Digital communication has become a more perilous activity, particularly for activists, political dissidents, and independent media. The recent surge in digital activism that has helped to shape the Arab spring has been met with stiff resistance by governments in the region intent on reducing the impact of digital organizing and independent media. No longer content with Internet filtering, many governments in the Middle East and around the world are using a variety of technological and offline strategies to go after online media and digital activists. In Tunisia, before and during the January 2011 protest movement that led to a change in government there, Internet service providers were apparently logging usernames and passwords to hack into and dismantle online organizing and information sharing among protesters. In early June 2011, Google reported a phishing attack targeted at military and human rights activists to gain access to their Gmail accounts. In Syria, a well organized effort known as the Syrian Electronic Army has been carrying out attacks to disable and compromise web sites that are critical of the Syrian regime. These stories are only a few selected from the set that have become public, and an unknown number of attacks go unnoticed and unreported. Many of these attacks are impossible to attribute to specific actors and may involve a mix of private sector and governmental actors, blurring the lines between cyber attacks and government surveillance. In such an environment, maintaining online security is a growing challenge.
In this report we describe the results of a survey of 98 bloggers in the Middle East and North Africa (MENA) carried out in May 2011 in order to study bloggers' perceptions of online risk and the actions they take to address digital communications security, including both Internet and cell phone use. The survey was implemented in the wake of the Arab spring and documents a proliferation of online security problems among the respondents. In the survey, we address the respondents' perceptions of online risk, their knowledge of digital security practices, and their reported online security practices. The survey results indicate that there is much room for improving online security practices, even among this sample of respondents who are likely to have relatively high technical knowledge and experience.