---
title: "Identity Discipline"
id: "7397"
type: "page"
slug: "identity-discipline"
published_at: "2026-02-24T05:00:15+00:00"
modified_at: "2026-04-01T03:32:41+00:00"
url: "https://theresistancehub.com/identity-discipline/"
markdown_url: "https://theresistancehub.com/identity-discipline.md"
excerpt: "01 Foundation Why Identity Discipline Matters Identity discipline is not paranoia. It is a structured practice — developed by journalists, human rights workers, and resistance movements operating under hostile surveillance — that separates your personal identity from your activist or..."
---

# Identity Discipline

// Resistance Toolkit · Identity Discipline# Identity Discipline — Protecting Yourself in Hostile Environments

Identity discipline is the practice of separating who you are from what you do — protecting your personal identity, your network, and your sources from surveillance, retaliation, and exposure. Drawn from Reporters Sans Frontières methodology and adapted for activists, journalists, and civil society workers operating under scrutiny.

3Identity Layers to Protect

4Threat Environment Levels

6Core Tool Categories

Curated by **The Resistance Hub Editorial Team**Updated: **February 2026**Sources: **Reporters Sans Frontières · EFF Surveillance Self-Defense · Freedom of the Press Foundation · Access Now**Editorial Standards: [Policy →](https://theresistancehub.com/editorial-policy/)

01Foundation## Why Identity Discipline Matters

Identity discipline is not paranoia. It is a structured practice — developed by journalists, human rights workers, and resistance movements operating under hostile surveillance — that separates your personal identity from your activist or professional role. The goal is not to conceal who you are. It is to control what information adversaries can access, correlate, and use against you or your network.

Reporters Sans Frontières frames this as a fundamental protection for anyone working in an information-sensitive role. The same principles that protect a journalist’s sources protect an activist’s network. Exposure of either can result in arrest, harassment, loss of employment, or physical harm — not only to the individual, but to everyone connected to them.

Core PrincipleIdentity discipline operates on three layers: **digital identity** (what you do online and what traces you leave), **physical identity** (what you present in the world and what can be observed), and **social identity** (what your network knows and what they might disclose). All three require active management. Weakness in any one layer can compromise the other two.

This page does not assume you are engaged in illegal activity. Identity discipline is a legitimate and widely practiced professional standard for journalists, lawyers, NGO workers, opposition politicians, and anyone whose work puts them in conflict with powerful interests. The question is not whether to practise it — it is how rigorously your threat environment requires you to do so.

02Threat Modelling## Assessing Your Threat Environment

RSF’s digital security methodology begins with threat modelling — the process of identifying who might target you, what they are capable of, and what they are trying to find. Your identity discipline measures should be proportionate to your threat environment. Over-preparation wastes resources; under-preparation creates exposure.

Level 01 — Low ThreatGeneral Awareness

Civil society activity in a stable democracy with a free press. Adversary is opportunistic, not targeted. Basic digital hygiene, strong passwords, and careful social media use are sufficient. No dedicated surveillance capacity directed at you.

Level 02 — Moderate ThreatActive Exposure Risk

Organising in a context where authorities monitor activist networks, or working on issues that attract corporate or government attention. Separate identities for activist and personal activity. Encrypted communications standard. Legal observer presence at actions.

Level 03 — High ThreatTargeted Surveillance

Journalist, opposition figure, or activist in a context with documented state surveillance of civil society. Full separation of digital identities. Hardened device security. Source protection protocols. Physical identity discipline at all actions. RSF and EFF full-protocol guidance applies.

Level 04 — Severe ThreatHostile State Environment

Operating in or communicating with contacts in an authoritarian or conflict context. Assume all communications are monitored. Air-gap sensitive material. Use only vetted secure channels. Consult Access Now Digital Security Helpline and RSF emergency protocols directly. This page is not sufficient for this threat level alone.

RSF Methodology — Start HereReporters Sans Frontières recommends beginning every security assessment with four questions: **Who wants to harm me or my sources? What do they want to find? What do they have access to? What are the consequences of exposure?** The answers determine the proportionate response — not a one-size checklist.

03Digital Layer## Separating Personal and Activist Digital Identities

The most common identity discipline failure is the conflation of personal and activist digital identities. A single email account, phone number, or social media profile that bridges both worlds creates a correlation point that adversaries can exploit. Separation is not about hiding — it is about compartmentalisation.

