Digital Security Training in Mexico
From Gender and Tech Resources
Dear all, I write with great emotion to share about some of the work I have been achieving and the subsequent reflections that followed our encounter.
Workshop for a grassroot organization in the North Sierra of Puebla (Mexico)
Context: The workshop was conducted at the request of an organization that is opposing mining projects in the region. Some of its participants are representatives of their communities and are subjected to constant high risk. In the words of the organization, they needed the workshop in order to communicate with human rights defenders organizations in a safer way.
The workshop was held in a village about an hour from the capital Puebla, it took place in a center to teach and learn crafts with mud that also counts with a computer room. The computers were installed with Windows and the Internet connection was only working if there was no more than two computers connected at the same time (sounds familiar? ;-). Most of the attendees brought their personal computers with Windows but there was also two persons using Ubuntu. About 12 people attended, mostly men aged between 19 years - 60 years. The level of education and occupation was variable.
The workshop gave an introduction to technopolitical aspects of surveillance, digital security and digital tools. The possibility of using TAILS was discussed and I brought some USB installed with me but we did not have enough time to work on that topic. The workshop consisted in mail encryption using Thunderbird and Enigmail. It took place on Saturday, which is the most appropriate day for the community and lasted from 10AM to 6 PM with an hour break for lunch.
The introductory part adopted an approach through concrete examples dealing with information management and this perspective pleased very much the participants. Individuals were already convinced that they needed encryption but the introductory part helped them to understand they also needed to visualise integral strategies. Although the organization was already working with a secure server, they had not yet configured their email accounts so we had to first proceed with this configuration. Accordingly, downloading the programs and installing it made the process quite slow. Nonetheless most of the attendees could leave the workshop with an encrypted mail but they do not use it still on a daily basis.
Comments: The time for the workshop was not enough, at the same time it is difficult for the participants to dispose of more time between their work and activism and getting more in-depth in technical issues requires time. There is also a strong gender gap in what relates to possibilities to access to technology. There are also technical difficulties because the access to the Internet and computers is highly variable and is not granted everywhere and all the time. My feeling was that it would have been more useful to only set up one mail account during the workshop as an example of the steps they should follow once they would go back home, and to give them also printed step by step tutorials. Obviously, those changes requires time, engage in a long term process held by more visits to to these communities. One of the sisters who took the workshop could read English well so I left one Security in a box and she wrote to me telling me that she had already read it and it served her well. We agreed to have a second workshop in the near future.
A second Workshop for Journalists:
It was a 4 hours workshop oriented at journalists working for a news portal. Their primary means of communication to deliver news is the email but they were suspicious that their emails were being infiltrated by the competition and government agencies because some of their secrete communication appeared first in other journals and because there have been many intrusions attempts into their servers. The purpose of the this workshop was simply to learn to encrypt their mail. It was oriented at people that has a hiugh level of access and use of ICT. The workshop was held Friday during extra hours time once the portal edition of 6PM was over. This workshop was harder because although journalists were somehow aware of the risks, there was not such a clear idea and interest for combating threats. There was a highly pragmatic perspective that if the implementation of those DST were too time consuming in daily base they would be impossible to use for their journalistic duties. In this case I felt I needed documentation to give to them about the risks journalists are subjected because of not securing their digital security tools. It also felt super important to offer to journalists targeted trainings that can fit thoir agenda and be highly personalized in order to accompany them in that process. These experiences have prompted me to finally open the ADA community space (www.ada.org.mx) for one day a week in order to advise / join / share digital security elements in a playful way beginning by the meetings “Saturday and hacking craft beer”. Those have been held during the last three weeks and have been very positive.