In our modern world, there is little one can do to escape data collection and surveillance. Companies are using information from our transactions and interactions to inform our cultural experiences and content consumption. This data becomes more valuable and powerful as tech companies – and authoritarian regimes – recognize its potential for control and oversight.
It’s the ultimate power trip when you can shut off access to someone using your platform because you disagree with their opinions or choices. And they can “see” everything users say and do with shocking ease; the data about us can be used as weapons against us with a single click.
As an organization responsible not only for our data but also for the information of our employees, vendors, and partners, we began a journey to ensure our personal, institutional, and community knowledge remains secure.
We identified two focus areas: Data Security & Management and Travel & Event Precautions.
Data Security & Management
We recognize the need to encrypt and protect our data wherever it is stored or transmitted. We want to make it as simple as possible for staff and others to participate without sacrificing privacy. We developed protocols related to password creation, file saving and storage, and data retention and management. We identified several tools to support our staff in seamlessly implementing these protocols into their daily routines.
These include:
- A data-scrubbing service
- A password storage platform
- A VPN for data encryption
- The DuckDuckGo browser
- Encrypted messaging platforms
We also do not use Google Suite products or public AI platforms. Our data is stored on dedicated servers or with contracted vendors who have aligned data privacy practices and guidelines.
Travel & Event Precautions
When gathering, whether in person or online, we want to ensure physical and intellectual well-being. We created a set of protocols and recommendations to support this, including:
- No posting details or the location/link until after the event
- No posting/tagging attendees without express consent
- No use of public or free internet, always using secure networks and the VPN
- Using privacy screens on computers and phones while in transit
- Limiting sensitive conversations and work while in public spaces
- Completing our Event Safety Plan detailing steps in case of weather, medical, or political emergencies
This is just a glimpse into the set of procedures and practices we’ve put into place to ensure we remain secure today and flexible to adapt to new threats or considerations. We may not be able to prevent a targeted or general attack on our work, but we can take steps to limit exposure and shore up weaknesses.
