Movement Strategy/Recommendations/Iteration 3/Provide for Safety and Security

Provide for Safety and Security
Connection to other recommendations
Connection to other recommendations

This recommendation proposes the idea of the safety and security of Movement stakeholders as a fundamental requirement. As such, the well-being, safety and security, protection, and privacy of any participant in the Movement is embedded in all other recommendations.

What
In order to “become the essential infrastructure of the ecosystem of free knowledge”, as a Movement, we must ensure contributors have the proper conditions and resources enabling them to work without having their personal and communal security compromised. Any issue related to the safety of free knowledge contributors in one community will be considered a matter of utmost importance to the whole Movement.

We must provide policies and procedures for all stakeholders’ protection, based upon a contextual evaluation adapted to varying environments. These need to ensure participants have adequate safeguards to prevent and react to threatening situations. Necessary resources must be made accessible for all stakeholders to be able to deploy the infrastructure needed to protect them in their context.

Why
Why

Geopolitical tensions often threaten individual liberties and restrict Internet use, making it crucial to guarantee safety and security if we want to allow for a diverse and globally relevant Movement.[1] Many communities face government bans or threats, feeling isolated, and fear for their safety when contributing to Wikimedia.[2] There is currently no systematic approach to support contributors at risk due to their participation in Movement activities, and a lack of the essential local capacity to protect contributors’ anonymity.[3] If we want to stay inclusive and embrace future communities, we need to provide mechanisms to mitigate the barriers which threaten safety and security.[4]

There is a structural and widening gap between the growth of the world’s online population and the areas where the Wikimedia Movement is trying to engage. Part of this is due to the lack of understanding of the possible threats and dangers, from online harassment[5] and bullying[6] to legal prosecution, that engagement in Wikimedia projects may imply in every context. Another part is a lack of knowledge of the actions required to tackle threats and potentially threatening situations.[7] In some cases, these threats are rooted in political instability and can take the form of state-sponsored censorship[8] and legal action against individuals.

In other cases, there can be organizations or groups that might try to harm contributors or the platform as a whole, or pressure them to change content.[9] The consequences of these threats can be severe, including death because of suicide or murder.[10] Ensuring anonymity, privacy, and access to the necessary security measures to address practices such as doxing and trolling is critical to strengthening and expanding the community in the future and to the sustainability of the Movement.[11] We must ensure that the participation in our projects does not tolerate any kind of violence.

How
How

To ensure contributors have the proper conditions and resources, enabling them to work without having their personal and communal security compromised, we recommend an approach based on several actions. We must bring clarity to our policies on behavior and adopt a universal Code of Conduct developed through community consultations and contextualized for local circumstances, which determines acceptable behaviors essential for the entire Movement.[12] Beyond the Code of Conduct for our internal relations, we will need a system that outlines procedures to provide for protection and safety from external factors. This system needs to encompass evaluating training needs in diverse contexts, providing training and technical solutions, and developing a system for emergency response.

We must establish a methodology of documenting the different contexts in which volunteers contribute, the current threats that might be encountered while contributing, and communication channels available in stakeholders’ environments.[13] Based on those findings, we need to develop a digital security plan that includes processes to protect the safety and security of our stakeholders, as well as emergency procedures to follow if the need arises. It must be widely available and include best practices on suicide prevention and support for vulnerable consumers of knowledge.[14]

We must offer training, as needed, to raise awareness and build response capacity to provide ways to safeguard the privacy and security of those contributors who put themselves at risk or face complex challenges due to their participation.[15] For prevention, we need built-in platform mechanisms aimed at anonymization. When that is not possible, we must disseminate knowledge among contributors on preserving their anonymity through external mechanisms (such as VPN, IP masking, Tor, etc.), which might require some technical support and personalized training.[16] Equally, training needs to be established for volunteers and staff dedicated to trust and safety (including members of communities, such as administrators or Arbitration Committee members) in order to provide psychological and resource support to participants.[17]

