Posts Tagged ‘information technology’

Have a smartphone – become a human rights defender!

August 10, 2017

Witness’ Asia-Pacific team adapted this video from WITNESS’ tip sheet on Filming Hate – a primer for using video to document human rights abuses. “Filming Hate” guides activists through documenting abuses safely, providing context, verifying footage, and sharing that footage responsibly. It may help millions of bystanders become witnesses, and hence human rights defenders, spurred to combat hatred by wielding a powerful weapon: their smartphone. Published on 6 August 2017. Full tipsheet available on our Library at: https://library.witness.org/product/f…     Music credit: ‘India’ — http://www.bensound.com Creative Commons Attribution licence (reuse allowed)

WEBINARS on best practices for digitising documents in March 2017

March 7, 2017

Why digitise? Digitising your documents greatly improves access to your information, whether you are building an online public library to share documents related to corruption, or making documents searchable for your team. Digitisation also helps to preserve and protect important human rights information. Many defenders run the risk that malevolent groups seeking to destroy or confiscate witness testimony, evidence of abuse, and other sensitive information. Others run the risk of documents being subject to harmful storage conditions, such as humidity, insects, and rodents. These are just a few reasons for digitising your documents. However, figuring out the most efficient, affordable, and responsible way to digitise thousands of documents can be a daunting task especially for human rights defenders in the field.

  • When:
  • Where: ReadyTalk (use the access code 2458641 to join)
  • Who: Open to anyone who wants to learn more about digitizing documents

Whether you are a seasoned digitization expert or a human rights defender just starting to think about digitisation, this is a good occasion to learn and share.

If you are interested, please contact Kristin Antin at kristin@huridocs.orgHere is an example of a webinar hosted in January on managing contact information.

Source: Community Discussion: Best practices for digitising documents | HURIDOCS

HURIDOCS: finally new Director and now searching for other staff

February 16, 2017

On 15 February 2017, the chair of HURIDOCS, Gisella Reina announced the appointment of Friedhelm Weinberg as the new Executive Director. She added: “HURIDOCS has a young and energetic director that listens and leads. His experience with our global network, having worked in Asia, Africa and the Former Soviet Union region, gives him the firm understanding of what our community thinks and wants. Friedhelm has proven his capacity to strengthen and motivate our international and distributed team to be creative and effective.”

Friedhelm Weinberg first joined HURIDOCS in 2012. Over the years, he has taken on a variety of roles, including communications and project management and most recently as Deputy Director. Previously, he has worked as a journalist in his native Germany. [https://humanrightsdefenders.blog/2016/09/06/executive-director-of-huridocs-needs-to-have-the-following/]

 

huridocs-signature-logois also looking to fill two positions: Read the rest of this entry »

Security Without Borders offers free security help to human rights defenders

January 10, 2017

Network World of 3 January 2017 carried an interesting piece on Claudio Guarnieri who launched Security Without Borders which offers free cybersecurity help to journalists, activists and human rights defenders.

For all the wonderful things that the internet has given us, the internet also has been turned into a tool for repression. Nation states have deep pockets and use the imbalance to their own advantage. Technology has been used “to curb dissent, to censor information, to identify and monitor people.” ..Billions of dollars have been poured into surveillance—both passive and active.”Sadly, electronic surveillance and censorship have become so commonplace that nowadays people can get arrested for a tweet. There are places were dissidents are hunted down, using crypto is illegal, where sites are blocked and even internet access can be cut off. “Those who face imprisonment and violence in the pursuit of justice and democracy cannot succeed if they don’t communicate securely as well as remain safe online.”

Security “is a precondition for privacy, which is the key enabler for freedom of expression.” He was not implying that the security should come from big firms, either, since big security businesses often need contracts with the government and are dependent on the national security sector. So, Guarnieri turned to the hacker community and launched Security Without Borders, which “is an open collective of hackers and cybersecurity professionals who volunteer with assisting journalists, human rights defenders, and non-profit organizations with cyber security issues.”

security without borders

The website Security Without Borders has a big red button labeled “Request Assistance.” Activists, journalists and human rights defenders are encouraged to reach out for help. The group of “penetration testers, malware analysts, developers, engineers, system administrators and hackers” from all walks of life offer cybersecurity help. We can assist with web security assessments, conduct breach investigations and analysis, and generally act as an advisor in questions pertaining to cybersecurity. As security services are often expensive to come by, SWB offers these services free to organizations and people fighting against human rights abuse, racism, and other injustices.

