“Assert your rights—we’ve got your back.” For 15 years, CLDC has defended activists’ constitutional rights in the courts and — through our Dissent & Democracy trainings — in the streets. And while our core mission to provide activist legal education and support remains important as ever, our world is very different from the one fought for up to the 1990s by forest defenders and human and non-human animal liberation activists.
Activist groups today are equipped with widespread and affordable digital cameras, satellite navigation, and instantaneous global communications and social networking. These technologies provide significant organizing advantages. At the same time, State and corporate opponents will turn these complex tools against activists, enabling systematic surveillance and sophisticated infiltration and disruption.
In a world where millions of digital communications are silently intercepted, collected, and stored every day, how do activists effectively say “I do not consent to this search?” As in a physical encounter with law enforcement, we must be proactive. Online, this means using encryption along with other privacy-protecting and autonomy-preserving tools.
Our choice of tools is of vital importance—corporate digital infrastructure that may be convenient to use can be relied upon to snitch on anyone accused of making trouble for racist, neocolonial and patriarchal government agencies and exploitative or toxic industries.
Community-driven, trustworthy, and proven digital security tools exist, but can require a sometimes steep learning curve. Also, all technologies have certain limitations. Knowing exactly what these are is crucial to using them safely and effectively. Finally, technology changes faster than the law. New backdoors and security flaws are discovered by researchers—or leaked to journalists by inside dissenters—every week.
CLDC is committed to educating our activist communities on the tools that can be used with confidence by dissident organizers to resist surveillance and remain free to take action. We’ll post updated recommendations for different levels of risk and tolerance for complexity.
On our security blog, we will document surveillance tactics as they are exposed by journalists, security researchers, and Freedom of Information Act requests, and provide activists with regular updates on surveillance methods.
Through trainings, workshops, and ongoing outreach to activist groups, radical online service providers, and privacy tech developers, we’ll help build resources to assist political movements in keeping their communications secure to empower grassroots organizing. This will include working with partners on platforms that can be rapidly deployed to protect communications within large, spontaneous movements.
PSA: Zoom shouldn’t be trusted for video/conference calls.
The short read: Should Zoom should be trusted to keep your group calls secret? Only as far as you would trust Microsoft, Google, or Facebook—as far as CLDC is concerned, not at all. If you must keep using Zoom, please make sure that […]
To cut to the chase, keeping your phone in a high-quality Faraday bag will conceal your location. This stops the State from tracking your every move, which can be really important in some situations. We recommend this one right here. You can support CLDC’s work by buying one from […]
The short version: if you’ve been using Keybase, you’re not the only one who has received an “airdrop” of the cryptocurrency Lumens (XLM). This is nothing to worry about, and you can safely participate in it or ignore it. It’s Keybase promoting XLM, which is part of their funding […]
Tap here for a brief checklist to make a strong password! — and here is our strong password zine, all […]
End-to-End Encryption is the best security model for communications or online document storage, but the term is a bit of a mouthful that isn't always clear ("the ends are me and the server, right?" -- wrong!). So let's try using a new term -- Direct Encryption -- meaning: the only people who can decrypt and read messages are those directly involved in a private conversation or project.
For reasons, we can't say that any digital technology could ever be considered 100% trustworthy. At the same time, most people can't do all their organizing in person on backcountry camping trips, so we won't say "just don’t use phones or computers." What we will do is try to give you a way to decide how much to trust each of your devices and apps.
Since this Register article was recently published, some activists are concerned about whether or not ProtonMail can be trusted.
The CLDC has expressed reservations that ProtonMail may not be the best choice for activists. Despite the worrisome recent news, ProtonMail is nevertheless a reasonable choice for encrypted email. As […]
We dislike G**gle and F*c*book. Here is one reason.
Every year, Google and Facebook hand over data from roughly one hundred thousand user accounts to law enforcement and other requesters. Many of these requests come in the form of subpoenas, which do not require probable cause, can originate out of criminal […]
So, you’re set up to use GPG email encryption using Thunderbird+Enigmail in one of our trainings or using our online guide. The following exercises will help reinforce key concepts and teach you some advanced tricks.
Importing (and fingerprinting) public keys
Now that you are using GPG email encryption, you will need […]
Security update (06/14/2018) — PGP/GPG email encryption security issues have now been fixed — please update to Thunderbird 52.8.0+ and Enigmail 2.0.7+ (for those using Apple Mail, please update to GPGTools 2018.3)
Because the confidentiality of your encrypted email relies also on others’ settings, for maximum safety until this flaw […]
Signal isn’t perfect and we’re not certain it’s designed with activists in mind–for instance, you and your friends can’t use it without all using real phone numbers. But still, Signal takes almost zero time or training and equips activists with 5-star end-to-end text, voice and video encryption with an […]
Dress for the Northwest: Use Layers of Encryption to Stay Safe from Unknown Vulnerabilities and Exploits
Vulnerabilities and exploits to Internet-enabled devices are constantly being discovered (and stockpiled). This is one reason why you’ll hear us say “there is no such thing as perfect digital security” and “don’t bet your life and liberty on this [digital security] tool”. That said, there is a lot you […]
DreamHost, a web-host, has revealed that they are fighting the US government warrant requesting all information about every person who has visited the website www.disruptj20.org. Such information could include all subpages of disruptj20 that you surfed, how often you did so and the complete text of anything you might […]