Structural Zero Issue 03

August 24, 2025

Part Three of Our Three-Part “Gathering the Data” Series. Read part one and part two.

In computer security, “security” is always relative to something. What are we actually defending against, and how are we doing it? This is our “threat model.”

My colleagues and I have been using scientific tools to analyze evidence of human rights abuses, including using statistics to uncover mass graves in Mexico and analyzing under-reported police homicides in the United States.

Our work isn’t always popular. It can infuriate those in power who want to cover up incriminating truths about the past and current trends in state violence. In fact, as we discussed in our last edition of Structural Zero, sometimes our work has resulted in threats to physical safety. So when I think about HRDAG’s threat model, I focus on our adversaries: those who seek to disrupt our research because they want to suppress the truth about the past or the present.

So how do we defend against these adversaries?

Encryption.

Encryption is the mathematical process of rendering data unreadable without a special key to unlock it. For HRDAG, it’s not just a tool — it’s the foundation of how we work with sensitive evidence.

I first began using encryption in the mid-1990s. Prior to this, I’d written software to do all sorts of things, and in human rights, that mostly meant preserving and analyzing with databases. But by 1995, I was writing software that compressed and encrypted all our data, and then wiped clean the blank parts of the hard disks. I was specifically worried that thugs would break into our offices in Guatemala City to steal our computers.

Every night, the last thing I would do was encrypt the data I was working with so that intruders couldn’t use it if it was stolen. And, I was constantly sending encrypted copies to be stored elsewhere: the encrypted data was safe to send, usually in a box of floppy disks carried by someone flying to another country. That way I knew that, if the data was stolen or the floppies were lost, no one who stole (or just found) the disks would be able to read them.

But using encryption wasn’t without risk. In the early 1990s, strong encryption was classified by the U.S. government as a munition — in the same category as tanks or guns. Exporting it from the United States without a license was a crime. Which meant that, simply by using the software and sharing it with my partners in Guatemala, I was likely breaking U.S. law. At the time, I could have been prosecuted and even jailed for protecting human rights evidence.

Fortunately, a group of lawyers at the Electronic Frontier Foundation challenged those restrictions. I shared details of my own encryption practices with them as they built their case. They won when a judge struck down the export ban on First Amendment grounds. And, on a personal level, that case changed my life in ways I never could have expected: the lead lawyer, Cindy Cohn, would later become my wife and co-parent to two Bernese Mountain Dogs.

Today, encryption is just as necessary to do my work, but the threats are different. I rely on encrypted communication tools to share data with partners worldwide. I also use encryption to securely store data in datacenters in countries around the world.

But I know that there are powerful hacking tools available to well-resourced adversaries, especially nation states, that would be extremely hard to defend against and nearly undetectable. When I was working in Guatemala, I would have been able to see the damage if thugs had smashed their way into my office space; now, I may never know if a stealthy, deep-pocketed attacker from the other side of the world has been in my laptop. So HRDAG’s use of encryption is focused on ensuring that our data is not tampered with.

That’s where cryptographic hashes come in. A hash is like a fingerprint for data: unique to each dataset, instantly revealing if anything has changed. If even a single number in a database is altered, the hash changes completely. At HRDAG, the first thing we do when a partner sends us a dataset is generate its hash. The hashes are much tinier than the datasets they authenticate, so we can easily store hashes separately from the datasets themselves. As we work, we routinely re-check those hashes to confirm the data remains exactly as it was received. This is a best practice for any investigation based on gathering and analyzing digital evidence, and it gives us confidence that our findings rest on solid, unaltered ground.

In short, encryption allows us to securely store our data against many attacks and communicate safely with our partners around the world while cryptographic hashes allow us to verify that the data has not been tampered with. As human rights data analysts, we have a responsibility not only to analyze evidence rigorously but also to guarantee its authenticity.

While the ridiculous 1990s rules against encryption have thankfully been knocked down, there are still efforts to undermine strong encryption in one form or another. HRDAG stands firmly with the human rights community in insisting that encryption is not optional — it is fundamental to the defense of truth. Any attempt to ban or backdoor encryption technology, including tools like Signal and WhatsApp, is a threat to the human rights community.

This is the last of our series on Gathering the Data, where we explored how human rights data is generated, collected, and protected. Starting next month, we’ll be digging into how HRDAG data scientists work with this data, including our efforts to analyze gunshot detection technology and our work to shine a light on patterns of police misconduct in California. If you haven’t done so already, please subscribe to Structural Zero and share this with a friend.

PB

Patrick Ball

This article was written by Patrick Ball, Director of Research for the Human Rights Data Analysis Group (HRDAG), a nonprofit organization using scientific data analysis to shed light on human rights violations. You can also follow us on Bluesky, Mastodon, and LinkedIn.

Structural Zero is a free monthly newsletter that helps explore what scientific and mathematical concepts teach us about the past and the present. Appropriate for scientists as well as anyone who is curious about how statistics can help us understand the world, Structural Zero is written by 5 data scientists and edited by Rainey Reitman.

If you get value out of these articles, please support us by subscribing and telling your friends about the newsletter.

Image from the Electronic Frontier Foundation. Creative Commons Attribution 4.0 International License (CC-BY),