July 3 2025 GM

Tierra Común: Challenges of Being a Tech Cooperative in Mexico Working With Free Software and Digital Security

• Date: Thursday, July 3
• Time: 9am EDT / 1pm UTC
• Facilitator: Mardiya
• Featured Guest: Mikra and Cacu
• Where: On TCU Mattermost "IF Square" Channel.
  • Don't have an account to the TCU Mattermost? you can request one following the directions here.

Join Mikra and Cacu, colleagues at Tierra Común, as Tech COOP, who will be talking about:

• The work of  Tierra Común, a tech cooperative committed to using only free/libre software as  a political and technical decision that brings important advantages, but also complex challenges
• How these technical choices affect their daily work
• What the broader digital rights landscape in Mexico looks like today.
• Their experiences as Rapid Response Trusted Partners of the Open Technology Fund since 2021

Tierra Común is a worker-owned cooperative with 10 years of experience. We work primarily with human rights organizations and journalists, particularly in Mexico. We install digital infrastructure such as servers, antennas, cabling, and virtual machines. Our main contribution is strengthening digital security through the use of free and open-source software.   

What is Glitter Meetup?

Glitter Meetup is the weekly town hall of the digital rights and Internet Freedom community at the IF Square on the TCU Mattermost, at 9am EDT / 2pm UTC. It is a text-based chat where digital rights defenders can share regional and project updates, expertise, ask questions, and connect with others from all over the world! Do you need an invite? Learn how to get one here.

Notes

Can you introduce the work of Tierra Común, where you work and what you do?

• We are a worker-owned cooperative with 10 years of experience. All members have equal voice and vote, and we make decisions collectively through assemblies. We have agreed to pay ourselves the same hourly wage, regardless of the role each of us plays within the cooperative. We mainly work with human rights organizations and journalists, especially in Mexico, though we’ve also produced documentation, videos, and written materials we believe are useful for digital rights defenders more broadly. We set up digital infrastructure — including servers, antennas, cabling, and virtual machines — and we also provide digital security training, primarily using free and open-source software.

Can you give us an overview of what the digital rights landscape in Mexico currently looks like? How does that shape or inform the work of the cooperative?

• Recent reforms have been approved aimed at instrumentalizing censorship against journalists and other critical voices. There is no explicit acknowledgment from the state that it is failing to uphold human rights, let alone digital rights. However, several NGOs and people networks have raised their voices to stop these kinds of reforms and, more broadly, to confront attempts to restrict freedom of expression, condition internet access, or use cybersecurity as a means of control. These groups are also bringing important issues to the table, such as the rights of children, dissident communities, and labor rights in the digital environment, among others.
• This week, several highly concerning reforms were approved: Intelligence Law: creates a platform to centralize our tax, medical, and biometric data. The National Guard is now fully under Sedena (the military): it has been granted investigative and geolocation powers. This is especially alarming given that the military has used Pegasus spyware for years without judicial oversight and has long-standing ties to organized crime — a situation that has continued in recent years. Telecommunications Law: requires all phone lines to be registered using the biometric CURP (main ID).
• "These reforms legalize surveillance by the Armed Forces by granting the Secretariat of National Defense the authority to process and use information for intelligence activities on the grounds of “national security,” without safeguards or controls for these powers. Additionally, the requirement for judicial authorization was removed, allowing the National Guard to access data retained by telecommunications companies and real-time geolocation of mobile devices." translated citation of this: https://r3d.mx/2025/06/26/organizaciones-rechazamos-el-paquete-legislativo-que-avanza-para-legalizar-la-vigilancia-por-parte-del-estado/

Do you think these invasive changes are mostly flying under the radar of the public (going unnoticed)?

• They do go unnoticed in public opinion, especially because they are not widely reported in the hegemonic news media, because they also require empathy about freedoms such as privacy and anonymity. Perhaps as a general population we are not yet aware of the harm of these kinds of reforms and how we are going backwards with them.

How do these developments shape your work and what you do at the cooperative?