In the event of an emergency, we need to have a clear, rapid response and support infrastructure ready and easily accessible, so that editors have available resources to mitigate harm, such as psychological support (e.g., psychologists, mediators), legal assistance (e.g., list of partner lawyers, facilitation of legal representation at a local level), or a fast-track escalation path in life-threatening situations. These might also include procedures for reacting to large-scale challenges, like Internet access shutdowns.[18]

The entire Movement must be aware of the different risks involved in contributing from specific regions and balancing those conversations with our strategic needs for public neutrality. Nonetheless, for a matter of effectiveness, the training and support infrastructure needs to be provided by stakeholders in touch with the region who have a higher degree of knowledge of the legal aspects and cultural idiosyncrasies (in the frame of an emergent regional structure or another entity which can ensure this knowledge). Regional structures would be active participants in adapting and evaluating safety and security guidelines and procedures.[19]

Expected outcomes
  • Create clarity and transparency[20] around behavioral standards and enforcement/resolution processes/procedures for all Movement stakeholders. This would begin with a universal Code of Conduct and establish viable structures for conflict resolution across all Movement levels.[21]
  • Develop a security plan, based on an analysis of contextualized environments and participant needs, which organizes technical, human, and legal support processes to protect the physical and psychological well-being, safety, security, anonymity, and privacy of all our stakeholders, along with rapid-response procedures to follow in emergencies.[22]
  • Establish easily accessible incident reporting and support systems on and off-Wiki to provide stakeholders with solutions to protect themselves, take precautionary measures, and mitigate threats to their security, safety, well-being, and privacy.[23]
References
References
  1. Community Health R5: Investing in building an inclusive global community, Freedom on the Net 2018 report, Freedomehouse.org, Considering 2030: Misinformation, verification, and propaganda.
  2. Venezuela Strategy Salon, 2019.
  3. Community Health R5: Investing in building an inclusive global community, Community Health R8: Privacy and security for everyone, Morocco Strategy Salon - July 2019ز
  4. Advocacy R10: Protection of Advocates, Community Health R5: Investing in building an inclusive global community, Community Health R8: Privacy and security for everyone.
  5. Women Editors - June 2019, Hong Kong Strategy Salon, July 2019, Thailand Strategy Salon, August 2019.
  6. Wikimedia UK Annual General Meeting - June 2019.
  7. Advocacy R10: Protection of Advocates.
  8. Community Survey Analysis: Advocacy, Q1.
  9. French Speaking Community - July 2019.
  10. Case of Wikimedian killed by Syrian Government in 2015 - Arabic Speaking Community - June 2019.
  11. Community Health R10: Network to continually support community health, Women Editors - June 2019, Gender equity report 2018.
  12. Community Health R5: Investing in building an inclusive global community, Community Health R1: A joint set of rules we all agree to live by (a.k.a. Code of Conduct), Cycle 2 Final summary.
  13. Advocacy R10: Protection of Advocates.
  14. Community Health R8: Privacy and security for everyone, Advocacy R10: Protection of Advocates.
  15. Advocacy R10: Protection of Advocates, Community Health R5: Investing in building an inclusive global community, New Voices Synthesis report.
  16. Advocacy R10: Protection of Advocates, Community Health R8: Privacy and security for everyone.
  17. Community Health R5: Investing in building an inclusive global community.
  18. Advocacy R10: Protection of Advocates, Venezuela Strategy Salon - July 2019.
  19. Advocacy R5: Advocacy Hub, Community Health R10: Network to continually support community health.
  20. Community Survey Analysis: Roles & Responsibilities, Q4, “need for transparency by the board”.
  21. Community Health R1: A joint set of rules we all agree to live by (a.k.a. Code of Conduct).
  22. Advocacy R10: Protection of Advocates, Community Health R5: Investing in building an inclusive global community.
  23. Product & Technology R6B: Modernize Technical Contributor Tooling, Advocacy R10: Protection of Advocates.