This article introduces a basic guide of generally accepted “security codes” for movements which can be applied in a variety of direct action, protest, and event situations.
Activists and revolutionaries will often find themselves in situations that are dangerous for a variety of reasons. Whether we are engaged in protest, events, or direct actions, we need to protect our community, our mission, and ourselves. That is why we endeavor to teach security training to everyone in our community.
Security falls into a number of domains. We must protect information using security culture, digital security, and other “infosec” techniques. We must protect relationships and organizations using vetting procedures, gradual building of trust, compartmentalization, and so on. And we must protect ourselves physically by learning self-defense techniques and being prepared for the situation we find ourselves in.
This article is proposing a set of generally accepted “security codes” for the movement that can be applied in a variety of situations. These protocols refer to the accepted or established code of procedure or behavior in any group, organization, or situation. By having a set of generally known and accepted protocols, we can:
Minimize confusion;
Build competency in security techniques; and
Avoid wasting time and energy repeating information to large groups of people
Here we propose a basic 3-part code that varies between low-risk, medium-risk, and high-risk situations. These basic protocols should be considered a baseline and can be adapted to offensive and defensive situations.
Code Green (Low Risk)
This protocol should be applied in situations when no risks are expected. For example, private events held on friendly territory may be a “green” situation. However, in keeping with developing a general security culture, some precautions should still be taken.
Mission specific considerations and equipment
Maintain situational awareness
Maintain basic security culture precautions
Basic health and safety considerations: food, water, first aid kit
EDC (Everyday Carry)
Practical clothing
Communications: may be open, depending on the circumstances. Using secure communications is always recommended, but not crucial.
Code Yellow (Medium Risk)
This protocol should be applied in situations when there is an elevated potential for risk. For example, a public protest or event may be a code yellow situation. In a code yellow situation, information should be treated more carefully.
All of the above, plus:
Conduct a security analysis prior to the event/action, then brief your team on findings
Designate a security team and prepare for possible threats
Consider creating an Operations Order and formalizing roles
Use encrypted communications and minimize information leakage
For offensive operations, use TOR and secure research methods. Leave cell phones at home or place in a faraday bag.
Code Red (High Risk)
This protocol should be applied in situations when there is certainty of high risk. For example, a serious direct action or defensive action when you expect serious forms of repression would be a code red situation.
All of the above, plus:
Full Operations Order and briefing prior to action
Additional formal roles, such as leader or leadership group, medic, logistics, etc. (mission specific)
Consider additional protective clothing if there is a possibility of being hurt
Compartmentalize information on a need-to-know basis
All communications via secure channel or face-to-face
This is basic guide that can be adapted to a variety of situations. Feedback is welcome and this material will be updated over time.
Vigilante, paramilitary, and state violence against resistance movements is on the rise. Around the world, regressive forces are violently resisting social movements for justice and sustainability, or using intimidation to create fear. Our movements must prepare for this.
Ahjamu reminds us that “coming together is out best strength.” He says that the best deterrent for problems is ‘presence’ and starts by explaining how important is to get a team together, organized, and prepared before events. The training covers:
The modern surveillance state is unparalleled. Many people are legitimately afraid of state repression.
But this fear can easily become paranoia and paralysis. As a result, some people will not get involved in radical organizing at all. Others will stay involved, but their paranoia will drive people away. The result? Our movements die.
How do we combat this? By creating a “security culture” in our groups.
What is Security Culture?
Security culture is a set of practices and attitudes designed to increase the safety of political communities. These guidelines are created based on recent and historic state repression, and help to reduce paranoia and increase effectiveness.
An Introduction to Security for Activists, Organizers, and Revolutionaries
Here at Deep Green Resistance, we are an “aboveground” organization with a firewall between us and underground action. That means that our primary work is legal (although this varies depending on jurisdiction). Our members also take part in non-violent direct action of the sort common among aboveground movements. This is in contrast with “underground” organizations that conduct clandestine, highly illegal activities. We advocate for this, as we think coordinated underground action is the best chance for saving the planet.
We do not plan or carry out underground actions. We do not even know about these activities, except when public communiques (see our underground action calendar for examples) are made. Our role is to be the public organization advocating for and explaining these actions. We call this separation thefirewall between aboveground and underground activities. Maintaining a firewall is essential for security and effectiveness.
Assata Shakur was a member of the Black Panther Party (an aboveground organization) and the Black Liberation Army (an underground organization). She was active in the early 1970s and was eventually arrested. She escaped prison in 1979 and went on the run, eventually reaching Cuba. In 1987 she published the excellent book Assata: An Autobiography, which contains the following quote on the importance of a firewall.
