In digital defence of bodily autonomy

Whether searching for abortion pills, messaging a family member or friend for advice, talking with activists, organising around reproductive justice, running trainings on sex and sexuality, speaking with sources, or gathering stories, we are at growing risk of being prosecuted, thrown in jail, or even physically attacked based on our activism and activity in the digital sphere.

Online persecutions

On July 10, Jessica Burgess of Nebraska pleaded guilty for giving her daughter abortion pills. Two pieces of digital evidence were used in courts: the private Facebook messages between mom and daughter, and the browsing history confirming that “she ordered abortion pills on the internet.” The daughter faces up to 2 years imprisonment and the mother is set for sentencing in September 2023.

This is absolutely not a unique case. Between July 2022 and December 2022, the US government submitted 32,314 search warrants to Meta (i.e. Facebook) requesting data about 48,703 user accounts. What’s more, Meta responded to 88.67% of these requests. Burgess’ case was one of very few that came to light among tens of thousands of cases every year.

I have witnessed similar cases of activists, defenders, and journalists being prosecuted based on digital traces in the region where I live – the Levant bordering the Arabian Gulf. In the same period, July-December 2022, the government of Jordan requested data from Meta on 1,044 users and accounts (this is almost equal in proportion to the number of requests made by the US government per capita). Out of all requests, including content takedown requests, Meta responded to 58.54% of these requests to the Jordanian state – a state that routinely detains journalists and activists based on their online activity.

In 2015, three Twitter employees bribed by Mohammed Bin Salman, leaked private information related to anonymous Twitter accounts belonging to Saudi dissidents and shared this with the Saudi regime. Twitter is the most popular platform in Saudi Arabia and the primary tool used by dissidents to anonymously denounce and criticise the regime. IP addresses, email addresses, dates of birth, and phone numbers were shared in exchange for gifts, cash payments, and promises of future benefits including employment by the Saudi royal family.

In late October 2022, I got a call from a close friend informing me that one of the trainers in the collective she’s a part of got called in for questioning by the General Intelligence Directorate (GID). The GID actually called the trainer’s husband asking for his wife’s presence at their headquarters the next day. The trainer at the time was delivering a series of sessions on body, gender, and sexuality.

We leave traces of our activism and online existence everywhere, with little thought to how these will come back to byte us.

During the questioning, the trainer faced a series of intimidating questions and accusations, including encouraging girls to have premarital sex and “sex with animals.” The GID showed the trainer the Google form as proof of their “heinous activities,” a form that the collective had shared only within closed WhatsApp groups with members and volunteers who wished to sign up for the awareness sessions. The Google form was presented as evidence of an alleged crime.

We leave traces of our activism and online existence everywhere, with little thought to how these will come back to byte us. It’s worth then interrogating the question of how we can defend ourselves against such meticulous surveillance, and free ourselves from big tech captivity. Are there alternative digital means to dissent, organise, and communicate?

We cannot easily avoid the authorities’ acquisition of private data through bribes or the leaking of private sign-up forms, let alone legal warrants forcing social media companies to hand over personal data on their users. Our movements, all across, need digital security companionship.

I often wonder whether we can wholly liberate our digital bodies from prying police eyes. To what extent can we even examine this question within the very tools that shackle us?

Protected by amulets

I learned about Gabriela’s story a few months ago through the Tails’ newsletter. Gabriela is a Brazilian activist working on feminist security, and in 2015 she started teaching women working in reproductive justice how to use Tails for the group’s work on abortion.

Tails is a Tor-powered portable computer, so portable it fits inside a USB stick and works directly from it. All you need to do is install Tails on a USB of your choice. Afterwards, you can plug it into any laptop or desktop, for example in a co-working space, internet cafe, or university library. Once you turn on the device with the USB plugged in, you enter into your own machine. And once you eject the USB, all data will be erased, nothing is saved on the machine you’re using or even on the USB stick itself. You do have the option to keep some files and folders saved on your portable computer in a special folder called “persistent storage.” To add to all these privacy features, Tails only connects you to the internet through Tor, ensuring self-defence from surveillance.

The benefits of using Tails are twofold: it’s an easy way to protect your work (it’s commonly used by whistleblowers), and it’s more affordable than a computer. Gabriela started training women to use Tails, and instead of introducing the idea to the activists as I did above, dryly and charged with technical jargon, she introduced it as a protective amulet, or patuás in Brazilian culture.

In Gabriela’s words: “Some of these women had their home raided by the police after being denounced for their work on abortion. All the information about their patients was not in their phones, but in their Tails amulet, and the police couldn't find any evidence about their work.”

