Assessing The Levels of Risk

Assessing The Levels of Risk to Which Human Rights NGOs Were Exposed to After Adoption Of Technology Tools For Business Continuity

A week after the World Health Organisation (WHO) declared COVID 19 a global pandemic, Uganda registered its first case. A month later, the disease was widespread across the country, prompting the operationalization of WHOrecommended and Government-imposed emergency measures to contain the spread of the virus. These included partial and eventually total lockdowns, a ban on social gatherings of more than five people, the shutdown of public transport, air travel, and the closure of businesses except for vital sectors like food and health.
To ensure continuity of operations, NGOs, much like other businesses/organizations across the globe, had to heavily depend on digital tools to continue operations which led to the “Zoom-Era.” The era of working from home/remotely aided by digital applications like conferencing platforms like Zoom, which allows for up to 500 participants, voice, and video, messaging apps, and digital collaborative workspaces in the absence of offices and physical engagement.

For the highly tech-driven economies from the developed world, this transition was undoubtedly an inconvenient adjustment; unfortunately for developing countries like Uganda, with substantial deficiencies in ICT infrastructure, where only a sixth (1/6) of the population has access to the internet, and 36% of the non-internet users are digitally illiterate1, it was nothing short of a catastrophe.

The Not-for-profit sector was one of those hardest hit by this transformation since the bulk of their work entails awareness and capacity building engagements, socio-civic advocacy/activism, community meetings, and outreach. This study, therefore, sought to investigate the digital security risks associated with the adoption of technological tools given the human rights landscape in Uganda and against the backdrop of the COVID pandemic.

The study targeted 50 NGOs across the country. To obtain comprehensive data sets, it necessitated the selection of respondents from both frontline officers involved in implementing day-to-day activities of human rights NGOs and critical decision-makers such as Executive Directors, Program Managers, Department Heads and Advocacy Officers.

Guided by the research questions; “Did the adoption of digital platforms expose NGO to any cybersecurity-related challenges? Was the adoption of digital platforms effective in NGOs’ business continuity?” we were able to obtain the following evidence.

Level of Exposure to Digital Tools Prior COVID 19

The research revealed that 50% of the respondents were moderately exposed to digital security tools before the COVID 19 lockdown. Frontline offices pointed out that their work primarily constituted physical engagements with their partners and beneficiaries, which limited the number of tech tools and frequency. The most commonly used digital tools were voice conferencing call facilities, voice over internet services like Skype, digital collaboration tools like Google Suite, Gmail, Google Drive, Google Meet, and Google Docs. Social media platforms including Facebook, Twitter, and YouTube. However, with the outbreak of COVID 19 and subsequent lockdown, NGOs had to adopt “new” tech tools and depend on the ones already in use more heavily to ensure business continuity. Respondents reported to have adopted video conferencing and collaboration platforms; Zoom, BlueJeans, Google Meet, Jitsi, KumoSpace, Microsoft Teams, and GoTo Meetings. These are mainly used to facilitate internal communication/conducting staff meetings (19%), communicate with participants (18%), conducting workshops (15%), communicating and liaising with donors (14%), and providing support to beneficiaries (14%)

Challenges Faced During and as a Result of Adopting Technological Tools

Facilitating business continuity, increasing efficiency, improving time management, and other benefits of tech mainstreaming notwithstanding, the adoption of tech tools was not without challenges. NGO heads reported internet interruptions as their biggest challenge. Interruptions were either unstable or, for the case of rural areas, non-existent networks—slow internet connections due to the minimal broadband coverage. 3G covers only 65% of the population, and LTE/4G covers only 17%.2 NGO staff in urban areas with access to 4G speeds that could support dataintensive apps like video conferencing tools were affected by the high cost of data. Individuals reported having spent on average 127,500 UGX per month purchasing internet data packages—a stretch for most middle seized NGOs without an internet budget big enough to cover 127,000 worth of data for each staff. The above interferences are compounded by frequent power cuts, which affect enabling ICT hardware and infrastructure such as the cell towers, desktops, MiFis, and modems.