“One of the [Black Panther] party’s major weaknesses was the failure to clearly differentiate between aboveground political struggle and underground, clandestine military struggle. An aboveground political organization can’t wage guerilla war anymore than an underground army can do aboveground political work. Although the two must work together, the must have completely different structures.”
More information on the importance of a firewall and security culture can be found in the Deep Green Resistance book, available here.
Rules of Security Culture
Note: The following rules were created based on the legal and political situation in the United States.
Don’t Talk About…
Your involvement or someone else’s involvement with an underground group.
Your or someone else’s desire to get involved with such a group.
Your or someone else’s participation in illegal action.
Someone else’s advocacy for such actions.
Your or someone else’s plans for a future illegal action.
Don’t ask others if they are a member of an underground group.
Don’t talk about illegal actions in terms of specific times, people, places, etc.
Nonviolent civil disobedience is illegal, but can sometimes be discussed openly. In general, the specifics of nonviolent civil disobedience should be discussed only with people who will be involved in the action or those doing support work for them.
It’s still acceptable (even encouraged) to speak out generally in support of monkeywrenching and all forms of resistance as long as you don’t mention specific places, people, times, etc., but only if this is legal in your own jurisdiction. Even if voicing support for monkeywrenching is legal in your area, be aware of possible repression or consequences so you can make an informed decision about what level of risk you would be comfortable with.
Never talk to police officers, FBI agents, etc.
It doesn’t matter whether you are guilty or innocent. It doesn’t matter how smart you are. Never talk to police officers, FBI agents, Homeland Security, etc. It doesn’t matter if you believe you are telling police officers what they already know. It doesn’t matter if you just chit chat with police officers. Any talking to police officers, FBI agents, etc. will almost certainly harm you or others.
If you talk to a police officer, you give him or her the opportunity to testify against you based on what you said or what they say you said.
Simply and politely say you wish to remain silent. Ask if you are being detained or are under arrest. If you are not, then walk away. If you are arrested or detained, repeat to everyone who asks you that you wish to remain silent and that you wish to speak to a lawyer. Say nothing else but your name, address, and birth date.
Most convictions, whether people are guilty or not, come from people talking, not from investigative work.
Don’t snitch. A snitch is someone who provides information to the police or feds in order to obtain lenient treatment for themselves. Often, snitches provide information over an extended period of time to the police. Sometimes this occurs after they are arrested and asked to become informants. In return, they may receive money or have their own illegal behavior ignored by the police. Learn more about one prominent snitch.
Never allow a police officer, FBI agent, etc. into your home if they don’t have a search warrant
If you invite a police officer into your home, they have consent to search your home.
If they come to your house to ask questions, do not let them in. From inside your door, or from outside with your door shut behind you, politely say “I wish to remain silent.” Ask them if you are under arrest or if they have a search warrant. If they say no, go back inside your house and close your door politely. If they come in anyway, don’t resist arrest. Say “I do not consent to a search.” Take note of who they are and what they do.
Be Smart
Learn the laws in your country/state/jurisdiction: learn what you can and can’t say; learn what acts are legal and illegal; learn what previous activists have been tried for and what is permitted legally.
Find out the details of activist and protest lawyers/legal advocates in your area: if you go on an action, make sure you write their telephone number on your body in a permanent marker.
Link in with experienced activists: they will have a wealth of experience and knowledge about the landscape of activism where you are, and can teach you what are the local logistics and strategies for staying safe.
Myths of Security Culture
Myth # 1
“Hiding my identity aboveground makes me safe.”
“If I read the DGR website I will be on a government list.”
“I don’t want my name on a registration list for a DGR workshop so they won’t know who I am.”
Any action involves risk. Nothing can guarantee safety. Any effective aboveground action can lead to repression. Security culture makes us more effective.
Aboveground movements protect themselves almost exclusively through numbers and public solidarity.
There is no way to effectively do aboveground work and keep your identity hidden. Nor is it beneficial or necessary to hide your identity to do aboveground work (in most cases).
Aboveground movements can only build numbers and public solidarity by being public, open, and expressing support of the movement in order to attract others.
Operate on the assumption that all internet and phone communication is monitored. However, since aboveground movements have nothing to hide, except occasional nonviolent civil disobedience, we must use the internet and phones to communicate in order to be able to organize effectively.
