As I have been following the conversation about internet and communication technology (ICT) I find myself thinking about the human rights defenders around the globe who are not yet connected to this network - due to lack of electricity, no phone service, or no computer availability. As we rely more heavily on these technologies for security, how do we help the most isolated, and therefore most vulnerable, of the HRDs, increase their safety. In response to Edna's post which, as I understand it, differentiates between "accompaniment" and the protective response of ICT, for some communities these responses are intertwined. Its the relationships with international human rights defenders that connects isolated communities to ICT. This can be in a preventive AND reactive response - without the international NGO's access to ICT, there are isolated communities that would be less effective in getting information to people who can use it to change laws, increase visibility of the work of HRDs and exert pressure on decision makers regarding specific human rights violations.
edna.aquino wrote:
Perhaps it's also timely to examine the relationship beween 'security' and 'protection'? It may seem pretty obvious but there might be some nuances that are worth capturing in this conversation. For isntance, what I find very interesting and impressive in the contributions by colleagues working in the area of ICT and security is the role that this could play on the 'preventive' side which, I think, is still very much underdeveloped in existing 'protection' responses as outlined above. The consciousness-raising amongst HRDs and their organisations about their personal well-being and security as an integral part of their public roles as HRDs is another area where 'preventive' strategy could be further developed and supported.
Another way we can support the protection of human rights defenders is through organizations that focus specifically on this area. The Observatory for the Protection of Human Rights Defenders is a joint program by the World Organization Against Torture (OMCT) and the International Federation for Human Rights (FIDH). The Observatory mobilizes the international community and the media as protection agents for HRDs. In addition, they also provide emergency protection to HRDs in the field through urgent actions notifications and material assistance. They also produce regular reports (such as their recent fact-finding mission report on the situation of human rights defenders in Nigeria) and an annual publication, Steadfast in Protest, which highlights issues in Sub-Saharan Africa, the Americas, Asia, Europe, North Africa, and the Middle East.
What other groups focus specifically in this area? What opportunities for involvement are there?
how to draft and manage security policies, plans and policies
Generally speaking, policies, plans and protocols are based on risk analysis. In Part I of its New Protection Manual for hrd -NPMHRD-, PI suggests a sequence of steps to get to the actual elaboration of security strategy, plan and protocols.
Drafting them is of course not enough as they need to be implemented, managed, updated. The process requires also ownership by hrds
A difficulty might be where to start from as hrds are not starting from zero and the security experience of hrds working with a same organisation is not even.
In Part II of NPMHRD, PI suggests steps to improve security management starting with assessing organisational security performance (in fact, it can apply to the single hrd too).
The implementation of the security wheel can be regarded as the starting point of security process towards improved security management.
In Part III of NPMHRD, PI suggests some examples of policies and protocols.
How can we effectively train staff on security policies?
On behalf of PI, I have been giving security/protection trainings to hrds for several years. So I can share PI's perception.
As all the rest, there is no one single answer. PI prefers to speak of training, counselling, providing induction, coaching etc as each action can potential lead to the same final result and requires different skills. Thus, it multiplies the possibilities and opportunities for hrds to share their security knowledge and induce positive organsiational changes as far as security as concerned.
Example, several students could attend the same class on history yet not all of them will carry out the same profession. Some could be researchers, teachers, historians, carpenters etc. It depends on their motivations, interets, passions, opportunities,concerns, etc. Some might not feel at ease speaking to a group yet they would be excellent conveyors on a one to one level, etc.
So, training has multiple facets than can include, but not necessarily, 'conducting' a training to a group, to members of an organisation.
Yet, some form of training/consultancy is necessary and the security wheel (New Protection Manual for hrd by PI) can help determine whether there is 'in-house' skills to give the training to all organisational members or if the organsiation need to rely partially or totally on an external consultant, etc.
Whatever the choice is, expectations in terms of results should be realistic.
Realistically speaking, a training can achieve awareness, knowledge, seldom the necessary change in attitude implemented 'as long as necessary'.
In other words, after a training, in case of a security problem, the defender will probably be aware of what they should have done instead of having implemented the acquired knowledge of the training to prevent and reduce the probability of the risk and/or its consequences (as a risk is never equal to zero).
