WOUGNET is a non-governmental organization that promotes and supports the use of ICTs by women and women organizations in Uganda so that they can take advantage of the opportunities presented by ICTs in order to effectively address national and local problems of sustainable development.
Over the last decades, there has been widespread use of the personal computer, the ever-present internet, and the massive roll-out of mobile communications. However, the internet has turned out to be a dangerous place for many women and girls, as social media has become a new way to carry out old patterns of oppression and violence against women and girls, as the majority continue to be the target of online harassment, quickly descended sexualized hate speech or threats.
Based on the research that was conducted by WOUGNET with support from the Digital Human Rights Lab (DHRLab), there was a need to conduct Digital Security and Online Safety Training for Women and Law Enforcers in Uganda as an inclusive and effective response to online harassment. This involved women journalists, politicians, activists, artists, and University students. The training was executed in 5 administrative regions of Uganda with representation from 5 districts. This included Kampala, Kabarole, Kabale, Jinja, and Lira of Uganda.
In this training, I was privileged to serve as online safety and digital security community volunteer a position that enabled me to train participants in the Kampala district. The main objective of the training was to conduct digital literacy and online safety/digital security capacity-building training for 120 women politicians, journalists, artists, University students, and law enforcers to improve protection and response to online gender-based violence.
The training from Kampala district had a total of 22 sessions conducted which tackled topics on the internet, defining digital security and the different elements related to it, chat management, password management, data protection not forgetting encryption.
From the above information we pondered and asked the following questions to set the pace for our discussion; How much data do you have online? How well secure are you online? How many passwords do you have for the different accounts you own online? Who knows about you online? How many accounts do you have online?
We explored the different options and checked out the different solutions to online harassment/violence such as hacking, doxing, trolling, and online impersonation/identity among other online-related threats. It looks like a light issue but these are serious issues and with one slight mistake, you might be putting yourself at risk from people trying to bring you down or people who are not happy with you.
If you have ever filled out an online form that is capturing your email and phone number and other details like gender and asks you to create a password, you need to know that the number of forms you have filled is the amount of data you have publicly availed out on the internet and you need to know that in case there is a breach on a particular service all your details will be exposed along with the other people associated to that particular platform out there.
A data scraping activity that was done against Facebook in 2019 led to the exposure of vital data of Facebook users, “exposed data included personal information of over 533 million Facebook users from 106 countries, including over 32 million records on users in the US, 11 million on users in the UK, and 6 million on users in India. These included personal information such as their phone numbers, Facebook IDs, full names, locations, birthdates, bios, and – in some cases – email addresses. Although Facebook claims to have patched the vulnerability in 2019” but this information was shared publicly in March 2021 on an online low-level hacking forum. Read more here.
Therefore, the information you share online determines how vulnerable you are to the public when things take a turn for the worse.
How can you keep yourself safe when using online services?
- You can use a dummy account in case you are registering online and you are required to have a working email, so don’t stress, follow the links below to create a dummy email that will allow you to access the service you are applying for and then when done just delete the account or create as many emails as possible. This is the only way you can start by being anonymous while enjoying the internet.
How well secure is your online presence?
- After establishing that you have multiple accounts online, how secure are they? Are you using a password and if yes how strong is your password? During the training that was conducted, we learned how to create strong passwords, and how to manage these overwhelming complex passwords.
This was a chance for the trainees to learn how to create a complex password that they can easily remember but is hard for others to guess including a computer. Imagine a password that will take a computer 1000 decades to crack? How fulfilling? Well to achieve this is very easy. Check out these few steps hereunder;
- #1Generate It: You can either think of a password or use a password generator site to create a strong password.
- #2 Enhance It: You can add your own flair to the password generated.
- #3 Memorize It: Make it practical.
- #4 Un-Dictionary It: Remove all vowels and swap with special characters
- #5 Measure It: Test how strong your password is using this link here https://howsecureismypassword.net/
After all this, you can ensure that you have a secure password but what happens when you have multiple accounts and you can’t keep track of all the passwords you have overhead? So all you have to do is to use a password manager. As indicated below, you will also know how to use the website’s password generator.
How does the password manager work?
It is a software or application that can generate for you a complex password and save it within its environment and associate it with an account such as Facebook, Twitter, Gmail, or any other online account. But all these accounts collected inside the password manager are controlled using one main password—the Master password. Some of these tools are both online and offline but online is convenient, such as LastPass. In addition to that, a password manager like KeePass also supports entry for a password for non-web-based accounts. By double-clicking on an entry, KeePass will copy the password for that entry into the clipboard of your computer for 12 seconds. After that time, your clipboard is cleared so the password is not accidentally pasted where it should not be.
