The online tools we “common sense” rely on for organising and campaigning are genuinely dangerous, and I find that paralysing. This isn’t paranoia, it’s a practical reality that urgently needs addressing. Until we do, offline working groups are one of the few reliable ways to unblock the mess.
Where we actually are now… Disappearing, encrypted chat outside the #dotcons is one of the few spaces that feels even marginally safe. But even then, safety depends entirely on who’s in the room, which means those spaces need to stay small, focused, and constantly tended. The moment trust becomes uncertain, the space becomes a liability.
The result, for me personally, is that I currently have no viable online tools left for outreach. Everything leaves traces, so all that remains is slow, word-of-mouth. The legal reality we need to talks about offline, almost everything posted on #dotcons platforms leaves a digital fingerprint – metadata, timestamps, IP addresses, connection logs, account linkages. In practical terms, nowhere on these platforms is truly safe to post anything sensitive.
The specific danger that doesn’t get named often enough is this: if someone who was loosely connected to a campaign later commits a crime in the name of that campaign, the person who posted most visibly can end up legally exposed – even if they had absolutely nothing to do with what happened. The evidence trail is strong, easily misinterpreted, and the legal system is not neutral, it has historically been used as a tool of repression by those with power and resources against those without. That’s not a conspiracy theory, it’s a pattern with a long, well-documented history.
This means high-volume posting, public organising on corporate platforms, and mixing open campaigning with less legal internal discussion in the same spaces isn’t just tactically sloppy, it has destroyed people’s lives.
Two paths: closed and open, people have been campaigning on digital security in activism for years, and the basic framework is straightforward – there are closed paths and open paths, and we need both working without the current aggressive #blocking that creates so much damaging mess.
- For closed working groups – small, trust-based, sensitive – use whatever, non #dotcons tool the group agrees on and trusts. Signal is the obvious everyday choice: it’s not perfect, but it’s practical, easier to understand, and good enough for most internal communication when used carefully.
- For open working groups – anything involving outreach, public-facing organising, and building broader community – the answer has to be #4opens common tools. Not a fragmented collection of proprietary apps that each create their own data trail and dependency. The digital splintering of activist spaces across dozens of incompatible, corporate-owned tools is itself a security problem, as well as an organisational one. #KISS.
As our lives are more directly touched by repression what we need is real conversations – across campaigns and communities – about #4opens web security in practical activism. Not a geek seminar, not a jargon-heavy toolkit nobody reads, but an honest, accessible discussion about:
- What the actual risks are and who they fall on
- Which tools are appropriate for which purposes
- How to keep open organising genuinely open without handing surveillance infrastructure a dangerous map of our work
- How to support the people most exposed – those who post publicly and visibly – so they’re not carrying legal risk in isolation.
The #geekproblem here is real, too many of the existing resources are built by and for technically confident people, and leave everyone else either confused or falsely reassured. We need socially safe security culture that works for normal people doing necessary work.
On a side note: I wish people would stop blaming me for the problems they create themselves LINK
