Clara Ann Bagnoli ‘28
Design Editor
On March 3, the 5C Prison Abolition Collective (PrisAb) hosted a digital political security training with the Electronic Frontier Foundation (EFF), an organization focused on surveillance defense for political organizing. The talk covered threat modeling, email privacy, and security best practices to help protect student activists online.
EFF works as a three pronged team of lawyers, technologists, and activists. The speaker, Thorin Klosowski, works as a security and privacy activist with the organization. Before joining EFF, Klosowski covered privacy and security for Wirecutter and occasionally at The New York Times, writing much of Wirecutter’s security how-tos, explainers, and guides.
The president of PrisAb, Cassidy Bensko ʼ25, highlighted the correlation between digital security and the work for prison abolition. “[The topic of digital security] relates to all organizing. As our phones and computers [have] become common sense we start to forget the infrastructure behind them and the ways that they are surveilling us,” Bensko said.
Additionally, the talk’s importance reflected the use of school Wi-Fi to track students present at the divestment protest in Carnegie Hall this past October.
Students have since expressed how this felt like an invasion of digital security from the 5Cs. Niamh Reagen PZ ‘28, a member of PrisAb who also helped plan the teach-in, expanded on this sentiment as the more tangible effects of repression from the colleges after Oct. 7 — including Pomona’s suspension of 12 students from the college and banning of over 36 students from the other 5Cs — have taken affect.
“I saw the fallout of [the protest] and saw everyone being stuck outside of their dorms and just trapped [and it] was so scary and weird to see from the college,” Reagan said, referring to suspended students’ ID cards being deactivated, restricting their access to housing and food.
The talk started with an overview on Klosowski’s defined “core security fundamentals” including using unique passwords, enabling two factor authentication, using device encryption, and being mindful of social media content. These four fundamentals are an easy way for anyone online to feel that they are being safe all while also understanding their devices.
Klosowski shared that he went through these fundamentals with his senior parents, highlighting how anyone with personal information to protect should think about digital security.
Unfortunately doxxing, which is the process of sharing someone’s private information without their consent, can only be safeguarded against by removal of personal information online.
Klosowski illustrated how using a person’s image from their social media can be reverse image searched to match their face to an attendee at a protest.
When asked about the risk versus reward of using social media as an activism tool, Klosowksi responded, “It’s a situation by situation call. Social media is a big organizing tool [but] doesn’t beat in-person meeting.”
Once the fundamentals were established, Klosowski walked the audience through how to create a “security plan.”
Klosowski told attendees to start by asking the following questions. What do I want to protect? Who am I protecting it from? How bad are the consequences if I fail? How likely is it that I will need to protect it? How much trouble am I willing to go through to prevent consequences? Who are my allies? Once the answers to these questions are answered, Klosowski said it was easier to figure out the steps to protect what needs protecting.
“Security is a process not a product,” Klosowski said, reminding attendees that many apps or services promising security just transfer the risk of data surveillance from the Wi-Fi server to the security app.
However, he did offer some suggestions of generally secure sites to use. Tor is a private browsing server that bounces the users’ data across dozens of servers making it difficult to unencrypt, thus protecting users’ anonymity. Signal and WhatApp, popular messaging platforms, use metadata, which Klosowski describes as an envelope as opposed to an opened letter. Anyone looking for the contents of messages can see where and when something is being sent and to whom but can’t see the message itself.
Returning back to the focus of surveillance in Claremont and within the colleges, there were several questions about the legality of monitoring students. While Klosowski couldn’t speak to legality, he said, “colleges are a petri dish of surveillance.”
Bensko explained this point further. “Colleges and universities function as their own mini municipalities, the presidents are like the mayors in their own right. We eat together, we live together, and are bound by a social contract and the jurisdiction primarily falls on CampSec.”
Towards the end of the night, Klosowski reaffirmed traditional ways of protecting one’s identity at a protest. Wearing generic clothing, covering tattoos, and masking were all ways he identified as helping stop facial recognition. Even if there are no permanent cameras at the event, Klosowski highlighted the security risk of others as humans can function as cameras with their eyes and their cell-phones.