One of the main roles of the aboveground is to be the public face of the movement. We stand publicly and say “I support this strategy and I advocate for DGR,” for example. This important work cannot be done if we are constantly trying to hide our identities.
There are perfectly legitimate reasons for wanting to keep a low profile, but hiding your identity completely while engaging with any movement is practically impossible. If you have reason to not want attention from the government (for example, if you are not a citizen), then the best way to be as safe as possible is to not engage with any movement.
Myth # 2
“We have to identify the federal agent, police officer, or infiltrator, etc. in the group”
It’s not safe nor a good idea to generally speculate or accuse people of being infiltrators. This is a typical tactic that infiltrators use to shut movements down.
Paranoia can cause destructive behavior.
Making false/uncertain accusations is dangerous: this is called “bad-jacketing” or “snitch-jacketing.”
Myth # 3
“Police officers have to identify themselves. Police officers can’t lie to you.”
Undercover infiltrators could not do their job if they had to identify themselves.
Police officers are legally allowed to lie to people – and do so routinely – to encourage compliance, both on the street and especially in interrogation. Police officers and other agents also present false evidence, including pictures, video, and audio to trick people into talking about other people.
Government agents of all kinds can threaten you, your family, and your friends. The best defense is to not talk, not believe them, not cooperate, and ask others for help.
Myth # 4
“Security Culture guarantees my safety.”
Security Culture makes you safer, but any effective action can lead to repression.
Nothing can guarantee safety, but Security Culture makes us more effective.
Strict separation between the aboveground and any underground that exists or may come to exist helps protect people.
Security Culture Breaches
Behavior, not people, is the problem
There are many behaviors that can disrupt groups or make them unsafe. Whether someone is a cop or not does not matter. Focus on addressing the behaviors.
Some of the behaviors to watch out for are sexism, abusive behavior, gossip, and creating conflict between individuals or groups.
What to do if there are breaches of Security Culture
Educate (tactfully and privately) and point people who breach Security Culture to further resources.
Don’t let violations pass or become habit.
Chronic violators have the same detrimental effect as infiltrators. It is important and necessary to set boundaries. If a member consistently violates Security Culture, even after being corrected, they should be removed from the group for the safety of everyone.
Q: Do you have lawyers willing to help us/advise us as we act?
A: We are currently building legal support for this purpose. We need volunteers for this and other tasks.
Q: What should I say if someone says: “I want to form an underground, join an underground, start a safehouse, etc.”
A: Say: “We are an aboveground organization. We do not want to be involved in underground work to maximize everyone’s safety and effectiveness. We do not answer anyone’s questions about personal desire to be in or form an underground.”
Q: What should I do if someone breaks security culture?
A: In case of minor issues, use education. Speak up right away, or pull the individual aside afterwards. More major issues or repeated violations may require you to end a relationship or remove a problematic individual from a group.
Q: Are you involved in “the underground”?
A: No. For the safety and effectiveness of all parties, DGR is an aboveground organization. We recommend you do not say “the underground.” This could imply you are in contact with an already existent underground organization. Instead, use, “an underground (which may or may not exist)” or a similar phrase.
Editor’s note: DGR acknowledges that Extinction Rebellion and Extinction Rebellion Ireland are valuable and necessary contributors to a broader ecosystem of activism. The analysis in this article is relevant for many movements and it’s republished from Medium with permission from the author.
Extinction Rebellion Ireland (XRI) is growing at a decent speed and has already hosted a number of public marches and street art performances. The movement currently follows the Extinction Rebellion International principles and policies, which make it a fully decentralised and non-hierarchical movement which is open to anyone who wants to participate. In Ireland they are currently opting for a consensus based approach to decisionmaking rather than a democratic process, and they are experimenting with using “circles” to organise around key issues like finance, tactics, and policies. The community is somewhat divided on the details, especially regarding the ambiguity of some of Extinction Rebellion’s principles and how they should be interpreted. There is also contention around the details of decisionmaking processes and key financial decisions.
This is very much a social experiment, and you can tell the movement is young and raw. Individual participants run the gamut from brand-new activists to seasoned community organisers, from upper class people to significantly underpriveleged people, and from those living in intensely rural settings to those living in the big cities. The diversity of participants is staggering. There seems to be a central division between those who espouse fundamentally capitalist beliefs and call for incremental progress through government lobbying and public relations stunts, to outright socialists who are calling for the abolition of capitalism and profound restructuring of government institions. Likewise, there is a division between those who believe that climate change is a serious concern but a vaguely distant threat, to those who believe climate collapse is actively occurring and poses a risk of near-term extinction. These divisions are obviously exploitable, and will inevitably identified by opposition forces (e.g. fossil fuel industry propaganda teams).
