Safety First! Basics of Preventive Digital Safety

This workshop introduces participants to the basics of preventive digital safety and risk awareness measures, which they can apply to their own context. It also provides the main principles and criteria of assessing and deciding what digital tools to choose based on specific individual or group / team situations and needs.

Workshop Overview

Topic: Basic digital safety for citizen investigators, journalists, researchers and others working with information as evidence


  • To introduce participants to the basics of preventive digital safety and awareness measures they can apply in their context.
  • To demonstrate the importance of developing a "risk assessment and safety mindset" rather than adopting a certain automatized behavior and a set of fixed tools and methods.
  • To introduce participants to the main principles and criteria of deciding what digital tools to choose in their specific individual or group / team contexts.
  • To raise awareness that safety is not only concerning the digital or the physical aspects but also the state of mind, general behavior and wellbeing.

General guidelines for trainers:

  • This workshop can be divided into 30-40 minute long sessions. Breaks are not included in the timeline; you can decide when to allocate them based on your context. Between sessions, you can add a short break or a quick energizer activity.
  • For group activities, divide participants into teams of 3-5 people. Please adapt times allocated to feedback and post-exercise discussions/debriefing based on the number of participants and size of groups. You can also encourage participants to assign various roles when working in groups. These roles can include Facilitator, Note-taker, Timekeeper, Presenter or Artist (if a visual presentation is required.)
  • For online workshops, we recommend sharing a timer on the screen during energizers and small group activities.
  • Whenever possible, adapt the workshop examples to the context of your audience.

Mode of delivery: online / in-person workshops

Workshop duration (without breaks): 2 hours and 40 minutes

Size of class: 6 to 24

Related workshops: This workshop can be followed by "How the Internet Works" and/or combined with "An Investigator’s Introduction to Risk Management".

Related Exposing the Invisible articles and guides:

Workshop activities and templates, to download:

Learning Activities

Opening (15 minutes)

Workshop Introduction

Read Watch Listen| 5 minutes


  • Grab attention by posing a question or commenting on a relevant topic, image, etc.

  • Introduce yourself and the goals of the workshop.

  • Optional: Introduce the source of the workshop material (Tactical Tech.)

  • Inform participants of the workshop agenda.

  • Suggest ground rules for the workshop: how you expect participants to act and react, respect each other, etc. Invite participants to comment on or add to the ground rules. Depending on the time you spend with the workshop participants, if you are running a longer training you could also consider working on a commonly agreed Code of Conduct or shared agreement (see some tips in the "Shared Agreements" section of Tactical Tech's Gender and Tech curriculum guide.

Participants' Introductions / Icebreaker

Produce | 10 minutes


  • Facilitate a round of introductions by asking participants to answer a couple of questions about themselves, their work, their workshop expectations, etc.

  • Alternatively, you can pick an icebreaker exercise that encourages participants to get creative by drawing answers or ideas on an online whiteboard or, if off-line, stand up and perform some tasks. Check the Icebreakers section in the ETI Facilitator's Manual for inspiration.

Risk Assessment (1 hour and 15 minutes)


Read Watch Listen | 5 minutes


Give a short opening presentation focusing on essential points:

  • The Safety First! mindset - One should consider safety and privacy before launching a project or starting an investigation/research, and as preventive and ongoing measure rather than as a solution to a security crisis.

  • The Do No Harm principle - Always plan your actions in a way that increases positive impact and reduces potential negative impact on the people you work with, on the issues you investigate and on yourself.

Functions, Contexts, Tools and Data

Produce | 15 minutes



[10 minutes] Ask participants to individually reflect on their own work, and to fill out a sheet that includes the following sections:

1. The actions you perform as part of your work. - To guide participants, you can share some examples verbally, such as: Online research (desk-top research) Offline research Communication: mail, phone, online, offline Storing information and data on devices Transferring information and data Remote collaboration Travel: locally and across borders * Interviewing with sources, dealing with vulnerable subjects, etc.

*2. Tools / Techniques / Devices you use to perform these actions (these can vary from online tools/services to actual devices used)

*3. Digital Safety measures and concerns while performing your tasks.

[5 minutes] Debriefing

  • Once the time is up, ask a few volunteers to share what they have written. You can ask for a volunteer with a different function or with the same function but a different context or call for someone with a specific function you'd like to highlight.

  • End the exercise by emphasizing these points:

    • Data we collect and want to safeguard might include the identities of others, for example people we interview, victims of abuse, whistleblowers, people working for a company that is being investigated, etc.

    • Therefore there is great responsibility and duty of care not only for ourselves but also for other people who become part of our daily work and who can be affected by our behavior.