Exposure to Digital Security Risks

Much like the COVID 19 pandemic, the adoption of tech tools and mainstreaming of ICT were novel. The timing and abrupt nature of the circumstances also did not allow for adequate preparation and training on using the digital tools and digital security concerns. These, therefore, paused unprecedented risks. 98% of the respondents reported having been exposed to some sort of digital security risk. Of the reported cases, we deduced that 52% of these were exposed to digital threats while using personal computers as opposed to the 48% who faced threats while using organization-provided computers. It was inferred from the findings that the organizations whose works centres on social development, justice, law and order, health, education, ICT, and accountability reported digital threats more frequently. However, this comes as no surprise, especially in the Ugandan context, whose civic environment is marred by intimidation, torture, and killing of social justice leaders, illegal detentions and evictions, and a restrictive legal framework, among others. However, the research findings highlighted the varying degree in threat level exposure as experienced by different genders and reaffirmed the disproportionate impact of COVID 19 on women and children. This is evidenced by NGOs operating in the thematic area of Women’s rights and reporting the most frequent (26%) exposure to digital security risks from using technology tools adopted during COVID-19 lockdown.

Forms of Digital Security Risks/ Threats

Service disruptions
0%
Online harassment
0%
Lack of privacy
0%
Malware
0%
Loss of data
0%
Unauthorized access to organizational documents
0%
After service disruptions (41%), online harassment (13%) was the second most frequent risk respondents reported to have been exposed to due to the adoption of technology tools during COVID-19 lockdown. Others included; online harassment (13%), lack of privacy (8%), malware (8%), loss of data (6%), and unauthorized access to organizational documents. (3%). Video Conferencing digital tools registered the highest incidences of exposure to digital security risks. Respondents reported multiple “Zoom bombing” incidents during which offensive or Not Safe For Work (NSFW) material was displayed during organizational meetings, hacking into video conference meetings by uninvited persons and impersonation.

Reporting and Resolution of Digital Security Incidents

The research also highlighted acute digital literacy levels and the urgent need for increased digital security support for NGOs. Of the 98% of respondents who reported exposure to digital risks, only 29% reported these exposures to their corporate ICT team, service provider, platform owner, or digital security group, the majority (70%) did not report these incidents primarily because they didn’t know that they could or because they did not know where to report.

Conclusion and Recommendations

While the adoption of new tech tools and increased digital streamlining in Human Rights Organisations was sparked by an emergency, the digital revolution has been growing and evolving over three decades and is here to stay. Pandemic or not, HROs, like other organizations, recognize the necessity of leveraging and repurposing digital tools for their work advocacy, service delivery, creative public demonstrations, and meeting emergent needs.
Additionally, it cannot be ignored that with the increased digitalisation are more significant digital threats both in terms of incidence and sophistication. With 98% of the respondents in this study indicating exposure to digital security risks and over 70% of these not reporting the incidents due to ignorance and absence of relevant digital security support, this demonstrates the vulnerabilities, threats, and risks HROs are potentially exposed to within the digital era
This study further exposes how the COVID-19 pandemic has exacerbated digital inequalities and widened the digital divide between rich and poor, urban and rural, and vulnerable and privileged—evidenced by limited access to the internet, digital differentiation, participation gaps, and usage gaps marking the challenges of digitally disadvantaged organizations or communities who cannot take advantage the internet and who are at greater risk of falling behind their digitally resourced counterparts.

Nevertheless, however startling the findings, there-in lies opportunities for HRDs and social activists to;

  • Fill the service provision gap in digital security awareness and digital literacy.
  • Advocacy on digital inequalities and the associated social inequalities.
  • Leverage/develop need-specific digital tools. Tailored to advancing and supporting the work and needs of HRDs in Uganda
  • 1corona digital threats

    Digital Security Risks Human Rights NGOs were Exposed to during COVID-19 Pandemic Lockdowns

    A week after the World Health Organisation (WHO) declared COVID 19 a global pandemic, Uganda registered its first case. A month later, the disease was widespread across the country, prompting the operationalization of WHO-recommended and Government-imposed emergency measures to contain the spread of the virus. These included partial and eventually total lockdowns, a ban on social gatherings of more than five people, the shutdown of public transport, air travel, and the closure of businesses except for vital sectors like food and health.

    To ensure continuity of operations, NGOs, much like other businesses/organizations across the globe, had to heavily depend on digital tools to continue operations which led to the “Zoom-Era.” The era of working from home/remotely aided by digital applications like conferencing platforms like Zoom, which allows for up to 500 participants, voice, and video, messaging apps, and digital collaborative workspaces in the absence of offices and physical engagement.

    For the highly tech-driven economies from the developed world, this transition was undoubtedly an inconvenient adjustment; unfortunately for developing countries like Uganda, with substantial deficiencies in ICT infrastructure, where only a sixth (1/6) of the population has access to the internet, and 36% of the non-internet users are digitally illiterate, it was nothing short of a catastrophe.

    The Not-for-profit sector was one of those hardest hit by this transformation since the bulk of their work entails awareness and capacity building engagements, socio-civic advocacy/activism, community meetings, and outreach. 

