One topic that was always neglected at DiEM25 is cyber security, digital self-defense, or as it was called at DiEM25: Technological Sovereignty. The movement communicated in unencrypted WhatsApp and Telegram groups, with unencrypted emails, in the video conferencing software Zoom, in Google Docs and Facebook groups. The critics of those bad practices were, of course, white, educated and computer-savvy nerds who annoyed everyone with their constant criticism. Since even the nerds couldn’t agree on a gold standard, Telegram settled in as a quasi-standard, even though group chat doesn’t offer an option for encryption.
When we raised our concerns, we often got the answer that our conversations were usually harmless and uninteresting for secret services and the like. Or that the movement would have to grow first and then we would have money for secure alternatives of our own. Requests to move to an encrypted and decentralised pad, to DiEM25’s own cloud or to the secure Signal messenger were regularly met with debates on basic principals and heavy reluctance. I nonetheless strongly believe that progressive movements cannot afford such a luxury. Building and using encrypted, secure and decentralised/federated alternatives is essential for the following reasons:
1. What counts as “important” information?
It might be true that clandestine or even illegal things were rarely discussed in our conversations. But who can define what is sensitive information and what is not? For some members – e.g. public sector employees or foreigners with unclear residence status – the threshold is certainly different than for the native German with wealthy parents living in an alternative housing project. If chat histories are really being analysed (by whomsoever there are few limits to the imagination after the Edward Snowden and Cambridge Analytica scandals) then it would also be interesting for the political opponent to find out which internal conflicts hold sway over the movement, where the organisational weaknesses are, who the dominant members are and which tactics are preferred. Eventually the moment will arrive when an affinity group enters the action phase. Strategically important information emerges that can put many members in danger. The use of secure digital tools should be ubiquitous by then.
2. Protecting exposed persons
Data security and encryption should be standard practice for another important reason: The broad usage of such tools benefits those who depend on them. In Eastern European or countries of the Middle East dissidents are much more vulnerable than in Germany, France or Greece. If the mere use of an encrypted communication channel arouses suspicion, then that is a problem. But if everyone communicates in encrypted form, those at risk disappear into the crowd. Encrypted communication is a fundamental right that should be used as a self-evident matter.
3. Larger social context
During the work on the paper for Technological Sovereignty, it became clear to us that social networks like Facebook and Twitter, infrastructure giants like Google and Amazon and generally software companies whose business model is to tap and sell data streams from users are a big social problem. The big tech companies exploit Big Data in so many different ways that we can’t quite conceive it. Video conference streams may train an algorithm for automatic face recognition, or our chat conversations may reveal semantic patterns in progressive organisations. But it doesn’t always have to be a controversial matter. The involuntary data extraction of billions of people gives the companies involved a gigantic business advantage and with it comes the opportunity to „disrupt“ existing labour markets around the world. Just think of Doordash, Uber, Deliveroo and AirBnB. For a deeper insight into the risks posed by big tech companies, we recommend the following books: Abolish Silicon Valley by Wendy Liu, the essay Capitalism’s New Clothes by Evgeny Morozov or Das Kapital sind wir by Timo Daum, for german readers.
The more we use decentralised and self-determined digital infrastructure, the more we are protected from sabotage or censorship. What if youTube suddenly decides to delete our content, if Telegram blocks a chat, if the provider of our web space shuts down the site? At the latest when the organisation or movement grows, the need for maximum security increases, if only for legal reasons. The General Data Protection Regulation (GDPR) requires strict rules on the handling of personal data. An organisation or movement must also protect itself on this front.
5. It’s simple!
Secure, decentralised and encrypted tools are everywhere. The left collective riseup.net offers mailing lists, collaborative text editors, VPN tunnels, data storage and email addresses. The website Switching Software offers ethical, easy-to-use and secure software alternatives to almost every digital tool. Prism Break offers tools for all common operating systems that „make mass surveillance of entire populations uneconomical“ and the German association Digitalcourage provides easy-to-understand tips on their site.
Furthermore the Data Detox Kit of the Tactical Tech Collective offers „everyday steps you can take to control your digital privacy, security and well-being“.
(This text is an excerpt of my book about DiEM25 and how to improve political movements – currently in development.)