August 2022 report

🗓️ Last edit: August 10, 2022. A big thank you goes to Aspiration Tech, Digital Freedom Fund, Digitalcourage, Digitale Gesellschaft, EDRi, epicenter, Fight for the Future, Free Software Foundation Europe, La Quadrature Du Net, noyb and Panoptykon for opening up and sharing your expertise. We hope we've done justice to your input, and the next steps will see an equally collaborative spirit.


Between June and July 2022 we interviewed 10 civil society organisations about their use of digital tooling. With still a number of interviews to go, we wish to report back on our first findings in order to allow for early and easy feedback. This report, therefore, outlines our first findings.

What did we set out to do?

Technology can and should advance our work in support of open and just societies. We're convinced it can only do so when:

  1. We use technology that aligns with our values and message;
  2. The technology we use and the way we use it is progressive, inspiring and fun.

In order to get there, Bits of Freedom set out to map our current tooling behaviors, tooling needs and possible ways forward. We're focusing on three core areas: 1. communications tooling (running campaigns, mobilization and outreach to (new) audiences); 2. tooling for research and evidence-gathering; 3. tooling to run our organizations and workspaces.

General findings

Our use of technology is diverse

We focused initially on "traditional" digital rights organizations, expecting to find similar practices between them. We didn't. Some organizations use command-line interfaces, some have more or less complete (cobbled together) open source office suits, and others make use of Google workspaces. The requirements given for these different approaches also varies: from the need for control and flexibility, to the need for stability and accessibility. And, of course, each of these requirements could lead to wildly different solutions. "Flexibility" to one means avoiding lock-in, and to another it means being able to easily onboard new people. "Control" to one means completely self-contained systems and data (so long Google!), and to another it means knowing your documents are stored securely and you can easily share them (hi Google!). We need to be careful not to make assumptions based on language, but look at how principles and values are operationalized, especially there where organizations hold (seemingly) contradicting requirements (which, for digital rights organizations using digital tools, can be more often than not).

We're stuck in the muck

Another key finding is that the field's ability to think about the possible seems to be overpowered by our tendency to think in terms of what is known, most likely hindering progress.

We're playing the short game

Organizations that have a big percentage of core funding, have a higher chance of having some sort of sustainable focus on IT. Organizations relying heavily on project funding mention that IT-capacity is not something that is funded. The development of new tools is often project-based work, with the project considered to having been "completed" once the tool has been put into production. This leaves tooling and the people that rely on it vulnerable to unreliable- or altogether absent support, and leads to capacity and funds being wasted.

We see this most acutely in our campaigning work. Whereas methods to mobilize people in support of legislative change over the years largely seem to have remained the same ("contact your MEP"-actions; FAQ's and other "one-pager"-campaigning websites), this hasn't resulted in anything resembling a robust set of tools for these purposes. To the contrary: the tooling the digital rights field uses to run campaigns and mobilize people (new and existing audiences, volunteers and others) doesn't seem to have developed very much over the past decade. Capacity spent hasn't been capacity built.

Tooling to help coordinate campaigning work seems to be lacking across the board, and we notice a heavy reliance on Signal for all sorts of communication (one-to-one, one-to-many, many-to-many) and objectives (regular updates, one-off messages, urgent communication, disposable messaging as well as communication you'd want to archive, etc). It's unlikely that one tool efficiently serves such a diversity of needs.

The field is not at all of one mind when it comes to the acceptability of the use of social media platforms. Some steer away from platforms altogether, some operate under some form of self-imposed limitations, and others make full use of the functionality platforms offer, including paid advertising based on profiling.

We find a similar diversity in the use of analytics, practices ranging from Google Analytics to self-hosted tooling deployed with and without self-imposed "limitations" (masking IP-addresses; limiting access or use, etc).

We don't have a good view on the state of research tooling yet. However, over the past few years we've seen a number of promising initiatives aimed at bridging the gap between technologists and litigators. In our interviews we want to focus on research aimed at evidence-gathering for litigation, research in support of legislative change, and research in support of raising awareness.

Some organizations have both system administrators and developers in-house, while others consist of policy officers and/or litigators only. This shouldn't make a big difference to our back-offices and workspaces though, since all that's needed for this is a basic office suit and a few communication tools. What we see, however, is that organizations often struggle even with the basics.

Organizations that have chosen a self-hosted, sovereign approach are often faced with a high level of resources needed to maintain their tools, either in the form of staff (IT-personnel or people to coordinate volunteers) or in terms of costs for an external party.

In many organizations, it takes new employees up to several months to become fully acquainted with their organization's tooling. Again, considering that most of our internal needs are rather straightforward, this seems to be a huge overhead. We seem to have accepted, or maybe even come to expect, that privacy-friendly technology is cumbersome and really no fun at all.

Final thoughts

We set out to explore if the digital rights field is using technology in line with our values and message, and if the technology we use and the way we use it is progressive, inspiring and fun. It is clear we aren't there yet, but we do have a shared sense of urgency that this poses a risk to our mission and therefore needs to be tackled.

  1. A long-term vision or strategy for our IT infrastructure and tools across the board is lacking, leaving our organizations unnecessarily vulnerable, and leading to capacity and resources being wasted.
  2. We aren't making full use of the technology available to help us achieve our goals, and in particular we aren't currently equipped to capitalize on the increased attention for our work and issues. This disadvantages individual organizations and our field as a whole.

Next steps

  • We hope to receive lots of feedback on this report.
  • We'll be conducting additional interviews up until September. We'll alter our questioning a little bit to help interviewees think less in terms of specific tools and more in terms of processes and impact.
  • We'll try to identify the challenges and dilemma's underlying our field's struggles, and produce a preliminary list of the requirements solutions need to adhere to.
  • We'll outline a few possible ways forward, including who and what is needed in order to affect long-term change.

Get in touch!

  • Martijn de Heer: martijn[at]
  • Evelyn Austin: evelyn[at]