    The Digital Security Alliance (DSA), a coordinated digital security support mechanism for human rights defenders, activists, and journalists in Uganda, that is led by Defenders Protection Initiative, with funding from the Collaboration on International ICT Policy in East and Southern Africa (CIPESA) under the African Digital Rights Fund, undertook the study, to Assessing the Levels of digital security risk to which Human Rights NGOs were Exposed to after the adoption of technology tools for business continuity during the COVID-19 Pandemic Lockdowns in Uganda. 

    This study, therefore, sought to investigate the digital security risks associated with the adoption of technological tools given the human rights landscape in Uganda and against the backdrop of the COVID pandemic.

    The main objective of the research was; To identify gaps and vulnerabilities that are exposing human rights organizations to digital security risks to develop strategies to build capacity to mitigate any future threats of cyber-attacks, privacy & data breaches.

    The study targeted 50 NGOs across Uganda. To obtain comprehensive data sets, it necessitated the selection of respondents from both frontline officers involved in implementing day-to-day activities of human rights NGOs and critical decision-makers such as Executive Directors, Program Managers, Department Heads and Advocacy Officers.

    Guided by the research questions; “Did the adoption of digital platforms expose NGO to any cybersecurity-related challenges? Was the adoption of digital platforms effective in NGOs’ business continuity?” we were able to obtain the following evidence.

    Level of Exposure to Digital Tools Prior COVID 19

    The research revealed that 50% of the respondents were moderately exposed to digital security tools before the COVID 19 lockdown. Frontline offices pointed out that their work primarily constituted physical engagements with their partners and beneficiaries, which limited the number of tech tools and frequency. The most commonly used digital tools were voice conferencing call facilities, voice over internet services like Skype, digital collaboration tools like Google Suite, Gmail, Google Drive, Google Meet, and Google Docs. Social media platforms including Facebook, Twitter, and YouTube. However, with the outbreak of COVID 19 and subsequent lockdown, NGOs had to adopt “new” ICT tools and depend on the ones already in use more heavily to ensure

    business continuity. Respondents reported to have adopted video conferencing and collaboration platforms; Zoom, BlueJeans, Google Meet, Jitsi, KumoSpace, Microsoft Teams, and GoTo Meetings. These are mainly used to facilitate internal communication/conducting staff meetings (19%), communicate with participants (18%), conducting workshops (15%), communicating and liaising with donors (14%), and providing support to beneficiaries (14%).

    Challenges Faced During and as a Result of Adopting ICT Tools

    Facilitating business continuity, increasing efficiency, improving time management, and other benefits of information and communication technology (ICT) mainstreaming notwithstanding, the adoption of tech tools was not without challenges. NGO heads reported internet interruptions as their biggest challenge. Interruptions were either unstable or, for the case of rural areas, non-existent networks—slow internet connections due to the minimal broadband coverage. 3G covers only 65% of the population, and LTE/4G covers only 17%.

    NGO staff in urban areas with access to 4G speeds that could support data-intensive apps like video conferencing tools were affected by the high cost of data. Individuals reported having spent on average 127,500 UGX per month purchasing internet data packages—a stretch for most middle seized NGOs without an internet budget big enough to cover 127,000 worth of data for each staff.
    The above interferences are compounded by frequent power cuts, which affect enabling ICT hardware and infrastructure such as the cell towers, desktops, MiFis, and modems.

    Exposure to Digital Security Risks

    Much like the COVID 19 pandemic, the adoption of tech tools and mainstreaming of ICT were novel. The timing and abrupt nature of the circumstances also did not allow for adequate preparation and training on using the digital tools and digital security concerns. These, therefore, paused unprecedented risks. 98% of the respondents reported having been exposed to some sort of digital security risk. Of the reported cases, we deduced that 52% of these were exposed to digital threats while using personal computers as opposed to the 48% who faced threats while using organization-provided computers.

    It was inferred from the findings that the organizations whose works centres on social development, justice, law and order, health, education, ICT, and accountability reported digital threats more frequently. However, this comes as no surprise, especially in the Ugandan context, whose civic environment is marred by intimidation, torture, and killing of social justice leaders, illegal detentions and evictions, and a restrictive legal framework, among others. However, the research findings highlighted the varying degree in threat level exposure as experienced by different genders and reaffirmed the disproportionate impact of COVID 19 on women and children. This is evidenced by NGOs operating in the thematic area of Women’s rights and reporting the most frequent (26%) exposure to digital security risks from using technology tools adopted during COVID-19 lockdown.

