{"id":7236,"date":"2025-09-27T05:04:34","date_gmt":"2025-09-27T05:04:34","guid":{"rendered":"https:\/\/serisec.com\/index.php\/2025\/09\/27\/digital-threat-modeling-under-authoritarianism-html\/"},"modified":"2025-09-27T05:04:34","modified_gmt":"2025-09-27T05:04:34","slug":"digital-threat-modeling-under-authoritarianism-html","status":"publish","type":"post","link":"https:\/\/serisec.com\/index.php\/2025\/09\/27\/digital-threat-modeling-under-authoritarianism-html\/","title":{"rendered":"Digital Threat Modeling Under Authoritarianism"},"content":{"rendered":"\n
Digital Threat Modeling Under Authoritarianism<\/div>\n

\t

\n
<\/BR>
\n
\n \t

\n
<\/BR><\/p>\n

\n

Today\u2019s world requires us to make complex and nuanced decisions about our digital security. Evaluating when to use a secure messaging app like Signal or WhatsApp, which passwords to store on your smartphone, or what to share on social media requires us to assess risks and make judgments accordingly. Arriving at any conclusion is an exercise in threat modeling.<\/p>\n

In security, threat modeling<\/a> is the process of determining what security measures make sense in your particular situation. It\u2019s a way to think about potential risks, possible defenses, and the costs of both. It\u2019s how experts avoid being distracted by irrelevant risks or overburdened by undue costs.<\/p>\n

We threat model all the time. We might decide to walk down one street instead of another, or use an internet VPN when browsing dubious sites. Perhaps we understand the risks in detail, but more likely we are relying on intuition<\/a> or some trusted authority. But in the U.S. and elsewhere, the average person\u2019s threat model is changing\u2014specifically involving how we protect our personal information. Previously, most concern centered on corporate surveillance; companies like Google and Facebook engaging in digital surveillance to maximize their profit. Increasingly, however, many people are worried about government surveillance and how the government could weaponize personal data<\/a>.<\/p>\n

Since the beginning of this year, the Trump administration\u2019s actions in this area have raised alarm bells<\/a>: The Department of Government Efficiency (DOGE) took<\/a> data<\/a> from federal agencies, Palantir combined disparate streams of government data into a single system<\/a>, and Immigration and Customs Enforcement (ICE) used social media posts<\/a> as a reason to deny someone entry into the U.S.<\/p>\n

These threats, and others posed by a techno-authoritarian regime, are vastly different from those presented by a corporate monopolistic regime\u2014and different yet again in a society where both are working together. Contending with these new threats requires a different approach to personal digital devices, cloud services, social media, and data in general.<\/p>\n

What Data Does the Government Already Have?<\/h3>\n

For years, most public attention has centered on the risks of tech companies gathering behavioral data. This is an enormous amount of data, generally used to predict<\/a> and influence consumers\u2019 future behavior\u2014rather than as a means of uncovering our past. Although commercial data is highly intimate\u2014such as knowledge of your precise location over the course of a year, or the contents of every Facebook post you have ever created\u2014it\u2019s not the same thing as tax returns, police records, unemployment insurance applications, or medical history.<\/p>\n

The U.S. government holds extensive data about everyone living inside its borders, some of it very sensitive\u2014and there\u2019s not much that can be done about it. This information consists largely of facts that people are legally obligated to tell the government. The IRS has a lot of very sensitive data about personal finances. The Treasury Department has data about any money received from the government. The Office of Personnel Management has an enormous amount of detailed information about government employees\u2014including the very personal form required to get a security clearance. The Census Bureau possesses vast data about everyone living in the U.S., including, for example, a database of real estate ownership in the country. The Department of Defense and the Bureau of Veterans Affairs have data about present and former members of the military, the Department of Homeland Security has travel information, and various agencies possess health records. And so on.<\/p>\n

It is safe to assume that the government has\u2014or will soon have\u2014access to all of this government data. This sounds like a tautology, but in the past, the U.S. government largely followed the many laws limiting<\/a> how those databases were used, especially regarding how they were shared, combined, and correlated. Under the second Trump administration, this no longer seems to be the case.<\/p>\n

Augmenting Government Data with Corporate Data<\/h3>\n

The mechanisms of corporate surveillance haven\u2019t gone away. Compute technology is constantly spying on its users\u2014and that data is being used to influence us. Companies like Google and Meta are vast surveillance machines, and they use that data to fuel advertising. A smartphone is a portable surveillance device, constantly recording things like location and communication. Cars, and many other Internet of Things devices, do the same. Credit card companies, health insurers, internet retailers, and social media sites all have detailed data about you\u2014and there is a vast industry that buys and sells this intimate data.<\/p>\n

