The interviews strongly echo the foundation established in Survey A, while bringing several layers of nuance to the surface. Participants consistently pointed out that effective security solutions demand much more than just technical interventions. In order to guide their decisions and responses to threats, the CSOs and NPOs are in need of:

• Robust management frameworks
• Risk assessment tools
• Actionable playbooks

Discussions repeatedly challenged the binary notion of “transparent or hidden” information. Instead, organizational needs require sophisticated, context-specific management of visibility—a dynamic, graduated approach that allows for flexibility in what details are disclosed and when.

Another critical dimension concerns the persistent nature of online information: participants identified the enduring presence of data in archives as a significant vulnerability and called for dedicated tools to manage the lifecycle of exposed material. All interviewees pointed out that even after an initial threat has passed, sensitive details about staff, partners, or activities can remain accessible, sometimes exposing the organization or individuals to renewed or unforeseen risks later.

The interviews also underscored that organizations exist along a continuum of threat response maturity. Some only require foundational awareness, while others need advanced systems for coordinated responses, suggesting that solutions should be tailored to each organization’s readiness and context. Finally, a collective or networked approach to security—one that prioritizes the safety of communities as much as individual organizations—emerged as central throughout the findings. This holistic perspective validates Privacy Mode’s conceptual approach, highlighting the pressing need for solutions that integrate policy, process, and human factors, not just technology.

The interviews also underscored that the target audience may exist along a continuum of threat response maturity. Some only require foundational awareness, while others need advanced systems for coordinated responses, suggesting that solutions should be tailored to each organization’s readiness and context. Finally, a collective or networked approach to security—one that prioritizes the safety of communities as much as individual organizations—emerged as central throughout the findings. This holistic perspective validates Privacy Mode’s conceptual approach, highlighting the pressing need for solutions that integrate policy, process, and human factors, not just technology.

Stepping back and reflecting across the interviews, the tension doesn’t seem to be whether to be transparent or visible, it’s how to protect staff while ensuring their organization’s credibility within their community. And in terms of how this perceived value of “credibility” is earned, I think we can infer visibility can be understood both as a value in and of itself as well as a vulnerability. I believe this is the dubious distinction, an insight into the nature of the heart of a wicked problem–an inherent problem between the people, process, and technologies:

• CSOs and NPOs struggle with binary thinking about visibility
• Practitioner’s articulated nuanced positions challenging the all-or-nothing approaches

”You can be as safe as secure as you can imagine, but you will be useless because you’re self-censoring"	"[we need] a minimal listing with an avatar, something that kinda gives a little bit about who you are…just enough”	“how do we protect people by not identifying ourselves too much while maintaining credibility”

The target audience need more dynamic visibility settings. Privacy Mode could explore being preventative, perhaps with graduated visibility options in exemplified in user stories about:

• Password protected visibility (i.e. members-only, newsletter distribution)
• Roles based visibility (showing position but not name)
• Geographic masking (truncating location details, e.g. region but no city)
• Periodic visibility (timed windows where sensitive content is visible)
  • Cyclically changing password-protected content

Over the course of the interviews, I’ve gathered even technically capable organizations struggle with implementation. The interviews were all with seasoned career professional, with more than 10 years experience in their field. And they still shared experience of practical barriers beyond their technical knowledge: resource constraints and challenges with trust and verification–notably a need for human verification and support with any tool or automation implementation.

”A false sense of security is worse than not having tool"	"how do we protect people by not identifying ourselves too much while maintaining credibility”

Overall, the interviews captured how threats are escalating for CSOs and NPOs, evolving across a set of diverse scenarios in which having an accurate understanding of the context is paramount in making an assessment.

Emerging threat types add another layer of complexity. Interviewees described how new technologies and shifting social dynamics can introduce fresh risks. One practitioner observed that the potential for AI-generated deepfakes is transforming the way decisions around public photo exposure are made, while another pointed out that organizing activities in open-carry firearm states now come with heightened physical security considerations. Many of the interviewees also discussed the growing prevalence and sophistication of doxxing, underscoring its persistent and evolving danger.

Threats confronting organizations and individuals operating in sensitive environments are profoundly shaped by the specific context and constantly shift in both nature and urgency. Interview participants emphasized how the nature of the threat often depends on geography. For example, A practitioner highlighted that the violent realities faced by groups in Kenya demand a distinctly different response when compared to addressing online harassment, while another described how projects in countries like Iran or Russia encounter unique risks not seen in other regions. Another still further illustrated this geographic variation by recounting efforts to prepare for government-imposed internet shutdowns in certain countries.

Seasonal or periodic factors play a critical role as well, influencing both the immediacy and the duration of risk. A practitioner shared observations on how threat levels tend to spike during election seasons, with rapid escalations sometimes giving way to longer-term, strategic campaigns. This mix of urgent, short-term incidents and more gradual, persistent challenges points to the necessity for organizations to be capable of both immediate response and ongoing protection.

The practitioners shared how the scope of protection in high-risk environments invariably reaches beyond the boundaries of any single individual or organization. The interviews revealed that many practitioners conceptualize safety as a shared burden, with collective responsibility forming the foundation of effective defense strategies. One practitioner contributed significantly to this perspective by developing a Doxxing Defense Operators Guide for the Progressive Security Alliance, expressing that solidarity means “sharing the load of danger” among both peers and allied groups. There is a widespread acknowledgment that certain team members, due to their roles or visibility, experience disproportionate levels of risk, prompting further reflection on inclusive protection practices.

This understanding of a “shared” vulnerability naturally extends to external stakeholders. Interviewees stressed the importance of safeguarding not only staff, but also partners, vulnerable sources, and beneficiary communities. As a result, the implications for Privacy Mode point toward the necessity of supporting coordinated responses across networks of organizations, rather than focusing solely on internal needs. Key features identified real-time information sharing about active and emerging threats, as well as mechanisms for protecting the broader ecosystem associated with a given project or campaign. Comprehensive security, therefore, for the target audience is seen as inseparable from collaboration and community resilience.

”A lot of civil society folks, I don’t think [put] threat assessment is at the center of the organization"	"…there was probably someone who can help”

Many organizations continue to struggle with the absence of structured frameworks to guide risk-based decision-making processes. Interview findings consistently pointed to such challenges, with one practitioner observing that threat assessment is rarely central to the functioning of civil society organizations. Another’s experience further underscores the issue, for smaller organizations/team leadership/management often assumed that “there was probably someone who can help” rather than engaging with clear protocols or defined roles. The uncertainty is compounded by the other’s general accounts, describing not knowing where to turn for resources or authoritative guidance.

These findings strongly corroborate the patterns revealed in Survey A, which documented widespread organizational uncertainty and a marked need for practical decision support frameworks. The lack of clarity and reliable mechanisms not only hampers effective threat response but also underscores the urgency for tools and systems that can provide structured, accessible guidance for those navigating complex risk environments.