    DIGIsecCON21-banner_2_just

    Digital Security Conference (DigiSecCon21)

    Defenders Protection Initiative will bring together actors from civil society, the private sector, business leaders, government, academicians, technologists, activists, journalists and subject matter experts to tackle pressing issues at the intersection of human rights, technology and security.
    The Digital Security Conference is a premium convening for stakeholders from technological, business and civic arenas to discuss the challenges and opportunities in the promotion and advancement of human rights in a digital era.

    Contrary to the previous editions of the digital security conference, this year’s edition will be a hybrid with both online and physical locations. The programing for this year’s conference will deepen conversations on longstanding issues affecting access to the internet and information, freedom of expression and association, privacy, data protection, digital rights and inclusion. This year the conference is set to attract over 300 participants.

    The aim of the conference is to bring together different sector perspectives (e.g. education and social development, human rights, legal, health, ICT, finance, justice, law & order) to highlight the challenges, drivers and consequences of inequality in the age of digitalisation. In this context, we strive to identify viable solutions to ensure the creation of a self-determined society.

    Digitalisation has transformed the society we live in today: It has changed the way we communicate, learn, work, and live. Digital technologies provide access to information anytime and anywhere and promise to empower users around the world by delivering more and easier opportunities for transparency and social participation. Despite this potential, modern societies are increasingly witnessing a gaping chasm of inequality as social actors experience differential results of ubiquitous digitalisation around the world. Understanding and finding ways to solve this paradox is a primary motivation for the digital security Conference 2021.

    #DigiSecCon21

    DECODING FOUNDATIONAL INEQUALITIES IN A DIGITAL ERA

    Empowering civil society to challenge systemic exclusion

    DIGIsecCON21-banner_2_just

    Digital Security Conference #DigiSecCon21

    Defenders Protection Initiative will bring together actors from civil society, the private sector, business leaders, government, academicians, technologists, activists, journalists and subject matter experts to tackle pressing issues at the intersection of human rights, technology and security.

    Policy-Brief

    Policy Brief on AML/CTF Laws: An Examination of their Impact on Civic Space in Uganda

    By virtue of it being a member state, Uganda is enjoined to follow the UN counter terrorism recommendations including the adoption of relevant AML and CTF legislations. Similarly, although Uganda is not a member of FATF, it is obliged to follow its recommendations as a matter of international comity. Besides, Uganda and East Africa as a region have had their own bitter experience with terrorism.

    On July 11, 2010, the country experienced its worst terror attack in the form of twin bombings at two prominent places of entertainment. In both these attacks a substantial number of lives were lost (76 people) while many others were left with permanent injuries.

    amlctf

    AML/CFT Virtual National Dialogue & Report Launch

    Since 2016, Defenders Protection Initiative has enhanced its focus towards mitigating the unintended consequences orchestrated by Financial Action Task Force (FATF) inspired laws/ regulations on the activities of legitimate charities in Uganda. During this period, DPI has been able to broaden her AML/CFT capacity building initiatives in 8 regions of Uganda, conducted research and strategic engagements by and for civil society actors as a pushback strategy against over-regulation.

    As part of her novel initiatives, DPI conducted a Virtual National Dialogue and Report Launch of the study conducted between December 2020 and March 2021, titled: Anti-Money Laundering and Counter-Terrorism Financing (AML/CTF) Laws: “An Examination of Their Impact on Civic Space in Uganda”

    The Virtual National Dialogue and the launch of the report provided an opportunity to share, reflect and disseminate the findings with a diverse group of stakeholders comprising of of advocates, civil society leaders, academia, media practitioners, students, researchers and the donor community.

    Event Recording

    We also want to interest you in

    labor-exploitation

    What is labour exploitation?

    Within the field of Human Trafficking and Modern Slavery prevention, labour exploitation refers to situations where people are coerced to work for little or no remuneration, often under threat of punishment. There are a number of means through which a person can be coerced, including: 

    Uganda-martyrs

    Uganda Martyrs’ death as a subject to the violation of Human rights.

     As we take the break to remember and mourn for the Uganda martyrs who died due to the violation of their religious rights, we wanted to take a moment today to think of those who are still struggling for their religious rights as workers, and to speak about some of the exploitation that is sadly still prevalent across the world. 

    Improving rights around the world is central to our mission of preventing violation of human rights in the working environment. We work with major corporations and organizations to help them understand where there might be risk of religious rights violation in their work places and to identify the tell-tale signs of other various forms of human rights violation . We run campaigns around the globe which seek to raise awareness of different forms of human rights violation, and to help those who may be victims of this violation know their rights and seek support where necessary.  

    Ultimately, we seek to encourage people to #SpotTheSigns of violation, speak openly about its realities and report suspicious activity when they see it.