16 ways to protect your online privacy in a high-risk world

How to up your game when it comes to protecting your data, messaging and phone

In just the past month, we’ve read stories about how Canadian police are tracking environmental activists, the Mexican government is monitoring journalists and activists, and US security agencies are peering into the communications of Black Lives Matter activists. Every day brings more examples of entities and governments around the world violating privacy and putting the security of activists and campaigners at risk.

But there seems to be a tool for every online privacy breach and we’re going to dive into encryption, passwords, and how to secure your data, phone and messaging as you work in an insecure world. You may want to catch up on your threat model first – not everyone faces the same risks.

Choosing (and Using) the Right Online Security Tools

Phone and Data SecurityNick Sera-Leyva, Human Rights and Training Programs Manager at Internews, knows all about how online security tools can help or fall short. “What is key to [online security and privacy] is that the tools are not what’s helping you. The tools themselves are not the solution; it’s how you use them. You need to know what they’re capable of and what they’re not.”

The tools themselves are not the solution; it’s how you use them. You need to know what they’re capable of and what they’re not.
- Nick Sera-Leyva, Internews

Taking Sera-Leyva’s warning into consideration, let’s look at a variety of ways you and your organization can improve your digital security. However, just because we introduce something below doesn’t mean it’s sacrosanct and it doesn’t mean it will work for you. Explore threat modeling and understand your situation before deploying new tools.


DataGenetics did a study of 3.4 million four-digit PINs. They found the most common PIN was 1234 (11 percent), and in second place was 1111 (6 percent). This shocking lack of creativity goes to a larger point: you aren’t going to protect yourself by being unoriginal or basic. There are a couple of steps you can take to be better off than the 17 percent mentioned here.

“Organizations should have a stated password policy,” says Allen Gunn, the executive director at Aspiration. This is a very low-tech, first step that most organizations can benefit from. Password policies should include how often a new password needs to be created, who can know a particular password, and to not allow the same password for multiple accounts. Most importantly, these procedures need to be followed by everyone in the organization.Read the rest now…

Stay safe out there: Threat modeling for campaigners

A guide to evaluating risks and knowing what to worry about
Online and operational security for campaigners

For his day job, Norman Shamas is the director of curriculum and pedagogy at an organization that helps people better use and understand technology. In his off-hours, he’s a rabble-rouser. Based in Washington D.C., Shamas was an active organizer … [Read more]

The 350.org and Hollaback! approach to distributed campaigning

Finding the balance between top-down leadership and bottom-up action
One Earth One Family

350.org and Hollaback! are relative newcomers to the world of cause campaigning but have experienced an explosive rise in following and impact since their founding. Their distributed approach to movement building seems to have been a key factor here … [Read more]

Open Campaigns Camp goes live

80 global campaigners training and learning from each other
Open Campaigns Camp

What happens when you bring 80 campaigners from around the globe together for three days to learn from each other about technology-enabled open campaigning? That's what we're finding out right now at Open Campaigns Camp in Berlin. Along with … [Read more]

Handheld devices put livestreaming to work on campaigns

Can apps like Periscope and Rhinobird help activists and organisers share bigger, better stories?
Photo by Anthony Quintano

Over the past month, hundreds of kayaktivists surrounded Shell’s massive Polar Pioneer drilling rig in a Seattle harbor. Scenes from Seattle were broadcast live by smartphone using the Periscope app. People watched on their phone, on Twitter and … [Read more]

Product teams: The next wave of digital for NGOs?

The era of the re-launch is over. How orgs can apply "product" principles to continually deliver the best technology.
Product teams

We've reached a fascinating point in the evolution of technology within nonprofit and social change organisations: everyone we work with at Greenpeace and beyond seems to agree that digital has a critical role to play, but many struggle to find the … [Read more]

Measure your Mission: Beyond vanity metrics

Beyond Vanity Metrics

This guest post by Jackie Mahendra, Director of Strategic Collaboration at Citizen Engagement Laboratory, first appeared on Medium. How do you know if your work is working? For those of us at mission-driven organizations, this is a … [Read more]

Pay attention and win: Lessons from Brasil

How Greenpeace Brasil is adapting Big Listening to its needs to become an opinion leader
March for forests in Brasil

In 2013, Greenpeace Brasil realised it was having trouble turning it's fast-growing social media audience into the kind of active and vocal supporters needed to help influence public opinion on its issues. In mid-2013, they connected with MobLab's … [Read more]

Learn how 3 years of Big Listening (and testing) may change your campaigning

A MobLab interview with Upwell's Rachel Weidinger
Upwell conversation

The crew of innovative campaigners and online strategists at Upwell, led by a core team of Rachel Weidinger, Ray Dearborn and Matt Fitzgerald have done their best to change how campaigns listen to, use and test online campaigning since 2012. Their … [Read more]