The benefits of using Tails are twofold: it’s an easy way to protect your work (it’s commonly used by whistleblowers), and it’s more affordable than a computer.

The women were using Tails for all their organising work: sending emails, editing files, browsing the Web, all while ensuring that their data is safe. The women liked Tails so much they asked if it could also work on phones (currently not possible, but would be nice to have).

What is “Tor”?

There are many ways to explain what Tor is. In simple terms, it lets you connect to the Internet and ‘do you’ with as much privacy as possible. Whoever is snooping on your Internet cannot tell that you’re visiting a certain website or opening a certain application, nor can they block access to it. You can be you and break free from the digital panopticon. You can be you and not fear the technology monopolies recording every movement you’re doing online. Resisting surveillance capitalism is what Tor is about.

In technical terms, Tor is a decentralised network of servers, operated by volunteers around the world. When you connect to the Internet through Tor, you’re automatically bouncing through a random set of three servers. Today, we count around 9,000 of these servers - a number that leaves me dumbfounded (in a good way). If you had asked me today to set up a network of servers that supports people around the world to access the internet privately, relying simply on the benevolence of strangers with technical skills, I would say that’s impossible. Tor – much like Wikipedia – is one of those ideas that works in practice but not in theory. The entire backbone of Tor is supported by second-by-second volunteer efforts. Unlike a VPN, Tor bounces your internet traffic (everything you do on the internet becomes part of internet traffic) through three servers instead of one. Your traffic is also encrypted threefold instead of once - hence the onion metaphor and logo; each layer of encryption represents an onion skin. We tend to say that Tor protects our anonymity online through “onion routing.”

Looking back at our example above, Tails is a “Tor-powered” computer because it connects you to the Internet solely through Tor; so even emails are bouncing through this very private network.

But Tor is not a panacea. It tries to steer away from big tech promises. It doesn’t claim to be the town hall for free speech or the guardian of privacy. It doesn’t dismiss its origins, which trace back to the U.S. Naval Research Lab.

A website that ends in .onion

Tor can keep bouncing your traffic through multiple tunnels, but there’s one cool feature that few have paid attention to: you can ask websites to meet you inside one of those tunnels. So instead of Tor being just a passageway, it can also be a rendezvous point between you and any online website or application you want to visit. Many organisations and collectives have onion sites today:

• MadaMasr: https://www.madakrogilagsapkmoe2iwjbmuva27t73opugag6kjsgrqxzywpbksad.onion/

• The Guardian:
   https://guardian2zotagl6tmjucg3lrhxdk4dw3lhbqnkvvkywawy3oqfoprid.onion)
• Even Reddit offers an anonymous way to browse its site:
   https://www.reddittorjg6rue252oqsxryoxengawnmo46qy4kyii5wtqnwfj4ooad.onion/)

You can only open onion sites through the Tor Browser, and, by design, those sites are the most surveillance-resistant when you compare this to visiting other sites on regular browsers.

Tor is not a panacea. It tries to steer away from big tech promises. It doesn’t claim to be the town hall for free speech or the guardian of privacy.

You’re in a coffee shop and, as you’re waiting for your order, you glance at the pinboard and spot a flyer announcing a workshop on gender. There are no details on the flyer other than a QR code. You take out your phone, scan the code, and it quickly opens an onion site through the Tor Browser: “We’re holding the workshop on Wednesday, 26 July from 11:30am until 1:30pm. Sign up below!” You fill the form with a pseudonymous email and close the browser. You check your email and the only info you receive is a one line text indicating the workshop’s location, no other context is provided in the mail’s body. Just like that, you signed up to a workshop without leaving a trace on your device or on the internet network as the bytes of data were dancing on invisible cables. No surveillant will be able to decipher who you are and where you’re going.

Where do we go from here?

The internet and the devices that we use to connect to it are essential to us just being. We need the internet to communicate, search, organise, work, laugh, and cry. However, I refute and reject the claim that, in consequence, the internet is a public space. In reality, most of the internet is densely privately-owned and only “narrow parameters of change are possible and allowable.”

Answers are not at my disposal, I’m the furthest from underlining a specific solution. What I know is that liberation requires persistent effort, reflection, and collaboration, rooted in trust and solidarity amongst us.

As a free and open source project, Tor joins social justice groups in the struggle for bodily autonomy. Tor can only hope to consistently remain faithful towards liberation movements and part of the diverse toolbox that supports us in breaking out of our shackles.

To that end, Tor and social justice groups have something in common: our responsibility to maintain a diverse network of supporters and, through that, further human rights.