3.5.4 Confidentiality and Data Protection

Savannah DSA operates in an environment where membership in the organization and participation in its activities can pose real risks to members’ safety, employment, housing, immigration status, and personal lives. For that reason, any information that links a real person to Savannah DSA or its political work is treated as highly sensitive.

This section defines how chapter data is classified, where it may be stored, who may access it, and how it must be handled.

A. Data Classification

For operational security, all chapter information is classified into four tiers:

  1. Tier 1 – Public Organizational Data
    Materials intended for public distribution.
    Examples: public statements, public-facing bylaws, public charters, press releases, public flyers.
  2. Tier 2 – Internal Operational Data
    Internal working materials that do not identify specific people.
    Examples: draft proposals, agendas without names, generic planning notes, non-sensitive vendor information.
  3. Tier 3 – Personally Identifiable Information (PII)
    Any data that can identify a person.
    Examples: legal name, home/mailing address, phone number, email address, date of birth, emergency contacts, government ID numbers, banking or payment information.
  4. Tier 4 – Political Identity and Sensitive Membership Data
    Any information that links a person to Savannah DSA or to political activity.
    Examples: membership lists, attendance/sign-in sheets, organizer or volunteer rosters, donation or dues records tied to names, grievance or disciplinary records, HGO/safety information, internal communications that name individuals in connection with organizing or political work.

Tier 3 and Tier 4 data are treated identically for security purposes. When in doubt, treat information as Tier 4.

B. Core Confidentiality Rules

  • Tier 3–4 data may not be shared outside Savannah DSA or used for any non-DSA purpose.
  • Access to Tier 3–4 data is restricted to members with an explicit role that requires it and who have completed required security training.
  • Members who wish to be referred to only by an alias in online or public spaces must have that preference respected in all official communications and public-facing channels.
  • No member may compile, export, or distribute lists that link names to DSA membership or activity except as explicitly authorized by this section.
  • Violations of this policy undermine member safety and organizational trust and may result in disciplinary action.

C. Authorized Platforms (Public vs. Sensitive)

To reduce accidental leaks, public and sensitive data must live on different platforms.

  1. Public / Low-Risk (Tier 1)
    • Stored on platforms designated for public materials only (e.g., chapter website, a public-only Google Drive folder, printed materials).
    • No Tier 3–4 data may be stored on these platforms.
  2. Internal / Moderate Risk (Tier 2)
    • May be stored on internal Google Drive or similar tools, as long as no Tier 3–4 data is included.
    • If any document begins to contain names, contact information, or political identity data, it is automatically reclassified to Tier 3–4 and must be moved to an approved encrypted platform.
  3. Sensitive / High-Risk (Tier 3–4)
    • Must be stored only on encrypted platforms approved by the chapter, such as CryptPad and Proton Drive used for private, internal storage.
    • There is no “public” area within the chapter’s Proton storage. Proton is reserved for sensitive and internal material only.
    • Proton Mail may be used to transmit Tier 3–4 data only when necessary, using encrypted messages or secure links.

Discord, standard email, SMS, and social media inboxes must never be used to store or transmit Tier 3–4 data.

Discord may be used for general political discussion and organizing, but:

  • no internal membership lists, sign-in sheets, or contact databases may be posted or summarized there, and
  • officers must not confirm or disclose any member’s status, contact information, or involvement without that member’s explicit consent.

Members who choose to use their real names on Discord do so at their own risk; the chapter will not further expose or aggregate that information.

D. Sharing Data: Access Permissions, Not Attachments

To protect members and allow rapid response to incidents, Savannah DSA relies on access permissions instead of file attachments or downloads.

  • Tier 3–4 data should be shared by granting and revoking access within CryptPad or Proton Drive, not by sending files directly.
  • Attachments containing Tier 3–4 data should be avoided whenever possible.
  • If an account or device is compromised (for example, a stolen phone or laptop), the Steering Committee can immediately revoke that member’s access to sensitive folders, preventing further unauthorized viewing.
  • Members who are granted access to Tier 3–4 data are responsible for notifying the Steering Committee promptly if a device is lost, stolen, or compromised so access can be revoked.

E. Personal Devices vs. Chapter-Managed Devices

Savannah DSA does not treat personal devices as secure storage for Tier 3–4 data.

1. Personal Devices

Members may use personal devices (laptops, phones, tablets) to view Tier 3–4 data through encrypted platforms, subject to the following:

  • The device must use full-disk encryption (e.g., FileVault, BitLocker, LUKS or equivalent).
  • The device must be protected by a strong passphrase (e.g., multiple random words) and set to lock automatically after no more than five (5) minutes of inactivity, requiring the full passphrase to unlock.
  • The operating system and browser must be kept reasonably up to date with security patches.
  • All chapter-related accounts used on the device (Proton, CryptPad, etc.) must have multi-factor authentication (MFA/2FA) enabled.