Below I outline some of my most immediate security concerns. Please note that I’m highlighting these concerns in order to help XRI identify and address them before they fall victim to malicious parties. I will approach these concerns from the perspective of an oppositional force in order to highlight the seriousness of these vulnerabilities.
Crippling Through Consensus
Perhaps the most easily exploitable aspect of Extinction Rebellion Ireland (XRI) is that they’re currently using consensus rather than democracy, which means that they only progress on a tactic or solution if everyone agrees. If one participant wishes to block the decision they can grind everything to a halt. There is no process for dealing with people who consistently obstruct decisions, so it would be easy for a member of the opposition to join XRI meetings and simply blockade all decisions while pretending to do so in good faith — though even if they blockaded XRI without pretending to be sincere, there are no existing procedures for dealing with them. A small handful of malicious individuals could easily cripple XRI and prevent most progress.
Scenario: I am the head of a PR (propaganda) agency for the fossil fuel industry and I’ve identified this weakness. I hire a small team of individuals to join XRI Facebook groups, join the XRI Slack, and participate in all key meetings both in person and via Zoom. These individuals do not need to be skilled at all, so I would select them based on their cover stories. I would give preference to older individuals, since they are perceived to be more trustworthy, and I would favour anyone who has a background in “feel good” activism so that they seem credible. Their entire job will be to bring up “legitimate” concerns about every issue and to trade off on blocking decisions, that way it’s not too obvious.
Outcome: XRI decisionmaking is ground to a halt, effectively the only actions which become possible are those which the fossil fuel industry has authorised because all others are blocked by the small team of paid trolls. These blockade participants may arouse some degree of suspicion, but it is impossible to definitively accuse them of maliciousness. This tactic will continue to work so long as consensus decisionmaking is in effect and/or so long as participation is open to the general public.
Consistent, Controlled Conflict
Groups like XRI are highly diverse, and they always include big personalities. There are a handful of especially divisive issues which are guaranteed to generate conflict and endless argument. Some of the prominent issues include:
Urgently dismantling capitalist systems (“capitalism relies on infinite growth on a finite planet, which is irrational”).
Emotional violence as violence (“if we hurt someone’s feelings it constitutes violence and is against the XRI policies”)
Property destruction as nonviolence (“if we sabotage a pipeline it does not directly harm anyone and is therefore nonviolent”)
Quantifiability of tactics (“we should not pursue tactics which have no quantifiable outcomes”)
Naming and shaming (“we cannot mention any names” & “no naming and shaming only applies to XR participants and the general public”)
Leveraging these key issues to generate internal conflict would be effective because they all address valid, but generally unresolveable issues. They divide people along key lines: capitalism/socialism, idealist/pragmatist, and analytical/emotional. Each of these groups constitute a large ratio of XRI’s participants and can therefore generate substantial conflict with very little prompting. Most of these debates occur on Facebook and Slack, and can therefore be instigated and sustained by fake accounts.
Scenario: I am a member of a prominent opposition party and my objective is to cause enough sustained dissent within XRI to cripple an upcoming national strike. I coordinate a dozen party volunteers via Facebook. Each volunteer sets up 2–3 fake Facebook accounts and email addresses, primarily using images of attractive young women to ensure they are inundated with incoming friend requests, which significantly reduces the amount of work needed to create a realistic looking account. Once the accounts have several dozen friends the volunteers are prompted to add them to prominent XRI groups on Facebook, where each fake account regularly initiates arguments about one of the key issues outlined above. The volunteer trolls also engage with each others’ content in order to make the arguments appear authentic and lively. Once the accounts have become regonisable in the community they request to be added to the XRI Slack where they continue baiting arguments.
Outcome: XRI participants end up wasting time and energy on divisive arguments rather than working on actions or making progress toward resolving organisational gaps. Moreover, individuals who engage in arguments will be likely to form cliques and grudges until active members leave out of frustration and emotional exhaustion. XRI currently has no process for resolving these disputes or making critical interpretive decisions, so this tactic would work indefinitely.
Daylight Robbery
Extinction Rebellion and XRI have significant access to funding. The International account generally holds between €500,000 and €1,000,000 in cash and they are beginning to allocate relatively large amounts of funding to individual Extinction Rebellion groups. For example, XRI has been offered €10,000 without strings attached, and an additional €40,000 with minimal strings attached.
