We are excited to introduce Robert Guerra as a co-facilitator in our upcoming course, TC114: Basics of Digital Safety. Robert is the founder and executive director of Privaterra, a Canadian based organization working with private industry and NGOs to assist them with issues of data privacy, secure communications, information security, internet governance, and internet freedom. Robert will be joining Norman Shamas in facilitating our upcoming course. We wanted to give you a little sneak peek to the course so we chatted with Robert:

Q: How do you define/think about digital safety?

R: I define digital safety simply as a set of steps, processes and mindset one should follow to keep one’s devices, data, communications and online interactions as protected and private as possible.

Here’s some key tips that I always mention to reduce digital risks:

#1. Be Aware!

When really wanting to keep yourself secure online or anywhere else is important to be mindful of your environment. It the most vital thing you can do.

Understand that there are many out there who are looking for simple chances to attack and steal your valuable assets. A common target will be an individual who does not take any precautions and might be intimidated by the internet and/or digital devices.

You wouldn’t leave your car door open with the keys in the ignition and the engine running, would you? Certainly not, as you run the risk of having your car stolen and driven away by someone who notices you aren’t around.

Are you taking the same precautions when using a mobile phone or using the internet? if you are, then you could be said to be doing something to protect yourself online – you in a way, implementing a digital safety practice of some kind.

#2. Guard Your valuables!

Activities that involve far more valuable, sensitive and confidential assets require one to take additional precautions. Not taking any precautions is an invitation for a burglar to target you.

Would you openly share the key to your safety deposit box where you keep your valuables and very private documents? Obviously not. However, do you take the same precautions to protect your online banking accounts, private photos, sensitive contacts on your devices?

#3. Plan for the worse, hope for the best…

Not a day goes by without some news of a retail store or online site being hacked and thousands of accounts being compromised. Attacks are increasingly unavoidable, so it is important that one has contingency plans in place to react to all sorts of possible incidents and attacks.

The worst might not happen, but if it does – you will know how to react quickly and perhaps be able to minimize the situation from getting worse.

Q: How did you get involved in the field of internet security?

R: I got seriously involved in the field of internet security back in 2001 when started a small Canadian NGO to provide encryption training to Human Rights NGOs in Guatemala and South America who were reporting that hard drives were being stolen, sensitive documents were being compromised and emails were being intercepted.

You could say, I was assisting at-risk groups who were reporting serious issues related to data breaches, surveillance and hacking almost 13 years before Edward Snowden raised the profile and importance of the issue.

Robert speaking
Robert talks about what Privaterra and other organizations are doing to help identify and mitigate security vulnerabilities faced by Human Rights Organizations.

Q: Why is digital safety especially important for NGOs and organizations working with social justice issues?

R: NGOs and organizations working with social justice issues often deal with confidential and very sensitive data in the course of their work. This data if not adequately protected, can lead to very serious consequences including death.

These groups, as stated by the targeted threats report published last year by the Citizen Lab, also face persistent and disruptive targeted digital attacks. Unlike industry and government, however, NGOs have far fewer resources to deal with the problem.

Q: What are you most excited about for the Digital Safety course?

R: I’m excited to work with Norman and the team at TechChange to help leading organizations better understand digital security and what can be done to raise the bar. We’ve worked to put together a great curriculum, some great resource material, and invited leading experts to share their amazing experience to improve the security of at-risk groups around the world.

Q: What kind of conversations are you hoping to facilitate in the course?

R: I’m looking forward to facilitating a conversation among the course participants and invited experts on security challenges currently being faced by NGOs and what steps we can taken together to improve protection methods and organizational resiliency.

As well, I’m also interested in promoting a conversation and discussion about tools, best practices and resources that can be easily implemented to not only help individuals and activists but also social justice organizations working to promote human rights and democracy promotion in at-risk environments.

We are really excited to have Robert co-facilitating this course with Norman Shamas! We already have around 40 participants joining us. There is still time to enroll in the course. Apply now. Course begins August 17, 2015.

About Robert

Robert-Headshot

Robert Guerra is a civil society expert specializing in issues of internet governance, cyber security, social networking, multi-stakeholder participation, internet freedom and human rights. Robert is the founder of Privaterra, a Canadian based organization that works with private industry and nongovernmental organizations to assist them with issues of data privacy, secures communications, information security, internet governance and internet freedom. Robert collaborates with the Citizen Lab and Canada Centre for Global Security Studies at the Munk School of Global Affairs at the University of Toronto.

