Category: OpSec

  • Personal OpSec in the New Political Reality

    In today’s political climate, understanding personal operational security (OpSec) isn’t just for security professionals anymore—it’s becoming essential for everyday citizens. As administration policies shift toward expanded surveillance and reduced privacy protections, we must examine both current developments and the historical precedents that made them possible.

    The Surveillance infrastructure

    The current administration has expanded domestic surveillance capabilities, but this didn’t happen overnight. The foundations were methodically laid through policies spanning multiple administrations:

    SURVEILLANCE TIMELINE:
2001: PATRIOT Act establishes framework for mass surveillance
2008: FISA Amendments Act expands warrantless surveillance
2011: Obama administration extends PATRIOT Act provisions
2013: Snowden reveals mass data collection programs (PRISM)
2015: USA FREEDOM Act modifies but preserves key surveillance apparatus
2018: FISA reauthorized with minimal reforms
2022: Expansion of border device searches
2024: New executive orders on "domestic security"

    The Obama administration critically normalized and institutionalized mass surveillance. While campaigning on transparency and civil liberties, it prosecuted more whistleblowers under the Espionage Act than all previous administrations combined. It also expanded the NSA’s collection authorities, fought for backdoor access to encryption, and established legal justifications for warrantless searches that persist today.

    This bipartisan growth of the surveillance state created the infrastructure now being leveraged for increasingly explicit political monitoring.

    Current threat landscape

    The risk factors have intensified in specific ways:

    1. Expanded Definition of “Threats” – Political speech is increasingly categorized as potential security concern
    2. Reduced Oversight – Dismantling of inspector general positions and oversight boards
    3. Privatized Surveillance – Government contracts with data brokers to circumvent legal restrictions
    4. Algorithmic Targeting – AI systems flagging “unusual patterns” with high false positive rates
    5. Local Surveillance Proliferation – Police departments deploying facial recognition and predictive policing

    Practical OpSec Measures

    Against this backdrop, practical operational security becomes essential:

    COMMUNICATIONS

    • Use E2EE Messaging: Signal, Session or Briar for sensitive communications
    • Compartmentalize Devices: Separate political/sensitive activities from daily use
    • Metadata Awareness: Even encrypted content reveals who talks to whom
    • Secure Calls: Voice conversations are vulnerable to collection

    IDENTITY PROTECTION

    • Minimize Biometric Usage: Fingerprints and facial recognition can be compelled
    • Separate Identities: Use different personas for different activities
    • Location Privacy: Disable location services, use GPS spoofing when necessary
    • Financial Traces: Cash for sensitive purchases, cryptocurrency with proper anonymization

    DEVICE SECURITY

    • Full Disk Encryption: Protect all devices with strong encryption
    • Border Crossing Protocols: Special precautions when crossing borders
    • Clean Device Policy: Regularly audit and remove sensitive material
    • Air-Gapped Computing: Keep truly sensitive work on disconnected devices

    Remember that perfect security doesn’t exist. The goal is to increase the cost and difficulty of surveillance to the point where you’re not worth the resources required to monitor.

    Collective Resistance

    Individual measures are necessary but insufficient. We must also:

    1. Support Legal Challenges: Fund groups challenging surveillance authorities
    2. Build Community Knowledge: Teach security practices to vulnerable communities
    3. Political Pressure: Demand legislative protection of digital rights
    4. Technical Solidarity: Develop and support anti-surveillance technologies

    The growth of the surveillance state has been a bipartisan project, with each administration expanding upon the foundations laid by its predecessors. What’s changed is not the existence of these capabilities, but the increasingly overt willingness to deploy them against political opposition.

    The time to implement serious OpSec practices is before you need them. Once targeted surveillance begins, it’s often too late to build protection. By understanding the historical context of how we arrived at this point, we can better prepare for navigating the challenges ahead while working collectively toward systemic change.