Surveillance Self-Defense

Introduction

The Electronic Frontier Foundation has a guide to surveillance self-defense that you can find here. You can also use their website to do some hands-on tutorials here. The following is a summary of what is recommended.

Basics

    1. Creating Strong Passwords
      • Use long passphrases (4–6 random words, e.g. “correct horse battery staple”).
      • Don’t reuse passwords. Use a password manager like Bitwarden or KeePassXC.
      • Enable two-factor authentication (2FA), preferably via an app like Authy or a hardware token (e.g., YubiKey).
    1. Keeping Your Data Safe
      • Encrypt your devices (phones, laptops) using built-in tools (FileVault for Mac, BitLocker for Windows, or full-disk encryption on Android).
      • Backup important files with encrypted external drives or secure cloud storage.
      • Use screen locks and shut down when not in use to prevent cold boot attacks.
    1. What Should I Know About Encryption?
      • Encryption scrambles data so only people with the key can read it.
      • End-to-end encryption protects messages during transmission (e.g., Signal, ProtonMail).
      • Transport-layer encryption (like HTTPS) protects data between your device and a website but not from the website itself.
    1. Your Security Plan

Ask yourself:

        1. What am I protecting?
        2. From whom?
        3. What happens if it’s exposed?
        4. What tools do I trust?
        5. What tradeoffs am I willing to make?

This helps tailor your digital hygiene based on realistic risks (e.g., nosy employers vs. state surveillance).

    1. Communicating With Others
      • Use secure messengers like Signal with disappearing messages.
      • Avoid SMS and unencrypted email for sensitive info.
      • Be aware of metadata (who, when, where—even if content is encrypted).
      • Verify contacts’ identities with key fingerprints.
    1. Choosing Your Tools
      • Prefer open-source, regularly updated tools.
      • Check who makes the software and their history with privacy.
      • Use browser extensions like HTTPS Everywhere and Privacy Badger.
      • Don’t rely solely on a tool’s claim—understand what it does and doesn’t protect.
    1. Seven Steps to Digital Security
        1. Know your risks.
        2. Identify weak links (e.g., reused passwords).
        3. Keep your setup simple.
        4. Value low-cost solutions.
        5. Be cautious about who you trust.
        6. Accept that perfect security is impossible.
        7. Regularly reassess your plan.

For Specific Communities

    1. Undocumented Immigrants

Primary Risks: Surveillance by law enforcement, immigration raids, device confiscation, phishing scams.

Recommendations:

      • Use end-to-end encrypted messaging (e.g., Signal) with disappearing messages.
      • Avoid logging into services tied to personal identity (use pseudonyms, minimal metadata).
      • Disable biometric unlock (use passcodes).
      • Regularly back up important documents securely (encrypted USB or cloud with 2FA).
      • Be cautious with location-sharing and device syncing.
    1. Sex Workers

Primary Risks: Doxxing, harassment, social stigma, payment platform surveillance, police targeting.

Recommendations:

      • Keep work and personal identities completely separate: use different phones, browsers, emails.
      • Use secure browsers (e.g., Tor) and avoid reusing usernames or photos across platforms.
      • Employ a password manager and use strong, unique passwords for every account.
      • Lock down social media privacy settings; never auto-tag or link to personal contacts.
      • Use secure, anonymous payment methods where possible (e.g., crypto or gift cards via trusted exchanges).
    1. Members of the Kink Community

Primary Risks: Outing, harassment, social or professional consequences, data leaks from dating or kink-specific apps.

Recommendations:

      • Use privacy-first apps and services—avoid platforms known for data sharing or weak security.
      • Separate personas: Use pseudonyms and dedicated emails for kink communities.
      • Turn off device syncing and facial recognition in apps that store photos.
      • Consider using anonymous web browsing (e.g., Tor) for kink forums or chats.
      • Protect communications with trusted contacts via encrypted messaging apps.

 

8/4/2025
Document prepared by our Safety Committee Chair
For additional safety resources, visit the LEATHER & LGBTQ Cultural District website.

 

 

Copyright © 2025 Leather and LGBTQ Cultural District. All Rights Reserved.

Website Design and Development by HyperArts.