Identifying physical and digital risks

Collaborate | 30 minutes


  • Breakout-rooms / spaces for group work online or offline
  • Shared files / digital whiteboard (if online) or sheets of paper and pens (if offline)


[25 minutes]

  • Divide participants into small groups of 3-5 members each. If online, create a digital break-out room for each group / if in person, allocate a separate table for each group.

  • Each group has to select one case from the previous exercise (function-context-tools-data) and work together for 15 minutes to identify the implied threats or risks in that case / scenario.

  • Ask groups to look for vulnerabilities related to research methods, devices, software, people, data storage, data transfer, etc.

  • They can list their findings on a shared file / whiteboard /sheet of paper (the more findings the better).

  • Encourage participants to try to identify physical and digital risks as well as how they are interconnected - they should not think of them in isolation.

  • Once the time is up, participants return to the main group / room.

  • A representative of each group then presents their team's case and the risks they have identified. Depending on the number of groups you can allocate 2-3 minutes / presentation.

[5 minutes] Debriefing

Wrap up the activity by addressing the following points:

  • Participants might only consider risks for themselves and less for their sources or other people they will collaborate with. Encourage them to consider all collaborators.

  • Participants might also fall into the trap of thinking separately about digital and physical risks. Signal that they are closely connected and that a digital threat might have physical effects and vice-versa.

  • Emphasize that risk assessment and safety awareness are never over because events are uncontrollable and people are unpredictable.

  • Risk is inherited: we are not alone in the investigative work but our risk is other people's risk and vice versa. This is the case regardless of whether we talk about colleagues, sources, investigated subjects, etc..

Risk Assessment Matrix

Read Watch Listen | 5 minutes


  • Make a short presentation explaining how to assess risks using the threat matrix.
  • You can give a simple example to demonstrate the matrix. For example:
Risk mitigation

Collaborate | 10 minutes


  • Breakout-rooms / spaces online or offline
  • Same shared files / digital whiteboard (if online) or sheets of paper (if offline) as used before


  • Ask participants to go back to their small groups, with the same configuration as before.

  • Based on the risks identified in the previous group activity, ask them to brainstorm on how to mitigate / reduce those risks.


  • Participants share some of the ways for risk mitigation that they came up with.

  • You can comment and add to their ideas.


Read Watch Listen| 10 minutes


  • Shared whiteboard offline or online (e.g. Miro or Mural)


  • Ask participants to think about the word 'security' or 'safety' and what it actually means to them. What do they need in order to feel secure or safe?

  • On a shared whiteboard, prepare three text boxes or columns (one for each question below) and ask participants to share their answers to one of the following questions:

    • What do you do every day to avoid danger and protect yourself, your property, your friends or family?

    • Remember an activity you carried out which was dangerous. What did you do in order to stay safe?

    • What resources or activities are important in helping you to feel secure or safe?


Comment on what was shared in the whiteboard by highlight the following points:

  • Holistic Security includes physical, psycho-social and digital security.
  • Safety is not only concerning the digital or the physical aspects but also our state of mind, principles and general behaviour as individual and in teams.
  • Security is personal and subjective, we define it for ourselves.
  • The well-being of others and of our own should be the fundamental reference for security.
  • We already have many existing tactics and considerable resilience in order to continue our work despite the challenges we face.


Digital Safety (60 minutes)

A Well-known Stranger

Collaborate | 10 minutes


  • Breakout-rooms / spaces for group work online or offline
  • Shared files / digital whiteboard (if online) or sheets of paper and pens (if offline)


  • Use a hypothetical scenario and tell participants:

    • "An unattended mobile phone was found. It is unlocked. What can you find out about the owner of the mobile phone?"
  • Divide the participants into smaller groups of 3-5 members each.

  • The task of each group is to brainstorm and make the longest list of information that we can find out about this person through their device. Ask them to also consider how we can find that information, from what device actions and sources.


  • Ask one or two groups to present their list of information and possible sources.

  • If needed, add more to their lists, for instance:

    • the owner's appearance through personal photos,
    • what they do for a living through work photos or work email account,
    • what their preferences are through online profiles, search history,
    • future plans through search history,
    • their recent monetary transactions through documents or emails on the device,
    • medical status through documents and emails on the device,
    • their whereabouts through location history,
    • details about possible relationship(s) with through email or messaging history and contacts.
    • ...
Criteria for Choosing Tools and Methods

Read Watch Listen| 5 minutes


Prepare and give a brief presentation including:

  • Explain that Digital Safety tools help protect:

    • Devices and Data
    • Communications
    • Network Connections
    • Online Accounts
  • Outline and explain these seven principles that Tactical Tech uses to assess and recommend a tool:

    1. Open source
    2. Trusted and audited
    3. Mature and stable with an active user-based community and responsive developer community
    4. User-friendly
    5. Multi-language with localisation support
    6. Multi-platform (Mac, Windows, Linux, Android)
    7. Has available public documentation


Task: Criteria for Choosing Tools and Methods

Investigate | 30 minutes


  • Breakout-rooms, spaces for group or individual work online or offline
  • Shared or individual files / digital whiteboard (if online) or sheets of paper and pens (if offline)


  • Divide participants in smaller groups of 2-3 members or even individually.

