By Robert Fredrick Chestnutt
School of Law & Government
Dublin City University
Photo Credits Emile Perron
Conducting field research in non-democracies carries additional risks for researchers. Some of those risks relate to issues of data protection, anonymity of interviewees and the ‘do no harm’ principle. While technology can be part of the problem, there are technological safeguards researchers can take to minimise risks while conducting research in politically hostile environments.
Most Universities and research institutions make provisions for preparing researchers prior to their fieldwork or data-collection, making sure they are aware of the existence and importance of ethical and research integrity principles and that they understand the main ethical obligations towards research participants. The ‘ethical guidelines’ or ‘codes of conduct’, aim to provide researchers with guidance on research integrity and best practices with regard to issues such as informed consent and the ethical principle of doing no harm. The reason these initiatives are provided is because research that involves humans may pose potential risks for both interviewees and the researcher if research integrity principles are not given thoughtful consideration. Additional risks, however, are at play when researchers conduct fieldwork in politically volatile environments. Periodic incidents of expulsions and/or detentions of foreign researchers, such as the case of British researchers in Tajikistan and the UAE as well as an Irish researcher in Kyrgyzstan, serve as poignant reminders of the need for extra care when conducting social science research in these countries. Here, questions of data protection, anonymity of interviewees, and the ‘do no harm’ principle acquire particular significance, but researchers can take extra steps to eliminate -or at least mitigate- risks associated with data collection and handling in such countries.
In these situations, researchers are asked to anonymise names of participants, to keep minimal physical notes and not to store data locally. Even then, the most popular operating systems, Microsoft Windows and Mac OS are well-known to be porous allowing access to personal data and user online accounts (Google Drive and iCloud) with minimal resistance from suitably qualified individuals. Similarly, mainstream Phone systems and messaging apps are equally unreliable. US President Donald Trump has been widely ridiculed for an over-use and reliance on his Apple iPhone. At one stage Russian lawmakers attempted to ban officials with access to sensitive information from using the Apple iPhone. They favoured the domestically produced ‘Yotaphone’, which, after some initial interest, has struggled to acquire a following. In sum, both physical and technological means of storing potentially sensitive data appear to have palpable weaknesses.
An option for researchers working in non-democracies is using the ‘Tails OS’ (The Amnesic Incognito Live System). Tails OS is widely praised for its security and encryption capacities. In addition, it is open-source (free to acquire and use) and also reasonably easy to use. Tails is a distribution of Linux (an alternative to the Microsoft Windows and Mac OSX operating systems). Linux is already known as a secure operating system, but, Tails is widely acknowledged to be amongst the most secure versions of Linux. Significantly, Laura Poitras and Glenn Greenwald praised Tails as an invaluable tool in their work with National Security Agency whistleblower, Edward Snowden.
How does it work?
Tails is unusual as it is a ‘live operating system’, that is, it is portable and installed, configured and run directly from a USB flash drive – then operated through a host computer. As such, when one finishes a working session and the system is turned off, all data is deleted and rendered irretrievable within approximately 20 minutes. Similarly, there is an additional security feature where if the USB is suddenly detached all data is immediately erased. Similarly, data (of any size) can be input into the system and then transferred securely and anonymously through an app called ‘onionShare’. OnionShare uses the ‘Tor’ network, making it virtually impossible to trace or intercept. The only caveat is that the recipient must have the ‘Tor’ browser installed to receive and decrypt the file.
Using Tails as a live system and transferring any data through ‘onionShare’ is the safest and most secure way to operate, but the system can be configured to hold a certain amount of data on the USB drive by creating a ‘persistent’ volume. This is a heavily encrypted folder that can be used to retain a certain amount of data locally, depending on the size of the USB storage.
Why is Tails so secure?
Tails uses ‘Tor’ to ensure anonymous communication. It directs Internet traffic through a global network relay which conceals a user’s location and activity from any network surveillance ensuring the personal privacy of its users, and their ability to conduct confidential communication by keeping their Internet activities from being monitored.
How does one get it?
Tails is free and accessible from ‘https://tails.boum.org’. It is relatively easy to setup and use; and there are many online instructionals which show how to configure it. The most challenging aspect is turning the system on. The USB must be attached to a computer before turning it on. Then to boot it up from an Intel machine press F12, F10 or F2 depending on the model, or the Alt or Command key depending on the model of Mac. This also means that there is an added convenience, where in many cases Tails can be used from any computer bypassing its password, as the user is not seeking access to the host computers principal operating system. Moreover, as the system is a live system, no trace of its use can be detected.