Forensic Archive of Iran’s Data Policy

1. Purpose of This Policy

The Forensic Archive of Iran documents citizen testimonies, evidence, and observations related to the disappearance, relocation, or endangerment of cultural heritage within Iran.
This data policy outlines how the archive protects contributors, handles sensitive materials, and preserves records ethically and securely.

Our priority is the safety, anonymity, and agency of individuals living under totalitarian conditions created by the Islamic Republic.

2. Threat Model

The Archive operates with awareness of the following risks:

Potential Adversaries

  • Islamic Republic state institutions, including security/ intelligence agencies

  • Cyberattacks or unauthorized access attempts

  • Political actors or diaspora groups seeking to influence or distort evidence

  • Automated scraping or metadata-harvesting bots

Potential Harms

  • Identification of contributors inside Iran

  • Retaliatory threats or violence

  • Criminalisation of participation

  • Manipulation, removal, or distortion of testimonies

All decisions regarding data collection, storage, and publication are taken with this threat environment in mind.

3. What We Collect

We collect the minimum data necessary for historical and evidentiary value:

  • Textual testimonies describing an event, disappearance, or observed changes

  • Optional uploads such as photographs, videos, or documents

  • Approximate date or date range of the event

  • Approximate location (city or province — never exact coordinates)

  • Non-identifying contextual details (e.g., "museum staff member," “local resident,” “bystander”)

We intentionally do not request or require personal demographic data (e.g., name, age, occupation, political affiliation).

4. What We Do NOT Collect

To protect contributors, we do not collect:

  • Names, phone numbers, email addresses, usernames, or social-media handles

  • Exact geographic locations (street-level or GPS coordinates)

  • IP addresses or browser fingerprints

  • Device identifiers

  • Biometric data

  • Information about political, military, or intelligence affiliations

We do not run advertising trackers, analytics tools, or third-party cookies.

5. Metadata Minimisation

Many files (photos, videos, PDFs) contain hidden metadata (EXIF/GPS/device data).

To protect contributors:

  • All metadata is stripped automatically upon upload wherever possible

  • If stripping is not possible, the Archive manually deletes identifying metadata before storage

  • Original files are never preserved with embedded location or device data unless essential for evidentiary reasons — and only after full risk assessment

We advise contributors to remove metadata before upload, but do not rely on the user’s technical knowledge.

6. Storage, Encryption & Server Location

All data is stored using a multi-layered security architecture, including:

  • Encrypted storage environments

  • Off-site encrypted backups

  • No cloud services hosted in jurisdictions with weak privacy laws

  • No third-party access to raw data

  • Limited internal access only for verification and classification

We do not disclose server locations publicly for security reasons, but our infrastructure complies with strict international data-protection standards.

7. Anonymity & Contributor Safety

Contributor anonymity is a foundational principle.

We guarantee:

  • No identity verification

  • No logging of IP addresses

  • No cookies that track behaviour

  • No cross-site tracking

  • No sharing of raw submissions with any political group, NGO, or institution without explicit consent

We advise contributors:

  • Use a VPN or Tor

  • Avoid uploading files containing their own faces or identifiable spaces

  • Avoid naming individuals unless necessary for evidentiary purposes

8. Verification & Editorial Protocol

The Archive verifies submissions using a three-tier classification system:

  1. Unverified

    • A single testimony with no corroborating evidence yet

  2. Partially Verified

    • Consistent with other regional reports, news, or historical patterns

    • Some corroboration, but incomplete evidence

  3. Verified

    • Multiple independent testimonies, archival parallels, or official records

    • Verification does not require photographs; triangulation is often sufficient

Contradictory testimonies are preserved rather than erased to maintain historical accuracy and complexity.

9. Rights of Contributors

Contributors may request:

  • Deletion of their submission

  • Redaction of specific details

  • Removal of uploaded materials

  • A copy of their anonymised submission

Because we do not store identifying data, deletion requests apply to the content only.

10. Use of Data

Submitted materials are used exclusively for:

  • Documentation of heritage disappearance

  • Research and academic analysis

  • Public reporting and awareness

  • Long-term preservation and counter-forensic evidence

  • Potential use in future transitional-justice procedures or independent investigations

We do not sell, license, or monetise data.
We do not collaborate with political organisations or state bodies.

11. Limitations

While we employ high security standards, no system can guarantee absolute safety against a powerful totalitarian state. Contributors should always assess personal risk before sharing information.

12. Updates to This Policy

This policy will be updated periodically as the Archive’s methods develop and as new risks emerge. Major changes will be publicly noted on the website.