Every year, Access Now celebrates Heroes of human rights in the digital age from around the world who have made a unique contribution to the fight against overreaching surveillance and defending privacy. We also shine a light on the Villains who have played a notable role in undermining those rights.


Mohammed al-Maskati, Digital Security Trainer, Bahrain
Mohammed al-Maskati provides digital security advice and assistance to activists, journalists, and others throughout the Middle East and North Africa. Those who have worked with Al-Maskati credit him for not only keeping their information secure, but in several cases of actually saving lives through his interventions. In 2018, al-Maskati launched digital-protection.tech, a website to “provide advice on protecting individuals and organizations in the digital world and the Internet.”

Lizzie O’Shea, Lawyer, Australia
Lizzie O’Shea has led work to highlight, analyze, and protest expansive surveillance laws in Australia. Frequently working in coalition, O’Shea led the campaign against the Australian Government’s expansion of powers to break encryption protocols. This included building an alliance across technology companies, civil society organizations, academics, and activists, and fronting media, public events, and parliamentary inquiries. Despite the laws being passed, the campaign had a huge mobilizing impact, with a strong coalition committed to working together and thousands of Australian citizens sparked to take action.

Zaituni Njovu, Founder, Zaina Foundation, Tanzania
As the founder of the Zaina Foundation, Zaituni Njovu promotes digital security awareness for women and girls. Through the Foundation, Njovu works at “empowering girls and women in Technology through different skills in Technology.” She also works to translate security tools into Swahili to make them more accessible to non-English speakers, greatly expanding the reach of important resources for at-risk individuals.

Dr. Usha Ramanathan, Researcher & Activist, on behalf of Aadhaar Petitioners and Litigators, India
Dr. Usha Ramanathan is one of the leading critics of Aadhaar who has, since 2009, tirelessly challenged the controversial Aadhaar digital identity program in India, objecting to both the privacy and the security risks. In September 2018, the Supreme Court in India ruled Aadhaar could not be mandatory for several purposes, and it could not be required by private companies. Afterward, Dr. Ramanathan worked to explain the ramifications of the judgment and its disappointing limitations. She continues to speak out against the program. While we give our award to Dr. Ramanathan, we also want to recognize the entire community that has protested and litigated against Aadhaar.

Marianne Díaz Hernández, Lawyer & Researcher, Derechos Digitales, Venezuela
Marianne Díaz Hernández has been providing information and leading advocacy against invasive measures taken by the Maduro government in Venezuela. Her work has highlighted issues from data retention to censorship. As a native Venezuelan, her work has also been critical to provide proper local context for the activities of the government. In addition, in 2018, Díaz Hernández authored “El Cuerpo Como Dato,” an examination of the use of biometric technologies to track people in Latin America, calling for a broader conversation about what protections are necessary.


Our Villain Awards aim to shine light on the impact that the decisions of those in powerful positions can have on ordinary people. One major theme this year is the negative impact facial recognition and biometric tracking can have on people’s rights to privacy, data protection, and non-discrimination. The way these technologies are being developed and deployed globally fail to account for the risks they create, in particular for vulnerable communities. The risks are further exacerbated when the technologies and data collected are used for surveillance purposes. Villain Award recipients, like Heroes, are selected through a public nomination process, and should see this recognition as a warning sign from global digital rights defenders that we are watching. We call on them to improve their record going forward.

Scott Morrison, Prime Minister of Australia, and other politicians
Finance Minister Mathias Cormann, Energy Minister Angus Taylor, Defence Minister Linda Reynolds, ASIO Director-General Duncan Lewis, Victoria Police Assistant Commissioner Neil Paterson, Home Affairs Minister Peter Dutton, and Home Affairs Secretary Michael Pezzullo

In December 2018, the Australian Parliament rushed through a long, complicated, and amazingly invasive piece of legislation. While opponents had called for more time to debate, and hopefully fix, the proposal, these prominent politicians engaged in scare tactics, using unverifiable reports of “imminent,” though vaguely defined, terrorist activity that could only be investigated through the use of the law’s provisions. While this type of lawmaking may be common in repressive and authoritarian governments, its use in a democracy to increase surveillance powers is shameful.

