AAAS Scientific Responsibility, Human Rights and Law Program

Current Issue | Past Issues | About the Report

Report on Science and Human Rights

Summer 2003 Vol XXIII, No. 2

Miguel Cruz
SHR Computer/Network Engineer

In 2002, there was a series of burglaries at human rights organization offices in Guatemala City. The break-ins were suspicious because only files and computer equipment were stolen, while other easier-to-carry valuables were left behind. The timing of the thefts was also cause for suspicion as several high-profile military figures were then facing trials for kidnapping and killings during the country’s 35 year civil war. The loss of computers that contained years of documentation of human rights abuses set the work of the organizations back several months.

Over the past several years, SHR Deputy Director Patrick Ball worked extensively with the Guatemalan human rights community performing statistical analysis of data on violence and human rights abuses. This data made it possible to present a scientific argument rather than a collection of anecdotes and conjecture about what had actually taken place in Guatemala’s past. Patrick lives, eats, and breathes data and the prospect of losing all that information the human rights groups had painstakingly amassed horrified him. He sought a way to deal with this serious problem.

When I was hired by AAAS last year, Patrick handed me the goal of ensuring that no human rights organization in Guatemala would lose a single byte of crucial data again. Ordinarily, I would tell someone, “get yourself a CD burner and keep a copy of your files at home.” But in Guatemala, that doesn’t work, because the same suspicious break-ins have taken place at private homes. Keeping information about human rights abuses at someone’s home would make the house a potential target. We determined that the only really safe place to keep the data was out of the country, beyond the reach of those who are interested in suppressing the research findings.

Another key decision was to use Free Software (with a capital F and a capital S), such as Linux computer operating system, for the servers at each organization to gather, encrypt, and transmit the information. Software piracy is rampant in the developing world where groups can often not afford to purchase their own legal copies of word processing and database software. As the United States continues to pressure foreign governments to crack down on the use of illegal software copies, there is a growing concern in the human rights community that governments around the world may use a campaign against software piracy as a convenient excuse to harass institutions that oppose the government’s policies or expose their human rights violations. By using Linux and other Free Software, we not only saved thousands of dollars in license fees per organization, but introduced organizations to a technology that allows them to focus their resources on developing local capacity by hiring Linux consultants locally rather than just spending money on software.

The core of the project consists of encrypting the information generated by these human rights groups to prevent it from being snooped on or altered in transit. Every night, the information is automatically copied and sent out of the country to securely managed servers in physically safe locations abroad. Of course, in order for that to happen, there needs to be a way to move all that information overseas electronically. Some of the organizations had internal networks and some even had DSL, but at others, the only way people exchanged files was with floppy disks, and the only way they connected to the Internet was by waiting to use the single computer with a modem and an outside line. Therefore, we had to do a lot of basic infrastructure work before we could even begin to move any data to safety. In November 2002, I made my first trip to Guatemala with a duffel bag stuffed with tools and computer networking equipment. Things like cables, routers, and hubs are substantially more expensive in Guatemala.

When the human rights workers started to realize all the benefits that they were going to get from this project-no more lost work, no more waiting in line to use a printer or to connect to the Internet-they asked how they could help. I initially trained about a half a dozen people in the basics of network wiring. They all pitched in, putting their regular jobs on hold to work late into the evening wielding crimpers, digital cable testers, screwdrivers, and hammers. By the end of the two weeks, word had gotten out and people from organizations in nearby towns showed up and traded their labor for networking lessons.

I was really struck by the enthusiasm and energy that people put into the work. Imagine if some stranger showed up at an office in the US with a bag of tools and cables. How many people would put in extra hours for weeks on end in order to discover what that stranger was doing and learn how they could do it themselves?

I returned to Guatemala for three weeks this April and May to install data protection facilities at other organizations that I didn’t have time to reach on the last trip. I was particularly gratified to see that some of the groups that had sent people to help out in November had already made changes in their network configurations as a result of what they learned. These changes result in concrete improvements in reliability for little or no cost to the organizations.

But the most gratifying aspect of this project is that many gigabytes of data are now being stored safely out of harm’s reach and the next time a computer disappears in the middle of the night, the delay to the human rights organization’s work will be measured in hours rather than months.

Miguel Cruz joined the SHR staff in September 2002 to work on the Human Rights Data Analysis Group, which provides technical support to large-scale human rights data projects and international assistance to human rights groups with networking, backups, and security of databases. See http://shr.aaas.org/hrdag/ for more information about this project.