Contributor Style Guide

We created this guide to help contributors write new guides while maintaining the voice and style present on the site. Please read it closely — following these guidelines will help your first draft land much closer to what we’re looking for.

If you are translating rather than writing in English, see the translation style guide for register, terminology, and language-specific notes.

Who We Are, Who We Write For

Activist Checklist exists to make digital security accessible to people doing social movement work. Our readers are organizers, protesters, ICE observers, mutual aid volunteers, and anyone engaged in activism or political dissent. They are not security experts. Most are encountering these topics for the first time, often under time pressure and real risk.

We sit in a gap: existing resources were either too simple (a quick list handed out before an action) or too complicated (in-depth guides that made people’s eyes glaze over). Our job is to be comprehensive without being overwhelming.

We orient the whole site around this premise: At best, someone is probably going to give us 15-30 minutes of their attention (if they don’t click away immediately). These people aren’t going to do a threat model. They just want to know what to do. Everything we write should help someone take action right now with as little friction as possible.

We are explicit about our politics. We are organizers and activists. We built this site because we believe social movements deserve better tools to protect themselves from state repression and right-wing threats. We name the state as the primary threat for activists. We name right-wing actors as a threat. We encourage dissent — “Do not obey in advance.” At the same time, we are careful not to be reckless. We don’t encourage illegal activity. We recommend consulting movement-aligned lawyers. We distinguish between legal observation (like filming police) and activities with different risk profiles.

New contributors should be comfortable with this positionality. If you’re writing for this site, you’re writing for movements, not for a general audience.

Our Principles

• We sound like a trusted friend who happens to know a lot about digital security — fellow organizers sharing what we’ve learned.
• We are warm, direct, and practical.
• We are not lecturing, not performing expertise, and not speaking a language no one can understand.

1. Start with the risk, name it specifically

Every checklist item and every guide opens by grounding the reader in why this matters to them specifically. We don’t lead with technical instructions. We lead with the real-world risk.

✅ Good

“When police access one person’s phone, they can map entire activist networks (your contacts, your Signal chats, your location history, and more).”

❌ Not our style

“This section covers phone hardening procedures for mobile devices.”

Be specific about who the threat is: law enforcement, ICE, the federal government, right-wing adversaries. We don’t use vague language like “bad actors” when we can name the actual agency. We link to evidence and cite real cases.

✅ Good

“We know that ICE is trying to track anyone who films them.”

✅ Good

“Tech companies (like Google) often receive government demands to turn over all the account data for an activist.”

2. Harm reduction, not perfection

We take a harm reduction approach: start where you are and do what you can. We never shame someone for their current setup or imply they’re doing it wrong. We meet people where they are and give them a clear next step.

✅ Good

“Don’t let not having a secondary phone stop you from doing this work.”

✅ Good

“If you feel you have to choose between a long passcode and disabling biometrics, we recommend a longer passcode.”

❌ Not our style

“You should never use Google Maps under any circumstances.”

When two good practices conflict, acknowledge the tension honestly and tell the reader which one to prioritize and why.

3. Community protection, not just individual protection

Our framing consistently reminds readers that security is collective. A single person’s compromised phone can expose an entire organizing network. This is not about paranoia; it is about solidarity.

✅ Good

“Your phone doesn’t just have your data on it. It has your Signal groups, your contacts, photos of community members, threads with other organizers. If it gets seized, your organizing network could be exposed.”

Use the framing “this protects your community” alongside “this protects you.” Both matter.

4. Empower action, not fear

Our opposition wants us to be afraid. We name real threats clearly, but we always follow them with what people can do. Every threat description should be followed by concrete defensive steps. Never leave the reader sitting with fear and no path forward.

✅ Good

“But we can do a lot to protect ourselves! That may sound like a lot, but the federal government is not all-powerful (as they would like you to believe).”

✅ Good (from the doxxing guide)

“Use this information to get bigger, not smaller. We encourage you to use these defensive measures to empower you to keep taking bold action.”

