Posts Tagged ‘cybersecurity’

Common Good Cyber Fund Launched

June 30, 2025

The Internet Society (ISOC) and Global Cyber Alliance (GCA), on behalf of the Common Good Cyber secretariat, today announced on 23 June 2025 the launch of the Common Good Cyber Fund, an initiative to strengthen global cybersecurity by supporting nonprofits that deliver core cybersecurity services that protect civil society actors and the Internet as a whole.

This first-of-its-kind effort to fund cybersecurity for the common good—for everyone, including those at the greatest risk—has the potential to fundamentally improve cybersecurity for billions of people around the world. The Common Good Cyber secretariat members working to address this challenge are: Global Cyber Alliance, Cyber Threat Alliance, CyberPeace Institute, Forum of Incident Response and Security Teams, Global Forum on Cyber Expertise, Institute for Security and Technology, and Shadowserver Foundation.

In a Joint Statement Between the Prime Minister of the United Kingdom and the Prime Minister of Canada on 15 June, 2025, the Prime Ministers announced that they would both invest in the Joint Canada-UK Common Good Cyber Fund. On 17 June, during the G7 Leaders’ Summit in Alberta, Canada, all the G7 Leaders announced that they would support initiatives like the Canada-UK Common Good Cyber Fund to aid members of civil society who are actively working to counter the threat of transnational repression. See G7 Leaders’ Statement on Transnational Repression.

The Fund is a milestone in advancing Common Good Cyber, a global initiative led by the Global Cyber Alliance, to create sustainable funding models for the organizations and individuals working to keep the Internet safe. 

Despite serving as a critical frontline defense for the security of the Internet, cybersecurity nonprofits remain severely underfunded—exposing millions of users, including journalists, human rights defenders, and other civil society groups. This underfunding also leaves the wider public exposed to increasingly frequent and sophisticated cyber threats.

Common Good Cyber represents a pivotal step toward a stronger, more inclusive cybersecurity ecosystem. By increasing the resilience and long-term sustainability of nonprofits working in cybersecurity, improving access to trusted services for civil society organizations and human rights defenders, and encouraging greater adoption of best practices and security-by-design principles, the Common Good Cyber Fund ultimately helps protect and empower all Internet users.”Philip Reitinger, President and CEO, Global Cyber Alliance

The fund will support nonprofits that:

  • Maintain and secure core digital infrastructure, including DNS, routing, and threat intelligence systems for the public good;
  • Deliver cybersecurity assistance to high-risk actors through training, rapid incident response, and free-to-use tools

These future beneficiaries support the Internet by enabling secure operations and supplying global threat intelligence. They shield civil society from cyber threats through direct, expert intervention and elevate the security baseline for the entire ecosystem by supporting the “invisible infrastructure” on which civil society depends.

The Fund will operate through a collaborative structure. The Internet Society will manage the fund, and a representative and expert advisory board will provide strategic guidance.. Acting on behalf of the Common Good Cyber Secretariat, the Global Cyber Alliance will lead the Fund’s Strategic Advisory Committee and, with the other Secretariat members, engage in educational advocacy and outreach within the broader cybersecurity ecosystem.

The Common Good Cyber Fund is a global commitment to safeguard the digital frontlines, enabling local resilience and long-term digital sustainability. By supporting nonprofits advancing cybersecurity through tools, solutions, and platforms, the Fund builds a safer Internet that works for everyone, everywhere.

The Internet Society and the Global Cyber Alliance are finalizing the Fund’s legal and logistical framework. More information about the funding will be shared in the coming months.

Common Good Cyber Fund Launches to Strengthen Internet Security Globally

Posted in human rights, Human Rights Defenders | Leave a Comment »
Tags: , , , , , , , , , , , , ,

Alex, a Romanian activist, works at the intersection of human rights, technology and public policy.

January 24, 2024
Amnesty International Logotype

On 22 January 2024, Amnesty International published an interesting piece by Alex, a 31-year-old Romanian activist working at the intersection of human rights, technology and public policy.

Seeking to use her experience and knowledge of tech for political change, Alex applied and was accepted onto the Digital Forensics Fellowship led by the Security Lab at Amnesty Tech. The Digital Forensics Fellowship (DFF) is an opportunity for human rights defenders (HRDs) working at the nexus of human rights and technology and expand their learning.

Here, Alex shares her activism journey and insight into how like-minded human rights defenders can join the fight against spyware:

In the summer of 2022, I watched a recording of Claudio Guarnieri, former Head of the Amnesty Tech Security Lab, presenting about Security Without Borders at the 2016 Chaos Communication Congress. After following the investigations of the Pegasus Project and other projects centring on spyware being used on journalists and human rights defenders, his call to action at the end — “Find a cause and assist others” — resonated with me long after I watched the talk.