Email and Accounts

- **Separate email accounts:** One account for personal life, a distinct account — ideally on a privacy-focused provider (ProtonMail, Tutanota) — for activist or professional work. Never cross-reference them. Do not forward between them.
- **Pseudonymous accounts:** Where your role requires public presence, use a consistent pseudonym rather than your legal name. A pseudonym maintained over time builds credibility without exposing your personal identity. RSF uses the term “journalistic alias” for this practice.
- **Account creation hygiene:** Do not create activist accounts from your personal device or home IP address. Use a VPN or Tor for account creation. Do not use your personal phone number for verification — use a separate SIM or a voip service.
- **Password discipline:** Unique strong passwords for every account. A password manager (Bitwarden, KeePassXC) is the only practical solution. Never reuse passwords. Enable 2FA on all accounts — hardware keys (YubiKey) or authenticator apps, never SMS for high-risk accounts.

Social Media and Public Presence

- **Audit existing accounts:** Review everything you have posted publicly. Information that seems innocuous in isolation — workplace, neighbourhood, daily routine, family members — can be combined to identify and locate you. Use the OSINT section of this page to see what is already findable.
- **No cross-posting between identities:** Never share content from your activist accounts on personal accounts or vice versa. Engagement patterns — likes, follows, shares — are metadata that correlates identities even when names differ.
- **Location data:** Disable location tagging on all posts. Review app location permissions. Photographs contain EXIF metadata including GPS coordinates — strip metadata before posting images from sensitive locations.

Device Separation

For moderate to high threat environments, RSF recommends maintaining separate devices for personal and activist use. A dedicated low-cost Android device running GrapheneOS or a hardened configuration for activist communications provides meaningful separation. At minimum, do not conduct sensitive communications on a device that also contains your personal contacts, banking apps, or location history.

Device Seizure RiskAt any point of arrest or detention, your device may be seized. Assume law enforcement has the technical capability to extract data from unlocked or poorly secured devices. **Enable full-disk encryption. Use a strong alphanumeric passcode — not biometric alone.** Biometric unlocks can be compelled; passcodes cannot in most jurisdictions. Know your device’s data protection settings before attending any action.

04Physical Layer## Physical Identity Discipline

Digital identity discipline is only half the picture. Physical presence at protests, meetings, and actions creates observable identity data — facial recognition, gait analysis, licence plate readers, and informant identification all operate in the physical domain. Physical identity discipline addresses what can be seen, recorded, and correlated in the real world.

At Demonstrations and Actions

- **Face covering:** Where legal in your jurisdiction, wearing a face covering at demonstrations protects against facial recognition systems and photographic identification. Check the law in your area — some jurisdictions prohibit face coverings at protests, and non-compliance creates its own legal exposure.
- **Distinctive clothing:** Avoid wearing distinctive items — branded clothing, unusual accessories, or anything that makes you easily identifiable across multiple events. Adversaries correlate attendance across demonstrations using clothing identification.
- **Carry only what you need:** Do not carry unnecessary identification, loyalty cards, or items linked to your personal identity. Carry only what you are legally required to carry and what you would be comfortable having examined.
- **Travel to and from actions:** Avoid travelling to actions directly from your home. Public transport, cycling, or walking from a neutral location reduces the correlation between your home address and your activist presence. Avoid using personal vehicles — licence plates are logged.

Phone Discipline at Actions

- **IMSI catchers (stingrays):** Law enforcement in many jurisdictions deploys IMSI catchers at demonstrations — devices that mimic cell towers and log all phones in an area. Your phone’s presence at an action is logged even if you make no calls. A separate prepaid SIM or leaving your primary phone at home prevents this correlation.
- **Airplane mode is not sufficient:** Some location logging occurs independently of cellular connectivity. If you require your phone to be non-trackable, power it off completely — or leave it at home and use a separate dedicated device for the action.
- **Bluetooth and WiFi:** Both broadcast identifiable signals when enabled. Disable both before arriving at any action.

05Communications Security## Secure Communications

Communications security is the practice of ensuring that only the intended recipients can read what you send. This is not the same as privacy — it is operational security. Unencrypted communications sent over standard channels are accessible to network operators, law enforcement with legal authority, and in some contexts hostile state actors. The Freedom of the Press Foundation’s guides treat encrypted communication as baseline — not exceptional — for anyone in an information-sensitive role.

