$32.00 donated in past month
The following came form a brainstorm with UBEW members at the request of locals planning an environmental defense campaign. It discusses only secure(r) communications, but does not talk about the larger ramifications of creating a security culture.
SEVEN PRACTICAL SECURITY, TRUST, AND PRIVACY SUGGESTIONS FOR YOUR CAMPAIGN
- Trust! Action planning should happen IN PERSON with people who are trusted or vouched for.
- Privacy! People should NEVER share other people's emails, names, phone numbers, and personal info without their consent.
- Separate! Use a SEPARATE organizer email list from an announcement email list.
- Outreach! Add people to the organizer list only AFTER you have physically met them and if they have been vouched for.
- Secure! Assume email is insecure. Action planning should NEVER be discussed on the internet.
- Communicate! Use the organizer list to announce MEETINGS, but never to discuss strategy or details of actions.
- Announce! Public info (open actions, etc) should be ANNOUNCED as widely as necessary at the strategically appropriate time.
- If at a planning meeting, someone isn't present to vouch for someone, ask them to leave. Also trust your intuition.
- If organizing actions, use an email that is unconnected to the rest of your life.
- Social networking may be fine to announce public info, but is otherwise terrible security-wise, since you have no control over how it is distributed. Social networking sites often provide ways for the authorities to easily gather information.
- Be aware of your email chains. Have an understanding about what can be forwarded or copied.
- Text message are more easily searchable for the authorities (legally and technically) than just about any medium. Be aware.
- If you use email of SMS, don't talk in code. Authorities have argued in court that coded words or deliberately obscured references were allusions to even worse things.
- Public members, such as spokespeople, should not participate in actions (and possibly planning), because they will be targeted. The less they know, the safer everyone is.
- If open-organizing low-risk actions, some of the above guidelines can be loosened, but be cautious.
- Note that we didn't mention email encryption. While the technology is sound, it still hampers rather than facilitates communication, since implementing secure email is still technically challenging for non-tech people.