The process above puts you at the upper hand on how your passwords can be kept safe. Ensure to create a backup of your KeePass file to a secure location like your google drive or store it in a local external drive just in case your computer gets a problem you won’t be logged out forever. LastPass is okay since most of the time the passwords are encrypted and synchronized online, but ensure you remember your password hint and also the security question’s answer.
Who knows about you online?
This takes us back to the first element which is about the amount of information you have online, how famous the website you have an account on determines how many hits you get while online. So if someone tries to search for you or a name that is the same as yours, information related to, your information will be served in the result list, and if someone was looking for you this is where the element of doxing come into play and they will use your information for their own activities or even sell your data to the highest bidder. This is highly dependent on the kind of information they have about you. Data mining is the most popular activity out there and the information mined, depending on whom it belongs to, determines how much the buyer will pay.
How many accounts do you have online? You are not sure?
Well, don’t worry, just use the tool below to search for your accounts online search for your favorite username using the https://namechk.com/Violence against women both online and offline is a violation of human rights, with devastating physical and psychological impacts on both survivors and victims. As COVID-19 continues to rip the economies apart, it has also indirectly led to an exponential rise in the instances of online gender-based violence. The standard operating procedures (SOPs) introduced by the government to isolate a number of women to be at home leave them with no alternative other than using the internet to communicate with distant relatives and friends and also work from home. These expose women to online gender-based violence, including threats like cyber-harassment, trolling, doxing, non-consensual image distribution, and others. The transition to the online space has left many women vulnerable to online gender-based violence (OGBV). In Uganda, one in three women has experienced a form of online GBV.
Women stand at a higher risk of suffering from online gender-based violence compared to men, through a continuum of multiple, recurring, and interrelated forms of gender-based violence. Online GBV has worrying effects on women with inadequate digital safety skills.
On top of paralyzing the world economies, COVID-19 has led to a surge in violence against Ugandan women on the internet. Additionally, cyber-attacks such as phishing have been on the rise.
In the past year, Google has been blocking 18 million COVID-19-related emails sent by scammers to Gmail users every day in an attempt to persuade victims to download malicious software and steal sensitive information.
Malicious cyber actors are devising new tactics to launch cyber-attacks and commit online gender-based violence-related crimes. Therefore, digital/online safety awareness for women is more important than ever before.
Humans are the weakest link in cybersecurity, most cyber-criminals target the humans end-point through social engineering attacks also known as human hacking since it’s easy to exploit human behaviors and most people are not cyber-aware. Digital safety is everyone’s responsibility, a weakness in one internet point or user is a threat to others in the same network. For instance, if a user doesn’t use a lock screen on his/her mobile phone and the mobile phone gets stolen, that user puts his/her contacts (phone numbers) at risk of cyber-attacks since criminals can use these contacts to send phishing emails and links.
All of these circumstances call for digital safety training for women and girls in Uganda. Gender-based digital security includes training women and girls to protect their identities against cyber-attacks and online gender-based violence cases. It is these occurrences and observations that inspired Women of Uganda Network (WOUGNET) in collaboration with Digital Human Rights Lab (DHRLab) and GIZ Uganda to organize a workshop on online safety for women politicians, journalists, artists, university students, law enforcers, and policymakers in Kabarole and other districts. The virtual digital safety training happened from the 6th to the 10th of September 2021. The workshop covered different topics that address the digital safety challenges that are commonly faced by Ugandan women online.
The workshop empowered the participants with skills and knowledge to identify, prevent and report cases of online gender-based violence. The participants were equipped with the following skills; password management, secure browsing, encrypting data (both at rest and in transit), device management, and risk management.
Katuutu Shakillah, a participant, commended the work of WOUGNET and its partners for organizing the workshop. “I have learned several concepts such as secure communication, digital security, and password management, among others”, Shakillah said. Additionally, some participants asked the facilitator if WOUGNET could arrange more of these training sessions in the future. “We need more of these workshops”, Sheila Tusiime said.
At the end of the workshop, the facilitators were able to shape up a group of people that not only respect all genders and identities online but also advocate for an inclusive and safe place on the internet for all.
By Letowon Saitoti Abdi
This article is part of a series of posts by trainers of trainees during the online safety and digital security capacity-building workshop conducted by Women of Uganda Network (WOUGNET) under the project, Enhancing Women’s Rights Online through inclusive and effective response to online Gender-based violence in Uganda. The project is funded by the Digital Human Rights Lab which is implemented by betterplace lab and Future Challenges under a grant agreement with the Deutsche Gesellschaft für Internationale Zusammenarbeit (GIZ) Programme Strengthening Governance and Civil Society in Uganda, funded by the German Federal Ministry of Economic Cooperation and Development (BMZ) under its Digital Africa Initiative.