Core Tools by Category

MessagingSignal

End-to-end encrypted messaging and calls. Open source, audited. Enable disappearing messages. Do not use SMS as a fallback for sensitive content. Recommended by RSF, EFF, and FPF as primary secure messaging tool.

[signal.org →](https://signal.org/)

EmailProtonMail / Tutanota

End-to-end encrypted email between users on the same platform. For email to non-encrypted recipients, use PGP encryption. Standard email providers (Gmail, Outlook) hand over data under legal compulsion.

[proton.me →](https://proton.me/mail)

BrowsingTor Browser

Routes traffic through multiple encrypted relays, masking your IP address and browsing activity. Slower than standard browsing but provides strong anonymity. Use for sensitive research and account creation. Do not log into personal accounts while using Tor.

[torproject.org →](https://www.torproject.org/)

VPNMullvad / ProtonVPN

Masks your IP address from websites and network operators. A VPN is not anonymity — the VPN provider can see your traffic. Choose a provider with a verified no-logs policy in a jurisdiction outside your adversary’s legal reach.

[mullvad.net →](https://mullvad.net/)

File StorageVeraCrypt

Open-source, audited disk encryption. Use for sensitive document storage on local devices. Create encrypted containers for activist materials, keeping them separate from personal files.

[veracrypt.fr →](https://veracrypt.fr/)

CollaborationOnionShare / SecureDrop

Secure file sharing over Tor. OnionShare for peer-to-peer transfer; SecureDrop for journalist source submissions. Both leave no metadata trail accessible to third parties.

[onionshare.org →](https://onionshare.org/)

EFF Guidance — Threat-Proportionate Tool SelectionThe Electronic Frontier Foundation’s Surveillance Self-Defense guide explicitly advises against adopting all tools simultaneously. **Start with Signal for messaging and a password manager for accounts.** These two changes address the majority of exposure for most threat levels. Add layers as your threat assessment requires — complexity introduces its own operational risk if tools are used incorrectly.

06OSINT Awareness## What Others Can Find About You

Open Source Intelligence (OSINT) is the collection and analysis of publicly available information. State actors, hostile organisations, and individuals use OSINT techniques to identify, locate, and build profiles on activists and journalists. Understanding what is findable about you is the first step in reducing your exposure surface.

Conduct Your Own OSINT Audit

Before taking any protective action, understand your current exposure. The following process is adapted from standard OSINT methodology and requires no specialist tools:

- **Google yourself comprehensively:** Search your full name, your name plus location, your name plus employer, your email addresses, and your phone number. Note everything that appears. Repeat with Bing and DuckDuckGo — results differ between search engines.
- **Review all social media profiles:** Including inactive accounts. Old accounts often contain more identifying information than current ones. Check privacy settings on every platform. Assume anything set to “friends of friends” is effectively public.
- **Check data broker sites:** People-finder and data broker sites (Spokeo, Whitepages, Intelius equivalents in your country) aggregate personal data from public records. Most allow opt-out removal requests. Submit them. This is a standard RSF recommendation for journalists in any threat environment.
- **Check image search:** Reverse image search your profile photographs. If the same photo appears across multiple platforms, it creates a correlation bridge between your personal and activist identities. Use different photographs for different identities — or no photograph at all for activist accounts.
- **Review public records:** Voter registration, property records, and company registrations are often publicly searchable and contain home addresses. Understand what is in the public record in your jurisdiction and whether opt-out or redaction mechanisms exist.

Network OSINT RiskYour identity can be exposed through your network even when your own accounts are clean. A colleague who tags you in a photograph, a contact who lists you publicly, or a group membership that is publicly visible can all create exposure. **Brief your network on identity discipline.** You are only as protected as your weakest link.

07Operational Checklist## Identity Discipline — Action Checklist

Foundational — Do These First

- Conduct a personal OSINT audit. Note everything findable. Begin removal requests on data broker sites.
- Install a password manager. Change all account passwords to unique strong passwords.
- Enable 2FA on all critical accounts — use an authenticator app, not SMS.
- Install Signal. Move sensitive communications off standard SMS and email.
- Enable full-disk encryption on all devices. Set a strong alphanumeric passcode.

