WhatsApp Image 2025-12-10 at 13.18.41

Supporting Safer Digital Participation at DataFest Africa 2025: Our Clinic and Masterclass in Action

by AdvocacyAdvocacyDigital SecurityDigital SecurityProjects/Our Work Section

In October 2025, our team had the honor of participating in DataFest Africa 2025, organised by Pollicy, one of the continent’s leading convenings on data, technology, and innovation. As part of this vibrant gathering of technologists, researchers, civil society actors, policymakers, and creatives, we hosted a Digital Security Clinic, offering on-site support, guidance, and practical tools to participants navigating today’s fast-evolving digital landscape.

Why the Clinic Mattered

As digital spaces continue to expand across Africa, so do the risks that come with them including data misuse, online harassment, cyberstalking, image-based abuse, misinformation, account takeovers, and digital surveillance. For many activists, journalists, developers, and young innovators attending DataFest, these threats are not abstract; they are lived realities that affect their work, mental well-being, and personal safety.

Our clinic was designed as a safe, confidential, and responsive support space where participants could:

  • Seek one-on-one guidance on digital security and privacy
  • Report or discuss technology-facilitated gender-based violence
  • Get support on securing devices, accounts, and data
  • Receive mental health referrals and psychosocial first support after online abuse
  • Learn practical safety strategies for their work and activism

What We Offered on the Ground

Throughout the festival, our team provided:

  • Personalized digital risk assessments
  • Guidance on strong passwords, two-factor authentication, and safe browsing
  • Support on responding to online harassment, doxxing, and impersonation
  • Advice on safe content creation and data protection
  • Offered updated and genuine software like antivirus, MS Office, MS Word
  • Referral to trusted psychosocial and legal response partners where needed

Participants included women in tech, youth innovators, journalists, human rights defenders, researchers, and community organizers, many of whom were encountering structured digital safety support for the first time.

Key Reflections from the Clinic

Several key themes emerged from our engagement:

  • Online harm is deeply connected to offline safety, livelihoods, and mental health.
  • Many participants had experienced harassment, impersonation, or extortion but had never received professional support.
  • There is a strong demand for localized, continuous digital safety clinics, not just one-off trainings.
  • Women and young people remain disproportionately impacted by online violence and data misuse.

Building Resilient Digital Communities

Our presence at DataFest Africa 2025 reaffirmed the urgent need to move beyond awareness-raising alone. Safety must be practical, accessible, survivor-centered, and embedded into innovation spaces. Digital rights, data protection, and online wellbeing are not optional add-ons; they are essential foundations for meaningful participation in the digital economy.

By hosting this clinic, we demonstrated that large tech and data convenings can and should integrate real-time protection and support mechanisms alongside conversations on innovation, AI, governance, and development.

Masterclass: Shaping Youth Futures Through Digital Ownership

In addition to the digital safety clinic, we hosted a featured masterclass titled “Shaping Youth Futures Through Digital Ownership” at the National ICT Innovation Hub, Nakawa. The session brought together young people, innovators, and ecosystem actors to explore how digital ownership can unlock opportunity, protection, and economic independence for African youth. Participants engaged deeply with what digital ownership truly means in today’s platform-dominated economy, emphasizing the importance of owning data, digital skills, content, and platforms as a foundation for sustainable digital participation.

The masterclass examined how young people can transition from being passive digital consumers to empowered digital creators and owners, while critically reflecting on the risks of digital exploitation, platform dependence, and unsafe monetization. It further highlighted the role of policy, infrastructure, and community networks in protecting young digital entrepreneurs. The session was co-led by Noelyn Nassuuna, Raymond Amumpaire, and Owilla Abiro Mercy, who collectively challenged participants to think beyond access toward control, agency, safety, and sustainability in the digital economy.

Looking Ahead

Following DataFest Africa 2025, we are strengthening our:

  • Mobile digital safety clinics
  • Survivor-centered referral pathways
  • Youth and women-focused digital resilience programming
  • Partnerships with tech platforms, mental health professionals, and legal responders

We remain committed to ensuring that no one has to choose between visibility and safety, innovation and wellbeing, or participation and protection in digital spaces.

WhatsApp Image 2025-11-26 at 11.36.49

LEDTAF POLICY: STRENGTHENING LAND & ENVIRONMENTAL GOVERNANCE IN UGANDA:

by LEDs ProtectionProjects/Our Work Section

COMMUNITY-INFORMED PRIORITIES FOR THE NATIONAL LAND POLICY REVIEW (2025)

Executive Summary Uganda is undertaking a critical review of its 2013 National Land Policy (NLP), offering a rare opportunity to address deep-seated governance failures in land and environmental management. While the policy framework on paper is sound, its implementation remains weak, uneven, and exclusionary. Communities, especially those in ecologically sensitive or resource-rich areas, continue to experience illegal evictions, land grabbing, environmental degradation, and systemic exclusion from decision-making processes.

