Communication Security
The digital footprint of a legal observer is a vulnerability that state actors frequently exploit. This guide covers device hardening, secure communications, and information sharing protocols.
Device Security
Fundamental Requirements
The Electronic Frontier Foundation (EFF) mandates these security measures for field observers:
| Requirement | Implementation |
|---|---|
| Full-disk encryption | Enable device encryption |
| Strong passcode | 8-12 character alphanumeric |
| Biometrics disabled | Turn off Face ID/Touch ID |
| Auto-lock enabled | Shortest timeout practical |
| Remote wipe ready | Configure Find My Device |
Passcode Requirements
| Do | Do Not |
|---|---|
| Random alphanumeric (8-12 characters) | 4-digit PIN |
| Memorize completely | Birthdays, addresses |
| Change periodically | Sequential numbers (1234) |
| Unique to device | Same as other accounts |
Critical: Disable Biometrics
Disable ALL biometric unlocking before approaching enforcement zones.
| Biometric | Risk |
|---|---|
| Face ID | Police can force device to your face |
| Touch ID | Officers can apply finger to sensor |
| Fingerprint | Physical evidence, compellable |
Legal Distinction
| Unlock Method | Legal Protection |
|---|---|
| Memorized passcode | Strong Fifth Amendment protection |
| Biometric | Often considered physical evidence, compellable |
Current jurisprudence generally affords Fifth Amendment protections against self-incrimination to memorized passcodes. Courts frequently view biometric data as physical evidence that can be compelled.
Emergency Lock
Learn your device's emergency lock feature:
| Device | Method |
|---|---|
| iPhone | Hold Side + Volume (5 seconds) |
| Android | Varies by manufacturer; often Power x 5 |
This immediately requires passcode for next unlock.
Lockdown Mode
For high-risk deployments, enable advanced security features:
Apple Lockdown Mode
When activated:
- Blocks complex web technologies
- Prevents attachment downloads
- Thwarts sophisticated spyware
- Blocks cell-site simulators (Stingrays)
Android Security Features
- Disable USB debugging
- Enable network security
- Use secure DNS
- Disable Bluetooth when not needed
If Device Is Seized
If law enforcement seizes your device:
Immediate Actions
| Step | Action |
|---|---|
| 1 | Note time and circumstances of seizure |
| 2 | Notify legal coordinator immediately |
| 3 | Do NOT provide passcode |
| 4 | State: "I do not consent to search" |
| 5 | Request receipt for seized property |
Remote Security Actions
From a secure, secondary computer:
| Action | Purpose |
|---|---|
| Revoke cloud sessions | Prevent data access |
| Change account passwords | Secure linked accounts |
| Disable remote access | Prevent backdoor entry |
| Enable remote wipe | Last resort option |
Team Communications
Signal: The Standard
Signal is universally recognized as the standard for secure team communication.
| Feature | Protection |
|---|---|
| End-to-end encryption | Messages unreadable in transit |
| Minimal metadata | Only stores account creation date, last connection |
| Disappearing messages | Automatic message deletion |
| Sealed sender | Hides sender from Signal servers |
| Screen security | Prevents screenshots |
Signal Configuration
| Setting | Recommendation |
|---|---|
| Disappearing messages | Enable (24 hours or less) |
| Screen security | Enable |
| Registration lock | Enable with PIN |
| Link previews | Disable |
| Typing indicators | Disable |
Why Not Other Apps?