Mark Zuckerberg, CEO, Facebook; Sheryl Sandberg, COO, Facebook
It would be hard to believe that any company has been more frequently in the news for bad or misleading behavior over the past year than Facebook. These incidents include the infamous Cambridge Analytica case, where massive amounts of data were allowed to be collected and turned over to a company that leveraged the information for political campaigns around the world. It is still not clear whether or to what extent others have abused these same business practices. In another revelation, Facebook was shown to have given device manufacturers inappropriate access to user data, including granting access to companies alleged to have direct ties to governments. Finally, we can’t neglect the report that Facebook hired a firm to discredit organizations, including Color of Change, that were critical of Facebook and its approach to surveillance, censorship, and other issues. Such activity is unacceptable. In the wake of these and other actions, both Mark Zuckerberg and Sheryl Sandberg have apologized repeatedly, but their actions have yet to demonstrate a substantial shift to more real-world privacy protections that positively impact their users. While we note recent commitments to take positive steps on privacy, reports have suggested similar past statements were historically more a PR tactic than the basis for comprehensive change in policy or product design. We therefore call upon Facebook’s executives to do much better and more in practice to live up to their responsibility to respect and protect the human rights of their users.

It is also noteworthy that Facebook reported receiving its largest-ever increase in government surveillance requests in 2018, and the company’s compliance rate in turning over information, though no doubt justified in some cases, was higher than ever before.

Disclosure: Access Now has received funding from Facebook. Read more about our financials and funding policy here.

Dr. Matt Wood, General Manager of Artificial Intelligence, Amazon Web Services (AWS)
Despite repeated calls by experts and civil society, Amazon has continued to contract with police departments and government agencies for the use of its Rekognition facial recognition technology. Groups have pointed not only to studies that reveal the technology’s bias, but its frequent use to facilitate human rights-violating surveillance. Dr. Matt Wood has specifically responded to these studies by questioning the researchers’ understanding of the technology and trying to discredit their methodologies. While Dr. Wood’s claims have been fact checked and found wanting, Amazon has still not satisfactorily responded to the groups’ demands, and is reportedly likely soon to receive an even larger contract for the provision of services to the U.S. Department of Defense.

Horacio Rodríguez Larreta, Jefe de Gobierno de la Ciudad de Buenos Aires
As Chief of Government for the city of Buenos Aires, Horacio Rodríguez Larreta has overseen a broad expansion of the purchase and use of surveillance technology without necessary transparency or oversight. This includes years of purchasing surveillance balloons, drones, automated license plate readers, and other technologies. In April 2019, Rodríguez Larreta announced the launch of an artificial intelligence-powered facial recognition tool that would be connected to the existing CCTV system. Despite the history of these tools being used in discriminatory ways, as well as the high threat facial recognition poses to human rights, there have been no details released, including about any safeguards that could be put in place to protect individuals.

Christopher A. Millar, President and Chief Executive Officer, Gatekeeper Intelligent Security
Under Millar’s leadership, Gatekeeper bills itself as “[l]eading the way in intelligent inspection and recognition solutions to secure borders, identify threats, and provide real-time actionable intelligence.” This includes both license plate-reader technology and facial recognition tools that can, according to Gatekeeper’s website, identify all of the occupants of a car. Unfortunately, a report in December 2018 verified that among Gatekeeper’s international clients were repressive governments like Saudi Arabia (a fact that is also listed on their website). Selling invasive surveillance technology to countries without proper human rights protection is irresponsible and dangerous, even life-threatening for advocates, journalists, and others. In the wake of the horrific murder of Jamal Khashoggi, it is even more important for companies to take steps to ensure that their tools are used in rights-respecting ways.


We believe that human rights are universal — including on the internet. Technology has given us new and powerful ways to exercise our rights, but the internet can also be a battlefield where those rights are under threat. To defend our private spaces, a group of experts convened in 2013 and identified 13 principles governments must follow to ensure any electronic surveillance program fully respects human rights. They are known as the Necessary and Proportionate Principles.

In celebration of those principles and the work of people around the world to protect digital rights, every year Access Now names “heroes” and “villains” who have either protected the principles of freedom online or worked to undermine them.

Access Now’s team evaluates nominees based on six criteria:

  • 1
    Impact in the fieldHow has the person’s work had a demonstrable impact on internet freedom and digital rights, either locally, regionally, or globally? (positively for the Heroes, or negatively for the Villains)
  • 2
    Embodiment of the PrinciplesHow have the 13 Principles of human rights and electronics surveillance played a part in that work?
  • 3
    Diverse representation —Do the awardees represent a diverse range of voices and regions?
  • 4
    Connection to users at riskHow has the person’s work impacted those most prone to marginalization?
  • 5
    Value to RightsCon Can we leverage the RightsCon event and community to empower and promote this person even further as a Hero, or to hold this person to account as a Villain?

Access Now is in the fifth year of its Annual Heroes and Villains awards. You can find out more about past years’ recipients the award’s evolution through the following pages:

2017 2016 2015 2014