To inform this review, the Land and Environmental Defenders Taskforce (LEDTAF) conducted a nationwide consultation combining survey data and focus group discussions. The study captured perspectives from 68 respondents across multiple regions, with a particular focus on areas affected by infrastructure expansion, extractive projects, and forest encroachment. The results present issues of selective law enforcement, politically motivated land allocations, and increasing threats faced by land and environmental defenders, among others.

A key finding was the disconnect between Uganda’s legal frameworks and the lived realities of communities. Respondents reported weak institutional coordination, corruption in land administration, and a consistent failure to engage grassroots actors in policy implementation. Environment and land defenders face harassment, intimidation, and lack any meaningful protection under current law, with little consideration for women and youth, whose voices are often silenced by patriarchal and political barriers.

Nonetheless, communities are not passive victims. They have developed powerful, locally grounded solutions from using indigenous conservation methods and traditional dispute resolution systems to adopting digital tools for reporting violations. These community-led innovations offer practical entry points for policy reform that is both just and enforceable.

This brief translates these insights into ten targeted recommendations with concrete implementation plans. It is intended for lawmakers, policy institutions, and local government actors involved in the ongoing NLP review. Implementing these reforms will help align the national land policy with community priorities, improve institutional accountability, and create an enabling environment for inclusive, transparent, and sustainable land governance.

Download Policy Brief
Download Policy Paper

The Cyber Risk Traffic Light Game for CSOs

Introduction to the Cyber Risk Traffic Light Game: Digital Defense Freeze

by Civic SpaceDigital SecurityDigital SecurityProjects/Our Work SectionUncategorized

Welcome to Digital Defense Freeze, an interactive Cyber Risk Traffic Light Game designed to sharpen rapid decision-making, strengthen teamwork, and build practical threat-analysis skills for CSOs, journalists, activists, and human rights defenders

In today’s rapidly evolving digital landscape, every online action carries some level of risk. This game helps participants practice identifying threats, debating complex scenarios, and choosing the safest path forward using the familiar Green, Amber, and Red traffic-light system.

Through realistic, high-pressure situations drawn from our civic space in Uganda, teams will think critically, argue their positions, and learn how to move from guesswork to informed security judgments.

Get ready to assess, debate, decide, and freeze when the risks spike!

Download Game to Play

WhatsApp Image 2025-10-06 at 13.04.11

From Uncertainty to Resilience: DPI at the Digital Immersion at FIFAfrica25

by Digital SecurityDigital Security

This September, Defenders Protection Initiative (DPI) proudly joined digital rights defenders, technologists, and changemakers from across Africa and beyond at #FIFAfrica25 in Windhoek, Namibia. But this wasn’t your typical conference, it was an immersive journey through the digital challenges facing human rights defenders today.

CIPESA’s Internet Freedom Maze turned abstract cybersecurity concepts into visceral, first-hand experiences. DPI was honored to take part in two critical spaces within this experience:

  • Zone 1 – The Trap of Uncertainty, and
  • The Digital Security Citadel, a live, hands-on tech corner of the exhibition.

Zone 1: Phishing, Power, and Practicality

At the heart of the maze stood Zone 1: The Trap of Uncertainty where participants were confronted with a question we all should ask more often:
“Am I truly safe online?”

DPI’s Communications Executive, Noelyn Nassuna, alongside Ogira Charles Donaldson, a member of the Digital Security Alliance hosted by DPI, led this space with thought-provoking simulations and real-time awareness-building. They guided participants through phishing simulations where QR codes led to realistic scam scenarios. It was a mirror into our digital behaviors forcing participants to pause, reflect, and often, realize they weren’t as secure as they thought.

To support learning beyond the simulation, DPI distributed custom-designed IEC materials, including ring cards with easy-to-understand security tips, tool recommendations, and practical digital hygiene reminders. These materials proved to be not just souvenirs but starter kits for better online habits.

At the Citadel: DPI’s Digital Doctors in Action

While Zone 1 tested instincts, the Digital Security Citadel gave participants tools and knowledge to strengthen those instincts.