• The military had already been conducting surveillance on critical voices, although it had never officially acknowledged it. This has been documented by several international organizations. In fact, Mexico is one of the largest purchasers of spyware worldwide. The change now is that this surveillance will become legal. The massive collection of data by the state makes it much harder for us to protect ourselves and being able to protect the people we work with.
• There is a massive campaign to portray the military as a “good” and trustworthy institution. However, the military leadership hasn’t changed in decades — they are the same figures who have harassed, repressed, and even killed dissenting voices. In fact, both the current and previous governments have given them excessive power: they now control an airline, a new railway project, and even the construction and operation of hotels in the jungle.

Lets go into the work of Tierra Comun, can you explain the free/libre software and your decision behind using them within the current landscape in Mexico? Also what type of work do you do with these technologist? Are these mostly rapid response?

• The work we do using free and open-source software includes: graphic design and animation, file server installation, network management, technical support, website deployment and administration, information systematization, and digital security training. Part of this work has been carried out for organizations involved in rapid response projects. Over the past three to four years, this has mainly been through the OTF (Open Technology Fund) Rapid Response program, although we previously did similar work with other funders.
• For many years, the cooperative covered half of the rent for a hackerspace where we offered free workshops on free/libre software. Several of us are actively involved in free and open-source software projects.

And what does the rapid response process look like?

• We begin with an assessment of the organization through interviews that help us understand how it operates, what risks it faces, what infraestructure uses and other key aspects. Based on this analysis, we propose a work schedule aimed at strengthening vulnerable areas through workshops, technical support, and addressing any security issues on the organization’s website. We also work collaboratively to develop a tailored IT policy that is functional and aligned with the organization’s specific needs and context.
• It has been both a rewarding and concerning experience. Intervening in emergency situations from a strictly digital security perspective allows us to address specific problems and help individuals regain a sense of calm. Their knowledge improves, they take steps to mitigate the identified incidents, and they begin to regain some control. However, these incidents are often linked to broader issues that don’t always fit neatly into the definition of an “emergency.” For instance, many organizations carry out their work under significant stress, with limited financial resources, little flexibility in how they use them, heavy workloads, and in high-risk environments.
• Although long-term organizational strengthening is not the primary goal of an emergency response program, working in this way often helps organizations begin or continue such processes, improving their ability to prevent and respond to future incidents. This is certainly technical work, but it is also deeply human—rooted in care, accompaniment, and emotional support. In the midst of a crisis, countless questions arise—some related, some not—and sorting through them, prioritizing, and addressing each one is a complex yet highly meaningful task.

If you can let us know who you support in general. That is who usually do you give such rapid response support services to, or work with?

• We strive to prioritize the use of free/libre software whenever possible. We've been fortunate to successfully migrate entire offices to free software systems — a process that has posed significant challenges. Resistance to change is often strong, and in some cases, usability doesn't match that of proprietary systems.

Do your choices in technology and tools come with its own set of challenges? What are those? And what are the complexities you have to navigate?

• We need to know how other systems and applications that aren't free operate, so we don't use exclusively free software, but yes we prioritize it.

Do you ever find yourselves needing to mournfully recommend or implement a service or solution that is not free/libre, like something closed and in "the cloud", or facilitated by big tech?

• Since we started 10 years ago, we have never used a cloud solution. We set up our own GitLab instance on our virtual machine, used a VPN with Outline for a while, and from the beginning, we have relied on Nextcloud’s cloud, hosted by the cooperative May First Coop.

What are some of the priorities when it comes to how they operate?

• In the case of graphic design and creation we also find ourselves working well with free software with nothing to constrain our creative freedom

Do you have a repository of technologies and tools you have been using, and the why or how you go about choosing them for future reference?

• We have installed many Debian servers in many organizations in Mexico, which run services locally, not in the cloud. Unfortunately we don't have a public documentation, it's an eternal pendant that's becoming obsolete fast. We create customized documentation for organizations, intended solely for their internal use and not for public access.

How can the community connect further? i am sure folks here might be really interested in the work of Tierra Comun. Any websites?

• We are part also of patio coop, a network of tech cooperatives: https://patio.coop/
• We're on mastodon https://social.coop/@tierra_comun
• We have an onion site: http://viiw4tjgx4wi4rk7d5oy6tne7y6lpwsn27f7brnknugdzjqbm4ckkuyd.onion/
• And normal site: https://tierracomun.org/