So, the actual work comes after the training and requires time to be dedicated to its follow up and permanent management to update the whole security level of an organisation. Each time a new member joins the organisation (just to mention one variable), the 'security level' of the organisation is 'jeopardised'. Unless the new comer is trained, the whole security level of the organisation would be closer to his/her level than the level of the rest of the organisation. This is based on the following assumption: a potential aggressor will/can try to go through the the weakest point, therefore the organsiational security is equal to the organisation's weakest point. Let alone the variable of the so called 'unintentional' behaviour of the hrds.
In the light of the many options illustrated above, PI believes that realistic objectives of security trainings are awareness and knowledge. Depending on the participants' skills, some will be able to transfer the acquired knowledge on an individual basis or to a group, in a training format o in a consultancy/conversation format etc.
All forms can potentially lead to an improved security management for the organisations. The improved management comes after the training.
Thus, the training/consultancy/induction/coaching etc, could be conceived with the above 'realistic objectives'.
Thinking also in terms of coaching/consultancy/one to one convesration etc doesn't take a gram away from the topic. PI conceives its training like taht also and its training is equivalent to what is generally called Training of Trainers –ToT.
However, PI does not call its trainings ToT as PI believes that a ToT is either a training (transfer of topic only) given to proven trainers (homogenous group of people with pedagogic and methodological training skills) or a training for people who want to become trainers (heterogeneous group of people. Transfer of methodology and pedagogical skills, before they acquire the content of the security/protection management. This a far longer process than a week training which is 'usually' enough to reach awareness and fundamental knowledge on security.
In other words, an organisation could decide to have a whole week of training for the whole staff and/or members either resorting to a member who has attended a security training or has acquired systematic and systemitised knowledge by individual reading/researching; or arrange for one day a week repeated within an extended timeline with the whole staff/members, or proceed per unit of work with a smaller group, etc.
In the New Protection Manual for HRD, PI makes several references to 'trainig' taking into account the multiple its multiple facets.
My comment doesn't tackle the 'how" question proper yet I hope it opens realistic and adaptable perspectives for different organisations and contexts.
Effective Training = Learning to Think Critically About Security
I appreciate Marie's take on focusing on the most realistic of the multiple possible outcomes of any given "training".
The following are few personal observations on the "how" of effective (Internet) security training in general:
After leading numerous workshops on Internet security in the last few years to HRDs of widely varying capacities, experiences, and interests, I've finally settled on giving the ability to think critically about security my highest priority. Towards this end I often use a modified socratic dialog approach to level the perceived difference between expert and student, and also to help bring participants to the conclusion that they know more about security (in general) than they would usually give themselves credit for.
Given the disparities in computer skills represented by workshop participants, it's been my experience that thinking critically about security is more easily taught than specific security skills. Not only does focusing on this outcome (while simultaneously providing multiple practical hands-on segments) help to provide particpants in my workshops with "rules of thumb" (analytic concepts) and tools they can use immediately, but also more importantly, it empowers and provides them with tools and strategies that don't become obsolete in the next upgrade cycle.
Emphasizing the importance of critical thinking and continually reapplying a handful of valuable security concepts does not necessarily mean that I eschew teaching specific skills to HRDs and their support organizations, but it does preceed any and all of our hands-on workshop segments, so that participants now understand what they'll get (and more importantly NOT get) after working through the twenty something steps it takes, for instance, to create a hidden encrypted TrueCrypt partition: https://www.vaultletsoft.com/ppt/truecrypt-hidden-volumes/img3.html.
There are two additional advantages to continual reinforcement of fundamental concepts and analytic practices via a socratic approach: The first is that HRDs who would self-describe themselves as "all thumbs" when it comes to computers often find that they are actually quite good at thinking critically about security; this reinforces their self-esteem and consequently increases their involvement with the subject at hand while minimizing the cognitive gap that they've got to bridge in order to assimilate workshop content.
The second advantage to this approach is that they see for themselves that good security is an ongoing process. They also come to their own conclusion that good security is also relative to their own context and tolerance for risk.
Rick
p.s.: This is an interesting set of conversations - 'wish I had more time to dedicate to following and participating in them.
What can the rest of us need to do to protect defenders?
Hello Everyone,
Through this dialogue on the many interrelated items, many aspects have been 'touched' and support references and publications given. We can't speak of details. Yet, basically all items evoked in the dialogue require deeper exchange of 'critical thinking' and experiences. Emblematic cases that resolved both in 'happy' and drammatic ending and ongoing emblematic cases would be a way to help answer the question of 'what can the rest of us to to support defenders'. There are specific contexts that could be further explored, like:
- the one in which defenders in Israel and Palestine are (evoked by Louis Frankenthaler: Protecting HRDs beyond physical violence)
- the one in Kyrgyzstan and other places
- defenders and victims and witnesses
- etc
to try and contribute to answering the question and maybe see whether some objectives are out of reach for defenders in case some fundamental conditions are not met first.
