Four Digital Security Lessons for Writers

Digital freedom was at the top of the list of concerns last week at the biennial convening of PEN International’s Writers in Prison in Krakow, Poland. Building on the momentum of the PEN Declaration on Digital Freedom, a number of sessions focused specifically on how new technologies are impacting freedom of expression. We heard a thought-provoking lecture by Oxford professor Timothy Garton Ash, and took in a plenary panel that featured bloggers Emin Milli (Azerbaijan) and Kareem Amer (Egypt) and Bill Echikson, the head of Communications and Public Affairs at Google Europe. After these events, PEN American Center provided an interactive training on how to use the Declaration to protect threatened writers through case studies and real life examples.

By far the most interesting event—and unsettling—was a training session presented by Tactical Technology Collective, a Berlin-based human rights organization, which revealed how vulnerable our private information and thoughts are in the era of electronic surveillance and Big Data.

Here are four alarming lessons I took away from the session and some very simple and practical steps all writers can take to lessen the dangers. But first, you should know that technology is changing all the time, so take a look at Tactical Tech’s Security-in-a-Box toolkit if you have further questions. No method of communication is totally secure.

1. We leave behind a terrifying amount of digital information that makes us easier to track.

We all know that we’re being traced when we use our devices. Heck, sometimes we even ask our cell phones to tell us where we are by using their GPS devices. But the amount of information that we leave by simply entering our credit card information or buying a SIM card for a mobile phone makes us much easier to track and surveil. Tactical Tech’s online tool Myshadow.org allows you to input which digital devices you use and tells you how many “traces” of information you are leaving behind. You will be shocked. (I consider myself a moderate user of technology, and I left behind 66 traces.) But the important thing is that Myshadow.org also tells you what you can do to operate more securely.

2. Watch out on wireless networks.

Wireless networks may be convenient, but they are very vulnerable to snooping. One of the most dangerous situations occurs when you utilize an open wifi network—for example one available in a public square, shopping center, or transport. There are free apps available that allow a hacker on the wifi network to easily hack into your social media accounts when you use a wireless network. These tools allow the hacker to utilize the account as if it is her own, posting to your timeline on Facebook, uploading videos on Youtube, or posting Tweets on Twitter. You can make this a little harder for the hacker by adjusting your Twitter and Facebook settings, which offer Secure Socket Layer (SSL) browsing for mobile phones. Other social networks are not secure yet, so try not to use them when you are on open wifi!

3. There are safer alternatives to Facebook.

Facebook and other social networks allow for plenty of breaches of privacy whether or not you are a writer under threat. (Remember that embarrassing photo that your friend published to the world?) In addition to secure email and secure browsing, Riseup offers its own dedicated social network that provides a number of security protections. You can use it to collaborate with colleagues on sensitive projects—such as a critical human rights report—that shouldn’t be shared on a public Timeline.

4. Saving an email as a draft doesn’t mean no one else can see it.

It may seem secure to create a new email account and communicate by saving messages as drafts rather than sending them, but it’s not. When you save a message as a draft in your email account, it is still uploaded to a server, meaning that people can intercept the information, including your IP address and location. Again, try Riseup’s social networking tools to operate securely. They’re not as polished as Facebook, but they’re a lot safer.