Sunday 1 February 2015
Surveillance Self-Defense (SSD) is a guide to protecting yourself from electronic surveillance for people all over the world. Some aspects of this guide will be useful to people with very little technical knowledge, while others are aimed at an audience with considerable technical expertise and privacy/security trainers. We believe that everyone’s threat model is unique—from activists in China to journalists in Europe to the LGBTQ community in Uganda. We believe that everyone has something to protect, whether it’s from the government or parents or prying employers, stalkers, data-mining corporations, or an abusive partner.
There are many privacy and security guides on the Internet that teach users to use a specific set of tools, such as password safes or VPNs or the Tor Browser Bundle. SSD includes step-by-step tutorials for installing and using a variety of privacy and security tools, but also aims to teach people how to think about online privacy and security in a sophisticated way that empowers them to choose appropriate tools and practices even as the tools and adversaries change around them. Please note that the law and technology can change quickly, and portions of SSD may become out of date.
This guide acknowledges that some especially powerful and sophisticated threats may be difficult or impossible to protect oneself against. We hope that this guide teaches users to be skeptical of sweeping claims that any particular tool offers complete security or privacy. Strong privacy and security practices are still worthwhile even if they are not guaranteed to be effective 100% of the time against every adversary. These practices increase the cost and effort of surveillance—and they may increase it to the point where an adversary feels that surveilling you is no longer worthwhile.
This guide does not address operational security or “OPSEC” in the broader sense. OPSEC is the process of protecting information about one’s activities that may be important to a potential adversary. This is a process that frequently goes beyond the digital realm.
For example, people trying to have confidential meetings may have to worry about whether someone physically followed them, or whether they were observed by CCTV cameras, or whether their neighbors might have become aware of the meeting, or whether their meeting places have been bugged. Perhaps they should wonder if they are creating a suspicious pattern of activity. They may also have physical security concerns; could they tell if someone broke into their home or tampered with their laptop? Are their confidential documents safe?
These are important and valid concerns for people with certain kinds of security needs, but they fall outside the scope of this guide.
Please use SSD as a starting point for your own research, and check for more recent facts, cases and authorities. Please note that, even if a statement made about the law is accurate, it may only be accurate in one jurisdiction (place); as well, the law may have changed, been modified or overturned by subsequent development since the entry was made. The materials in SSD are for informational purposes only and not for the purpose of providing legal advice. You should contact a lawyer licensed to practice in your jurisdiction to obtain advice with respect to any particular issue or problem.
Why Europe’s dependency on Microsoft is a huge security risk. We, nine experienced journalists from eight European countries, are “Investigate Europe”. We will research as a (...)
Debian Press Release: The Debian Project is concerned to hear that one of our members, Dmitry Bogatov, has been arrested by Russian authorities. Dmitry is a mathematics (...)
Mastodon is a free, open-source social network. Mastodon, a distributed, open-source version of Twitter, is almost identical to the platform it’s based on. Users can set up a (...)