ANDY GREENBERG LILY HAY NEWMAN SECURITY FEB 19, 2026 5:00 AM How to Organize Safely in the Age of Surveillance From threat modeling to encrypted collaboration apps, we’ve collected experts’ tips and tools for safely and effectively building a group—even while being targeted and tracked by the powerful. PHOTOGRAPH: JANIE OSBORNE/GETTY IMAGES Get our Tracker: ICE newsletter to see what’s happening with immigration enforcement and what’s coming next SIGN UP By signing up, you agree to our user agreement (including class action waiver and arbitration provisions), and acknowledge our privacy policy. RARELY IN MODERN US history have so many Americans opposed the actions of the federal government with so little hope for a top-down political solution. That’s left millions of people seeking a bottom-up approach to resistance: grassroots organizing. WIRED has made this article free for all to read. Please consider subscribing to support our journalism. Yet as Americans assemble their own movements to protect and support immigrants, push back against the Department of Homeland Security’s dangerous incursions into cities, and protest for civil rights and policy changes, they face a federal government that possesses vast surveillance powers and sweeping cooperation from the Silicon Valley companies that hold Americans’ data. That means political, social, and economic organizing presents a risky dilemma. How do you bring people of all ages, backgrounds, and technical abilities into a mass movement without exposing them to monitoring and targeting by a government—and in particular Immigration and Customs Enforcement and Customs and Border Protection, agencies with paramilitary ambitions, a tendency to break the law, and more funding than some countries’ militaries. Organizing safely in an age of surveillance increasingly requires not only technical security know-how, but also a tricky balance between secrecy and openness, says Eva Galperin, the director of cybersecurity at the Electronic Frontier Foundation, a nonprofit focused on digital civil liberties. “You may want to limit access to some information to a smaller group of people, and you need to consider the platforms you are using, so that when law enforcement shows up to Google with a subpoena, there’s nothing sensitive it can hand over,” says Galperin. “But you have to weigh that against the fact that the majority of organizing is done in public, with other people, because the power of organizing is in numbers and solidarity.” There’s no simple set of tech tips that can help organizers safely build a movement while facing that dilemma, but there are approaches, guidelines and tools that can help. WIRED asked technologists, activists, aid groups, and cybersecurity experts for their guidance on how to organize and collaborate in an age of surveillance. Here’s what we found. Decide What to Protect The first step to safer and more surveillance-resistant organizing is what digital security experts and organizers call “threat modeling”: Gaming out what potential adversaries might seek to surveil and what needs to be protected. That means creating clear delineations around what information can be public or which conversations can happen on less private platforms, versus which aspects of your organizing must stay secret. You’ll almost certainly need a mix of both approaches. “If you have no rules on what should or should not be encrypted or secured, then you’re going to want to encrypt every single thing,” says Matt Mitchell, a former founder and security trainer at CryptoHarlem and now CEO of the risk-mitigation firm Safety Sync Group. “It comes from a good place, but that creates a lot of barriers and makes it more likely that someone will make mistakes.” EFF’s Galperin suggests one guideline is to think about what will inherently become public anyway and when. You may want to keep the time and place secret for a small in-person planning meeting, but if something is going to soon be in the open—like the organizing of a massive rally that involves seeking permits from city officials—there’s less pressure to lock down the planning. Galperin warns that too much secrecy can be unwelcoming for new members of a movement and self-defeating. “A very, very large part of activism is telling people what you're doing,” she says. “It’s casseroles and phone trees. It is deeply unsexy, but also not secret work.” Taylor Fairbank, cofounder of the humanitarian relief group Distribute Aid, says, for example, that most of the logistics and communication work the organization does to connect specific supplies with communities in need can be done—or even must be done—in the open or on platforms that could be surveilled. “I will never be able to leave Facebook because I have the cutest grandparents in the UK who reach out to me once a year offering a bunch of knitted hats and sweaters to send to a refugee camp in Europe,” he says. “It's my job to be available and to be on insecure tools to