Posts Tagged ‘Digital Security Helpline’

International Women’s Day 2020: Dad, a digital warrior in Pakistan

March 9, 2020

With her “Hack the patriarchy” laptop stickers, Nighat Dad is a digital warrior. But this human rights award winner and founder of Pakistan”s first cyber-harassment helpline still tears up as she describes receiving calls from women afraid of being killed by male relatives for using the internet. Nighat Dad established the help line in 2016 with prize money (100,000 euros) from the Dutch human rights award, the Tulip

Much of Pakistani society lives under the patriarchal, outdated code of so-called “honour” that systemises the oppression of women by preventing them from, for example, choosing their own husband or working outside the home. Activists have denounced pervasive, sometimes deadly violence by men — usually male relatives — against women who break those taboos. The situation is dire enough in the offline world.

But Pakistan is only just beginning to grapple with what violent notions of honour mean for women online, in a country where internet penetration is at 22 percent and growing, but digital literacy is low.

Much of the work the helpline does is to explain to women what recourse they have. Social media companies are playing ball, Dad says — some have even agreed to establish “escalation channels” for getting content off the internet quickly when a woman”s life is in immediate danger. But she warns that community guidelines developed by such companies, usually US-based, are not appropriate in Pakistan. “I think they need to do more,” Dad says. More than three years on, the Tulip money has run out. Now the helpline survives only by the grace of small grants from groups such as the Netherlands-based Digital Defenders Partnership, which supports rights activists.

…. She cites last year”s International Women”s Day march in Pakistan, which saw women turn out in unprecedented numbers loudly celebrating divorce and periods, among other things. The response was swift and shocking in its intensity, with Dad describing mullahs making rape and death threats against the march organisers in videos widely distributed online. The 2016 murder of social media star Qandeel Baloch has also impacted her, she says. Baloch divided Pakistan with her videos and selfies, tame by Western standards but provocative in Pakistan. She was strangled by her brother in 2016 in what has been called the country”s most high-profile “honour” killing.

She was a hero for me… she did what she wanted to do, and not every woman can do this in Pakistan,” Dad says.

Dad says she cannot help but see the similarities between herself and Baloch. They are from similar backgrounds, both left abusive marriages, and both have gained fame by loudly challenging social taboos online — though admittedly not in quite the same way. Her murder “shook me badly,” she tells AFP. “It was enough to shake us all.”

……

https://www.outlookindia.com/newsscroll/nighat-dad-pakistans-digital-warrior-battling-the-patriarchy/1755905

https://www.rferl.org/a/pakistani-lawyer-fights-abuse-of-women-who-dare-to-go-online/30469845.html

Protecting human rights defenders from hackers and improving digital security

October 31, 2016

Joshua Oliver on 14 October, 2016 interviewed for NY City Lens, Kim Burton of Access Now about the digital security dangers faced by human rights defenders. A recent example is what happened to Ahmed Mansoor [https://thoolen.wordpress.com/2016/08/29/apple-tackles-iphone-one-tap-spyware-flaws-after-mea-laureate-discovers-hacking-attempt/] but there are many other cases. The staff of the Digital Security Helpline offers free, 24/7 technical support and advice on digital security to activists, journalists, and human rights defenders around the world. It is a project of Access Now, an NGO that promotes human rights online. The interview ends with 3 simple practical steps that any person can do to improve their security.

Kim Burton, security education coordinator at Access Now, works on the digital security helpline.

Kim Burton, security education coordinator at Access Now, works on the digital security helpline.

What makes the kind of targeted digital threat that a human rights defender or an activist might experience different from the threats that ordinary users might face?

The goal is different. When you’re targeting the average individual often these campaigns are really large. They’ll be interested in getting a lot of cash. When someone’s trying to compromise a human rights defender or activist or journalist, it’s usually because they want that person’s information. They want that person’s contacts. They want to be able to intimidate that person so they stop doing the work that they’re doing.

What type of things might prompt someone to contact the helpline?

They could receive an unfriendly email that scares them, and so they’ll bring that email to us. With journalists it’ll be more about protecting information that they’re trying to move out of the country, or it can just be protecting their publishing while they’re online. Often when we get contacted it’s for people who have had their accounts actually hacked. Where the account is posting information that the owner did not post, or it’s completely defaced.

Can you describe the difference between the support that’s typically available for someone in a corporate or government environment with a digital security problem as compared to someone in a non-governmental organization working on human rights or activism?

I think one of the major things is just having someone to call. In a corporate environment they have either an IT group or a person or systems administrator. So you already know who to call. In NGOs [non-governmental organizations], often times, there isn’t an IT person at all. There’s not a systems administrator. The tech support is not available. And part of that is funding. Corporate environments are able to spend a lot more money on salaries, so they’re able to pay the tech people a lot more than they would get in the NGO space.

What can be the direct consequences to the people who are targeted by this kind of threat? 

Unfortunately people can die. That’s one of the things that we have to be aware of every day on the helpline. People do get killed for the information that they have out there. The other consequences are: people’s lives can be ruined, people can be imprisoned, people can have to leave countries, their families can be hurt. The stakes are very high.

Can you define what phishing is?

It’s those emails that say something like “You’ve won a million dollars, click here to receive.” Or something that is a little bit more scary, like “This is your co-worker, I need the password to this account.” It can get more targeted. But everyone receives these — this isn’t unique to the people that we work with. It’s just that the people that we work with might have a higher chance of receiving a more targeted phishing campaign.

What are three easy things people can do to improve their own digital security? 

Number one, always install software updates. Updates are often released to address security vulnerabilities; updating is your first line of defense.

Two, use unique, long, and strong passwords. If your password is leaked in one place, and you have used the same password somewhere else, that other account can be compromised as well. Avoid remembering each of these unique passwords with a password manager, like KeePassX or LastPass. Password managers keep your credentials in an encrypted database and assist you in generating unpredictable strings to use as sturdy logins.

Three, use two-factor authentication when available. Instead of only using a password to protect your account, two-factor requires another “factor” to log in. Like a bank that needs your card and PIN to withdraw from an ATM, you’ll need your password and something else (like a SMS text, generated code, or fingerprint) to access your account. All of the major email providers provide multi-factor authentication, as do many other accounts, like Amazon, Twitter and Facebook; look for it in your security settings.

see also: https://thoolen.wordpress.com/tag/digital-security/

Source: Protecting Activists from Hackers – NY City Lens