This isn\u2019t news. What\u2019s different in a techno-authoritarian regime is that this data is also shared with the government, either as a paid service or as demanded by local law. Amazon shares Ring doorbell data<\/a> with the police. Flock, a company<\/a> that collects license plate data from cars around the country, shares data with the police as well. And just as Chinese corporations share<\/a> user data with the government and companies like Verizon shared<\/a> calling records with the National Security Agency (NSA) after the Sept. 11 terrorist attacks, an authoritarian government will use this data as well.<\/p>\n

Personal Targeting Using Data<\/h3>\n

The government has vast capabilities for targeted surveillance, both technically and legally. If a high-level figure is targeted by name, it is almost certain that the government can access their data. The government will use its investigatory powers to the fullest: It will go through government data, remotely hack<\/a> phones and computers, spy on communications, and raid a home<\/a>. It will compel third parties, like banks, cell providers, email providers, cloud storage services, and social media companies, to turn over data. To the extent those companies keep backups, the government will even be able to obtain deleted data.<\/p>\n

This data can be used for prosecution\u2014possibly selectively. This has been made evident in recent weeks, as the Trump administration personally targeted<\/a> perceived enemies for \u201cmortgage fraud.\u201d This was a clear example of weaponization of data. Given all the data the government requires people to divulge, there will be something there to prosecute<\/a>.<\/p>\n

Although alarming, this sort of targeted attack doesn\u2019t scale. As vast as the government\u2019s information is and as powerful as its capabilities are, they are not infinite. They can be deployed against only a limited number of people. And most people will never be that high on the priorities list.<\/p>\n

The Risks of Mass Surveillance<\/h3>\n

Mass surveillance is surveillance without specific targets. For most people, this is where the primary risks lie. Even if we\u2019re not targeted by name, personal data could raise red flags, drawing unwanted scrutiny.<\/p>\n

The risks here are twofold. First, mass surveillance could be used to single<\/a> out people to harass<\/a> or arrest: when they cross the border, show up at immigration hearings, attend a protest, are stopped by the police for speeding, or just as they\u2019re living their normal lives. Second, mass surveillance could be used to threaten or blackmail. In the first case, the government is using that database to find a plausible excuse for its actions. In the second, it is looking for an actual infraction that it could selectively prosecute\u2014or not.<\/p>\n

Mitigating these risks is difficult, because it would require not interacting with either the government or corporations in everyday life\u2014and living in the woods without any electronics isn\u2019t realistic for most of us. Additionally, this strategy protects only future information; it does nothing to protect the information generated in the past. That said, going back and scrubbing social media accounts and cloud storage does have some value. Whether it\u2019s right for you depends on your personal situation.<\/p>\n

Opportunistic Use of Data<\/h3>\n

Beyond data given to third parties\u2014either corporations or the government\u2014there is also data users keep in their possession.This data may be stored on personal devices such as computers and phones or, more likely today, in some cloud service and accessible from those devices. Here, the risks are different: Some authority could confiscate your device and look through it.<\/p>\n

This is not just speculative. There are many stories<\/a> of ICE agents examining people\u2019s phones and computers<\/a> when they attempt to enter the U.S.: their emails, contact lists, documents, photos, browser history, and social media posts.<\/p>\n

There are several different defenses you can deploy, presented from least to most extreme. First, you can scrub devices of potentially incriminating information, either as a matter of course or before entering a higher-risk situation. Second, you could consider deleting\u2014even temporarily\u2014social media and other apps so that someone with access to a device doesn\u2019t get access to those accounts\u2014this includes your contacts list. If a phone is swept up in a government raid, your contacts become their next targets.<\/p>\n

Third, you could choose not to carry your device with you at all, opting instead for a burner phone without contacts, email access, and accounts, or go electronics-free entirely. This may sound extreme\u2014and getting it right is hard<\/a>\u2014but I know many people today who have stripped-down computers and sanitized phones for international travel. At the same time, there are also stories of people being denied entry<\/a> to the U.S. because they are carrying what is obviously a burner phone\u2014or no phone at all.<\/p>\n