Photo source: Amnesty International

In the latest session of TechChange’s “Tech for International Crisis Response and Good Governance” class, I learned about the Panic Button, the emergency Android app recently launched by Amnesty International. The app is a step in the right direction for emergency alert applications, and may prove to be useful in other types of emergency situations. It was initially designed for activists working abroad, and essentially turns a cell phone into an alarm. While the app is running, the user can send pre-programmed SMS and GPS coordinates to three trusted contacts by hitting the phone’s power button multiple times. This simple process can be executed while the phone is located in the activist’s hand or pocket, and with minimal effort. With beta testing in 17 countries, this open source app was developed through an iterative process by networks of developers and activists, with two critical factors in mind: security and speed.

Pros. The speed of sounding an alarm is a major benefit of Panic Button, triggered by the power button on a user-friendly interface. This trigger allows users to be discreet in sending out an S.O.S. before their phone may be taken away by an adversary. Also, the GPS functionality provides trusted contacts with detailed information of where the person (or at least the phone) is located. This notification assumes that the activist has prepared ahead of time to both discuss with their contacts what to do in the event that an S.O.S. is received, and that they have turned the app on.

Cons. Security – particularly the interception of texts – remains a major concern. The app may reveal information about one’s location and contacts that could put all parties at increased risk. One of the major benefits of the app is sharing GPS coordinates, which need to be manually enabled. In an insecure environment, these may typically be switched off. The app needs to be switched on to work, which also means that the user needs to anticipate that they may be in a dangerous scenario – something very hard to do. These stipulations, as well as its learning curve, are potential stumbling blocks that need to be addressed.

Implications for sexual violence prevention. Despite these kinks, the Panic Button is a powerful tool. In its current state, Panic Button is specifically designed for activists, but its technology has the potential for use in other emergency situations, notably for women and girls at risk for sexual violence. Panic Button is similar to the award-winning and widely-used Circle of 6 app, but appears to be easier to use in an emergency situation. The ability to trigger Panic Button’s alarm without having to open the app itself is a critical differentiator and timesaver when an abduction or act of sexual aggression is occurring (similar to a scenario a Panic Button user would face). Circle of 6 is already being used in India, where not only sexual violence occurs on a far-too-frequent basis, but also where users are already comfortable using smart phones, and thus could also easily use Panic Button.

Panic Button is useful in environments that are dangerous and highly variable. With the open source nature of the app, one can only hope that the app will be adapted further to better address more specific challenges presented by additional contexts, and save both activists’ and women’s lives worldwide.

About Jessica Soklow

Jessica Soklow

Jessica Soklow is working toward her Masters in International Affairs at George Washington University’s Elliott School and is alumna of TechChange’s “Tech for International Crisis Response and Good Governance” course. Her concentration at the Elliott School is on international development, with an emphasis on developing and implementing programming with a gender-specific lens. Jessica has conducted extensive research on gender-based violence in international contexts, with a specific focus on prevention mechanisms in both India and the United States. She is optimistic about how technology can be used in the future to help prevent violence on a global scale.

Learn about tools like Panic Button and other technology in our upcoming online course on Tech Tools & Skills for Emergency Management, which has an early bird discount that ends Oct 31!

Interested in our upcoming course: Technology for Conflict Management and Peacebuilding? Our next class starts Monday, February 18th. Apply today!

This week, Ushahidi announced the launch of the Uchaguzi partnership in preparation for the upcoming March 4th Kenya elections with the aim “to help Kenya have a free, fair, peaceful, and credible general election.” This announcement came after the Standby Task Force (SBTF) sent an email on February 8th informing their community of voluntary crowdmappers that the SBTF has withdrawn from Ushahidi’s map for not meeting their criteria for activation, but still encouraged their community to participate as individuals. The announcement surprised some in the Standby Task Force community, which had been preparing for deployment, but was not entirely unexpected after the SBTF’s decision to focus on deploying to “natural” disasters after their experience in Syria. The official email explained that:

“The things that we use to ensure that the security, ethics and neutrality that the SBTF stands for is protected, that there is a feedback loop (a physical, on-the-ground response to the data processed by Mapsters) and that we do no harm, e.g. we don’t damage existing in-country responses.”

