Digital Security (DS) Program

Digital Security (DS) Program2018-10-05T22:32:16+00:00

“Assert your rights—we’ve got your back.” For 15 years, CLDC has defended activists’ constitutional rights in the courts and — through our Dissent & Democracy trainings — in the streets. And while our core mission to provide activist legal education and support remains important as ever, our world is very different from the one fought for up to the 1990s by forest defenders and human and non-human animal liberation activists.

Activist groups today are equipped with widespread and affordable digital cameras, satellite navigation, and instantaneous global communications and social networking. These technologies provide significant organizing advantages. At the same time, State and corporate opponents will turn these complex tools against activists, enabling systematic surveillance and sophisticated infiltration and disruption.

In a world where millions of digital communications are silently intercepted, collected, and stored every day, how do activists effectively say “I do not consent to this search?” As in a physical encounter with law enforcement, we must be proactive. Online, this means using encryption along with other privacy-protecting and autonomy-preserving tools.

Our choice of tools is of vital importance—corporate digital infrastructure that may be convenient to use can be relied upon to snitch on anyone accused of making trouble for racist, neocolonial and patriarchal government agencies and exploitative or toxic industries.

Community-driven, trustworthy, and proven digital security tools exist, but can require a sometimes steep learning curve. Also, all technologies have certain limitations. Knowing exactly what these are is crucial to using them safely and effectively. Finally, technology changes faster than the law. New backdoors and security flaws are discovered by researchers—or leaked to journalists by inside dissenters—every week.

CLDC is committed to educating our activist communities on the tools that can be used with confidence by dissident organizers to resist surveillance and remain free to take action. We’ll post updated recommendations for different levels of risk and tolerance for complexity.

On our security blog, we will document surveillance tactics as they are exposed by journalists, security researchers, and Freedom of Information Act requests, and provide activists with regular updates on surveillance methods.

Through trainings, workshops, and ongoing outreach to activist groups, radical online service providers, and privacy tech developers, we’ll help build resources to assist political movements in keeping their communications secure to empower grassroots organizing. This will include working with partners on platforms that can be rapidly deployed to protect communications within large, spontaneous movements.

Please contact us for comments, suggestions, or questions at and, as always, you can donate to support this work.

  • Email Encryption

Direct Encryption

March 29th, 2018|Security|

End-to-End Encryption is the best security model for communications or online document storage, but the term is a bit of a mouthful that isn't always clear ("the ends are me and the server, right?" -- wrong!). So let's try using a new term -- Direct Encryption -- meaning: the only people who can decrypt and read messages are those directly involved in a private conversation or project.

What tech can we trust?

January 27th, 2018|Resources, Security|

For reasons, we can't say that any digital technology could ever be considered 100% trustworthy. At the same time, most people can't do all their organizing in person on backcountry camping trips, so we won't say "just don’t use phones or computers." What we will do is try to give you a way to decide how much to trust each of your devices and apps.

Load More Posts

Direct Encryption

By |March 29th, 2018|

End-to-End Encryption is the best security model for communications or online document storage, but the term is a bit of a mouthful that isn't always clear ("the ends are me and the server, right?" -- wrong!). So let's try using a new term -- Direct Encryption -- meaning: the only people who can decrypt and read messages are those directly involved in a private conversation or project.

What tech can we trust?

By |January 27th, 2018|

For reasons, we can't say that any digital technology could ever be considered 100% trustworthy. At the same time, most people can't do all their organizing in person on backcountry camping trips, so we won't say "just don’t use phones or computers." What we will do is try to give you a way to decide how much to trust each of your devices and apps.

Load More Posts

Google and Facebook give your data to cops

By |December 7th, 2017|

We dislike G**gle and F*c*book.  Here is one reason.

Every year, Google and Facebook hand over data from roughly one hundred thousand user accounts to law enforcement and other requesters.  Many of these requests come in the form of subpoenas, which do not require probable cause, can originate out of criminal […]

Advanced GPG Email Encryption: Self-Study Guide

By |October 31st, 2017|

So, you’re set up to use GPG email encryption using Thunderbird+Enigmail in one of our trainings or using our online guide.  The following exercises will help reinforce key concepts and teach you some advanced tricks.

Importing (and fingerprinting) public keys

Now that you are using GPG email encryption, you will need […]

GPG email encryption guides

By |October 29th, 2017|

Security update (06/14/2018) — PGP/GPG email encryption security issues have now been fixed — please update to Thunderbird 52.8.0+ and Enigmail 2.0.7+ (for those using Apple Mail, please update to GPGTools 2018.3)

Because the confidentiality of your encrypted email relies also on others’ settings, for maximum safety until this flaw […]

Load More Posts

Choose Wire for conference calls

By |May 14th, 2018|

Here's what we look for in trustworthy technology: end-to-end encryption, open source code, and cross-platform support.

Signal: Activist Best Practices

By |September 6th, 2017|

Signal isn’t perfect and we’re not certain it’s designed with activists in mind–for instance, you and your friends can’t use it without all using real phone numbers. But still, Signal takes almost zero time or training and equips activists with 5-star end-to-end text, voice and video encryption with an […]

Dress for the Northwest: Use layers of encryption to stay safe from unknown vulnerabilities and exploits

By |October 19th, 2017|

Vulnerabilities and exploits to Internet-enabled devices are constantly being discovered (and stockpiled). This is one reason why you’ll hear us say “there is no such thing as perfect digital security” and “don’t bet your life and liberty on this [digital security] tool”. That said, there is a lot you […]

What is doxing? Can it be prevented?

By |September 1st, 2017|

Doxing is the practice of collecting personal info (public or private) and publishing it online. It has been used as a means of intimidation and harassment and CLDC has been asked more than once "what if it happens to me?"

Defend Civil Liberties!

Get the latest updates, action alerts, articles, and event invites.
  • This field is for validation purposes and should be left unchanged.