When promising anonymity, discreetly stashed notes and a tight lip are the precautions of journalism’s past. Reporters have gone to jail rather than share the information they’ve gathered for a court proceeding, but as reporters increasingly depend on technology to correspond and collect material, the fruits of that labor can be accessed without a summons, subpoena, or the journalist even realizing it.
Telephone, Skype, e-mail, texts, and instant messaging are easy to intercept with the right technology. The surveillance industry is big business, and governments are regular customers. The stealth and sophistication of this monitoring merchandise was revealed in December when WikiLeaks released The Spy Files, a leak containing hundreds of documents from surveillance companies, including contracts, pricelists, and marketing literature. There were even some eerie animated videos from a firm called Gamma International, creator of Finfisher spyware, showing how their product can access a computer via a fake iTunes update, along with options for bugging a person’s e-mail, cell phone, or Skype conversation.
Journalists Ben Elgin and Vernon Silver produced a series for Bloomberg News called “Wired for Repression,” reporting that western technology companies like Nokia, Ericsson, and Hewlett Packard, to name just a few, are selling surveillance technologies to countries with very poor human rights records, who then use these tools to spy on dissidents. There are chilling examples in the series, including the story of Saeid Pourheydar, an activist and opposition blogger in Iran who was arrested for protesting the Iranian government. Pourheydar was accused of speaking with foreign media and interrogated with transcripts from correspondence he’d had with Voice of America and BBC.
Elgin spoke with Dave Davies on NPR’s Fresh Air about the “Wired for Repression” series and how it’s changed the way he thinks about his own communications:
Elgin: I began very carefully choosing the words I would use in communications to people, particularly if they’re inside these countries. I mean, I don’t know what triggers the filters there. Sometimes I would seek out people’s help, human rights activists and such who have worked in these countries, and just trying to get a sense for: How can I effectively communicate with somebody inside of these countries?
Communications with those outside the United States aren’t the only ones that require caution. The Obama White House has prosecuted more whistleblowers than all previous administrations combined, so there’s plenty of safeguarding needed domestically as well.
The most common way of hiding the contents of a message is through encryption, which scrambles the text, requiring a key to unlock it. The following message, “you will not be able to read this,” looks like this after encryption:
hQEMA+G3MWef+RVJAQf/eCFdrqRSN5zmV+dettB/4BWaotetOF72ajSKJhkQFwS+ BXY3gbNCbOW/uzOXGx2EJf7xloqR6eFQDLmJqPuG1lj97TDrXdZrazVDNfjJxO9I p4RTSlQO4fuQ2Ar+zaT0I/w2elqETsGJG53B96eQ1XFWNX2kp/8AHcawgZDe7sMC sCkiz8OH+G9Sa/sDlKRcQ1W5hQyBZJOwW182dWU8EbBSaijH+zWQIGuHOMTox5STvghpB60HWy48os7EhmFwBQWZOQg6jkgk6OqFARZYvF7HlitE3ZRq+CSHhMqroYYKwtz5uob2Luo5FzLAJGXj6AYw8tooAM0irzCHs7+Q2dJfAXvObQzU9YXqaYxPaEcu UvdbM3TFohVP3Kpwd3Qxz3Gz9VvIBAGJ8TN+kGzzhMh81h5a+TFPN9Sxg97swj2z aR1WKTBJIWJSL1AMziFgJ16mW93FxiVm/4x9qHoOETA= =rJAt
But secure communication is not on the radar for most journalists and news organizations. Computer security expert Christopher Soghoian wrote an op-ed this past October for The New York Times, “When Secrets Aren’t Safe With Journalists,” about these dangerously negligent practices and journalists’ ignorance of the insecurity of their own communications:
As an expert on privacy and communication, I regularly speak with journalists at major news organizations, here and abroad. Of the hundreds of conversations I’ve had with journalists over the past few years, I can count on one hand the number who mentioned using some kind of intercept-resistant encrypted communication tools.
After the piece was published, Soghoian says he received thirty or forty e-mails from journalists around the world. “Basically everyone said the same thing, which is, ‘You’re right. We don’t know what we’re doing. Please tell us what to do.’” For the journalists at established news organizations, he recommended the same thing: “I told them, you need to hire security experts and have them in house.”
But for freelancers or those who work for smaller organizations with less to spend, there are a number of simple and free tools which can help protect both the journalist’s information and the people taking a risk to pass it along.