Encryption is a process that renders data unintelligible to anyone who doesn't have the decryption key (often a password). Encryption can be applied to data “at rest” (such as files stored on your computer) and data “in motion” (such as messages in a messaging application).
You can encrypt “at rest” data on a digital device by enabling Full Disk Encryption (FDE) on the device with a strong password. When the device is turned off, its data is encrypted; when you turn it on and enter the decryption key, its data is decrypted until it is turned off. If a device with FDE enabled is seized by an adversary during an arrest, house raid, or covert house search while it is turned off, the adversary will not be able to access its data (unless they bypass its authentication).
You can encrypt “in motion” data by using Tor[1] or a Virtual Private Network (VPN) for your Internet activity, and by using end-to-end encrypted messaging applications for your digital communications. Encrypting “in motion” data can prevent an adversary from monitoring your digital activity in various ways.
Encryption should be considered a harm-reduction measure, not a panacea. You should not use digital devices for incriminating activities unless it's unavoidable, and you should have all your incriminating conversations outdoors and without electronic devices.
Techniques addressed by this mitigation
| Name | Description | |
|---|---|---|
| Forensics | ||
| Digital | An adversary can use digital forensics to retrieve data from unencrypted digital devices. To mitigate this, you can encrypt your digital devices with Full Disk Encryption and a strong password. | |
| Mass surveillance | ||
| Mass digital surveillance | You can encrypt “in-motion” data to prevent observers at certain points on the network from analyzing this data. | |
| Service provider collaboration | You can encrypt “in-motion” data to limit the ability of untrusted service providers to collaborate with an adversary. | |
| Targeted digital surveillance | ||
| IMSI-catcher | You can encrypt a phone “in-motion” data so that if the data is collected by an IMSI-catcher, it cannot be analyzed. For example, you can use end-to-end encrypted messaging applications instead of legacy texts and calls for your phone communications. | |
| Malware | You can encrypt “in-motion” data to make it harder for an adversary to install malware through network packet injection, an installation vector for some forms of modern spyware, such as Pegasus[2]. | |
| Network forensics | You can encrypt “in-motion” data to make it harder for an adversary to analyze the data with network forensics. | |