Before Any Action or Publication

- Confirm your activist and personal digital identities are fully separated — no shared accounts, no cross-posting, no shared photographs.
- Strip EXIF metadata from any photographs before posting — especially location data.
- Brief your network. Confirm they understand not to tag, identify, or publicly link you without consent.
- At any physical action: disable Bluetooth and WiFi. Carry only what is legally required. Travel from a neutral location.

Ongoing Maintenance

- Repeat your OSINT audit every 6 months. Data brokers re-aggregate removed data over time.
- Review app permissions quarterly — particularly location, microphone, and contacts access.
- Re-assess your threat level when your circumstances change — new role, new campaign, new jurisdiction.

08Reference Organisations## Key Organisations and Resources

The following organisations publish the most authoritative publicly available guidance on identity discipline, digital security, and source protection. All materials are free to access.

InternationalReporters Sans Frontières (RSF)

The primary international reference for journalist digital security. Publishes threat-modelled guides for reporters in hostile environments.

[rsf.org →](https://rsf.org/en/digital-security)

USA / InternationalEFF — Surveillance Self-Defense

The Electronic Frontier Foundation’s comprehensive threat-based security guide. Covers tools, threat modelling, and specific scenarios.

[ssd.eff.org →](https://ssd.eff.org)

USA / InternationalFreedom of the Press Foundation

Publishes security training guides and maintains SecureDrop. Specific guidance for journalists and their sources.

[freedom.press →](https://freedom.press/training)

InternationalAccess Now — Digital Security Helpline

Free direct digital security assistance for civil society, journalists, and activists under threat. Available in multiple languages.

[accessnow.org →](https://www.accessnow.org/help)

InternationalFront Line Defenders

Digital protection for human rights defenders at risk. Publishes a comprehensive workbook on protection planning.

[frontlinedefenders.org →](https://www.frontlinedefenders.org)

InternationalCommittee to Protect Journalists (CPJ)

Digital safety resources specifically for journalists. Includes country-specific threat assessments and emergency support.

[cpj.org →](https://cpj.org/safety)

If You Are Under Immediate ThreatIf you believe you are currently under active surveillance or facing immediate digital threat, contact the **Access Now Digital Security Helpline** directly at accessnow.org/help. They provide free, confidential, expert assistance to civil society and journalists in real time. This page is an educational reference — it is not a substitute for direct expert support in an active threat situation.

// Page Contents

- [01 · Why Identity Discipline Matters](#section-01)
- [02 · Assessing Your Threat Environment](#section-02)
- [03 · Separating Digital Identities](#section-03)
- [04 · Physical Identity Discipline](#section-04)
- [05 · Secure Communications](#section-05)
- [06 · OSINT Awareness](#section-06)
- [07 · Action Checklist](#section-07)
- [08 · Key Organisations](#section-08)

// Resistance Toolkit

- [Resistance Toolkit (Hub)](https://theresistancehub.com/resistance-toolkit/)
- [Digital Security & Privacy](https://theresistancehub.com/resistance-toolkit/digital-security-privacy/)
- [Countering Misinformation](https://theresistancehub.com/resistance-toolkit/countering-misinformation/)
- [Street Level Tactics](https://theresistancehub.com/resistance-toolkit/street-level-tactics/)
- [Identity Discipline ← Current](https://theresistancehub.com/resistance-toolkit/identity-discipline/)
- [Know the Law](https://theresistancehub.com/resistance-toolkit/know-the-law/)

// Related Pages

[Digital Security & Privacy](https://theresistancehub.com/resistance-toolkit/digital-security-privacy/)
[Know the Law](https://theresistancehub.com/resistance-toolkit/know-the-law/)
[ARIS — Resistance & the Cyber Domain (PDF)](/wp-content/uploads/2025/09/ARIS_Resistance_CyberDomain.pdf.pdf)

Manage Consent

To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.

Functional   Functional  Always active

The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.

Preferences  Preferences

The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.

Statistics  Statistics

The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.

Marketing  Marketing

The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.

- [Manage options](#)
- [Manage services](#)
- [Manage {vendor_count} vendors](#)
- [Read more about these purposes](https://cookiedatabase.org/tcf/purposes/)

AcceptDenyView preferencesSave preferences[View preferences](#)

- [{title}](#)
- [{title}](#)
- [{title}](#)

Manage consent
