Digital technology has transformed the way we live and work. It brings immense possibilities as well as new potential threats.
Hackers of various allegiances (private, criminal or state-sponsored) may want to get access to your accounts and data. Beyond hacking, the surveillance state is now a reality, with intelligence services legally gaining access to anything hosted or transferred by cloud or internet service providers (ISP) in their countries.
This guide was also designed to help you adopt appropriate security measures to protect your activities. This is not limited to political activism: if you are a researcher working with personal and/or sensitive data, that includes your research subject's security, and more. The first step is always to assess risks and define your threat model – this will help you decide which security measures are necessary for you, and which are excessive.
At a lower level, your personal data is collected massively by corporations and states with or without consent, despite protection by various laws across the world. Some cases are very benign (tracking for advertising) and others much more problematic (surveillance). This guide covers basic practices which help limit the amount of data which can be exploited by third parties.
The Electronic Frontier Foundation's Surveillance Self-Defense guide is a reference.
To learn more about the legal aspects of personal data protection, check out this other guide (in French) prepared by our Data Protection Officer (DPO) Céline Vilmen. For more general advice on research data management, please visit our RDM libguide.