Skip to content

Digital Impact was created by the Digital Civil Society Lab at Stanford PACS and was managed until 2024. It is no longer being updated.

Save, a New Open-Source App, Empowers Citizen Reporters

4Q4 Podcast, Interviews

Natalie Cadranel of OpenArchive introduces an open-source app designed to give citizen reporters more agency over their sensitive mobile media.

Digital Impact 4Q4 Podcast: Natalie Cadranel on the Save App for Citizen Reporters

SUBSCRIBE TO THIS PODCAST ON iTUNES.

00:00 CHRIS DELATORRE: This is Digital Impact 4Q4, I’m Chris Delatorre. Today’s four questions are for Natalie Cadranel, Founder and Director of OpenArchive—a free, open source tool that offers at-risk groups more agency over their sensitive mobile media. In October, OpenArchive launched Save, a mobile application that safeguards digital evidence of human rights abuses by helping reporters and human rights advocates to protect and preserve highly sensitive digital media.

Natalie, you’ve said you’re not trying to be the silver bullet for citizen journalists, that you’re only looking to provide an easier way to manage incoming media. But for a small humanitarian organization working through a distributed team in a dangerous location, an app like Save could be a godsend. Why did you feel the need to create a solution for authenticating and protecting mobile media? What can Save do that traditional solutions like Dropbox or Google’s G Suite for Nonprofits can’t?

01:14 NATALIE CADRANEL: That’s a great question. It’s true, no one tool or method can possibly address highly specific localized threats to digital freedom and human rights. Threats were emerging fairly rapidly, even in 2010, 2011 when I started working on this. And it became clear that there was a sort of Venn diagram of threats that a lot of different types of groups faced around the world.

And so these big movements and the governments and power authorities that were responding so aggressively by targeting them online, cutting Internet and moderating content, which is a newer threat, needed to be addressed. We needed to work on how to do this.

“This was pre-Snowden, this was a world that hadn’t fully realized just to what level we were being surveilled.”

And so when I went back to grad school I had this great opportunity to start this research into an area that I felt really passionate [about] that was definitely an extension of my work in IndyMedia. And so working with the groups over a number of years starting in 2011, I learned that retribution and targeting was due to how easily it is to find out the information about individuals posting—potentially subversive but often just documentation—online.

It takes a little work but to prevent people from seeing who you are and learning more about your IP address or your name or your address or any number of personal details, that’s becoming easier and easier. And at the time it was just—you know, this was pre-Snowden, this was a world that hadn’t fully realized just to what level we were being surveilled—but I was working with the “canaries in the coal mine” who knew this was a very, very pressing threat 1.

1 The metaphor “canary in a coal mine” indicates an advanced warning of danger. It originates from a time when miners used caged canaries to assess levels of methane and carbon monoxide where they worked. If there were toxic gases in the mine, the canary would die before levels reached those hazardous to humans.

So, just to give you an idea of the type of people I was working with, my first interviewee was an Iranian refugee who had left after the green movement and brought 30,000 hours of footage from it out of Iran. He couldn’t share it digitally. Many activists that had contributed to it were being surveilled and were at risk. And so this was my kind of “interview zero” and it shaped a lot of the work I did later and the types of people that I talked to later to create Save. And Save is actually an acronym: share, archive, verify, and encrypt. And I after three or four years of research and prototyping, I really focused on privacy, long term preservation, and authentication of the media.

These were the three areas that the majority of groups had agreed were very important to them, and I wanted to look into how we can make it really easy to do these three things.

The app is free and open-source, as you mentioned, and you can contextualize the media, you can add a creative commons licensing so that people know what to do with it, and you can authenticate it with cryptographic hashing and proofmode, and then send it over Tor 2, which is a secure network—almost anywhere you want. Also, we enable sharing directly with the Internet Archive, so that we know that your media will be accessible long term. So that touches on the preservation piece, the privacy piece, and of course, the authentication and verification piece.

2 Tor is a free and open-source software for enabling anonymous communication. The name is derived from an acronym for the original software project name “The Onion Router.” Source: Tor Project

So, while Dropbox and Google Suite are great ways to share files, they are enterprise solutions that were not built for these groups.

My research is ethnographic, it’s long term. I build relationships, I understand needs from within the community perspective instead of a top-down approach. And so what happens is that these are really usable easy things, easy tools, but they do not take into consideration the risks that these groups face, such as in-transit interception, for example.

There’s no secure way without adding a third party or without doing work on your end, to send media to Dropbox or G-Suite from your phone, for example; their apps don’t really have sufficient privacy protections.

“We’re contributing to a large corpus of evolving human rights-centered designers and practitioners who are able to shape what tools civil society is calling out for.”

They are not open-source, they are closed source, and this is a big one because when your code is inaccessible it cannot be independently audited by the groups who might need to know how secure the code is. So, if you potentially have some kind of hacking or injection—I mean, so many companies have sent emails to us saying your username and password have been compromised and whatnot—you really don’t know who you can trust. And if you can trust the code and the software that you are using day to day for highly sensitive purposes.

Another feature we offer that these companies do not is prioritizing interoperability or the ability to access a file in the future and be able to adapt files to new formats so that they’ll be easy to read when PDFs and WAV files and mp3s and video files are unreadable.

06:25 CHRIS DELATORRE: Guaranteeing privacy and security for a cloud-based solution is a tough order to fill. How will you preserve the integrity of the product?

06:34 NATALIE CADRANEL: So, over the years of developing this type of expertise, there are really about five tangible indicators that align with key values of ensuring that not just the integrity of our product is solid, but also can help guide decisions organizationally and behaviorally to help learn how to determine what types of services, products, talent is in line with our values, for example. And it’s actually kind of a roadmap we share with our community as well when we help them determine what kind of server solution would be right for them.