When requesting help, you are asked to give your name or organization’s name, an email address, a description of the work you do and what kind of help you need. Hackers and computer security geeks who support freedom of speech are also encouraged to reach out and volunteer their skills.

There is still on-going discussions on the mailing list on issues such as trust and where to draw the line for extending free help to specific groups. Security Without Borders is just getting off the ground, and will have to deal with some of the same problems that earlier efforts in this area face, see e.g:  https://humanrightsdefenders.blog/2016/08/25/datnav-new-guide-to-navigate-and-integrate-digital-data-in-human-rights-research/ and https://humanrightsdefenders.blog/2016/10/31/protecting-human-rights-defenders-from-hackers-and-improving-digital-security/

Sources:

Security Without Borders: Free security help for dissidents | Network World

http://motherboard.vice.com/read/hacker-claudio-guarnieri-security-without-borders-political-dissidents

12 January: Community Discussion by HURIDOCS on Managing human rights contacts

January 9, 2017

 

huridocs-signature-logoFrom mobilizing supporters, to organizing interviews, to fundraising, to persuading decision-makers, relationships are at the heart of human rights work. This is why it’s so important to have a system to document and manage these relationships. There are many Constituent Relationship Management (CRM) systems out there to help manage this information, but human rights groups often require additional attention to security, sustainability, and other custom features. So what CRM systems are human rights groups using today? What’s working well, and what are the challenges?

This HURIDOCS community discussion is an opportunity for CRM users, developers and advocates to share their experiences, knowledge and advice on contact management. A summary of the discussion will be written and shared on the HURIDOCS website.

When: 12 January 2017 at 4pm GMT
Where: Watch the webinar below from the embedded Hangout On Air, and participate via Twitter.
Who: open to anyone who wants to learn more about managing human rights contacts
So far, HURIDOCS has recruited human rights practitioners to present on their experiences using:

CiviCRM
Civi (a CiviCRM distribution)
Salesforce
ActionKit

If you have CRM experience you want to share, please contact: kristin@huridocs.org! To ask questions or make comments, use the #HURIDOCS hashtag on Twitter:

Source: Community Discussion: Managing human rights contacts | HURIDOCS

Protecting human rights defenders from hackers and improving digital security

October 31, 2016

Joshua Oliver on 14 October, 2016 interviewed for NY City Lens, Kim Burton of Access Now about the digital security dangers faced by human rights defenders. A recent example is what happened to Ahmed Mansoor [https://thoolen.wordpress.com/2016/08/29/apple-tackles-iphone-one-tap-spyware-flaws-after-mea-laureate-discovers-hacking-attempt/] but there are many other cases. The staff of the Digital Security Helpline offers free, 24/7 technical support and advice on digital security to activists, journalists, and human rights defenders around the world. It is a project of Access Now, an NGO that promotes human rights online. The interview ends with 3 simple practical steps that any person can do to improve their security.

Kim Burton, security education coordinator at Access Now, works on the digital security helpline.

Kim Burton, security education coordinator at Access Now, works on the digital security helpline.

What makes the kind of targeted digital threat that a human rights defender or an activist might experience different from the threats that ordinary users might face?

The goal is different. When you’re targeting the average individual often these campaigns are really large. They’ll be interested in getting a lot of cash. When someone’s trying to compromise a human rights defender or activist or journalist, it’s usually because they want that person’s information. They want that person’s contacts. They want to be able to intimidate that person so they stop doing the work that they’re doing.

What type of things might prompt someone to contact the helpline?

They could receive an unfriendly email that scares them, and so they’ll bring that email to us. With journalists it’ll be more about protecting information that they’re trying to move out of the country, or it can just be protecting their publishing while they’re online. Often when we get contacted it’s for people who have had their accounts actually hacked. Where the account is posting information that the owner did not post, or it’s completely defaced.

Can you describe the difference between the support that’s typically available for someone in a corporate or government environment with a digital security problem as compared to someone in a non-governmental organization working on human rights or activism?

I think one of the major things is just having someone to call. In a corporate environment they have either an IT group or a person or systems administrator. So you already know who to call. In NGOs [non-governmental organizations], often times, there isn’t an IT person at all. There’s not a systems administrator. The tech support is not available. And part of that is funding. Corporate environments are able to spend a lot more money on salaries, so they’re able to pay the tech people a lot more than they would get in the NGO space.