  • If online, separate them in online break out rooms or allow independent individual research time.

  • Ask participants to take 20 minutes to analyse a tool of their choice (it can be a communication app, cloud service, etc.) based on the aforementioned 7 principles and to decide whether it fits their needs or it causes them safety and privacy concerns.

  • Once the time is up, participants return to the main room / online plenary space.

  • A representative of each group shares the team's findings. If research was done individually, ask two or three participants to present findings.


Read Watch Listen | 5 minutes


  • Briefly present some of the tools that the participants can use which provide a relative degree of security along with some pros and cons.

  • Emphasize that there are trade-offs and compromises when considering a tool's functions, usability (user friendliness) and security.

  • Safety concerns can be clustered into the following categories:

    • Data and devices
    • Sharing, sending data
    • Online safety in: Accounts / Browsers / Virtual Private Networks (VPNs) / Communication


Security Trade-offs

Discuss | 10 minutes


Facilitate a discussion with the group, while emphasizing and leading them to address the following key points, which can be listed on slides or a whiteboard:

  • There needs to be flexibility and good judgment when selecting what tools and methods to use in order to stay safe and secure.

  • The most secure tool won't always be accessible to all the people involved in a project or communication.

  • You can ask this question to participants:

    • "When did you have to use a less secure tool to get the work done?"
  • Note that there needs to be a trade-off between:

    • security (keeps your data, sources, yourself secure)
    • functionality (it does the job you want it to do) and
    • usability (user friendliness, everyone in the group can operate it)
  • Remember that safety is not just tools. Some things to keep in mind when thinking about safety are:

    • what you choose to share,
    • how you communicate,
    • what you click (phishing attacks),
    • which services you choose,
    • who you choose to share with.
  • Your practices can cause more risks than the tools you use.

  • Some practices to help keep your credentials and data safe:

    • use long passphrases,
    • use two factor authentication,
    • safeguard passwords using password managers,
    • ensure having recovery tools set up where possible, like adding a recovery email,
    • backup data,
    • encrypt data,
    • end-to-end encryption helps guarantee that the service provider cannot access your content,
    • be aware of who has access to your data,
    • assess the tools you use.

Closure (10 minutes)

Wrap-up activity: Takeaway Poster

Produce | 5 minutes


  • Shared drawing pad / slide / whiteboard (online)
  • Whiteboard / flip-chart paper, post-its, markers (offline)


  • Ask participants to create a takeaway poster by sharing their answers to the following question in the shared whiteboard / drawing board:

    • "What are your main takeaways from today's workshop?"
  • Give them a few minutes to write and/or draw their thoughts and read the thoughts of others.


  • Highlight some of the points on the board.

Read Watch Listen| 5 minutes

Tools/Materials: No materials needed.


  • Wrap up the workshop and sum up its contents.

  • Run a quick review of the session. Each participants would say:

    • one thing they found very good about the session and
    • one thing they would improve for the next time
  • You can encourage participants to ask questions or give some final tips.

  • Share contact information if relevant and any follow-up details.

Further Resources

Contact Us

Please reach out to us at Exposing the Invisible if you:

  • have any questions about this workshop plan and facilitation guidelines,

  • use this workshop plan and want to share feedback and suggestions that can help to improve them,

  • adapt the workshop plan to a specific context and want to share the results with us,

  • want to suggest new activities, tips or examples that can be added to this workshop,

  • want to share your expertise and collaborate with us on developing and testing new workshops.

Contact: (GPG Key / fingerprint: BD30 C622 D030 FCF1 38EC C26D DD04 627E 1411 0C02).

Credits and Licensing

CC BY-SA 4.0

This content is produced by Tactical Tech's Exposing the Invisible project, and licensed under a Creative Commons Attribution-ShareAlike 4.0 International license

  • Workshop authors: A. Hayder, Wael Eskandar

  • Instructional design: A. Hayder

  • Editorial and content: Christy Lange, Laura Ranca, Wael Eskandar

  • Graphic design: Yiorgos Bagakis

  • Website development: Laurent Dellere, Saqib Sohail

  • Project coordination and supervision: Christy Lange, Laura Ranca, Lieke Ploeger, Marek Tuszynski, Safa Ghnaim, Wael Eskandar

This resource has been developed as part of the Collaborative and Investigative Journalism Initiative (CIJI) co-funded by the European Commission under the Pilot Project: "Supporting investigative journalism and media freedom in the EU" (DG CONNECT).

This text reflects the author’s view and the Commission is not responsible for any use that may be made of the information it contains.

More about this topic