Pride Month is a time for celebration — we celebrate the many activists, journalists, human rights defenders, and community members who have helped to build a more equal and rights-respecting world, often at great personal sacrifice. We celebrate the advancements being made, from Australia to Latin America, for marriage equality and other important issues affecting our communities. And we celebrate the vibrant and diverse community of LGBTQI people whose voices are making important contributions across all sectors.
But in 72 nations around the world, homosexual activity is considered a crime, and, as the U.N. Independent Expert on protection from Violence and Discrimination based on Sexual Orientation and Gender Identity recently noted in his official address, “violent and discriminatory acts remain a reality everywhere in the world.” From 2008 through 2014, at least 1,731 transgender people — and likely many more — were killed in 62 countries, which amounts to one transgender person being murdered almost every day.
In addition to the threats the LGBTQI community faces in the physical world, other threats extend to the digital world. These threats come from both public and private sectors, and take many forms, according to statistics from Access Now’s Digital Security Helpline, which provides tailored security guidance free of charge to users at risk worldwide.
Providing digital security support to LGBTQI communities
Access Now’s Digital Security Helpline looked back at nearly five years of cases directly relating to members of the LGBTQI community and identified the top five most common types of attacks reported by community members around the world.
Cases generally come to the Helpline in two forms: either “reactive,” responding to an incident like being outed online after the attack occurs, or “preventative,” where organizations that specifically and directly serve the LGBTQI community ask for our support in strengthening their communications and digital workflows before crisis hits.
Usually, reactive cases outnumber preventive cases. But we’ve found the opposite in LGBTQI cases: more clients ask us for preventative help than reactive. This shows that LGBTQI communities are much more aware than others about the digital security threats they face, and their need to improve their security stance. Among all the communities we serve, this is unique to the LGBTQI community. And that’s to be celebrated this Pride!
But that shouldn’t underplay the very serious attacks that are happening online. Here are the five most common types we’ve seen over the last five years:
- Account compromise. From social media handles to email accounts to dating app profiles, LGBTQI people facing repression often rely on online platforms to stay connected with their community. Yet governments, law enforcement, and others who aim to silence these voices have deployed sophisticated online attacks — like phishing schemes — to gain access to these accounts, putting both the account holder and all of their contacts at risk. In Egypt, for example, this data has been used to locate and arrest those who identify as gay under a draconian anti-homosexuality law.
- Harassment. This community faces harassment and discrimination in many forms, whether it is degrading personal attacks both in person and online, continuous monitoring by police and local gangs, or sexual assault. In the United States alone, LGBTQI youth are three times more likely to experience cyberbullying and other forms of harassment. Intentional disclosure of personal communications that reveal sexual orientation or gender identity on social media are shared to encourage widespread harassment, and in places like Ghana, sensationalized media reporting on such incidents only make matters worse.
- Censorship. Both government and private actors have worked to undermine freedom of expression for LGBTQI voices. In Jordan, the government ordered a block of the country’s only active LGBTQI-inclusive web magazine following a parliamentarian’s critical statements in international media. Other publications have faced direct denial of service attacks bringing down their websites, mass reporting of legitimate content on social media, and physical intimidation designed to discourage publication.
- Data leaks. Data security is crucial for everyone, but for many LGBTQI individuals, exposure of their personal information can be life-threatening. Platforms sharing their users’ gender identity or sexual orientation with third-party advertisers has led to unwanted disclosure of that information in both personal and professional environments. It was also recently discovered that Grindr — a popular gay dating app — had been disclosing its users’ HIV status along with personally identifying information including email address and GPS location to third-party analytics companies, putting people at grave risk of exposure, discrimination, and abuse.
- System compromise. For most people, our devices are critical to all the most important parts of our lives. They are how we stay connected to friends and family, how we get and share information, how we do our jobs, and how we store our sensitive personal information. That’s why governments and other actors seeking to persecute LGBTQI communities are confiscating devices, or forcing people they have detained to give up their device passwords, and extracting photos, private communications, contacts, GPS location history, and more. They are also using sophisticated social engineering and phishing attacks to infect people’s devices with malware, turning it into a surveillance device you carry with you everywhere you go.
Celebrating and protecting our community
If you plan on participating in a Pride parade, demonstration, or protest, explore these tips for doing so safely. Some additional preparation beforehand can help to significantly reduce risks for you and your community.
Our Digital Security Helpline also encourages you to learn as much as possible about the types of security threats being posed in your local context and how to respond, whether that means carefully identifying phishing attacks or integrating new tools to evade censorship.
If you are an activist or from an LGBTQI organization and have any questions or concerns about your digital security, please don’t hesitate to contact the Digital Security Helpline.