The 'rest of us' doesn't correspond to an homogenuous and compact/cohesion group. I believe we would need to split it up in its different components. On www.protectionline.org, PI has subdivided some of the 'rest of us' in some of its elements according to profiles and mandates in protection of defenders.
According to me, the 'rest of us' means also the wider group under 'public opinion' which is not necessarily aware of the existence of defenders and active civil societies in countries torn by war, impunity, etc. Yet, the defenders actions need support from the wider public opinion. The latter represents the majority of a country. Public opinion hardly hear about defenders in Israel and Palestine. It mostly hears of Israeli army and Palestian kamikazes who are a very small percentage of the population in those countries.
I think raising public awareness about the existence of defenders and active civil society is one of the ojectives that can help get closer to the next one: civil mobilsation for defenders and thus, closer to the more global one of 'protected defenders'
That requires the support and contribution of mass media...
What could be done to get mass media coverage of defenders and active civil societies around the world?
How can the public opinion become aware of the power it really has in supporting defenders (and itself as defenders represent groups of victims part of the public opinion/citizens)?
If the Field Forces analysis is implemented (New protection Manual for hrd by PI), one could say that:
Most of the time, the citizens/public opinion constitute the forces of unknown direction that defenders would need to mobilise before the 'resisting forces' coopt them.
The 'rest of us' includes also the rest of defenders. And the rest of defenders are alreay aware of many of the steps that could be taken although they face resisting forces.
The rest of defenders and genuine key stakeholders constitute the supporting forces.
I think that in the case of defenders living in remote areas, I would say the context might make it a little more laborous if they are also 'isolated'. To get access to protection mechanisms one needs to be known by key stakeholders which include also other hrd. Defenders living in remote areas need to build/gain access to hrd networks (it is not a definite pre-condition, yet it helps).One could compare it with the case of defenders who have relationship with i
influential people: it helps, yet it is not a pre-condition.
There are some many other contextual variables that have an influence.
So, yes, potentially both groups can ahve same access to protection mechanisms.
Greetings,
As I have been following the conversation about internet and communication technology (ICT) I find myself thinking about the human rights defenders around the globe who are not yet connected to this network - due to lack of electricity, no phone service, or no computer availability. As we rely more heavily on these technologies for security, how do we help the most isolated, and therefore most vulnerable, of the HRDs, increase their safety. In response to Edna's post which, as I understand it, differentiates between "accompaniment" and the protective response of ICT, for some communities these responses are intertwined. Its the relationships with international human rights defenders that connects isolated communities to ICT. This can be in a preventive AND reactive response - without the international NGO's access to ICT, there are isolated communities that would be less effective in getting information to people who can use it to change laws, increase visibility of the work of HRDs and exert pressure on decision makers regarding specific human rights violations.
Another way we can support the protection of human rights defenders is through organizations that focus specifically on this area. The Observatory for the Protection of Human Rights Defenders is a joint program by the World Organization Against Torture (OMCT) and the International Federation for Human Rights (FIDH). The Observatory mobilizes the international community and the media as protection agents for HRDs. In addition, they also provide emergency protection to HRDs in the field through urgent actions notifications and material assistance. They also produce regular reports (such as their recent fact-finding mission report on the situation of human rights defenders in Nigeria) and an annual publication, Steadfast in Protest, which highlights issues in Sub-Saharan Africa, the Americas, Asia, Europe, North Africa, and the Middle East.
What other groups focus specifically in this area? What opportunities for involvement are there?
Generally speaking, policies, plans and protocols are based on risk analysis. In Part I of its New Protection Manual for hrd -NPMHRD-, PI suggests a sequence of steps to get to the actual elaboration of security strategy, plan and protocols.
Drafting them is of course not enough as they need to be implemented, managed, updated. The process requires also ownership by hrds
A difficulty might be where to start from as hrds are not starting from zero and the security experience of hrds working with a same organisation is not even.
In Part II of NPMHRD, PI suggests steps to improve security management starting with assessing organisational security performance (in fact, it can apply to the single hrd too).
The implementation of the security wheel can be regarded as the starting point of security process towards improved security management.