The biggest financial obstacle facing XRI and other regional XR groups is accessing funds, because they are often used for illegal activities. Under normal circumstances, XRI members would join forces and create a legal entity (e.g. limited company) to receive and process the funds; this approach requires individual XRI members to sign their name to the company and take on significant legal liabilities. Conversely, individual XR members could be directly paid out the funds as wages, which carries slightly less legal liability but lacks transparency, creates infighting, and makes resource purchases difficult. Another option is to set up an out-of-country legal entity, which provides significant legal protection but requires a trustworthy foreign national. The last option is to receive payment in bitcoin and withdraw cash from bitcoin ATMs, which provides the most legal protection but lacks transparency and requires several trustworthy individuals.
XRI is open to anyone and operates on a consensus model, which means that a dedicated group of thieves could potentially steal tens of thousands of euro by infiltrating the XRI community, driving financial decisions toward methods they can control, and working as a group to mask their actions and mitigate any risk of being caught.
Scenario: A group of 10 friends hear that XRI will soon receive €40,000 in funding. They join XRI groups, the Slack platform, and begin attending all meetings in order to build rapport. These individuals understand the logistical challenges facing XRI and they advise XRI to leverage bitcoin to receive the funds in order to take advantage of its many benefits, namely its anonymity and significantly reduced legal liability. XRI participants express concern about ensuring the funds are safely handled and can be transparently accounted. The group of thieves suggest a best practice: a “circle” of designated people should all have access to the bitcoin wallet in order to monitor the funds and keep each other honest. All 10 of the friends join the circle and insist that many people should have access in order to avoid centralisation and hierarchy. Once the funds are in the bitcoin wallet, they almost immediately disappear into another wallet and are then laundered through one of many services. The funds are eventually divided among the friends and nobody can identify who took the bitcoins.
Outcome: XRI loses €40,000 in funding and has a reduced likelihood of receiving additional funds. The Extinction Rebellion brand is tarnished and media coverage is diverted away from actions and toward the robbery. Extinction Rebellion funders are globally disenfranchised and become less likely to provide financial resources in the future.
Summary
By compiling this analysis I hope to highlight several significant security risks, which can be exploited by malicious third parties with minimal resources or expertise to cripple the Extinction Rebellion movement in Ireland. These approaches are not new, they have been used before to undermine movements, but they have not yet been used against Extinction Rebellion. My hope is that, by highlighting them, Extinction Rebellion can resolve the issues before oppositional parties exploit them or, at the very least, Extinction Rebellion participants will be more likely to identify them before they cause critical damage to the movement.
All of these weaknesses can be effectively counteracted, but only if we’re aware of them before we fall victim to them.
Here at Deep Green Resistance, we are an “aboveground” organization with a firewall between us and underground action. That means that our primary work is legal (although this varies depending on national laws). Our members also take part in non-violent direct action of the sort common among aboveground movements.
This is in contrast with “underground” organizations that conduct clandestine, highly illegal activities. We advocate for this, as we think coordinated underground action is the best chance for saving the planet.
We call this separation thefirewall between aboveground and underground activities. Maintaining a firewall is essential for security and effectiveness.
Assata Shakur was a member of the Black Panther Party (an aboveground organization) and the Black Liberation Army (an underground organization). She was active in the early 1970s and was eventually arrested. She escaped prison in 1979 and went on the run, eventually reaching Cuba. In 1987 she published the excellent book Assata: An Autobiography, which contains the following quote on the importance of a firewall.
“One of the [Black Panther] party’s major weaknesses was the failure to clearly differentiate between aboveground political struggle and underground, clandestine military struggle. An aboveground political organization can’t wage guerilla war anymore than an underground army can do aboveground political work. Although the two must work together, the must have completely different structures.”
More information on the importance of a firewall and security culture can be found in the Deep Green Resistance book, available here. We will end with a quote from the DGR book.
There has to be a partition, a firewall, between aboveground and underground activities. Some historical aboveground groups have tried to sit on the fence and carry out illegal activities without full separation. Such groups worked in places or times with far less pervasive surveillance than any modern society. Their attempts to combine aboveground and underground characteristics sometimes resulted in their destruction, and severe consequences for their members.
In order to be as safe and effective as possible, every person in a resistance movement must decide for her- or himself whether to be aboveground or underground. It is essential that this decision be made; to attempt to straddle the line is unsafe for everyone.
