CiviCERT Membership Policy

LAST UPDATE | 26 AUGUST 2025

CiviCERT is an international network of rapid responders, digital security help desks, and infrastructure providers focused on supporting individuals, groups, and organizations striving towards social justice and the defense of human and digital rights. It is a coordinating body for this work, accredited by Trusted Introducer, the European network of trusted computer emergency response teams (CERTs).

Given its independent status outside of existing organizations, CiviCERT can be seen as a neutral coordinating center for technical civil society organizations, and is open and participatory as any civil society group can apply to join. Its current services include:

  1. The Digital First Aid Kit (DFAK) – a resource for rapid responders, as well as a tool for contacting CiviCERT organizations
  2. A private encrypted mailing list
  3. A Malware Information Sharing Platform (MISP) instance
  4. A dedicated Mattermost instance
  5. A dedicated Nextcloud instance
  6. Other infrastructure and services as needed

Membership

  • Members of CiviCERT have access to the above-mentioned services and resources.
  • Members if they wish will be listed in the civicert.org website.
  • If they wish too, members are also listed in the DFAK website and have access to the DFAK gitlab repository.
  • Members will be able to share cases without vetting and sharing sensitive information on threats, as well as manage CiviCERT membership and procedures.
  • Members will have access to internal resources and knowledge base.
  • Members will be invited to CiviCERT events.
  • Members will have access to training and professional development opportunities.
  • No members of CiviCERT may use CiviCERT’s name, image, or other aspect of our identity to create a false or misleading impression that they are official representatives of CiviCERT; even if well-intentioned. If any member wishes to utilize the CiviCERT identity (or a separate identity that is similar enough to cause confusion) that member should provide qualifying language which prominently and unambiguously states that they are not the official CiviCERT and act only as members of the CiviCERT network.

Procedure for joining:

  • Adopt CiviCERT’s Code of Conduct
  • Adopt CiviCERT’s vetting policy
  • Adopt CiviCERT’s information management policy
  • When policies are adopted, candidates can apply through 2 other existing CiviCERT members from different organizations vouching for them. If nobody objects after 1 month of nomination, membership will be granted.
  • The member(s) from the network nominating a new member provides background information about that organization/group/person:
  • How do you know this organization/group/person? The proposed member should be proposed or explicitly supported by an existing CiviCERT org/group from that place (country/region).
  • Have you worked with them, on what? The proposed member must have some past experience working with the CiviCERT member who is nominating them.
  • What would the added value of this organization/group/person for CiviCERT be?
  • What rapid response services do they provide?
  • While applying, potential CiviCERT members will be invited to join the Rapid Response Network (RaReNet) community – by joining RaReNet, they will be subscribed to the RaReNet mailing list and will be invited to public RaReNet events.
  • During the 1-month evaluation window of a proposed member, a video call will be organized with the incoming member, the existing member that proposed them, and inviting anyone else from the network who is interested. the purpose would be to help the proposed member get a better sense of the network (and the network of the member), answer any questions head-on, etc.
  • Once the application has been accepted, the new member will agree with the vetting and information management policy and provide the necessary information for civicert.org website and, if relevant, the Digital First Aid Kit.

Requirements for members:

  • Members will send updates over the encrypted mailing list on the status of their work (requests, statistics, etc.) every 6 months or less. If no updates are sent for longer than 12 months, revocation of their membership can be initiated.
  • Members who want to be included in the DFAK website will fill in a form with all the required information, including a list of provided services.
  • Contributing to the maintenance and management of CiviCERT (infrastructure, accreditation, etc.).
  • Members must share with the network any potential conflicts of interest, such as working for a company while being part of CiviCERT.

Exiting members

If a representative of an organization leaves a member organization, they or their organization should inform about a new colleague to join CiviCERT in their place.

Any member may leave the group at any time without the need to give any explanation. After leaving, all members will have to abide to the confidentiality agreement in the information management policy they agreed with when joining.

Termination of membership

If a member of CiviCERT

  • does not send regular updates on the status of their activities within a year,
  • violates CiviCERT’s policies or Code of Practice,
  • does not cooperate or contribute to the purposes and goals of CiviCERT — for instance, the network not hearing from a member in over a year or them not resolving communications obstacles (expired key, no mattermost account) in over a year,
  • or is reported by another member organization, who raises trust or security concerns regarding the member’s participation in CiviCERT,

their membership will be reviewed and potentially suspended.  Suspension or revocation shall require support from at least three members. The affected member shall be provided an opportunity for rebuttal prior to revocation.

Lifting suspension and restoration of access to CiviCERT services shall require no blocking votes from members.

Project coordination structure

The coordination of CiviCERT will be done by the CiviCERT coordinator,  with the DFAK website as an intake mechanism.

The coordination of the encrypted mailing list, including subscriptions and regular requests for update on the status of members’ work, will be done by the coordinator.

CiviCERT’s git repositories and websites will be managed by at least 2 members including the systems administrator, to ensure responsiveness.

When decisions need to be made by CiviCERT members they will be clearly presented  and facilitated on the encrypted mailing list giving 15 days for discussing the proposal and achieving a collective decision. If consent is achieved by the group but one member wants to block it, this blocking needs to be justified based on serious security or ethical concerns that can put at risk CiviCERT’s reputation or integrity.

Changes to this policy

This policy can be changed within the network. Proposed changes will be submitted in advance to the network.