We also normalize the reality that getting attention from adversaries can be a sign of effective organizing:

✅ Good

“The more successful you are in your work, the more likely you are to eventually face some kind of doxxing or online harassment. Consider it a sign that you’re on the right track.”

Cheer readers on. Validate that this stuff is hard, and that taking even small steps matters.

✅ Good

“Keep speaking out publicly! Moving some conversations to Signal for security isn’t about going silent. It’s about organizing safely while still voicing criticism of power holders openly.”

5. Be opinionated and honest about trade-offs

We make clear recommendations. We do not present five equal options and leave the reader to sort it out. We tell them what we recommend, what we use, and why. Then we offer alternatives for people with different needs.

✅ Good

“DO: Use Signal” “DO NOT: Use Facebook Messenger, Telegram, regular texts, etc.”

✅ Good

“We recommend Brave because it offers the most privacy without any additional configuration, which is our goal on this site.”

When we recommend paid tools, we always note the price, mention that we don’t receive commissions, and try to acknowledge the frustration of having to pay for privacy.

But almost every security step also has a usability cost. We never hide that. Name the trade-off and help the reader decide if it’s worth it for their situation.

✅ Good

“Trade-offs: We recognize there are trade-offs in turning off your phone. Sometimes it is more important to film the police or coordinate with our allies. Think through what is the priority for you.”

✅ Good

“Downsides to using a VPN: You will encounter more CAPTCHAs on websites. Some websites may block VPN access.”

6. Write for everyone in our movements

Our readers are not a monolith. They include undocumented folks, trans and queer organizers, disabled people, parents, elders (lots of folks joining our movements right now are retirees), and people across different races, classes, and religions. Write as if all of them are in the room — not just the reader you most easily picture.

A few concrete habits:

• Default to “they/them.” Avoid “he/she,” “guys,” “manpower,” “mankind.” When using a hypothetical name, vary it rather than defaulting to one kind of person.
• Don’t assume a single reader profile. Not every reader is a citizen, has a stable address, uses a newer phone, has reliable internet, or can afford paid tools. Offer free or low-cost paths alongside paid ones.
• Name when risks hit some people harder. A phone search, a border stop, or a doxxing incident carries different weight depending on someone’s immigration status, disability, or who they’re out to. Call it out where it matters instead of writing a generic “activist.”
• Check your own assumptions before publishing. Ask: who is this written for, and who might it accidentally leave out?

✅ Good

“If an organizer loses their phone, they should change their passwords right away.”

✅ Good

“Biometric unlock (like Face ID) can be legally compelled in more situations than a passcode. This matters especially for undocumented folks and anyone attending high-risk actions.”

7. Use plain language

We use short sentences and everyday language. If a technical term is necessary, we define it immediately, in context. We use contractions (“don’t,” “won’t,” “you’ll”) and parenthetical asides (“yes, we hate Amazon too”). Conversational but not sloppy.

✅ Good

“A VPN (Virtual Private Network) helps mask your location and makes you slightly harder to identify.”

✅ Good

“‘People search’ sites (also known as ‘data brokers’) collect information from public and private records to form a ‘profile’ for basically everyone.”

We choose the clearest term as our default — “people search sites” instead of “data brokers,” “disappearing messages” instead of “ephemeral messages” — because the plain term just says what it is.

❌ Not our style

• Jargon without immediate definition (OPSEC, OSINT, threat actor, attack surface)
• Corporate security language (“implement,” “deploy,” “leverage,” “utilize”)
• Condescending framings (“it’s easy,” “simply do X,” “just follow these steps”)
• Passive voice when describing threats (“tracking may occur” instead of “the cops can track you”)
• Em dashes used as parenthetical asides. Rewrite as two sentences, use a comma, or use parentheses instead.

