources of information
- Contacts with NGO, International Organizations and other partners of the TF
- Sensitive data related to vulnerable groups like children, women, sick people, elderly, IDPs and refugees.”
The crisismappers list saw some discussion about the ethics of contributing to live mapping efforts in complex political emergencies (which often, though not always, are in hostile environments). As a community, it is probably not possible to define an ethics of the Task Force that applies to all situations. However, it may be worth fleshing out some of the ethical concerns of live mapping in hostile environments – particularly around neutrality and impartiality.
First, what is the meaning of neutrality in the context of a complex political emergency in a repressive regime? The TF Code of Conduct says the following about neutrality:
“Neutrality: The TF assistance is given regardless of the race, creed or nationality of the recipients and without adverse distinction of any kind. I shall endeavor not to act as instruments of government foreign policy. I must not take sides in hostilities or engage in controversies of a political, racial, religious or ideological nature.”
The first two sentences are relatively easy to adhere to, as is the notion of not taking sides in hostilities. The more difficult one is “engage in controversies of a political, racial, religious or ideological nature”. Is mapping reports from pro-democracy activists that are demonstrating in a repressive regime akin to engaging in a controversy? One possible answer is that in such a situation we are intervening not to express an opinion ourselves, but to enable an opinion to be expressed. That is, we are upholding the right to freedom of speech, not taking a particular side in a controversy. And then the question becomes – is upholding human rights in a repressive regime the same as remaining neutral? In discussions about intervention, the meaning of neutrality can easily become eroded. In one sense, there is no such thing as a neutral intervention (and that applies to humanitarian disasters as much as to complex political emergencies). As a community, we will need to consider for each intervention how we define our neutrality, and what limits we need to identify to our interventions to make sure we don’t cross that line. This will inevitably be a messy process.
Second, is it possible to be impartial in a complex political emergency? The TF Code of Conduct says the following about impartiality:
“Impartiality: The TF assistance will not be used to further a particular political or religious standpoint. Aid priorities are calculated on the basis of need alone. I will carry my duties in the TF having in mind that humanitarian action must be carried out on the basis of need alone, giving priority to the most urgent cases of distress and making no distinctions on the basis of nationality, race, gender, religious belief, class or political opinion.”
This definition is best suited to sudden onset emergencies where the political elements are lesser, and needs can be more or less objectively defined using the Sphere standards for humanitarian assistance. What is ‘need alone’ in a complex political emergency? Which are the ‘most urgent cases of distress’? One useful way of considering impartiality in a complex political emergency – particularly in a hostile environment where mis-information is common – is to make every effort to avoid becoming the instrument of a particular point of view. Verification of reports is key, here are some useful tips based on our experience to date:
- If an event is reported by a trusted news source (e.g. BBC, Reuters, Al Jazeera), then mark it as verified.
- If an event is reported by one of our trusted reporters, then mark it as verified and as a ‘trusted report’.
- Other reports are posted as unverified only once there are at least two independent reports on the event.
This post only scratches the surface on issues of security and ethics for live mapping in hostile environments. Additions to and comments on the thoughts set out here would be most welcome.
Useful documents on online security:
How to Communicate Securely in Repressive Environments – A Guide for Improving Digital Security – Patrick Meier