WOUGNET is a non-governmental organization that promotes and supports the use of ICTs by women and women organizations in Uganda so that they can take advantage of the opportunities presented by ICTs in order to effectively address national and local problems of sustainable development.
Over the last decades, there has been widespread use of the personal computer, the ever-present internet, and the massive roll-out of mobile communications. However, the internet has turned out to be a dangerous place for many women and girls, as social media has become a new way to carry out old patterns of oppression and violence against women and girls, as the majority continue to be the target of online harassment, quickly descended sexualized hate speech or threats.
Based on the research that was conducted by WOUGNET with support from the Digital Human Rights Lab (DHRLab), there was a need to conduct a Digital Security and Online Safety Training for Women and Law Enforcers in Uganda as an inclusive and effective response to online harassment. This involved women journalists, politicians, activists, artists, and University students. The training was executed in 5 administrative regions of Uganda with representation from 5 districts. This included Kampala, Kabarole, Kabale, Jinja, and Lira of Uganda.
In this training, I was privileged to serve as online safety and digital security community volunteer a position that enabled me to train participants in the Kampala district. The main objective of the training was to conduct digital literacy and online safety/digital security capacity building training for 120 women politicians, journalists, artists, University students, and law enforcers to improve protection and response to online gender-based violence.
The training from Kampala district had a total of 22 sessions conducted which tackled topics on the internet, defining digital security and the different elements related to it, chat management, password management, data protection not forgetting encryption.
From the above information we pondered and asked the following questions to set the pace for our discussion; How much data do you have online? How well secure are you online? How many passwords do you have for the different accounts you own online? Who knows about you online? How many accounts do you have online?
We explored the different options and checked out the different solutions to online harassment/violence such as hacking, doxing, trolling, online impersonation/identity among other online-related threats. It looks like a light issue but these are serious issues and with one slight mistake, you might be putting yourself at risk from people trying to bring you down or people who are not happy with you.
If you have ever filled an online form that is capturing your email and phone number and other details like gender and asks you to create a password, you need to know that the number of forms you have filled is the amount of data you have publicly availed out on the internet and you need to know that in case there is a breach on a particular service all your details will be exposed along with the other people associated to that particular platform out there.
A data scraping activity that was done against Facebook in 2019 led to the exposure of vital data of Facebook users, “exposed data included personal information of over 533 million Facebook users from 106 countries, including over 32 million records on users in the US, 11 million on users in the UK, and 6 million on users in India. These included personal information such as their phone numbers, Facebook IDs, full names, locations, birthdates, bios, and - in some cases - email addresses. Although Facebook claims to have patched the vulnerability in 2019” but this information was shared publicly in March 2021 on an online low-level hacking forum. Read more here.
Therefore, the information you share online determines how vulnerable you are to the public when things take a turn for the worse.
How can you keep yourself safe when using online services?
You can use a dummy account in case you are registering online and you are required to have a working email, so don’t stress, follow the links below to create yourself a dummy email that will allow you to access the service you are applying for and then when done just delete the account or create as many emails as possible. This is the only way you can start by being anonymous while enjoying the internet.
How well secure is your online presence?
After establishing that you have multiple accounts online, how secure are they? Are you using a password and if yes how strong is your password? During the training that was conducted, we learned how to create strong passwords, and how to manage these overwhelming complex passwords.
This was a chance for the trainees to learn how to create a complex password that they can easily remember but is hard for others to guess including a computer. Imagine a password that will take a computer 1000 decades to crack? How fulfilling? Well to achieve this is very easy. Check out these few steps hereunder;
#1Generate It: You can either think of a password or use a password generator site to create a strong password.
#2 Enhance It: You can add your own flair to the password generated.
#3 Memorize It: Make it practical.
#4 Un-Dictionary It: Remove all vowels and swap with special characters
#5 Measure It: Test how strong your password is using this link here https://howsecureismypassword.net/
After all this, you can ensure that you have a secure password but what happens when you have multiple accounts and you can’t keep track of all the passwords you have overhead. So all you have to do is to use a password manager. As indicated below, you will also know how to use the website’s password generator.
How does the password manager work?
It is a software or application that can generate for you a complex password and save it within its environment and associate it with an account such as Facebook, Twitter, Gmail, or any other online account. But all these accounts collected inside the password manager are controlled using one main password---the Master password. Some of these tools are both online and offline but online is convenient, such as LastPass. In addition to that, a password manager like KeePass also supports entry for a password for non-web-based accounts. By double-clicking on an entry, KeePass will copy the password for that entry into the clipboard of your computer for 12 seconds. After that time, your clipboard is cleared so the password is not accidentally pasted where it should not be.
The process above puts you at the upper hand on how your passwords can be kept safe. Ensure to create a backup of your KeePass file to a secure location like your google drive or store it in a local external drive just in case your computer gets a problem you won’t be logged out forever. LastPass is okay since most of the time the passwords are encrypted and synchronized online, but ensure you remember your password hint and also the security question’s answer.
Who knows about you online?
This takes us back to the first element which is about the amount of information you have online, how famous the website you have an account on determines how many hits you get while online. So if someone tries to search for you or a name that is the same as yours, information related to, your information will be served in the result list, and if someone was looking for you this is where the element of doxing come into play and they will use your information for their own activities or even sell your data to the highest bidder. This is highly dependent on the kind of information they have about you. Data mining is the most popular activity out there and the information mined, depending on whom it belongs to, determines how much the buyer will pay.
How many accounts do you have online? You are not sure?
Well, don’t worry, just use the tool below to search for your accounts online search for your favorite username using the https://namechk.com/, and the sites you are registered in are turned purple while anything else is either an error, not registered to that site and not just available. So, the number of accounts you have determines how vulnerable you are in case of a system hack somewhere. You can be at risk of doxing or even blackmailing. So how can you protect yourself, it’s quite simple to avoid providing personal information online but rather dummy information fillers, unless it’s an official site that you have to be legit and real.
Online gender-based violence is taking a toll and it’s rising. This is because at times the perpetrator due to lack of knowledge commits crimes such as stalking, trolling, impersonation, doxing among others unknowingly/not knowing it’s a crime. On the other hand, sometimes it's the victims that put themselves out there as prey unknowingly. Those who are conscious about online-gender-based violence tend to trick their victims and as a result, take advantage of the situation.
With the sensitization of the public about the different effects of online gender-based violence and guidance on how to protect them against these online threats and dangers. Getting tricked and you end up becoming a victim has a much more impact, and more so if it’s a matter that you can sort from a basic digital security training.
Kindly check out our monthly technical tips and ways that can help you to sort out some of the technical issues related to your computer or mobile.
Compiled by: Letowon Saitoti Abdi
This article is part of a series of posts by trainers of trainees during the online safety and digital security capacity building workshop conducted by Women of Uganda Network (WOUGNET) under the project, Enhancing Women’s Rights Online through inclusive and effective response to online Gender-based violence in Uganda. The project is funded by the Digital Human Rights Lab which is implemented by betterplace lab and Future Challenges under a grant agreement with the Deutsche Gesellschaft für Internationale Zusammenarbeit (GIZ) Programme Strengthening Governance and Civil Society in Uganda, funded by the German Federal Ministry of Economic Cooperation and Development (BMZ) under its Digital Africa Initiative.