After-Action Reviews & Data Hygiene
Learn how to run structured debriefs after actions, capture lessons without compromising security, and securely store or destroy sensitive data.
ποΈ After-Action Reviews & Data Hygiene
Important
24-Hour Rule: Debriefs and data triage should start within 24 hours of an action. Lingering files = lingering risk.
Why It Matters
Pods often collect photos, video, chat logs, and field notes during actions.
If not handled correctly, this data can endanger community members if devices are seized, hacked, or subpoenaed.
Structured debriefs also make pods smarter and more resilient by learning from mistakes without fracturing trust.
Core Protocols
1. Structured Debriefs (Blame-Free Zone)
Hold a debrief within 24β48 hours using this structure:
- Timeline Review β What happened, in order
- Gaps Identified β Where did plans break down?
- Successes β What worked well?
- Action Items β Who will fix or implement what, by when
Rules for Debrief Notes:
- No personal names. Use role labels (e.g., βMedic 1,β βObserver 3β).
- Take notes only on paper or encrypted pads (e.g., Signal Notes or VeraCrypt).
- Destroy notes after 30 days unless they are required for legal or retraining.
2. Data Triage Flow
3. Secure Storage Guidelines
| Data Type | Storage Method | Retention Period |
|---|---|---|
| Bodycam / video | VeraCrypt USB drive + 1 encrypted backup | 90 days (max) |
| Comms logs (Signal) | Export to encrypted local drive (no cloud) | 30 days |
| Medical records | Paper in locked safe, no digital copies | 1 year (or legal req.) |
Risk Mitigation
| Risk | Solution |
|---|---|
| Device seizure during action | Use burner phones and auto-wipe apps (ObscuraCam for photos) |
| Subpoena for chat logs | Avoid cloud services (iCloud/Google). Use Matrix or Signal only |
| Debrief leaks | Hold reviews in person or on encrypted voice (Signal/Jitsi) |
| Over-collection of footage | Film only when needed for legal proof, not documentation habit |
Warning
The safest data is data you never collect. Only keep what is legally or tactically essential.
Tools & Templates
Debrief One-Pager
- Timeline Review (15 min)
- 3 Wins / 3 Gaps (15 min)
- Next Steps (owner + deadline)
Data Hygiene Cheat Sheet
- Day 0: Move all files off phones to encrypted storage
- Day 1: Anonymize faces and scrub personal details
- Day 3: Legal review completed, purge all non-essential data
Chain of Custody Form
[Description]____________________
[Collected By]___________________
[Time/Location]__________________
[Storage Method]_________________
[Accessed By]____________________
[Purpose]________________________
Roleplay Scenario (Certification Drill)
After a raid response, your pod has:
- 12GB of protest footage
- Medical intake forms with real names
- Signal chat logs containing location data
Your task:
- Use the Data Triage Flow to decide what stays, gets anonymized, and what must be deleted.
- Draft a debrief agenda focusing on safety gaps without naming individuals.
- Identify which materials need a chain-of-custody record for court support.
Final Checklist
- Ran a structured debrief within 48 hours of the action
- Encrypted or destroyed all raw footage and logs within 3 days
- Completed chain-of-custody forms for any evidence retained
- Implemented at least one tactical improvement from lessons learned
- Ensured no personal devices stored sensitive logs long-term
Success
The most secure pod is one that learns fast and leaves no unnecessary data behind.
π Knowledge Check
π« You must register and log in to mark this lesson as qualified. Registering helps us track progress, verify training, and build trust across our network.
You can use your Dispatch login here if you already created an account there. Likewise, creating an account here will let you use the same credentials on Dispatch.
Complete and pass the quiz above to unlock this button. Youβll need at least 80% correct.