Case 2 - Security as a shared process
Updated2016
This guide is no longer being maintained
Nataly, Caucasus region
Nataly works for a women's rights organisation in the Caucasus that provides services and safe spaces for women in troubled situations and advocates for ending violence against women. At a time of economic growth and increase in internet connectivity, more and more citizens were using online platforms not only for interpersonal communication, but also for finding out about events and projects of civil society groups. Thus, Nataly's organisation started using social media networks and online outreach more, but felt challenged by this new arena filled with a different set of risks and barriers.
Following a set of public actions organised through Facebook, the organisation was subject to a series of attacks being disruptive to family values. After first being attacked verbally online and then at protests in the street, the organisation sought support:
"That was the time that we saw that not only did we need to think about physical security but also online security. We didn't have knowledge and didn't trust any IT people in our surroundings. We didn't know of any female IT specialist that could help us, so we were obliged to ask someone from outside and pay him . It was very challenging to trust anyone."
Unable to find a trusted specialist, the organisation implemented basic digital security practices and created a new office-wide physical security policy. The organisation also began sharing information on threatening circumstances with other local organisations working in the field of women's rights. This information sharing process led to the creation of a collaborative security strategy within a network of organisations.
"We started exchanging information and started doing things that are obvious, like changing passwords, thinking about what to put online and what not to put online, how to deal with comments on Facebook, how to monitor ourselves more. At first we wouldn't monitor social media and now we do that 24 hours a day almost."
The network also set up a secret Facebook group in order to document security incidents such as online harassment and attacks at protests. Tracking incidents together enabled the network to find common patterns in the behaviours of their harassers. The similar tone and language of the 'online’ and ‘offline’ harassment allowed the network to establish links between these behaviours and trace responsibility to a certain set of actors. As the network continues to support eachother and refine their digital security practices, the threats become more manageable, so that the organisations can focus on the opportunities found in using online platforms for organising.
See the following chapters for resources related to this case:
Note: These case studies were collected through primary research by Tactical Tech and its consultants. Some details have been withheld or changed to protect anonymity.