| App | Issue |
|---|---|
| SMS/iMessage | Not end-to-end encrypted by default |
| Metadata collected by Meta | |
| Telegram | Not E2E encrypted by default |
| Unencrypted, extensive metadata |
Real-Time Updates
Dispatch Communication
| Protocol | Purpose |
|---|---|
| Signal group chats | Secure team coordination |
| Disappearing messages | Tactical info auto-purges |
| Code words | Minimize sensitive language |
| Voice calls via Signal | Encrypted verbal communication |
Code Systems
Develop pre-arranged codes to minimize risk:
| Plain Language | Code Alternative |
|---|---|
| "Police arriving" | "Package incoming" |
| "Retreat now" | "Umbrella time" |
| "Medical emergency" | "Red situation" |
| "Observer detained" | "Bird down" |
Codes should be:
- Memorable
- Non-obvious
- Team-specific
- Changed periodically
Location Privacy
Tracking Vectors
| Technology | Risk |
|---|---|
| Cell tower pings | Continuous location tracking |
| Automated License Plate Readers (ALPRs) | Vehicle movement mapping |
| Transit cards | Movement tracking |
| Wi-Fi connections | Location identification |
| Bluetooth beacons | Proximity tracking |
Mitigation
| Action | When |
|---|---|
| Enable Airplane Mode | When not actively transmitting |
| Disable Wi-Fi | Before approaching zone |
| Disable Bluetooth | Throughout deployment |
| Turn off location history | Permanent setting |
| Use cash for transit | Avoid card tracking |
Metadata Minimization
| Setting | Action |
|---|---|
| Location services | Disable for non-essential apps |
| Photo geotagging | Disable in camera settings |
| Google/Apple location history | Turn off |
| Significant locations | Clear and disable |
Information Sharing
Who Receives Raw Evidence
| Authorized Recipients | Unauthorized |
|---|---|
| Supervising attorney | Social media |
| Legal defense committee | General public |
| Network coordinator | Unencrypted channels |
| Media (without authorization) |
Evidence Transmission
| Do | Do Not |
|---|---|
| Use encrypted channels | Email unredacted materials |
| Transfer directly to attorney | Post on social media |
| Maintain chain of custody | Share via unencrypted messaging |
| Document all transfers | Give to unauthorized parties |
Privacy Protection Before Public Release
Before ANY media is approved for public release:
| Requirement | Method |
|---|---|
| Blur all faces | Video/photo editing software |
| Obscure identifying marks | Tattoos, unique clothing |
| Strip EXIF metadata | GPS, timestamps, device info |
| Redact personal information | Names, addresses, plates |
EXIF Metadata Risks
Photos contain hidden data including:
- Exact GPS coordinates
- Precise timestamp
- Device model
- Camera settings
- Sometimes thumbnail of original
Always strip EXIF data before any public release.
Media Requests
Protocol
| Step | Action |
|---|---|
| 1 | Decline spokesperson role |
| 2 | Refer to designated media liaison |
| 3 | Do not share raw footage |
| 4 | Route all inquiries through organization |
Why Observers Don't Speak to Media
- Compromises neutrality perception
- May inadvertently share protected information
- Could affect ongoing legal proceedings
- Organizational messaging should be coordinated
Personally Identifiable Information
Protection Requirements
| PII Type | Handling |
|---|---|
| Arrestee names | Share only with legal team |
| Witness contacts | Encrypted storage only |
| Immigration status | Never document |
| Home addresses | Restricted access |
| Phone numbers | Encrypted storage |
Sensitive Community Information
Rapid Response Networks must:
- NOT operate as extensions of state databases
- Protect caller identities absolutely
- Guard immigration status information
- Use encrypted, decentralized databases
- Prevent network from becoming subpoena target
Communication Archives
Retention Policy
| Communication Type | Retention |
|---|---|
| Tactical coordination | Disappearing messages |
| Evidence documentation | Secure archive |
| Legal communications | Attorney-supervised storage |
| General coordination | Periodic purging |
Archive Security
| Requirement | Implementation |
|---|---|
| Encryption at rest | Encrypted drives/storage |
| Access controls | Limited authorized users |
| Regular audits | Review access logs |
| Secure destruction | Proper data wiping |
Secure Storage
Physical Security
| Item | Storage |
|---|---|
| Written observation logs | Locked file cabinet |
| SD cards | Secure container |
| Evidence collection | Chain of custody maintained |
Digital Security
| Requirement | Implementation |
|---|---|
| Encrypted cloud backup | Zero-knowledge provider |
| Local encrypted storage | Veracrypt or similar |
| Password manager | Unique, strong passwords |
| Two-factor authentication | Hardware key preferred |
Device Hygiene
Before Deployment
| Check | Action |
|---|---|
| Software updated | Install security patches |
| Storage available | Sufficient for recording |
| Battery charged | 100% before departure |
| Passcode working | Verify entry |
| Biometrics disabled | Confirm off |
After Deployment
| Task | Purpose |
|---|---|
| Review stored data | Assess what was captured |
| Backup to secure storage | Preserve evidence |
| Clear unnecessary data | Minimize exposure |
| Review app permissions | Remove suspicious grants |
Related Resources
Last updated: March 24, 2026