What can be the direct consequences to the people who are targeted by this kind of threat? 

Unfortunately people can die. That’s one of the things that we have to be aware of every day on the helpline. People do get killed for the information that they have out there. The other consequences are: people’s lives can be ruined, people can be imprisoned, people can have to leave countries, their families can be hurt. The stakes are very high.

Can you define what phishing is?

It’s those emails that say something like “You’ve won a million dollars, click here to receive.” Or something that is a little bit more scary, like “This is your co-worker, I need the password to this account.” It can get more targeted. But everyone receives these — this isn’t unique to the people that we work with. It’s just that the people that we work with might have a higher chance of receiving a more targeted phishing campaign.

What are three easy things people can do to improve their own digital security? 

Number one, always install software updates. Updates are often released to address security vulnerabilities; updating is your first line of defense.

Two, use unique, long, and strong passwords. If your password is leaked in one place, and you have used the same password somewhere else, that other account can be compromised as well. Avoid remembering each of these unique passwords with a password manager, like KeePassX or LastPass. Password managers keep your credentials in an encrypted database and assist you in generating unpredictable strings to use as sturdy logins.

Three, use two-factor authentication when available. Instead of only using a password to protect your account, two-factor requires another “factor” to log in. Like a bank that needs your card and PIN to withdraw from an ATM, you’ll need your password and something else (like a SMS text, generated code, or fingerprint) to access your account. All of the major email providers provide multi-factor authentication, as do many other accounts, like Amazon, Twitter and Facebook; look for it in your security settings.

see also: https://thoolen.wordpress.com/tag/digital-security/

Source: Protecting Activists from Hackers – NY City Lens

Executive Director of HURIDOCS needs to have the following:

September 6, 2016

 (Human Rights Information and Documentation Systems, International) has started its search for a new  Executive Director as envisaged in my post of 5 August: https://thoolen.wordpress.com/2016/08/05/daniel-desposito-huridocs-executive-director-announces-his-departure/.

HURIDOCS expects:

  • A willingness to embrace new challenges with HURIDOCS’ partners while ensuring continuity and quality in our work and products.
  • Some travelling will be required, but Geneva will be the base for the most part of the working time.
  • An open management style, with regular contact and ongoing communication and dialogue with all staff members regardless of their physical location. [HURIDOCS employs 17 staff members with a total of 13 full time positions with many staff members operating remotely]

General Duties include:

  • Lead strategic planning and implementation of strategy
  • Fundraising
  • General management of HURIDOCS resources, including financial and human resource
  • Representing HURIDOCS to the human rights community, and to the public at large
  • Maintaining knowledge of the needs in relation to information and documentation of organisations in the human rights space, as well as an understanding of technology trends and directions from a management perspective

Specific Duties:

  • Overall supervision and guidance of the software development process
  • Identifying and understanding the needs of the organisations HURIDOCS serves, and available opportunities
  • Cultivating the ground for HURIDOCS‘ powerhouses’ – organisations in different regions to serve as focal points for HURIDOCS’ human rights solutions in different regions of the world

Qualifications:

  • University education: Preferably at least a master’s degree in a discipline relating to the work of HURIDOCS, or its equivalent in a relevant field
  • A background in the Human Rights environment and knowledge of how legal systems operate is highly desirable
  • An ability to communicate about complex topics in engaging ways

Skills include:

  • Proven ability to raise funds and to secure strategic relationships with key actors (Required)
  • Fluency in both written and spoken English and proficiency in another language (Required)
  • Familiarity with different types of technology and their application in a human rights context (Required)
  • Strong interpersonal skills and the ability to manage a diverse international and multicultural workplace (Required)
  • Ability to lead negotiations (Required)

Experience:

  • Experience in the successful management of a non-profit organisation (Required)
  • At least 5 years experience in the human rights field (Strongly desired)

The new Executive Director should be in place in Geneva in January 2017. Visit www.huridocs.org for more information. If you have any specific questions you may contact HURIDOCS Board Member Douglas Arellanes at douglas.arellanes@huridocs.org. Your application and CV should be sent to edrecruitment@huridocs.org no later than 15 October 2016.

