Jewish Voice for Peace San Diego

Checklist for Community Digital Security

Checklist for Community Digital Security

  • A. Communicate re: activism via Signal (not SMS, iMessage, WhatsApp, Telegram…)
    • Activate Disappearing Messages for all chats
    • Delete chat history of all chats before disappearing messages was activated.
    • Create “nicknames” for anyone whose real name/ID is displaying.
    • Do not use your actual name as a username
  • B. At Protests Practice Protecting the Community
    • Do not share/post people’s identifying information (Names, Phone Numbers, Address, Photos) – refer to your JVP SD Membership Agreement.
    • Disable collection of location info when taking photos from
            smartphone
    • At protests and direct actions, do not take photos/videos unless you are trained to protect protesters’ identities  (e.g. blurring out faces and tattoos).
    • Do not bring smartphone to an action/protest or store it in Faraday bag, which stops sending/receiving data ~$12)
  • C. Prevent Unauthorized Access to Your Data
    • Use anti-virus software (Recommended: Panda Security (free options Malwarebytes) EVEN with Mac computer!
    • Disable FaceID and unlocking device with fingerprint
    • Do not store passwords by writing them down somewhere.     Written down passwords should be stored in a physical safe.
    • Use recommended password managers: e.g 1Password, Bitwarden, and Keeper
    • Use 2-factor Authentication whenever available
    • Use complex passwords with uppercase and lowercase letters, numbers, symbols, and punctuation.
    • Do not use the same password for everything
  • D. Social Media (Practices will vary based on your risk assessment)
    • Based on your personal risk assessment, consider making your accounts private and making a separate account for activism with little identifying information.
    • For accounts used for activism that are medium to high risk, do not share photos of your face, identifying features like tattoos or jewelry, or use your full name.
    • Use a separate email account for activism like Proton Mail or other security focused email hosts. (Recommended not to use Gmail.)
    • Use a nickname, alias, or just your first name for more protection.
    • For activism, do not communicate sensitive information over Meta products (Facebook, FB Messenger, Instagram, WhatsApp, Meta Portal, Threads)
  • E. General Practices
    • Opt out of AI assistance every time
    • Do not log on to public / unfamiliar WiFi networks  without a VPN.
    • Do not screenshot, photograph, or video record virtual meetings without permission re: activism
    • Empty Trash Folders and delete old files regularly on devices
    • Avoid or limit use of “Location Services” on smart phone
    • Refuse to give your biometric data (scans of your face, eyes)
    • Transition to more secure software alternatives
      • Switch browsers from Chrome / Safari to FireFox
      • Switch from Gmail to ProtonMail
      • Switch from SMS, iMessage, WhatsApp, etc. to Signal
      • Switch from Google search engine to DuckDuckGo
      • Switch from Google Drive to CryptPad and ProtonDrive
      • Switch GPS services to Mapquest
    • Train friends and family on practicing digital safety
    • Refer to emailed resources for more practices