In Part III of NPMHRD, PI suggests some examples of policies and protocols.
Marie
On behalf of PI, I have been giving security/protection trainings to hrds for several years. So I can share PI's perception.
As all the rest, there is no one single answer. PI prefers to speak of training, counselling, providing induction, coaching etc as each action can potential lead to the same final result and requires different skills. Thus, it multiplies the possibilities and opportunities for hrds to share their security knowledge and induce positive organsiational changes as far as security as concerned.
Example, several students could attend the same class on history yet not all of them will carry out the same profession. Some could be researchers, teachers, historians, carpenters etc. It depends on their motivations, interets, passions, opportunities,concerns, etc. Some might not feel at ease speaking to a group yet they would be excellent conveyors on a one to one level, etc.
So, training has multiple facets than can include, but not necessarily, 'conducting' a training to a group, to members of an organisation.
Yet, some form of training/consultancy is necessary and the security wheel (New Protection Manual for hrd by PI) can help determine whether there is 'in-house' skills to give the training to all organisational members or if the organsiation need to rely partially or totally on an external consultant, etc.
Whatever the choice is, expectations in terms of results should be realistic.
Realistically speaking, a training can achieve awareness, knowledge, seldom the necessary change in attitude implemented 'as long as necessary'.
In other words, after a training, in case of a security problem, the defender will probably be aware of what they should have done instead of having implemented the acquired knowledge of the training to prevent and reduce the probability of the risk and/or its consequences (as a risk is never equal to zero).
So, the actual work comes after the training and requires time to be dedicated to its follow up and permanent management to update the whole security level of an organisation. Each time a new member joins the organisation (just to mention one variable), the 'security level' of the organisation is 'jeopardised'. Unless the new comer is trained, the whole security level of the organisation would be closer to his/her level than the level of the rest of the organisation. This is based on the following assumption: a potential aggressor will/can try to go through the the weakest point, therefore the organsiational security is equal to the organisation's weakest point. Let alone the variable of the so called 'unintentional' behaviour of the hrds.
In the light of the many options illustrated above, PI believes that realistic objectives of security trainings are awareness and knowledge. Depending on the participants' skills, some will be able to transfer the acquired knowledge on an individual basis or to a group, in a training format o in a consultancy/conversation format etc.
All forms can potentially lead to an improved security management for the organisations. The improved management comes after the training.
Thus, the training/consultancy/induction/coaching etc, could be conceived with the above 'realistic objectives'.
Thinking also in terms of coaching/consultancy/one to one convesration etc doesn't take a gram away from the topic. PI conceives its training like taht also and its training is equivalent to what is generally called Training of Trainers –ToT.
However, PI does not call its trainings ToT as PI believes that a ToT is either a training (transfer of topic only) given to proven trainers (homogenous group of people with pedagogic and methodological training skills) or a training for people who want to become trainers (heterogeneous group of people. Transfer of methodology and pedagogical skills, before they acquire the content of the security/protection management. This a far longer process than a week training which is 'usually' enough to reach awareness and fundamental knowledge on security.
In other words, an organisation could decide to have a whole week of training for the whole staff and/or members either resorting to a member who has attended a security training or has acquired systematic and systemitised knowledge by individual reading/researching; or arrange for one day a week repeated within an extended timeline with the whole staff/members, or proceed per unit of work with a smaller group, etc.
In the New Protection Manual for HRD, PI makes several references to 'trainig' taking into account the multiple its multiple facets.
My comment doesn't tackle the 'how" question proper yet I hope it opens realistic and adaptable perspectives for different organisations and contexts.
Marie
I appreciate Marie's take on focusing on the most realistic of the multiple possible outcomes of any given "training".
The following are few personal observations on the "how" of effective (Internet) security training in general:
After leading numerous workshops on Internet security in the last few years to HRDs of widely varying capacities, experiences, and interests, I've finally settled on giving the ability to think critically about security my highest priority. Towards this end I often use a modified socratic dialog approach to level the perceived difference between expert and student, and also to help bring participants to the conclusion that they know more about security (in general) than they would usually give themselves credit for.
Given the disparities in computer skills represented by workshop participants, it's been my experience that thinking critically about security is more easily taught than specific security skills. Not only does focusing on this outcome (while simultaneously providing multiple practical hands-on segments) help to provide particpants in my workshops with "rules of thumb" (analytic concepts) and tools they can use immediately, but also more importantly, it empowers and provides them with tools and strategies that don't become obsolete in the next upgrade cycle.