The notion that external support could be counter-productive is an issue worth considering for the voluntary technical community of peacebuilders. The rise of both local crowdmapping and the global volunteer and technical communities have grown together over the past five years after the violence stemming from the last Kenyan elections gave rise to the Ushahidi platform and the Haiti earthquake saw the development of a global volunteer networks to apply them. Since that time, it’s become clear that the ethical questions surrounding application of technology to peacebuilding are as complex as ensuring technical capability, if not more so.

The challenge of protecting the privacy and security of citizen users is constantly grappled with by the organizations responsible for these tools. The upcoming Kenyan election offers a unique case to take stock of where we stand and where we are moving. Which is why it will form the basis for an activation simulation in TC109: Technology for Conflict Management and Peacebuilding. As part of the activity, we’ll be talking with Justine MacKinnon of the Standby Task Force and Rob Baker of Ushahidi. To understand more thoroughly the opportunities for new technologies to empower peacebuilders.

Of course the ethical impact of new technology is not limited to crowdsourcing, which is why we’re also going to discuss the full spectrum of issues in TC109, from using drones to protect human rights with Mark Hanis to using MapBox to display drone strikes on Pakistan in real-time. New technology often presents as many problems as it solves, and application of even the most potentially beneficial new tools without sufficient forethought can always cause more harm than good.

Class starts on Monday. We hope to see you there! Please feel free to tweet @techchange if you have any questions or send us an email: info [at] techchange.org.

This past week I had the privilege of meeting and working with fifteen fellows from across the African continent who came to Addis Ababa, Ethiopia for a two-week training organized by the UPEACE Africa Program with a supporting grant from IDRC Canada.

The training covered a variety of areas related to strengthening research capacity for governance and security in Sub-Saharan Africa and was designed to provide these fellows with critical support for carrying out their PhD work at various institutions of higher education across the continent.

Dissertation topics included:
– The Life of exiled Zimbabwean Soldiers in South Africa: Coping with the Repressed Memories of War and Political Violence
– The North & South Sudan Conflict on Abyei since 2005 Comprehensive Peace Agreement: Challenges & Prospects
– ‘Go back to your Ancestral Land’ Autochthony, Citizenship and the Quest for Return Among Internally Displaced Persons in the Rift Valley Province, Kenya

 

Session Overview: Mobiles, Maps, and Presentations

My sessions provided the fellows with a practical reflection on the role of technology in governance, peace and security as well as hands-on exposure to a variety tools and platforms that are being used to collect, visualize and analyze data.

On the first day, we explored FrontlineSMS, EpiSurveyor, GeoPoll, and OpenDataKit and their applications for supporting research via mobile data gathering. Activities from our online course TC105 Mobile Phones for International Development were used as a basis for this session.

On the second day, we looked at ArcGIS Online, Ushahidi and MapBox – all mapping platforms for data visualization and analysis. As part of this session, fellows had to create their own maps, analyze advantages and disadvantages of using different platforms, and reflect on applications for their own research.

We also spent time each day working with Prezi, the web-based zooming presentation tool. Prezi was probably the most popular platform of all the ones we explored, given what seemed to be a formidable and far-reaching frustration with PowerPoint. It sounds like almost all the fellows will be transitioning to Prezi for their classroom teaching and presentations in the near future.

 

Technology Capacity Building: Regional Implications

In the fields of international development and peacebuilding, attention is often focused on solutions and programs that meet basic needs and deliver urgent care (disaster response, food, water, shelter, health etc). For those efforts to have effective and sustainable impacts over time, countries must also have their own robust higher education and research sectors that provide critical analysis, develop comprehensive strategies, and train future generations of leaders. That is why programs like the UPEACE Africa Program that are focused strengthening the capacity of universities to carry out this work are so important. Special thanks to Tony, Jean-Bosco, Tsion and Tewodros and all the fellows for making this a memorable experience.

While the primary focus of TechChange has been and always will be online learning,
we believe it’s important to be connected to the communities like this and support this type of in-person learning. As an organization, we look forward to participating in similar projects, trainings, and initiatives in the near future.