Quick Reference: Words and Phrases

We use

• “Protect yourself,” “protect your community,” “keep each other safe”
• “We recommend,” “our top recommendation”
• “Here’s why it’s important”
• “If you only have 15-20 minutes, start with these items”
• “The cops,” “law enforcement,” “right-wing adversaries”
• “Your opposition,” “bad actor” (when we truly don’t know who)
• “Disappearing messages” (not “ephemeral messages”)
• “People search sites” (not “data brokers”)
• “folks,” “y’all,” “our people,” “our movements”

We avoid

• Jargon without immediate definition (OPSEC, OSINT, threat actor, attack surface, etc.)
• “You should” or “you must” without explaining why
• Scare tactics or doom language (“you WILL be surveilled”)
• Condescending framings (“it’s easy,” “simply do X,” “just follow these steps”)
• Corporate security language (“implement,” “deploy,” “leverage,” “utilize”)
• Passive voice when describing threats
• Em dashes as parenthetical asides. Rewrite as two sentences, use a comma, or use parentheses instead.
• Gendered language, or assumptions that don’t apply to all readers (citizenship status, income, tech access, ability — see principle 6)

Content Standards

How we pick tools to recommend

• Usability is the top criterion. Pick the tool that works out-of-the-box with strong defaults, even when a more configurable option is theoretically more secure. If people won’t stick with it, it doesn’t protect them. (Brave as primary, Firefox as secondary for folks willing to configure it.)
• Optimize for long-term usability. Switching tools is painful, so pick ones readers can stay with for years: low setup friction, good defaults, active development, and a business model aligned with privacy. (1Password over KeePassXC, since KeePassXC’s clunky interface makes people abandon it.)
• One clear primary recommendation. Make the top pick obvious. Include 1-2 alternatives only when they serve genuinely different needs. No more than 3 tools total unless absolutely necessary. (Mullvad as top pick, IVPN for auto-renewal, Proton VPN if they want a free option.)
• Only recommend tools we’ve vetted. Check the privacy policy, ownership, track record, and technical architecture ourselves. If we haven’t done that work, we don’t recommend it. (We wrote a whole position page explaining why we still trust Proton despite concerns about their CEO.)
• Name popular tools we don’t recommend. If readers are likely to ask “what about X?”, address it directly with a brief reason. (We call out LastPass, DeleteMe, Nord VPN, ExpressVPN, and Surfshark by name.)
• Name the price and the trade-offs up front. Put the cost in the DO line and name real usability costs so readers can decide if it’s worth it. (“$20/year” for EasyOptOuts; “you’ll encounter more CAPTCHAs” for VPNs.)
• Cite third-party evaluations when available. Independent audits, Consumer Reports studies, and published court cases carry more weight than our own word. (The Consumer Reports data broker study gives us the 27% vs 65% vs 68% numbers for DeleteMe vs EasyOptOuts vs Optery.)
• Prefer tools whose business model aligns with privacy. Tools that make money from surveillance are bad picks even when they work well. Tools that structurally can’t hand over your data are strong picks. (Google Voice is “less private” because Google is where cops subpoena first; Mullvad gets praise for not storing payment info.)

What to cite

• It’s better to link to reporting for a non-technical audience (404 Media, The Intercept, Wired, The Guardian, EFF, etc) than it is to link to primary research. When needed, we can include links to primary research or more technical resources at the end of a guide under “Learn more”
• Try not to link to paywalled sites. (We have an automatic paywall bypass for 404 Media since it’s so often a source for important reporting.)

What we don’t do

• We don’t provide legal advice. This is in the footer of every page: “We provide info and resources, not legal advice. Consult an attorney for your specific situation.”
• We don’t promise complete anonymity. We say things like “these steps won’t make you invisible, but they’ll make it substantially harder for authorities to…” Honesty about limitations builds trust.
• We don’t recommend tools we haven’t vetted. If we haven’t evaluated a tool’s privacy policy, ownership, track record, and technical architecture, we don’t recommend it. We explicitly call out tools we do NOT recommend (like LastPass or DeleteMe) and explain why.
• We don’t use affiliate links or accept commissions. We note this explicitly when recommending paid tools.

Guide Structure and Formatting

For guide structure, checklist item anatomy, formatting conventions, platform path style, see this page: Page structure & formatting

Questions?

If anything in this guide is unclear or you have suggestions for improving it, reach out through the contact page.