UWAZI: Open-source solution for building and sharing document collections for non-profit sector

August 31, 2016

Uwazi offers powerful browsing & searching, ability to define your own document properties, create cross references between documents and mobile first development.

Uwazi is an open-source solution for building and sharing document collections, empowering NGOs and networks, universities, foundations, and courts to publish and share their knowledge

Source: Open-source solution for building and sharing document collections – Uwazi

via: @HURIDOCS @UwaziDocsHURIDOCS 2011

Apple tackles iPhone one-tap spyware flaws after MEA Laureate discovers hacking attempt

August 29, 2016

Ahmed Mansoor, the Laureate of the Martin Ennals Award 2015, was the target of a major hacking attempt. Fortunately it received global coverage on 26 and 27 August 2016 and Apple has immediately issued a security update to address the vulnerabilities. [For those with Iphones/Ipads, you may want to update your IOS software to 9.3.5!]


Ahmed MansoorImage copyrightAP – human rights defender Ahmed Mansoor

The flaws in Apple’s iOS operating system were discovered by Mansoor who alerted security researchers to unsolicited text messages he had received on 10 and 11 August. They discovered three previously unknown flaws within Apple’s code that meant spyware could be installed with a single tap. Apple has since released a software update that addresses the problem. The two security firms involved, Citizen Lab and Lookout, said they had held back details of the discovery until the fix had been issued.

The texts promised to reveal “secrets” about people allegedly being tortured in the United Arab Emirates (UAE)’s jails if he tapped the links. Had he done so, Citizen Lab says, his iPhone 6 would have been “jailbroken”, meaning unauthorised software could have been installed. “Once infected, Mansoor’s phone would have become a digital spy in his pocket, capable of employing his iPhone’s camera and microphone to snoop on activity in the vicinity of the device, recording his WhatsApp and Viber calls, logging messages sent in mobile chat apps, and tracking his movements,” said Citizen Lab. The researchers say they believe the spyware involved was created by NSO Group, an Israeli “cyber-war” company.

Text message
The spyware would have been installed if Mansoor had tapped on the links. Image copyright CITIZENLAB

For more on Mansoor: https://thoolen.wordpress.com/tag/ahmed-mansoor/

Sources:

http://www.bbc.com/news/technology-37185544

https://citizenlab.org/2016/08/million-dollar-dissident-iphone-zero-day-nso-group-uae/  (from the researchers who identified the vulnerabilities. Good summary followed by full technical analysis)

http://www.dailymail.co.uk/sciencetech/article-3758671/Apple-boosts-iPhone-security-Mideast-spyware-discovery.html

DatNav: New Guide to Navigate and Integrate Digital Data in Human Rights Research

August 25, 2016

DatNav, a guide designed to help human rights defenders navigate and integrate digital data into your human rights research, was launched today.

DatNav is the result of a collaboration between Amnesty InternationalBenetech, and The Engine Room which began in late 2015 culminating in an intense four-day writing sprint facilitated by Chris Michael and Collaborations for Change in May 2016. Based on interviews, community consultations, and surveys the researchers found that in the vast majority of cases, human rights defenders were not using the tools. Why? Mainly, human rights researchers appeared to be overwhelmed by the possibilities.

DatNav - Digital Data in Human Rights Research

Still, integrating and using digital data in a responsible way can make a huge and important difference to human rights research. Acquiring, disseminating and storing digital data is also more in reach. DatNav is about navigating these new possibilities.

In May 2016, the 3 NGOs gathered a group of experts to create a guide to help address this problem, and created the foundations of DatNav. Nearly 70 key members of the human rights tech and data community, representing nearly 40 different organisations from around the world, played key roles in the creation of DatNav.

This is just the beginning. If you’re interested in taking the guide forward, whether to inform strategy in your work, to train others, or through translations, or adaptations of the content, the organizers would like to hear from you. The content is all CC-BY-SA licensed and remixes of the content are more than welcome. We’re in initial talks to release an Arabic translation of DatNav, and we’d like to carry out others, too.

Download the DatNav pdf

You can sign up for The Engine Room’s newsletter to be notified of new updates and releases.

To find out more about the project or give feedback, you can send an email. You can also reach out on Twitter @zararah and The Engine Room @EngnRoom.

 

Source: DatNav: New Guide to Navigate and Integrate Digital Data in Human Rights Research | The Engine Room