American citizens are unifying together under one phrase: “no justice, no peace,” as Black Lives Matter protests have increased following a slew of racist police incidents and killings against Black Americans.
And chances are if you’re reading this, you’re about to go out to a protest too, if you haven’t already. But so is your data, without you realizing it.
Given the explicitly anti-police nature of the rallies with chants like, “all cops are bad,” and “fuck these racist-ass police” resonating over and over again, people can expect that police will attempt to track and identify attendees.
Surveillance may be a part of everyday life, but you can still take steps to thwart privacy violations by police, counterprotesters, bystanders, or even your (misguided) fellow allies.
Along with this reporter’s own activist work on the streets, the Daily Dot reached out to two sources with experience on protecting protesters’ data privacy rights and drew on their combined expertise for harm reduction measures. Read on for our guide to data hygiene before, during, and after protests.
How to protect your data privacy while protesting
In an ideal world, no one would use a smartphone, but that just isn’t possible nor practical. Arguably, easily accessible instant communication to a large group of people is one reason why Black Lives Matter protesters have successfully mobilized across the U.S. In other words, every data privacy solution has trade-offs.
Accept that there is no such thing as a perfect anti-surveillance tactic, protesting comes with inherent risk, and no amount of technology can protect from human error. If you shout your legal name and address on camera and upload it to YouTube, it doesn’t matter if you use Signal or Telegram.
You just doxed yourself online.
Practice social media hygiene, and don’t tell on yourself
Police and counterprotesters monitor social media to plan their response to protests. The more information they have about who is protesting, where, when, and what they plan to do, the higher the likelihood that the protest will be shut down or lead to police violence, including arrests. This is doubly true if police are attempting to contain a protest that is on the move or one that has already been declared unlawful. Additionally, police or harassers may use your social media posts to identify you, and harassers may use it to dox you.
One of the biggest tips civil liberties advocate @aeyokay has for new protesters? Don’t post where you’re going, what you’re doing, and when you’re doing it. Police may use your information to “disrupt the lawful movement of peaceful protests,” she warns. This applies to posts about your friends, too. If you know someone who is going to a protest, don’t tag them on a post about it.
For more information on doxing prevention, read Hacking//Hustling’s guide.
Communicate using end-to-end encrypted messaging
If you’re planning to march, organize with others, or otherwise need to communicate private information about the Black Lives Matter protests, use encrypted messaging services to prevent interception by law enforcement. Signal, Dust, Wire, and Keybase all feature end-to-end encryption that will protect your right to privacy. For email, consider using ProtonMail, an off-shore email service that encrypts messages between ProtonMail users. There are also cloud storage data privacy solutions. Offshore cloud service pCloud offers online encryption to prevent others from accessing your files.
No pictures or videos that could ID your fellow protesters… unless it’s an emergency
Ever since the 2014 Ferguson protests, Black Lives Matters organizers and activists have repeatedly died under suspicious circumstances. Others have faced threats and harassment. Harm reduction measures to protect protesters’ identities are of the utmost importance to prevent this from happening. Don’t take pictures or videos of your fellow protesters’ faces. The only time this should be done is if a protester is being detained by police, is in distress, or might be in imminent danger. Otherwise, police can track your identity by photos and videos of your face uploaded online.
“Videos and pictures, even blurry crowd shots, can be used to ID people who may not want to be identified,” @aeyokay said.
Lock down your phone and other tech (or leave it at home)
Phones and phone apps are literally tracking your every move, and it’s to the police’s benefit. One source in tech with extensive civil unrest experience told the Daily Dot that protesters should not take any devices with them that can receive a signal or establish an outside connection if possible. And yes, this includes wearing a smartwatch.
For those that have no choice but to take their phones, they recommend keeping data to bare essentials, such as essential contacts and minimal apps. They also suggest removing the battery when not in use or placing your phone in airplane mode within a faraday bag. These bags block Bluetooth, phone signal, and WiFi connections from reaching your phone, each of which can be used to pinpoint where you went, when, and what time. They can also be used to spot who you’ve been near at (or after) a Black Lives Matter protest.
Shield your face, protect your identity
If you’ve ever tried to access your phone with Face ID while wearing a mask, then you know shielding your nose and mouth provides a lot of protection. Facial surveillance technology requires accessible faces that can be easily tracked and recognized, so wearing a mask is doubly important when protesting. Shielding your eyes provides additional concealment, and depending on when and where you’re protesting, you might need sunglasses regardless. Cover your hair or entire face for additional protection against being spotted in photos or videos.
Turn off Face ID and other biometric unlocks
Unlocking your phone with your face or fingerprint? You’ll want to disable that feature when you’re at a protest. While one magistrate judge ruled police cannot force citizens to unlock their phones via biometrics without a warrant, a police officer may still forcibly unlock your phone anyway during a protest. The Daily Dot’s source with civil unrest experience stressed protesters should not just set up a passcode on their phone, but refrain from giving out their code if intimidated.
Granted, your biometrics may be used against you should you be arrested. “Law enforcement can use those to unlock one’s phone after arrest,” @ayeokay said. “The law allows it.”
Strip your metadata from your photos and clips
Photos and videos carry metadata on them, or information about where, when, and how files were created. Police and counterprotesters can use this metadata to track where you protested and who you were with. This data can be removed in a number of ways. Windows has a built-in feature to create a copy of media files without metadata attached, and @ayeokay says programs like the open-source image editing program Gimp let users do this as well. Alternatively, taking a screenshot of your photo from within your smartphone’s OS should do the trick.
Get on Linux, use a VPN, and other advanced tips
If you’re organizing protests or spend a significant amount of time communicating with Black Lives Matter leaders in your local community, you should be warned: Windows is tracking your data. So is Apple’s macOS and Google’s Chrome OS. On some level, it’s impossible to escape spying from big tech if you’re using their operating systems and apps.
That’s where Linux comes in.
Linux is a family of open-source operating systems with different distributions, or “distros,” available. Many of these distributions comes with better security than Windows, and because data privacy is highly valued in the free open-source software community, many Linux distros minimize data tracking or at least leave controls in users’ hands. This makes it a phenomenal resource for organizers who want to decrease their information security risk. Plus in 2020, it’s easier to get started with Linux than ever: any laptop or desktop can be turned into a Linux machine, and distros like Ubuntu and Linux Mint are designed to easily run on modern hardware. You can even encrypt your hard drive during an OS installation on both platforms.
“I do highly recommend Linux over Windows. And an encrypted hard drive, especially if one is more likely to be searched, like organizers,” @aeyokay wrote.
She also recommends using Firefox over Chrome and installing ad blocking software, anti-data tracking add-on Ghostery, and switching to privacy-oriented search engine DuckDuckGo over Google. Use a VPN such as RiseupVPN or NordVPN to further ensure privacy for your internet traffic. For more information on securing your data on Linux, read DuckDuckGo’s guide here.
For the utmost security, use the Tails OS portable operating system with the Tor Browser and TorChat, the Daily Dot’s civil unrest source explained. Tails OS boots entirely from a user’s memory stick and features advanced privacy measures to prevent data tracking. Tor, meanwhile, uses an overlay network to mask users’ identity, making it a fantastic way to communicate with others discreetly.
These tips can minimize your surveillance risk and prevent your privacy from being compromised, but keep an eye out on social media for new tips as they come. Today’s best practices are tomorrow’s old news.