help match those opportunities and translate that across geographical boundaries.” MOST POPULAR POLITICS Inside the Homeland Security Forum Where ICE Agents Talk Shit About Other Agents BY VITTORIA ELLIOTT CULTURE The Curling Controversy at the Winter Olympics Isn’t What You Think BY MARTIN CIZMAR ARTIFICIAL INTELLIGENCE Meta and Other Tech Firms Put Restrictions on Use of OpenClaw Over Security Fears BY PARESH DAVE BUSINESS The Rise of RentAHuman, the Marketplace Where Bots Put People to Work BY KYLE MACNEILL Crucially, though, some information, like the locations of Distribute Aid warehouses, is carefully protected. “We will never post warehouse addresses online, because we have seen our warehouses and our partners' warehouses get targeted for theft and political violence,” Fairbank says. “I really recommend explicitly identifying sensitive data and holding that close.” That means considering, for every kind of collaboration or communication, whether and how it needs to be protected. For each element of an organization’s digital footprint that truly must stay secret, you’ll need to take measures to encrypt it, delete it after a certain time, store it under your own control instead of in the cloud—or both. The next section includes some of the tools and tactics experts recommend. TLDR: Trying to keep everything secret is neither practical nor always desirable. Instead, create a threat model: Identify what’s sensitive, make an effort to protect it by encrypting it, storing it in a safe place, or deleting it after a certain time—and worry less about the stuff that will eventually be public anyway. Lock Down Your Communications The core, default tool for text and voice communications recommended by every activist and security expert WIRED spoke to remains the encrypted messenger Signal. That’s because Signal is end-to-end encrypted—meaning that only the phones or PCs of the participants in a conversation can decrypt its communications—and it’s battle-tested, free, open source, popular, and simple enough to allow seamless onboarding of new members of an organization. Unlike WhatsApp, which also uses Signal’s encryption protocol for its own end-to-end encrypted messaging and calls, Signal doesn’t log metadata such as who is calling or texting whom, a crucial privacy feature. Finally, Signal has become increasingly reliable, even for group video calls, making it a key alternative to not only email but also Zoom or other video meeting tools. A few practices can still vastly increase the security Signal offers. Just as important, perhaps, as Signal’s encryption is its disappearing message feature, which lets you keep messages for a set amount of time, from four weeks to as little as 30 seconds. Turn it on. Even with a countdown clock as long as one week for less sensitive conversations, you’ll significantly reduce the risk of your organization’s communications leaking. Also, take advantage of Signal’s username feature rather than asking new members for their phone number, which can further limit a group’s potential exposure of identifying contact info. As your organization’s Signal groups grow, however, keep in mind that encryption doesn’t offer magical protection from leaks by a group’s members—a lesson made all too clear by the Trump administration’s SignalGate scandal. As a Signal group grows beyond a certain size, it’s likely that newly invited members haven’t been strictly vetted. “If your group has more than 50 people in it, it's not a private space for communication,” says Galperin. Keep truly sensitive information to the smallest possible groups, or to one-on-one communications. End-to-end encryption, too, only offers as much security as the devices on either end. Group members should set up authentication to access the Signal app itself—go to Screen Lock under the Privacy menu in Signal’s settings. For organization members with access to sensitive data and Signal groups, make sure everyone has set up a strong passcode, and consider disabling biometric access for that screen lock. Better yet, turn off all biometric access to the phone or computer Signal is running on, given that face- or fingerprint-based unlocking methods have fewer Fourth Amendment protections from law enforcement searches. (As the case of Washington Post reporter Hannah Natanson demonstrated, biometric access to a PC with a Signal desktop app can give authorities access to your linked Signal account, no matter how carefully you’ve locked down your phone.) MOST POPULAR POLITICS Inside the Homeland Security Forum Where ICE Agents Talk Shit About Other Agents BY VITTORIA ELLIOTT CULTURE The Curling Controversy at the Winter Olympics Isn’t What You Think BY MARTIN CIZMAR ARTIFICIAL INTELLIGENCE Meta and Other Tech Firms Put Restrictions on Use of OpenClaw Over Security Fears BY PARESH DAVE BUSINESS The Rise of RentAHuman, the Marketplace Where Bots Put People to Work BY KYLE MACNEILL If that level of security is too cumbersome, Galperin sugge