Protect election observer witness testimony using Signal for encrypted communications, exiftool to strip GPS from photos, encrypted storage containers (VeraCrypt) for case notes, and Tor for communications. Never store unencrypted witness identities with evidence, and use separate devices for different operations to compartmentalize data.
Understanding the Threat Model
Election observers operate in hostile environments where data breaches can endanger witnesses and invalidate evidence. Your threat model typically includes:
- State-level adversaries with surveillance capabilities
- Local bad actors seeking to identify and intimidate witnesses
- Digital forensics targeting devices at borders or during raids
- Metadata analysis that reveals communication patterns
Every piece of data—from a timestamp on a photo to a phone number in a call log—can compromise a witness. The solution requires defense in depth across collection, storage, and transmission.
Secure Data Collection
Camera and Photo Protection
When capturing evidence, disable location metadata before sharing:
# Using exiftool to strip GPS data
exiftool -gps:all= -overwrite_original evidence_photo.jpg
# Batch processing a directory
exiftool -gps:all= -overwrite_original ./evidence/
For mobile devices, use camera apps that disable metadata by default. On Android, Camera FV-5 allows configurable metadata handling. On iOS, Shortcuts can automate metadata stripping:
Take Photo
→ Adjust Brightness (optional)
→ Remove GPS from Image
→ Save to Files (encrypted container)
Secure Note-Taking
Avoid cloud-synced notes. Use locally-encrypted solutions like Obsidian with the encrypted notes plugin, or SafeNotes for simple encrypted text. For structured testimony, consider:
- CryptPad: Encrypted collaborative documents
- PrivateBin: Self-hosted, encrypted pastebin
- Standard Notes: End-to-end encrypted notes with extended functionality
Encryption Fundamentals
File-Level Encryption
For protecting testimony documents before storage or transmission:
# Using age (modern, simple encryption)
age-keygen -o key.txt
age -p -i key.txt -o testimony.encrypted.txt testimony.txt
# Using GPG for compatibility
gpg --symmetric --cipher-algo AES256 testimony.txt
The age tool provides cleaner syntax and faster operation than GPG for daily use. Store the key separately from the encrypted file—ideally on a hardware security key or memorized passphrase.
Database Encryption
When building testimony management systems:
# Using SQLCipher for encrypted SQLite
from sqlcipher import connect
conn = connect('testimony.db')
conn.execute("PRAGMA key = 'your-256-bit-key-here'")
# All data now encrypted at rest
cursor.execute("INSERT INTO witnesses VALUES (?, ?)", (name, encrypted_testimony))
This ensures that if devices are seized, the database remains unreadable without the key.
Secure Communication Channels
End-to-End Encrypted Messaging
For coordinating with witnesses:
| Tool | Metadata Protection | Self-Destruct | Notes |
|---|---|---|---|
| Signal | Good | Yes | Phone number required |
| Session | Excellent | Yes | No phone number |
| Briar | Excellent | No | Requires proximity or Tor |
| SimpleX | Excellent | Yes | No identifiers |
Signal remains the most accessible option, but for high-risk contacts, Session or Briar provide better metadata protection.
Secure File Transfer
Avoid email attachments. Use:
- OnionShare: Files transfer over Tor, with automatic encryption
- Tresorit: End-to-end encrypted cloud storage
- Syncthing: Local-first, encrypted peer-to-peer sync
For one-time transfers:
# Using OnionShare
onionshare --verbose --persistent testimony.encrypted.txt
# Using magic-wormhole
wormhole send testimony.encrypted.txt
Both provide link-based sharing with end-to-end encryption.
Network Operational Security
Tor Browser Configuration
When accessing sensitive information:
// In Tor Browser about:config
privacy.resistFingerprinting = true
network.cookie.cookieBehavior = 1
javascript.options.enabled = false // if possible
Enable the Safest security level for maximum protection, understanding that some sites may become unusable.
VPN Selection
For observers in the field, VPN selection requires careful consideration:
- Mullad VPN: No-logs policy, audited, supports Tor over VPN
- IVPN: Minimal metadata retention, proven no-logging
- ProtonVPN: Swiss-based, secure core servers
Avoid VPN services based in Five Eyes jurisdictions if local laws permit.
Device Security
Air-Gapped Storage
For long-term evidence preservation:
# Create encrypted volume on air-gapped machine
cryptsetup luksFormat /dev/sdX
# Mount with separate key file on USB
cryptsetup luksOpen /dev/sdX evidence --key-file=/mnt/usb/keyfile
Store the USB key separately from the device. Use a dedicated machine for sensitive evidence that never connects to the internet.
Mobile Device Hardening
For field phones:
- Enable full disk encryption
- Use a PIN longer than 6 digits
- Disable biometric unlock for sensitive apps
- Install apps only from verified sources
- Use secondary “burner” devices for high-risk contacts
Consider GrapheneOS or CalyxOS for degoogled Android with improved security models.
Metadata Considerations
Every digital action leaves traces. Understanding what leaks:
- Timestamps: When you created, modified, or accessed files
- Device identifiers: Hardware serial numbers, MAC addresses
- Network metadata: IP addresses, connection times, duration
- Application metadata: Editor versions, software used
Combat this through:
- Consistent browser fingerprinting (Tor Browser)
- VPN at all times
- Timezone normalization in files
- Regular device wipes
Incident Response
Have a plan for device compromise:
- Remote wipe capability: Find My Device, Cerberus, or hardware kill switches
- Dead man switches: Automated data deletion if you don’t check in
- Encrypted backups: Stored separately from primary evidence
- Contact protocols: Pre-arranged check-ins with trusted parties
# Example: Scheduled auto-deletion script (run from cron)
#!/bin/bash
if ! ping -c 1 -W 5 emergency-contact.example.com; then
shred -u /home/observer/evidence/*
rm -rf /home/observer/.cache/*
fi
Building Custom Solutions
For organizations needing custom tooling:
# Python example: Encrypted testimony storage
from cryptography.fernet import Fernet
import hashlib
import json
class SecureTestimonyStore:
def __init__(self, password: str):
key = hashlib.sha256(password.encode()).digest()
self.cipher = Fernet(key)
def store(self, witness_id: str, testimony: str) -> str:
data = json.dumps({
"witness": witness_id,
"content": testimony
}).encode()
encrypted = self.cipher.encrypt(data)
return encrypted.hex()
def retrieve(self, encrypted_hex: str) -> dict:
encrypted = bytes.fromhex(encrypted_hex)
data = self.cipher.decrypt(encrypted)
return json.loads(data)
This provides application-level encryption independent of disk encryption.
Related Articles
- Privacy Setup For Witness Protection Program Participant Dig
- Turkey Election Period Internet Throttling
- Freelancer Privacy Protecting Client Data On Personal Comput
- Privacy Setup For Abuse Hotline Worker Protecting Caller Inf
- Privacy Setup for Celebrity: Protecting Personal Address.
Built by theluckystrike — More at zovo.one