Information Security in Conflict Zones

Introduction

In today’s post GDPR-era, the citizens of most developed countries are regularly reminded by governments, media companies and non-governmental organizations of the importance of complying with the GDPR and other privacy laws. However, little or no attention is paid to the data processing operations in conflict zones. Such zones often do not have any laws protecting confidential and personal information or, if they have such laws, they are unenforceable due to the lack of working governmental institutions.

As a result of the lack of enforceable legal frameworks in conflict zones, criminals and others can easily gain unauthorized access to information that can be used to injure humanitarian workers and other civilians. Hence, the security of information in conflict zones is of vital importance to protect the fundamental rights of the civil population in those areas.

Below, we examine four information security threats that civilians in conflict zones need to address in order to protect the security of their information. Those threats are: forcing individuals to leave their computing devices, blackmailing individuals and their families with the aim to access sensitive data, physical security threats and unlawful interception of communication. Below, we examine these four threats and provide recommendations on how to address them.

Forcing Individuals to Leave Their Computing Devices

In dangerous environments, such as repressive countries and detention facilities, users of computing devices (e.g., cell phones, laptops, tablets) may be forced to leave their computing devices to the guards or armed forces. In this regard, a humanitarian worker noted: “In many places, we are not allowed to have any electronic tools with us. When you go in a prison, you cannot even have your phone with you. You have to leave it at the entrance or at the car.”

Humanitarian workers and others who decide (Read more...)

*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by Daniel Dimov. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/HwtQOuYgX14/