For those interested in Technology for Peacekeeping consider taking our online certificate course, Technology for Conflict Management and Prevention, starting July 23rd.

**Disclaimer: These are Asch’s personal views and do not represent those of his employer.

You’ve heard of the 90/10 rule, right? I hadn’t heard the concept, at least, until recently. The meaning, though, I learned the hard way—an ICT-enabled project should be 90 percent planning and only 10 percent digital tool.  Not the other way around.

We initiated the Nigeria Security Tracker, an effort to catalog and map political violence based on a weekly survey of domestic and international press, at least two years ago. We wanted to answer the question “are things getting worse in Nigeria?”

The death of Nigeria’s president in office with upcoming elections, an increasingly divided electorate, and an apparent up tick in violence in the north and the middle of the country raised serious doubts about Nigeria’s stability.

And yet many disagreed. The optimists said things were getting better; the pessimists that Nigeria was becoming a “failed state”; and everyone else that Nigeria would continue to “muddle through,” as it had done since independence in the 1960’s.

Measuring levels of violence seemed like it could give us a more precise answer. While the Nigerian press has many shortcomings—lack of journalist training and professionalization, concentration of ownership and coverage in the south—it is relatively free, and there is a lot of it. Also, the presence of major outlets like Reuters, BBC, AP, AFP, and the Wall Street Journal added another layer of reliability. Indeed, some of the best Nigeria analysis I’ve seen comes from open sources. You just need to learn to read between the lines.

Mapping seemed like a useful and visually engaging way to organize our information. But without funding or any programming experience, our options were limited. We experimented with manually pinning incidents to Google maps and embedding on our blog. We tried to pitch Ushahidi to the web department hoping to get programming support, but without success.

Eventually, we abandoned the project–until Crowdmap was launched. Free, hosted on Ushahidi servers, preprogrammed, and simple to set up and use, it made the security tracker possible.

Our Mistake

We designed our research methodology around Crowdmap capabilities. We could include basic descriptions of events, and simple codings as well as details like causalities, but it was labor intensive.

Not until three months later, when we sat down to review our work, did we realize the shortcomings. Putting incidents on a map is useful if you want to see where violence is happening. But less so when you want to know when incidents occurred, or if you wanted to look at trends or correlations over time. (The automation feature of the map, while fun to watch, is not a terribly useful analytical tool.) We discovered it was impossible to look at, for example, the relationship of violence perpetuated by the security services and causalities.

Fundamentally, the project was supposed to be about the information captured. Not the technology. And we had it backwards.

We also discovered a major lost opportunity. Because we tailored our methodology to what could be included on the Crowdmap, we failed to capture other useful information, such as attacks on religious establishments, which only required marginal extra effort.

The Redesign

Given that our project was supposed to answer a particular question that a map alone couldn’t, we relegated the Crowdmap to a component of the project–no longer the driver. We thought more thoroughly about what kind of information we needed, and what we could glean from press reports of political violence.

Fortunately, we had documented all of our sources. So we could return to our original information and recode, albeit with a significant time commitment.

The Way Forward

Despite better planning the second time around, we continue to find shortcomings. We defined one variable, “sectarian violence,” inadequately, which means coding has been inconsistent throughout the project, making it less useful.

We are also vulnerable to technical problems on Crowdmap’s end. When there is a bug in the system, there is nothing we can do but wait for Ushahidi to fix it. (Recently, the site was down for about a week.)

Finally, we now have a year’s worth of information. It’s a huge dataset. And we still haven’t figured out what to do with it. Yes, we can make defensible, conservative estimates of causalities caused by actors like the police or Boko Haram. We can also show any escalation or decline in violence across the country.

But this only scrapes the surface of what our data can tell us. Admittedly, this is a good problem to have.  But given the time and resources we have already committed, and the wealth of date we have accumulated, we are constantly trying to balance benefits of the security tracker with the costs of maintaining it.

Asch Harwood is a specialist on Africa at a New York City-based think tank. 

The importance of both mobile network and software security continues to grow as more personal and significant information is communicated wirelessly. Two new attacks threaten the security of the GSM standard, an unwanted headache for mApp developers, while two others threaten the Android and Apple families of moblie operating systems.

(more…)