CUNY Digital Initiatives gave a workshop about digital safety, with a specific focus on overt and covert digital surveillance on Wednesday, September 24. The workshop was led by PhD student Anna Sellis.
Anna spoke first about the importance of understanding how digital information is collected and can be used against individuals, particularly in the wake of last year’s student protests, as students are increasingly monitored by universities using digital data collected from social media sites, location tools, etc. She also discussed how the NYPD has several ways of collecting easily available information for monitoring and location purposes. One way they do this is through cell site simulators (also known as “sting rays” or imsi catchers). These are mini mobile cell towers, or drones, that can connect to phones to intercept calls, read messages, and generally collect data from the phone’s owner. Information collected from sources such as the cell site simulator is often sold to data brokerages, where it can be used for monitoring but also for marketing and scam purposes.
So what can be done to prevent or minimize risk? Several suggestions for ways to protect devices and their humans from data breach, stolen identity, surveillance and fraud. Installing malware programs are a good first defense: there are apps (DangerZone, uBlock origin) and software programs (Malwarebytes, Avira, Bitdefender) that can mitigate cyber attacks, but often the first and easiest defense it to make sure provider updates are installed on phones and devices. Next, Anna discussed ways to enable secure settings: avoid biometric data (fingerprints, facial recognition); disable location services and clear location history; use airplane mode and the new “lockdown” mode on iPhone strategically; check connectivity settings and delete connectivity history. I was unaware about connectivity history: it’s a list of everywhere your device has connected to WiFi and can provide details about your movements over time.
Anna then encouraged using end-to-end encrypted software or Open Source programs for messaging, email, browers and document sharing, including Whatsapp, Jitzi, Disconnect and others. She noted that while these platforms and programs may be more secure, there is sometimes a trade-off in that they can be buggy and slow performing. To prevent tracking through internet sites you visit, VPNs, or Virtual Private Networks, are software that allow you to visit sites without digitally disclosing your identity, although there are a few caveats: don’t use the free VPNs and before you sign up, check out privacy policies and make sure their encryption is up to date (you can Google it). TORs (The Onion Router) is an open source, volunteer network that runs your connection through three servers before it sends you to the internet, scrambling your path. A student did ask whether the security of the volunteer computers could be guaranteed, and while Anna wasn’t exactly sure, another student mentioned there might be a way. Other safeguards Anna reviewed included: creating strong passwords; using two-factor identification; using password managers and reviewing privacy settings on social media.
As Anna noted, while any data collection method can be used against its owner, a variety of data used together can create a very detailed picture of a person’s life. This can comprise a person’s movements, finances, records, opinions and politics, and more, and there is always the threat that the information will be used to do harm, no matter who is doing the collecting.