And so it’s mandatory that the technologies are open-source and at industry standard. So what I mean by that is that they have a lot of active contributors and are working out in the wild very well and that they’re responsive to bugs and things like that, actively. The next one would be that working with tools that prioritize encryption and privacy. Ensuring that they have a really good privacy policy and that it remains consistent.

And so groups like Ranking Digital Rights helps do that for some of the bigger companies. There’s also – they read the terms of service so you don’t have to. And making sure that there’s an enforcement mechanism if they go against their privacy policy. And making sure your data will not be shared with third parties, that’s key. Due diligence – working in your community to see who trusted partners collaborate with and what tools they use.

And then commitment to longevity. And that’s one of the reasons we partnered with the Internet Archive, because you know that your media on the Internet Archive will be in a readable, hearable, watchable format in the future.

Along with the tool, we offer guidelines. So it’s much more about behavior than it is about the one specific technology. So we’re contributing to a large corpus of evolving human rights-centered designers and practitioners who are really able to kind of shape what tools civil society is calling out for, and to be able to give them a roadmap into kind of the needs as they change over time and how technologies can be responsive to those needs, more than one specific technology, so they have a good way to evaluate what they may use in the future.

09:08 CHRIS DELATORRE: Save was developed in response to an increase in suppression of information worldwide. Let’s say an activist who is part of a peaceful protest in an oppressive country finds herself in the middle of a brutal police crackdown. How can she safely share media and protect her identity from sophisticated AI surveillance when she depends on a local service provider to transmit that media?

09:36 NATALIE CADRANEL: So, where Save comes in—one of our key features is to allow people to share locally, and with iOS devices, this is very easy. You can do it using Airdrop, you don’t need to use our app at all, you can share anything you want. It also, you know, Android didn’t really have this service, this feature, like Airdrop. So our developers created Nearby Share a number of years ago. You can use it within the app, it’s enabled, it’s one of the features of Save. And you can share media locally, which is great if folks are having their devices confiscated, or if there’s a lot going on and you lose your phone or it gets into the wrong hands or whatnot, and it’s wiped or who knows what.

Maybe ten people around you in a coordinated local effort will have the images you created, which creates resilience long term. And if the Internet is down you might not be able to share that media immediately but given that a number of people have it, one or two may go somewhere where they can get Internet and be able to share it.

Anytime anyone is on a network they are vulnerable to surveillance. Any network can be surveilled. Bad actors can use IMSI catchers or Stingray devices to intercept and surveil media. However, if the government ISP or the one that most people use is cut, it’s much less likely and more expensive to try and identify these newer networks that are cropping up that are local. And so it would take a little bit more work to surveil a more underground network or a non-traditional network.

“Distribution through trusted networks and a feedback loop between the communities that they’re working with and us is how we built the tool.”

That said, when you do share media between the app and a server or locally on Bluetooth, it is fairly difficult to intercept and get the media because we are able to use Tor. Also there is TLS encryption. And I think that the metadata of what apps are being used and how much is being sent is revealing enough that those using this app could potentially be targeted. And I think oftentimes in, you know, during brutal crackdowns and shutdowns, people tend to capture rather than send media, which is a protective response actually. And what’s great about that is that they’re very busy documenting what’s going on and so the beauty of it is that they’re not putting it on a network yet, right? And so if it’s on their phone and their phone hasn’t been confiscated or broken or lost, there’s a good chance that they’ll be able to share it later.

3 Spartacus, a gladiator of Indo-European descent who helped lead the Third Servile War of 73-71 BC, left an impact on the relationships between slaves and their owners, and is believed to have influenced a short term slave shortage. Source: Spartacus and the Slave Revolt

If there’s a total Internet blackout and there’s no cell service, let’s say. There actually are ways within the app to share media. On Android, it’s called Nearby Share. Many iOS users are familiar with Airdrop, it’s like Airdrop, except that you need to do it within the app. So, your community could be using Save and you can choose who you want to share your media with, which can thus create a kind of a “Spartacus effect,” 3 so if you’re targeted and a number of your phones get confiscated, then you are able to have that media to go with other people who are in that network and who received that from you, and take somewhere where they can share it.

13:03 CHRIS DELATORRE: How will you reach the folks who need this technology the most? How can our listeners help?

13:09 NATALIE CADRANEL: It’s actually really challenging to reach people who would most benefit from Save. You need trusted channels to communicate with them. They’re often in repressive countries that surveil everything they do online. Apps are blocked, like Telegram for example, that are focusing on security and privacy. Apps are injected with Malware, like Whatsapp, so activist communities are targeted. So, the way we approach our work and to reach the maximum number of people who we can in the space is by working with large human rights organizations and working with newsrooms, who are receiving media every day from sources that often send it unencrypted and unprotected.

So, I think that distribution through trusted networks and a feedback loop between the communities that they’re working with and us is how we built the tool, so we understand that we’re definitely meeting their needs and we understand their threat models and we can show them how we can help address Internet blocking or surveillance. And it is a challenging space so I think that we definitely do need a lot more help working more closely with communities through trusted partners and trusted channels that are still open and are not surveilled.

So what we really need help with right now is to be connected to these types of organizations—human rights, newsrooms, legal—who are interested in receiving verified media, and who are interested in protecting their communities while doing so.

14:55 CHRIS DELATORRE: Natalie Cadranel, Founder and Director of OpenArchive, thank you.

Digital Impact is a program of the Digital Civil Society Lab at the Stanford Center on Philanthropy and Civil Society. Follow this and other episodes at digitalimpact.io and on Twitter @dgtlimpact with #4Q4Data. To learn more about OpenArchive and the Save app, visit open-archive.org and follow on Twitter @open_archive.