Here, DPI’s Fred Drapari (ICT Executive) joined a team of digital security “doctors” including:

  • Gole Andrew, who impressively rode a motorcycle all the way from Uganda to Namibia in the name of digital resilience,
  • Hapee De Groot, a long-time digital security ally whose practical support and insight added great value,
  • Brian Byaruhanga from CIPESA, and
  • Several other seasoned practitioners from the Digital Security Alliance.

The Citadel offered:

  • Hands-on demos of Microsoft Office security settings
  • Guided installs and education around tools like Kaspersky antivirus, Bitdefender Security among others
  • Walkthroughs of encrypted messaging, password management, and 2FA
  • A rerun of the phishing simulation for those who missed Zone 1 or wanted to try again

It wasn’t just a tech station, it was a real-time consultation corner where participants could ask, test, fail, learn, and try again.

Building Connections Beyond the Booth

FIFAfrica25 wasn’t only about simulation and tech it was about connection and collaboration.

At both the Maze and the Citadel, DPI engaged with:

  • Funders and donor agencies interested in expanding the reach of digital protection work
  • Civic actors and journalists facing similar threats across the continent
  • Techies and tool builders contributing to the ecosystem of safe digital activism

From spontaneous hallway conversations to deeply technical Citadel demos, every interaction reinforced a shared vision: digital resilience is no longer optional – it’s essential.

What We’re Taking Home

As DPI returns home from Windhoek, we do so with renewed clarity and purpose. We plan to:

  • Expand the phishing simulation quiz into a broader campaign across civil society and media spaces
  • Print more of our IEC ring cards for wider distribution
  • Integrate new toolkits and tactics into our ongoing Digital Security Clinics and Bootcamps
  • Strengthen our collaborations with fellow Digital Security Alliance members and regional partners

FIFAfrica25 reminded us that defending the defenders is not just a slogan: it’s a strategy that requires tools, creativity, and deep community.

Want to Connect?

📸 Check out snapshots from our booth, materials, and the simulation challenge on our page:
https://twitter.com/defprotection

Let’s keep the digital resistance alive – one safe click at a time.

#FIFAfrica25 #DigitalResilience #InternetFreedom #PhishingAwareness #Zone1 #DigitalSecurityCitadel #DigitalImmersion

 

U.S. Ruling on NSO Sends Warning as Pegasus Targets Ugandan Journalists

by AdvocacyDigital SecurityDigital SecurityResearch

By Noelyn Nassuuna | 8 May 2025

In a historic decision on May 6, 2025, a U.S. jury in California ordered NSO Group to pay $168 million in damages for deploying its Pegasus spyware to hack WhatsApp’s infrastructure. This unprecedented verdict—$447,719 in compensatory damages and over $167 million in punitive damages—marks the first time the notorious Israeli spyware company is held financially accountable in court for its hacking operations.

This ruling is a major victory for global digital rights defenders and a critical warning to companies enabling unlawful surveillance. For years, NSO Group’s Pegasus spyware has been linked to grave human rights violations, including the targeting of journalists, activists, and dissidents worldwide. Meta, the parent company of WhatsApp, pursued a six-year legal battle to expose these abuses and protect its users. The judgment follows a landmark January 2025 summary ruling that found NSO guilty of violating U.S. and California hacking laws and breaching WhatsApp’s Terms of Service.

“This verdict sends a clear message to spyware companies that targeting people through U.S.-based platforms will come with a high price,” said Michael De Dora, U.S. Policy and Advocacy Manager at Access Now.

But while the courtroom victory occurred in the United States, its impact reverberates far beyond. Just days before the judgment, Ugandan investigative journalist Canary Mugume took to X (formerly Twitter) to reveal that Pegasus spyware had attempted to infiltrate his device. His post sent shockwaves through Uganda’s media and civil society sectors, especially as the nation edges closer to its 2026 general elections.

This is not the first time Pegasus has been used to target journalists globally. In Uganda, such incidents signal a chilling escalation in the digital threats facing the press. The implications are grave: surveillance software like Pegasus doesn’t just spy on individuals—it compromises entire newsrooms, sources, and the right to information.

“Apple sent this notification to me indicating that I am being targeted by a mercenary spyware. Most of these are used by Governments to hack into phones of journalists, high-profile figures and activists. They last sent this in 2021, there’s a pattern – electoral season.”

In past years, several journalists and human rights defenders in Uganda have reported suspicious digital intrusions, but rarely with hard evidence pointing to a tool as sophisticated and invasive as Pegasus. The spyware is known for its ability to silently infiltrate phones, access messages, camera, microphone, and more—all without the user’s knowledge.

