Témák

Biztonságban maradni az interneten

A közösségi média biztonsága

Szervezete sok mindent felfedhet – és néha többet is, mint amennyit szándékozik –, ha közzétesz és kommentál a közösségi médiában. Legyen szó Facebookról, Twitterről, Instagramról, YouTube-ról vagy régióspecifikus közösségi oldalakról, mint például a VKontakte és az Odnoklassniki, mindig alaposan gondolja át, hogy mit tesz közzé, és megfelelően konfigurálja az esetlegesen elérhető adatvédelmi beállításokat. Ez nem csak a szervezet hivatalos oldalaira igaz, hanem bizonyos esetekben az alkalmazottak személyes fiókjaira, valamint családtagjaik és barátaik fiókjaira is.

Social Media Security and Parliaments

Cellphone image

Even low-risk organizations can be targeted and harassed on social media without proper security policies in place. In this example from 2018, a nonprofit animal shelter lost thousands of dollars and alienated supporters after an unauthorized account administrator set up a fake fundraising effort, and fake accounts impersonating employees appeared on the platform. If hackers will go to those lengths to make a few thousand dollars off of an animal shelter, you can imagine the damage sophisticated adversaries might be able to inflict if they were to gain access to your parliament’s accounts or successfully impersonate a prominent MP or staff person online.

In addition to hacking social media accounts, parliament’s websites are also common targets given their public visibility and reputational significance. In one example from 2017, Austria’s parliamentary website was taken down by a hacking group that was supposedly angry at the country’s souring relations with Turkey at the time.

Develop a parliamentary social media policy

Assume that anything posted on social media could become public knowledge, and craft a parliamentary social media policy accordingly. Given the public nature of most parliamentary work, it’s likely that you will want to share most posts and messages publicly, but it is still crucial to ask and answer questions such as: Who has access to your social media accounts? Who is allowed to post and who needs to approve posts? What about comments and replies? What information should/should not be shared on social media? If you post photos, location information, or other identifying information about your staff, members, or partners have you asked for their permission, and have they considered any possible risks? Such questions are especially important if your parliament engages publicly with citizens through social media or similar online portals for public engagement.

In addition to developing your policy and making it clear to staff, be sure to properly configure your privacy and security (often referred to as “safety”) settings. Some key questions to ask yourself as you decide what privacy and safety settings make the most sense for parliamentary and personal accounts, include:

  • Do you want to share your posts with the public, or only with a specific group of people internally or externally?
  • Should anybody be able to comment, reply, or interact with your messages or posts?
  • Should people be able to find you using your email address or (personal or professional) phone number?
  • Do you want your location shared automatically when you post?
  • Do you want to block or mute hostile accounts?
  • Do you want to block specific words or hashtags?

Each social media site will have different privacy and safety settings, but these general concepts apply universally. As you consider these questions, take advantage of helpful privacy guides from the major platforms: Facebook, Twitter, Instagram, and YouTube. For Facebook in particular, be cautious about your privacy choices regarding Groups. Facebook Groups are a popular spot for engagement, advocacy, and information sharing, but unrestricted groups can be joined by anyone. It is not uncommon for “fake” accounts to pose as real people in an effort to infiltrate private social media groups or pages. Therefore, accept “friend” and “follow” requests carefully. Remember that your parliament’s social media accounts are only as secure as the accounts that are “linked” to it. This is especially important to remember for Facebook, where your pages may be managed by someone’s linked personal account.

Online Harassment

Unfortunately, many parliaments and affiliated groups face significant harassment online, especially on social media. Such harassment is often directed with even more intensity at women and marginalized populations. Online violence against women in particular can create a hostile environment which leads to self-censorship or withdrawal from political or civic discourse. As identified in NDI’s Gender, Women, and Democracy team’s Tweets That Chill report, when attacks against politically active women are channeled online, the expansive reach of social media can magnify the effect of harassment and psychological abuse, undermining women’s sense of personal security in ways not experienced by men.

As your parliament develops its social media policy, it is important to be cognizant of these dynamics. Build into your security plan structured support for members and staff who face negative messages, insults, and threats on social media, both as part of their jobs and in their personal lives. Develop an anti-harassment infrastructure within parliament, including surveying your staff to understand how online harassment impacts them and create a rapid response team to help staff face challenging situations. PEN America’s Online Harassment Field Manual also provides detailed recommendations on how you can support staff who face such harassment. You might consider, if your staff are comfortable doing so, reporting incidents of harassment and/or problematic accounts directly to the platforms as well.

When engaging with members or staff who have been the victim of harassment online (and in the physical world as well), it is important to be sensitive. As outlined by the Association for Progressive Communications’ Women's Rights Programme’s Take Back the Tech, understand that a survivor may be dealing with trauma, and recognize that violence, online or offline, is never the fault of the survivor. Ensure such issues can be raised and discussed (if staff are comfortable doing so) in a confidential and safe environment, with the option of anonymity. And include in your parliament’s security plan a list of local professionals, organizations, and law enforcement agencies that you can connect staff to for legal, medical, mental health, and technical assistance if needed. For additional ideas, check out Feminist Frequency’s Online Safety Guide.