Protecting Sensitive Data in the Wake of the NSA
September 09, 2013

Last week we learned the US and UK intelligence agencies have cracked most major encryption codes protecting emails, bank statements and medical records. For NGOs working with particularly at-risk populations-- families, children, prisoners, refugees or political activists, just to name a few-- this latest revelation could pose a serious threat to the security of this data. 

At this point, the best way to combat these breaches of privacy is likely more political than technological. Mozilla and other leaders in the open source community have called upon Congress to halt the NSA's activities and create a public oversight process. DataKind has endorsed this petition. You can sign on here. 

While we at DataKind are deeply concerned to learn of this violation of the very tenets of digital security and will be watching diligently for updates to the situation, we want to remind you that there is still a low probability that the NSA is actively seeking your data or will use it to harm you. Nevertheless, we want to keep our community safe and informed. 

For the non-profits we support, we wanted to offer some greater insight into how our online privacy has been compromised, and what steps are still available to protect sensitive information.

First, the NY Times has a pretty good explanation of exactly how the NSA inserted back doors into many major tech platforms and services. These backdoors can be exploited by others too. The NSA focused on breaking SSL and VPN encryptions, which are often used to protect our emails, online purchases, and 4G network usage. 

Bruce Schneier at the Guardian offers tips on how you can still protect your data against spies. One tip of particular use to non-profits: use an air gap. Encrypt your data on a computer that has never touched an internet connection and move it to a connected computer using a USB. As Schneier says, "This might not be bulletproof, but it's pretty good."

Reporter Glenn Greenwald gave an excellent interview about why the end of internet privacy affects all of us, and not just people with 'something to hide.'

Right now, the conversation is centered about civil liberties, freedom of the press, and the functioning of our democracy-- all very worth talking about. But we don't want to forget that right now non-profits who need to protect the personal data of their clients-- shelters, medical providers, legal advocacy networks, human rights advocates, etc.-- should take a serious look at their security practices and take action to prevent their data from being compromised.

In the coming weeks we'll be talking about ways that non-profits can continue to protect their clients from breaches of online privacy. Let us know if you work for a non-profit dealing with these issues, or if you have advice to offer for NGOs facing this unprecedented challenge.


We'll be talking about data and civil liberties in another context later this month. Come to our Sept 24 Meetup to hear NYCLU data analyst Sara LaPlante, and Morris Justice Project founder Brett Stoudt talk about their work around stop and frisk. 


Read more posts
January 11, 2022
Our Ethics + Responsible Data Science Practices at DataKind
At DataKind, we take an expansive definition of data ethics and responsible data science as broad terms that can be used to describe the appropriate handling of data...
Read full story
December 21, 2021
Lessons from DataKind San Francisco’s Launch of DataAdvisory Projects
From financial forecasting to targeted advertisements, advancements in data collection and analysis have benefited a myriad of for-profit organizations today.
Read full story
October 14, 2021
Celebrating DataKind’s CEO: An Interview with Lauren Woodman
We’re thrilled to welcome Lauren Woodman as the new CEO of DataKind. She brings to the role over 25 years of experience working at the intersection of technology, development, policy, and NGOs...
Read full story
December 20, 2021
Shining a Light on Community: Looking Back at DataKind’s Virtual DataDive® Event
We hosted a DataDive® event in fall 2021, and with it being the season of giving, we thought what better time to share some highlights and express our deepest gratitude to our partners, volunteers, and sponsors...
Read full story
Blog Archive