At Defenders Protection Initiative (DPI), we continue to raise alarm and awareness over the growing use of surveillance technologies to intimidate, silence, or endanger the work of journalists, activists, and civil society organizations. The risks are particularly heightened during politically sensitive periods such as elections, where access to reliable information and protection of press freedom are critical for democratic integrity.

The recent U.S. court ruling is a reminder: accountability is possible. It is also a call to action for governments, tech companies, and civil society in Uganda and across Africa to:

  • Strengthen digital security protocols for journalists and human rights defenders
  • Demand transparency and oversight over surveillance technologies
  • Challenge spyware vendors through legal, policy, and public channels

We stand in solidarity with journalists like Canary Mugume and urge all media professionals to report digital threats and seek expert support. DPI remains committed to supporting journalists and human rights defenders through digital security trainings, emergency response, and legal support.

As elections approach, the protection of digital rights is not just a tech issue—it is a human rights imperative.

card with security tips holder WEB (3).pdf

Introduction to Our Digital Security Tips Ring Cards

by Digital SecurityDigital SecurityProjects/Our Work SectionResearchRisk AssessmentSecurity

Staying safe online shouldn’t be complicated. That’s why we created the Digital Security Ring Cards, a compact, easy-to-use tool designed to help individuals and teams quickly access essential digital safety tips anytime, anywhere.

These ring cards simplify critical digital security practices into short, practical reminders you can flip through on the go. Whether you’re a human rights defender, journalist, student, activist, or part of a CSO, the ring cards offer daily guidance to help you protect your devices, accounts, data, and online presence.

Each card is intentionally crafted with clear language, actionable steps, and real-world relevance, making digital security approachable for beginners and useful even for experienced users. Perfect for trainings, workshops, office desks, fieldwork kits, and personal use, the ring cards act as your pocket-sized security companion.

Empower yourself with knowledge.
Carry digital safety with you, one card at a time.

Download Ring Card

WhatsApp Image 2025-11-20 at 13.13.36

A Mini Digital Security Handbook for CSOs

by Digital SecurityDigital SecurityProjects/Our Work SectionResearchRisk AssessmentSecurity

In today’s rapidly evolving digital landscape, Civil Society Organizations (CSOs) face increasing risks that threaten their work, safety, and credibility. From data breaches and online harassment to targeted cyber-attacks on human rights defenders, the need for practical, accessible, and context-relevant digital protection has never been greater.

To support CSOs in strengthening their resilience, Defenders Protection Initiative (DPI) has developed the Mini Digital Security Handbook for CSOs, a simplified, action-oriented guide designed to equip teams with essential knowledge and tools for safer digital engagement. Whether you are an advocacy group, community-based organization, media house, or grassroots movement, this handbook provides clear steps you can take today to safeguard your communications, devices, data, and online presence.

This resource breaks down complex digital security concepts into easy-to-understand practices tailored to the realities of organizations working in sensitive environments. It is perfect for beginners, trainers, and teams seeking a quick but reliable reference for digital safety.

Strengthen your organization’s digital resilience.
Start your journey with the Mini Digital Security Handbook today.

Download Handbook

The Guardians of Peace: The Crucial Role of Human Rights Defenders in Building a Peaceful World

by AdvocacyCivic SpaceProjects/Our Work SectionResearchSecurity

By Noelyn Tracy Nassuuna

International Peace Day has come and gone, but the mission of building and sustaining peace continues every single day, especially for human rights defenders (HRDs) around the world. These courageous individuals are often on the front lines, advocating for justice, equality, and human dignity in the face of adversity. Their work is crucial in addressing the root causes of conflict and promoting long-lasting peace.

Download Article

Holding Regulators Accountable for Data Privacy and Protection in Uganda’s NGO Sector -DPI

by AdvocacyAdvocacyCivic SpaceProjects/Our Work SectionResearchRisk AssessmentSecurity

By Helen Namyalo Kimbugwe and Noelyn Tracy Nassuuna

As Uganda heads toward a pivotal election season, the release of sensitive financial statements for Non-Governmental Organizations (NGOs) like Chapter Four Uganda has sparked intense debate. These disclosures carry significant implications for donors, NGOs, and the public, shaping trust, transparency, and operational stability.

What does this mean for NGOs operating in Uganda, their donors, and the communities they serve? How can transparency be balanced with protection in such politically charged times?

To delve deeper into these issues, download the full article now and stay informed about the future of civil society in Uganda.

Holding Regulators Accountable for Data Privacy and Protection in Uganda’s NGO Sector -by DPIDownload