Soghoian is irked by the fact that most journalism programs offer a plethora of courses in video, audio, and social media, while not training students in what he sees as a basic foundational knowledge of how to protect the information they’re gathering, “It’s not like journalists are so ignorant they cannot be taught about technology,” says Soghoian. “This is just another skill they have to be taught. [Journalism schools] are going to need to rethink their curriculum. They’re going to need to have a course that every student is required to take.”
While Charles Seife, a professor at the Arthur L. Carter Journalism Institute at New York University, agrees with Soghoian’s overall point about that “many of us are lax when it comes to securing our telecommunications against snooping,” he felt that the op-ed was “devoid of nuance” because “security always involves tradeoffs and compromises.”
“The more safeguards you put on a system, the more of a pain in the butt the system is to use - and the more likely it is that people will try to undermine those safeguards or disable them entirely,” Seife wrote in a recent e-mail. He’s used encryption in his own reporting, but wrote that he’d never done so out of necessity, and wouldn’t trust that doing so would hide his actions sufficiently anyway. He also points to the fact that encryption can be counterproductive; it shows anyone watching that somebody is trying to conceal the contents of their message.
Seife thinks it’s better to assume insecurity and “behave accordingly”; the concept of vulnerability is the real lesson. “No, we don’t teach students about how to use Tor or proxy servers or PGP,” writes Seife, which are among the recommendations Soghoian makes, along with other digital-privacy advocacy groups, like the Electronic Frontier Foundation (more on that here). He shows his students how to gather bits of electronic data from “IP addresses in emails, from hidden metadata in documents, from the source code of HTML.” By showing “how to exploit those information sources,” the students learn what they could be revealing in the course of their own electronic communications.
Jane Kirtley, the Silha Professor of Media Ethics and Law at the University of Minnesota’s School of Journalism and Mass Communication, has a similar philosophy. She tells her students to drop the expectation that their communications are secure, and then go from there, advising them to do their best to have “face to face communication. It seems ironic to go back to something so old fashioned, but it’s the only way you can insure the security of the communication.” She regrets that the journalism community has not yet become fully aware of the issue. “What I keep finding, anecdotally, is that people who are teaching the reporting courses are not fully aware of the consequences of this.”
Kirtley says the transition that many universities are making to Gmail illustrates the problem: “The fact that so many universities have converted to Gmail programs with little pushback suggests to me that people don’t really grasp the ramifications of this.” When the University of Minnesota’s College of Liberal Arts, of which the journalism school is a part, made the switch to Google, she put a disclaimer at the bottom of her e-mail as her “little way of telling Google” that her messages aren’t intended for the eyes of others. The University of Minnesota’s Law School students have been switched to Google, but so far the faculty, staff and law clinics have been able to hold out, because of the sensitivity of client/attorney communications. The University of Minnesota’s Academic Health Center have also been able to interrupt the transition, since Google has yet to sign a legal agreement to protect patient information. Seife had similar feelings about NYU’s transition to Google, writing that he trusts them “far less than NYU to keep from turning over my communications to a third party without a warrant.”