There are many tools and techniques you should consider to keep you and your communications safe.
Guide: EFF’s Street-level Surveillance.
Guide: Equality Labs Anti-Doxing Guide.
Warning: You should add a PIN code to your phone’s SIM card to help protect against spying.
Before going to an event, you need to disable Face ID or Touch ID on iPhones, and the equivalent fingerprint or face scanner on Android phones. For iOS, navigate to Settings App > Face ID / Touch ID and turn it off for iPhone Unlock.
Why disable Face ID and Touch ID? The primary legal question around biometric security features like facial recognition and fingerprint scanners is whether the Fifth Amendment can protect suspects and defendants against forced device unlocking. The Fifth Amendment protects people against self-incrimination, but the courts have ruled that it applies to testimony — something someone knows. Your face is not something you know nor is your fingerprint. However, your passcode is something you know and you cannot be forced to provide it. (Source)
While a recent ruling found that the police cannot force a person to unlock their iPhone with Face ID or Touch ID because it does violate their Fifth Amendment rights, we know that the police cannot be trusted.
Ensure you have at least a 6-digit passcode lock on your smartphone. (4-digit passcodes are incredibly easy to brute-force guess.) It is better to set an alphanumeric passphrase of at least 10-12 characters, the longer the better. What makes passwords secure and difficult to brute-force guess is the length, not complexity of characters.
Tip: on iPhones, you can temporarily disable Face ID by holding the side button and one of the volume buttons. To disable Touch ID, hold the power button. Normally, these two methods are how you would display the power-off screen on your iPhone so you can “slide to power off”. However, after tapping “Cancel”, your passcode will be required.
The Verge: How police laid down a geofence dragnet for Kenosha protestors:
A series of six newly unsealed warrants, some previously reported by Forbes, show a persistent effort to use Google’s location services to identify Android users in the vicinity of arson incidents.
[…]
Using the warrants, The agents targeted seven different geographical zones, asking to identify anyone located within that area during a span that could stretch as long as two hours. The result was a kind of location dragnet, spread over some of the busiest times and locations in the first days of the protest.
Always keep your device and apps up-to-date. Install operating system updates and app updates regularly. Vulnerabilities are constantly being discovered and patched with software updates. Law enforcement tracks known software vulnerabilities and exploits them. If you are using an older version of iOS or AndroidOS, update now.
Paid or free? You will notice that some privacy and security software is free while others are paid-for or subscription-based services. This is where it is important to do your research. When software is free and open-source it usually very trustworthy. Often, these tools are built by caring volunteers or funded by non-profits — like Signal and Tor. More importantly, the code can be independently verified by other industry experts and academics.
When software is closed-source (proprietary, not open, and not verifiable by others), it is not necessarily a bad thing. However, it is important to know who is building and maintaining the software, especially if it is offered for free.
For example, paid (but closed-source) services like 1Password and NordVPN are established, trusted companies with good track records for being secure, and protecting user data and privacy. In comparison, companies like Zoom and Facebook offer their closed-source software and services for free — but that is because YOU are the product. They collect and sell your information as noted in the Communication Guide.
Warning: Be especially cautious if you are using a free VPN service. In fact, it is best that you do not unless you absolutely trust the company. Remember, when using a VPN you are routing all of your internet traffic through the VPN servers. You must do your research to find a trustworthy VPN service.