Technology

Twitter in Emergencies

This morning I came across Luis Suarez’s very informative post about micro-blogging in emergencies at elsua.net. His post led me to a great YouTube video by W David Stephenson.


David’s video led me to the American Red Cross’s twitter feed and their Safe and Well feed. Ike Pigott at Occam’s RazR has a great post that explains how Twitter can be used to keep the Safe and Well database up to date.

I left a comment on Ike’s site wondering about how to get the word out to the general public. After all most people wont be reading blogs like this before an emergency. While I was writing this post it occurred to me that Red Cross t-shirts would be the ideal medium. Just include the instructions for how to SMS the Safe and Well feed on the back of the shirt.
|

Social Networking Tools Part 2 - Twitter and Tsunamis

On 12 and 13 September there were a series of earthquakes near Indonesia spawning fears of another Asian Tsunami. It proved to be a good test of our Twitter based NGO security tree.

I was in Mannar, Sri Lanka at the time and I didn’t have a useable Internet connection. My first warning of the situation came when a concerned staff member called wanting to know “when is the Tsunami going to hit!” As the fear of a Tsunami spread I started to receive more and more calls from staff. Soon the mobile system was completely overburdened in many parts of the country and creaking under the strain in others. The very slow, single line dial-up Internet connection continued to work but proved to be all but useless for gathering timely information.

Fortunately I quickly started to get SMS’s. Some came from feeds I was following on Twitter: BBC, Reuters, CNN, EQTW, etc. Others came directly or were forwarded from UNOCHA, the Sri Lankan Disaster Management Centre, the Met office, the police and assorted individuals. Twitter allowed me to quickly forward the useful ones to all my followers while limiting the strain on the overburdened mobile system.

There were some glitches however. I continued to receive forwarded text message warnings long after credible sources had given the all clear. In some instances it seems that text messages became trapped in the telephone companies’ SMS system and were released as the queue began to clear. In some cases staff, confused by contradictory information, continued to forward outdated information.

Unfortunately the biggest problem with the Twitter based NGO security tree was one of buy in. Only a fraction of the staff who were intended to be served by the tree had bothered to sign up. The manual SMS security tree, which had been left in place as a backup, failed for much the same reason.

Lesson Learned: While emergency communications tools continue to improve, and become easier to use, buy in remains the number one problem. NGO staff members, especially office staff, often prove reluctant to dedicate even minimal effort to their own personal security until it proves too late.

For some background, check out “Social Networking tools for NGO Security – Part 1”.

To see a live feed of the NGO Security stream check out the demo page here. There is a Jaiku based stream as well.
|

IT Security and NGOs - A Little Knowledge?

The other night I was having dinner with some NGO friends when the subject of government eavesdropping on NGOs came up. One of the people at the table said that in the past they had used an email trick to allow sharing sensitive information amongst team members. Essentially the premise was that one could sign up for a free web mail account and share the account password amongst team members. Members would draft emails as usual but rather than sending them they would simply leave them as drafts. Other team members would then read them by going to the account.

The idea was that as long as the email wasn’t sent it couldn’t be monitored. Unfortunately it is just not true as Nart Villeneuve points out here.

I recalled the conversation a few days later and wondered what the problem was. It is not that my friends weren’t aware of the potential risks, and they are certainly not unintelligent. I think the issue is that most aid workers already have more than enough work to do without trying to keep up with the latest developments in IT security. So the problem becomes one of learning about IT security in small, manageable, easily absorbed bits.

Fortunately there are resources that can help. Thanks to Bruce Schneier at Schneier on Security for pointing out securitycartoon.com. I don’t think it is meant to be funny but it does present IT security in a straightforward and comprehensible manner. Subscribe to the RSS feed to make it even easier.

Privaterra is a good resource that covers data privacy, secure communications, and information security for Human Rights NGOs.

Over course you shouldn’t miss Nart’s blog. It isn’t NGO specific but it covers Internet privacy, freedom of expression, censor-ware, security, surveillance and anonymity. Whether you are interested in "Cyber-Cafe Monitoring in India" or need to know how to avoid internet filtering Nart’s blog is a good place to start.
|

Odds and Ends

Mashable.com has a collection of 60+ Collaborative Tools for Groups. Is anyone out there up to the challenge of an NGO Security Wiki?

I've always thought that something like the SPOT personal GPS tracker would be very useful for NGOs working in conflict zones and complex emergencies. According to the SPOT website it'll be out in November.

Sam at groundviews has a short piece on pledges in Sri Lanka. Wryly ironic.
|

The Economist on Tech, Response, and NGOs

The economist has an interesting article on how technology is changing the power dynamics between NGOs and their beneficiaries. There are even a couple of paragraphs covering concern about how mobile phones and similar technologies might impact on NGO security.
|

NGO in a Box - Security Edition

NGO in a Box has a Security Edition that includes Free and Open Source Software (FOSS) to aid NGOs in securing and protecting their data and online activities. The package seems ideally suited to human rights, anti-corruption, and womens groups, as well as independent media outlets. Any other group that wants to protect their data from abuse, misuse, and vandalism might want to check it out as well.
|

Social Networking tools for NGO Security – Part 1

I was experimenting with Twitter when it occurred to me that it was an ideal tool for NGO security officers. Rather than using the service to merely update friends on what I was having for breakfast I could be sending out security information alerts and updates. All my “followers” would then get current, low cost, security information.

This method has many advantages over the SMS security tree method commonly used by NGOs. Traditional security trees tend to fail when one or more members (the branches of the tree) do not receive or pass on the text messages they receive to those below them, typically because they are on leave or because the tree information is not up to date. Traditional trees can also be expensive. Each SMS sent by every member of the tree comes out of someone’s budget. This can add up quickly if you are sending out several messages a day to a two hundred-member security tree.

Social networking services like Twitter or Jaiku allow us to avoid these problems. Essentially Twitter and Jaiku allow the head of the security tree to send one SMS to the service’s server. The service then distributes the SMS to all the “followers” (subscribers) of the account more or less simultaneously. This means the tree still works even if members are missing. In addition you only pay for the SMS to the service’s server. SMS messages from the server to each of the followers are free*.


* Most mobile service providers only charge for text messages that are sent while those received are free.


|