Becoming a tech activist

A few days later, Amnesty Tech announced the launch of the Digital Forensics Fellowship (DFF). It was serendipity, and I didn’t question it. At that point, I had already pushed myself to seek out a more political, more involved way to share my knowledge. Not tech for the sake of tech, but tech activism to ensure political change.

Portrait of a young woman with dark hair looking downwards in a thoughtful manner
Alex is a 31-year-old Romanian activist, working at the intersection of human rights, technology and public policy.

I followed an atypical path for a technologist. Prior to university, I dreamt of being a published fiction author, only to switch to studying industrial automation in college. I spent five years as a developer in the IT industry and two as Chief Technology Officer for an NGO, where I finally found myself using my tech knowledge to support journalists and activists.

My approach to technology, like my approach to art, is informed by political struggles, as well as the questioning of how one can lead a good life. My advocacy for digital rights follows this thread. For me, technology is merely one of many tools at the disposal of humanity, and it should never be a barrier to decent living, nor an oppressive tool for anyone.

Technology is merely one of many tools at the disposal of humanity. It should never be a barrier to decent living, nor an oppressive tool for anyone.

The opportunity offered by the DFF matched my interests and the direction I wanted to take my activism. During the year-long training programme from 2022-2023, the things I learned turned out to be valuable for my advocacy work.

In 2022, the Child Sexual Abuse Regulation was proposed in the EU. I focused on conducting advocacy to make it as clear as possible that losing encrypted communication would make life decidedly worse for everyone in the EU. We ran a campaign to raise awareness of the importance of end-to-end encryption for journalists, activists and people in general. Our communication unfolded under the banner of “you don’t realize how precious encryption is until you’ve lost it”. Apti.ro, the Romanian non-profit organisation that I work with, also participated in the EU-wide campaign, as part of the EDRi coalition. To add fuel to the fire, spyware scandals erupted across the EU. My home country, Romania, borders countries where spyware has been proven to have been used to invade the personal lives of journalists, political opponents of the government and human rights defenders.

The meaning of being a Fellow

The Security Lab provided us with theoretical and practical sessions on digital forensics, while the cohort was a safe, vibrant space to discuss challenges we were facing. We debugged together and discussed awful surveillance technology at length, contributing our own local perspective.

The importance of building cross-border networks of cooperation and solidarity became clear to me during the DFF. I heard stories of struggles from people involved in large and small organizations alike. I am convinced our struggles are intertwined, and we should join forces whenever possible.

Now when I’m working with other activists, I try not to talk of “forensics”. Instead, I talk about keeping ourselves safe, and our conversations private. Often, discussions we have as activists are about caring for a particular part of our lives – our safety when protesting, our confidentiality when organizing, our privacy when convening online. Our devices and data are part of this process, as is our physical body. At the end of the day, digital forensics are just another form of caring for ourselves.

I try to shape discussions about people’s devices similarly to how doctors discuss the symptoms of an illness. The person whose device is at the centre of the discussion is the best judge of the symptoms, and it’s important to never minimize their apprehension. It’s also important to go through the steps of the forensics in a way that allows them to understand what is happening and what the purpose of the procedure is.

I never use a one-size-fits-all approach because the situation of the person who owns a device informs the ways it might be targeted or infected.

The human approach to technology

My work is human-centred and technology-focused and requires care and concentration to achieve meaningful results. For activists interested in working on digital forensics, start by digging deep into the threats you see in your local context. If numerous phishing campaigns are unfolding, dig into network forensics and map out the owners of the domains and the infrastructure.

Secondly, get to know the person you are working with. If they are interested in secure communications, help them gain a better understanding of mobile network-based attacks, as well as suggesting instant messaging apps that preserve the privacy and the security of their users. In time, they will be able to spot “empty words” used to market messaging apps that are not end-to-end encrypted.

Finally, to stay true to the part of me that loves a well-told story, read not only reports of ongoing spyware campaigns, but narrative explorations from people involved. “Pegasus: The Story of the World’s Most Dangerous Spyware” by Laurent Richard and Sandrine Rigaud is a good example that documents both the human and the technical aspects. The Shoot the Messenger podcast, by PRX and Exile Content Studio, is also great as it focuses on Pegasus, starting from the brutal murder of Jamal Khashoggi to the recent infection of the device of journalist and founder of Meduza, Galina Timchenko.

We must continue to do this research, however difficult it may be, and to tell the stories of those impacted by these invasive espionage tactics. Without this work we wouldn’t be making the political progress we’ve seen to stem the development and use of this atrocious technology.

https://www.amnesty.org/en/search/Alex/

Posted in AI, Amnesty international, human rights, Human Rights Defenders | Leave a Comment »
Tags: , , , , , , , , , ,