the TML guide to OpSec and Data Hygiene

In a world where digital surveillance is pervasive, operational security (OpSec) and data hygiene are not just technical phrases—they’re essential practices for safeguarding ourselves, especially for LGBTQ+ communities and activists who face intensifying scrutiny under the Trump regime. Learning to protect your digital privacy can be a form of resistance, a way to defend your identity, and a shield against those who seek to track, target, or exploit you. Here’s our guide to reclaiming control over your digital footprint.


1. Tails OS: Anonymity from the Ground Up

If protecting your digital activities is essential, Tails OS is one of the most powerful tools available. Tails is a live operating system that can run on almost any computer from a USB drive and is designed to leave no trace. It routes all your internet traffic through the Tor network, anonymising your connection and making it difficult for anyone to track your online activities. When you shut down Tails, it leaves no data behind on the computer, preserving your privacy even on shared or public machines.

Why it matters: Activists often need to work on sensitive projects, communicate under restrictive conditions, or handle information that can’t fall into the wrong hands. Tails provides a safe environment where you can browse, communicate, and work without leaving a digital footprint. It’s especially useful for securely accessing information or contacting others.


2. Pi-hole: Blocking Ads, Blocking Trackers

One of the most effective tools for protecting privacy at home is setting up a Pi-hole. Running on a Raspberry Pi or similar device, a Pi-hole acts as a network-wide ad blocker, filtering out ads and tracking scripts before they reach your devices. It removes invasive ads and also prevents third parties from building a profile based on your browsing and app usage.

Why it matters: Ads aren’t just annoying distractions; they’re data harvesters, collecting details about your behaviour, interests, and even location. Blocking them at the network level helps protect you from surveillance-based advertising.


3. Choose Signal: The Gold Standard for Secure Messaging

When it comes to private communication, Signal is the preferred messaging app. Unlike other popular apps like WhatsApp and Telegram, Signal offers end-to-end encryption by default, with no data-sharing agenda. WhatsApp, while encrypted, is owned by Meta (formerly Facebook)—a company notorious for data collection. Telegram, on the other hand, doesn’t encrypt regular chats, leaving them open to potential interception.

Why it matters: Activism often requires secure channels for discussing sensitive topics. Using an app that respects your privacy keeps these conversations safe and free from prying eyes.


4. Protecting Photos: Don’t Let Metadata Give You Away

When you upload a photo to social media, you’re sharing more than an image. Each photo contains metadata—information about when and where the picture was taken, the device used, and sometimes even a unique tracking ID embedded by the platform. Social media sites often strip some metadata but keep it for themselves, creating a digital trail that can be exploited.

Quick fix: Take a screenshot of the photo and share that instead. Screenshots strip out most metadata, helping keep your location and device details private. It’s a small extra step, but one that can make a difference in protecting your privacy.


5. Person-to-Person Contact: Offline is Often Safer

In high-stakes scenarios, in-person contact is often safer than digital channels, which are vulnerable to interception and surveillance. Whenever possible, use online tools to arrange person-to-person meetings rather than conducting sensitive discussions online. Meeting face-to-face reduces digital exposure and allows for a more controlled communication environment.

Tip: When protesting or meeting in public, leave your cell phone or other electronics at home if possible. Cell phones can track your location, log your contacts, and reveal more about your movements than intended. Avoiding devices altogether can reduce the risk of unintended surveillance.


6. Compartmentalise Your Devices: Sandboxing Suspect Apps

For most people, a smartphone carries everything—photos, messages, social media, and more. But this also makes it a high-value target for data collectors. Keep your main phone as clean as possible, with minimal apps. For any app you don’t fully trust but need to use, consider installing it on an older phone that only connects to Wi-Fi. This “sandbox” device can keep less secure apps away from your main data.

Why it matters: Segregating apps between devices limits data-sharing and helps prevent companies from compiling a comprehensive profile of your digital life. Compartmentalising apps creates natural barriers to data leaks and tracking.


7. Keep Everything Updated—But Be Wary of Automatic Updates

Generally, keeping your devices and software updated is essential for protecting against known security vulnerabilities. This includes your phone, computer, and even your Wi-Fi router firmware. Updates address security flaws that could otherwise be exploited to access your personal information. But there’s a catch: in extreme scenarios, when a government or entity is cracking down on encrypted communication, apps distributed through centralised app stores with automatic updates could theoretically be compromised.

Why it matters: Under normal conditions, automatic updates help keep you safe by patching security issues as soon as they’re identified. But if you’re concerned about the risk of backdoors in critical apps—like encrypted messaging services—you might consider disabling automatic updates for those apps and manually reviewing updates. This approach adds an extra layer of control over what’s being installed on your device.


8. Diversify Your Tools and Infrastructure

In a high-risk environment, using the same tools and services as everyone else can create vulnerabilities. Homogenised infrastructure—when most people use the same apps, platforms, or vendors—makes it easier for attackers to compromise large swaths of users by infiltrating a single service or provider. Everything should be suspect. For true OpSec, consider diversifying the tools you rely on.

What to consider: Use a mix of decentralised services, open-source tools, and lesser-known providers to avoid depending on one company’s infrastructure. The more varied your tools, the harder it is for anyone to map, track, or compromise your setup through a single point of access.


9. Minimise Information Access for Group Members

OpSec is challenging and requires discipline. Fortunately, protest coordinators and organisers bear the primary responsibility for preventing information leaks, ensuring that each participant knows only what they need to know. This compartmentalised approach—where only a few people hold the full picture—protects both the operation and individuals. In the event of an information compromise, this limits the damage and protects the people on the ground.

How it works: Organisers should keep group members aware of only their role in the operation, avoiding unnecessary details. The goal is to minimise the impact if any participant is surveilled or questioned, helping protect the larger mission.


10. Leverage the Power of Numbers

One of our strongest assets in a surveillance state is our numbers. The goal is to make our numbers an advantage. Surveillance systems are typically built to monitor the largest number of people with the fewest resources, relying on homogenised technology and predictable patterns. By diversifying our tools, communication methods, and tactics, we can make it more challenging and resource-intensive for these systems to profile and track us individually.

How to use this: Avoid uniformity in your tools and habits. By using varied platforms, switching up routines, and maintaining low-profile communication, we make it difficult for surveillance systems to single out any one individual. If each person is a little unpredictable, we collectively disrupt the surveillance algorithms that rely on standardisation.


11. Less is More: Beware of Data-Hungry Apps

Many apps collect excessive amounts of data—often without your full awareness. Before downloading an app, check its permissions: does it really need access to your location or contacts? If it’s asking for more than it needs, skip it or find a less invasive alternative.

Rule of thumb: Only keep essential apps on your primary device, and keep permissions minimal. The fewer apps you use, the less data you’re putting at risk.


Why It Matters: Data Hygiene is Queer Resistance

Practising OpSec and data hygiene isn’t just about individual privacy—it’s a communal act of resistance. For LGBTQ+ communities facing rising hostility, maintaining control over personal data and digital traces is crucial. Every time we protect our information, we make it harder for surveillance systems to weaponise our identities against us. By sharing tools, resources, and knowledge about digital privacy, we help safeguard not only ourselves but our entire community.

Whether it’s using Tails OS, blocking ads with a Pi-hole, switching to Signal, arranging secure offline meetings, or leveraging our numbers through diverse strategies, each action is a step toward reclaiming your digital agency. In an era where surveillance is normalised and personal information is currency, privacy is power—and every bit of power we reclaim is a victory.


Stay vigilant, stay safe, and remember: Protecting our data is protecting our community.


One thought on “Digital Privacy as Resistance”

Comments are closed.