Journalists, activists tipped on digital security

Journalists and activists across the world have progressively become reliant on the internet and digital platforms for a number of things ranging from infrastructure, organization, and the intensification of their critical work. The open and accessible design of the internet, nevertheless, has made it susceptible, and it has become apparent that those challenging authority and power need to practice digital security. It’s under this context that on November 11 and 12, the Collaboration on International ICT Policy in East and Southern Africa- shortened as CIPESA -organized a Training of Trainers (ToT) for 15 purposively selected journalists and human rights defenders at Eureka hotel In Kampala.

The main purpose of this training was to expand the network of individuals and organizations that offer digital security training and support to journalists, activists, and Human Rights Defenders (HRDS) and organizational security assessment.   Indeed, many of the participants insisted on the need to protect themselves against state-inspired attacks online as they being key to why they accepted to attend the training. “I have attended a number of digital training, “Polycap Kalokwera, a journalist attached to the Nation Media Group (NMG) based in the Northern city of Gulu, said.   “We went through a lot during election time since I was targeted by the state. I need to get more tactics on how I can protect myself while I’m online and also while offline.”

What was most pressing to the others was online gender-based, which they said is rampant with the state seemingly uninterested in hunting the preparators.

“There is a lot of cyber violence against women online but the government seems to be going after its critics like Dr Stella Nyanzi,” Clare Muhindo, an online content producer at the African Centre for Media Excellence (Acme), said.  

In the last six years a number of Ugandan female celebrities, including Judith Heard, Fabiola Anita, Martha Kagimba popularly known as Martha Kay, Cindy Sanyu, Sanyu Robina Mweruka, Desire Luzida, Zari Hassan, Anne Nakawombe alias Anne Nixons, and herbalist Sylvia Namutebi popularly known as Maama FiIna have fallen victims to this behavior, ostensibly by their jilted lovers or opportunists out to blackmail them for money. Brian Byaruhanga, a facilitator from the Defenders Protection Initiative (DPI), listed the use of antivirus, encryption, and backups among the key things the trainees could use to protect data from possible threats while working online.  To limit online virus attacks, Byaruhanga implored the participants to install paid-for antivirus. “There is a habit of installing unpaid for anti-virus,” Byaruhanga, a digital security executive, said “But it has a lot of disadvantages as it can’t give you Comprehensive Protection. When you use a free antivirus program, you're only getting a basic level of protection for your computer so it means you can be attacked.”

Online backup essentially means to back up data from your hard drive to a remote server or computer using a network connection and Byaruhanga emphasized to trainees that it’s one of the ways they can protect their data. “You can use cloud data backup or google photos to back up your information such that even if you lose your gadgets you can easily recover this information,” Byaruhanga said.  The recommendation that online platforms should be used back up prompted trainees to pose questions surrounding privacy.  “I do a lot of photography and every photo I take is automatically saved on Google photos,” Oliver Nakatudde a journalist with Uganda Radio Network, a subscription news agency based in Kampala, said.  “But how safe is our information.  Can’t it be leaked?”  In 2018, Google was forced to shut down Google Plus, its social network, after it discovered a security susceptibility that exposed the private data of up to 500,000 users and the trainers were asking if their information could be safe.

 In an effort to see that their information isn’t abused, Byaruhanga advised the trainees to avoid unsolicited email and links. “Before you click on any link you first cross-check if at all it’s legit,” Byaruhanga. “For example, it might be an email from Defenders Protection Initiative calling you for an event.  You can first check out our website to confirm if we are organizing this event. “     Phishing -  the fraudulent attempt to obtain sensitive information or data, such as usernames, passwords, and credit card details, by disguising oneself as a trustworthy entity in electronic communication- was cited as one of the ways sensitive information is lost to cybercriminals and state actors.