Under no circumstances may Tier 3–4 data be permanently stored on personal devices. This includes:

  • no downloading of membership lists or sign-in sheets;
  • no exporting of spreadsheets or PDFs with names or contact info;
  • no screenshots or photos of sensitive documents;
  • no syncing of chapter folders containing Tier 3–4 data to iCloud, Dropbox, OneDrive, or similar services;
  • no local notes apps containing member lists or sensitive records.

If a personal device inadvertently stores Tier 3–4 data (for example, via a downloaded attachment), the member must delete it immediately and notify the appropriate officer so practices can be corrected.

2. Chapter-Managed Devices

To support necessary work with sensitive data, Savannah DSA may authorize one or more chapter-managed devices (for example, a dedicated encrypted laptop in a modest price range appropriate for the chapter’s budget).

A chapter-managed device:

  • is owned or fully controlled by the chapter,
  • is used only for chapter work,
  • has full-disk encryption and a strong passphrase,
  • has MFA enabled for all accounts used on it, including the device login, and
  • is physically secured when not in use (locked storage, controlled access).

Only chapter-managed devices may store downloaded or exported Tier 3–4 data, and then only when necessary for operational reasons (such as offline backup, financial reporting, or legally required retention). Personal devices may never be used for this purpose.

F. Membership Outreach and Limited Sharing

The Steering Committee may enlist general members to help contact prospective members or event attendees, under strict limits:

  • Volunteers may receive only the minimum information necessary to complete a specific outreach task, typically a name and phone number for a single prospective contact.
  • This information must be transmitted via encrypted direct message (e.g., Signal) and may not be re-shared or compiled into new lists by the volunteer.

Full membership lists, large contact databases, and Tier 3–4 data remain restricted to designated roles.

G. Retention, Deletion, and Coalition Work

Savannah DSA will not retain sensitive data longer than necessary to fulfill its purpose or to comply with law.

  • As a 501(c)(4), the chapter is subject to legal requirements governing certain financial and organizational records. In any conflict between this policy and applicable law, legal requirements take precedence.
  • Permanent records must also follow the retention standards in Section 3.6.8 (Documentation and Record Retention).

Event Sign-In Sheets and Mailing Lists

  • Event sign-in sheets and contact lists are classified as Tier 4 data.
  • They must be stored only on approved encrypted platforms (CryptPad, Proton Drive, etc.).
  • Data that is not required by law to be kept, including most sign-in sheets, shall be destroyed no later than thirty (30) days after the final date of use.
    • “Final date of use” means the last time the list is actively used for follow-up, outreach, or reporting.
  • Sharing of such lists, while they are active, may only occur via secure access permissions in approved encrypted platforms, not by sending raw files.

Coalitions and New Organizations

  • When Savannah DSA uses a sign-in sheet or contact list to initiate a new coalition or organization under its temporary leadership, the list may be retained for the duration of DSA’s stewardship of that project.
  • When leadership and data responsibility are formally transferred to the new organization, Savannah DSA will delete its copy of the list within thirty (30) days, unless legal requirements dictate otherwise.
  • Any transfer must honor the consent given at the time of collection and use encrypted sharing methods.

H. Training, Breach Response, and Accountability

Training

  • Any member granted access to Tier 3–4 data must complete basic digital security training approved by the Steering Committee.
  • Training will cover secure device configuration, use of encrypted tools, recognizing phishing and social engineering, safe communication practices, and breach reporting.

Breach Response

A “data breach” includes, but is not limited to:

  • loss or theft of a device used to access chapter systems;
  • unauthorized access to chapter accounts;
  • accidental sharing of membership lists or PII with unintended recipients;
  • exporting or posting Tier 3–4 data to unauthorized platforms.

If a breach or suspected breach occurs:

  • The member discovering it must notify the Steering Committee (or its designated security point person) and the Secretary as soon as possible.
  • The Steering Committee will coordinate immediate steps to contain the incident (revoking access, resetting passwords, updating permissions) and assess the scope.
  • The incident will be documented, and affected members or contacts will be notified when appropriate.
  • The Steering Committee may require remedial training or take disciplinary action, depending on severity and intent.

Therefore, be it resolved:

  • The Steering Committee shall, within a reasonable period after adoption of this handbook, configure the necessary encrypted platforms, update access permissions, and provide security training to members who require access to Tier 3–4 data, in order to bring chapter practice into compliance with Section 3.5.4; and that the Steering Committee may enlist members with relevant expertise to assist in this work, and
  • The chapter authorizes the Steering Committee to investigate and propose the purchase of one or more chapter-managed, encrypted devices suitable for handling Tier 3–4 data, including a budget-friendly laptop or similar device, subject to membership approval of any required expenditure.