Encryption Isn\u2019t a Magic Bullet\u2014But Use It Anyway<\/h3>\n

Encryption protects your data while it\u2019s not being used, and your devices when they\u2019re turned off. This doesn\u2019t help if a border agent forces you to turn on your phone and computer. And it doesn\u2019t protect metadata, which needs to be unencrypted for the system to function. This metadata can be extremely valuable. For example, Signal, WhatsApp, and iMessage all encrypt the contents of your text messages\u2014the data\u2014but information about who you are texting and when must remain unencrypted.<\/p>\n

Also, if the NSA wants access to someone\u2019s phone, it can get it. Encryption is no help against that sort of sophisticated targeted attack. But, again, most of us aren\u2019t that important and even the NSA can target only so many people. What encryption safeguards against is mass surveillance.<\/p>\n

I recommend Signal for text messages above all other apps. But if you are in a country where having Signal on a device is in itself incriminating, then use WhatsApp. Signal is better, but everyone has WhatsApp installed on their phones, so it doesn\u2019t raise the same suspicion. Also, it\u2019s a no-brainer to turn on your computer\u2019s built-in encryption: BitLocker for Windows and FileVault for Macs.<\/p>\n

On the subject of data and metadata, it\u2019s worth noting that data poisoning doesn\u2019t help nearly as much as you might think. That is, it doesn\u2019t do much good to add hundreds of random strangers to an address book or bogus internet searches to a browser history to hide the real ones. Modern analysis tools can see through all of that.<\/p>\n

Shifting Risks of Decentralization<\/h3>\n

This notion of individual targeting, and the inability of the government to do that at scale, starts to fail as the authoritarian system becomes more decentralized. After all, if repression comes from the top, it affects only senior government officials and people who people in power personally dislike. If it comes from the bottom, it affects everybody. But decentralization looks much like the events playing out with ICE harassing, detaining, and disappearing people\u2014everyone has to fear it.<\/p>\n

This can go much further. Imagine there is a government official assigned to your neighborhood, or your block, or your apartment building. It\u2019s worth that person\u2019s time to scrutinize everybody\u2019s social media posts, email, and chat logs. For anyone in that situation, limiting what you do online is the only defense.<\/p>\n

Being Innocent Won\u2019t Protect You<\/h3>\n

This is vital to understand. Surveillance systems and sorting algorithms make mistakes. This is apparent in the fact that we are routinely served advertisements for products that don\u2019t interest us at all. Those mistakes are relatively harmless\u2014who cares about a poorly targeted ad?\u2014but a similar mistake at an immigration hearing can get someone deported.<\/p>\n

An authoritarian government doesn\u2019t care. Mistakes are a feature and not a bug of authoritarian surveillance. If ICE targets only people it can go after legally, then everyone knows whether or not they need to fear ICE. If ICE occasionally makes mistakes by arresting Americans<\/a> and deporting innocents, then everyone has to fear it. This is by design.<\/p>\n

Effective Opposition Requires Being Online<\/h3>\n

For most people, phones are an essential part of daily life. If you leave yours at home when you attend a protest, you won\u2019t be able to film police violence. Or coordinate with your friends and figure out where to meet. Or use a navigation app to get to the protest in the first place.<\/p>\n

Threat modeling is all about trade-offs. Understanding yours depends not only on the technology and its capabilities but also on your personal goals. Are you trying to keep your head down and survive\u2014or get out? Are you wanting to protest legally? Are you doing more, maybe throwing sand into the gears of an authoritarian government, or even engaging in active resistance? The more you are doing, the more technology you need\u2014and the more technology will be used against you. There are no simple answers, only choices.<\/p>\n<\/div>\n

\t

\n
<\/BR>
\n Bruce Schneier
\n \t

\n
<\/BR>
\nGo to bruce schneier<\/a>
\n \t

\n
<\/BR><\/p>\n","protected":false},"excerpt":{"rendered":"

Digital Threat Modeling Under Authoritarianism Today\u2019s world requires us to make complex and nuanced decisions about our digital security. Evaluating when to use a secure messaging app like Signal or WhatsApp, which passwords to store on your smartphone, or what to share on social media requires us to assess risks and make judgments accordingly. Arriving […]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[57,600,412,83,1183,1],"tags":[87],"class_list":["post-7236","post","type-post","status-publish","format-standard","hentry","category-bruce-schneier","category-computer-security","category-encryption","category-privacy","category-threat-models","category-uncategorized","tag-bruce-schneier"],"_links":{"self":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/7236"}],"collection":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/comments?post=7236"}],"version-history":[{"count":0,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/7236\/revisions"}],"wp:attachment":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/media?parent=7236"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/categories?post=7236"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/tags?post=7236"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}