If you have reason to believe you have been targeted for surveillance, here’s what you can do to report it and protect yourself.
But what about securing your communications?
Under South African law, namely the Regulation of Interception and Provision of Communication-Related Information Act (RICA), direct interception of your communication must have a judge’s permission. But there are serious weaknesses in RICA.
There are a few apps that can improve your security, making it more difficult and expensive to crack your communications.
Unfortunately there is still unequal access. More secure facilities are available to smart phone users, while feature phones are less secure. Here are a few tips drawn from the Electronic Frontier Foundation’s Surveillance Self Defence guide at https://ssd.eff.org.
WhatsApp: while WhatsApp is free and has a huge number of users, it has a bad reputation for security. Developers have announced that they are slowly introducing end-to-end encryption, which would make it much more secure. But for the time being they have announced that this encryption is only available to Android users, with no timeline given to roll it out to other users. And unlike most secure messaging apps, WhatsApp does not indicate whether the message you’re sending is encrypted or not.
Pro: Everyone is using it.
Con: Possibly only secure for Android users. Use it cautiously!
TextSecure & Signal: Android users can download Text Secure, which encrypts messages sent to any other user with the app on their phone. The iPhone version is called Signal – these two apps can exchange messages to each other.
Pro: Easy and very secure, and can still be used to send unsecure SMS to everyone else.
Con: Most of your friends are not yet using this feature, so effectively you’re still mostly sending unsecured SMS.
Telegram: Telegram touts itself as a secure, free messaging app whose greatest strength is that it works across several different platforms: Android phones, Windows Phone, and iPhone.
Pro: secure and interoperable.
Con: very few people use it.
Email encryption using PGP (Pretty Good Privacy) is a free method to protect your regular email communications from being read by anyone except their intended recipients. Both the sender and the receiver need to using PGP to exchange encrypted email. You can use your regular email address but will need a desktop mail programme (i.e. not through a web browser). It will take about 45 minutes and two free software downloads to get it working. View tutorials here.
THIS IS A PAIN. WHY SHOULD I BOTHER?
These practices do not guarantee your security: someone who is a target for state surveillance cannot expect these tools not to be cracked. But not all surveillance is targeted: the vast majority of it is ‘bulk collection, or ‘mass’ surveillance. Better security increases the cost and difficulty of this practice. If enough people do it, mass surveillance becomes less feasible.