Here are a number of important concepts that are introduced and reinforced in my workshops: https://www.vaultletsoft.com/ppt/ses-pdp-refresh/img2.html.
Emphasizing the importance of critical thinking and continually reapplying a handful of valuable security concepts does not necessarily mean that I eschew teaching specific skills to HRDs and their support organizations, but it does preceed any and all of our hands-on workshop segments, so that participants now understand what they'll get (and more importantly NOT get) after working through the twenty something steps it takes, for instance, to create a hidden encrypted TrueCrypt partition: https://www.vaultletsoft.com/ppt/truecrypt-hidden-volumes/img3.html.
There are two additional advantages to continual reinforcement of fundamental concepts and analytic practices via a socratic approach: The first is that HRDs who would self-describe themselves as "all thumbs" when it comes to computers often find that they are actually quite good at thinking critically about security; this reinforces their self-esteem and consequently increases their involvement with the subject at hand while minimizing the cognitive gap that they've got to bridge in order to assimilate workshop content.
The second advantage to this approach is that they see for themselves that good security is an ongoing process. They also come to their own conclusion that good security is also relative to their own context and tolerance for risk.
Rick
p.s.: This is an interesting set of conversations - 'wish I had more time to dedicate to following and participating in them.
Hello Everyone,
Through this dialogue on the many interrelated items, many aspects have been 'touched' and support references and publications given. We can't speak of details. Yet, basically all items evoked in the dialogue require deeper exchange of 'critical thinking' and experiences. Emblematic cases that resolved both in 'happy' and drammatic ending and ongoing emblematic cases would be a way to help answer the question of 'what can the rest of us to to support defenders'. There are specific contexts that could be further explored, like:
- the one in which defenders in Israel and Palestine are (evoked by Louis Frankenthaler: Protecting HRDs beyond physical violence)
- the one in Kyrgyzstan and other places
- defenders and victims and witnesses
- etc
to try and contribute to answering the question and maybe see whether some objectives are out of reach for defenders in case some fundamental conditions are not met first.
The 'rest of us' doesn't correspond to an homogenuous and compact/cohesion group. I believe we would need to split it up in its different components. On www.protectionline.org, PI has subdivided some of the 'rest of us' in some of its elements according to profiles and mandates in protection of defenders.
According to me, the 'rest of us' means also the wider group under 'public opinion' which is not necessarily aware of the existence of defenders and active civil societies in countries torn by war, impunity, etc. Yet, the defenders actions need support from the wider public opinion. The latter represents the majority of a country. Public opinion hardly hear about defenders in Israel and Palestine. It mostly hears of Israeli army and Palestian kamikazes who are a very small percentage of the population in those countries.
I think raising public awareness about the existence of defenders and active civil society is one of the ojectives that can help get closer to the next one: civil mobilsation for defenders and thus, closer to the more global one of 'protected defenders'
That requires the support and contribution of mass media...
What could be done to get mass media coverage of defenders and active civil societies around the world?
How can the public opinion become aware of the power it really has in supporting defenders (and itself as defenders represent groups of victims part of the public opinion/citizens)?
If the Field Forces analysis is implemented (New protection Manual for hrd by PI), one could say that:
Most of the time, the citizens/public opinion constitute the forces of unknown direction that defenders would need to mobilise before the 'resisting forces' coopt them.
The 'rest of us' includes also the rest of defenders. And the rest of defenders are alreay aware of many of the steps that could be taken although they face resisting forces.
The rest of defenders and genuine key stakeholders constitute the supporting forces.
Marie
Does Human Rights Defender who live in remote area has the same level of access to protection mechanisms as compare to those who live in capitals?
Similarly education, class and relationship (marriage, affair, friendship) of hrd with influential people play important role in his/her protection?
My experience says YES for all. What are your thoughts?
I think that in the case of defenders living in remote areas, I would say the context might make it a little more laborous if they are also 'isolated'. To get access to protection mechanisms one needs to be known by key stakeholders which include also other hrd. Defenders living in remote areas need to build/gain access to hrd networks (it is not a definite pre-condition, yet it helps).One could compare it with the case of defenders who have relationship with i
influential people: it helps, yet it is not a pre-condition.
There are some many other contextual variables that have an influence.
So, yes, potentially both groups can ahve same access to protection mechanisms.
Thanks Marie , thats true its not pre-condition but it helps....
Pages