Category Archives: Journalist’s Toolbox

The First Amendment Protects Journalists From Revealing Sources, Period

A concerning development occurred during the congressional hearings today on Russian Interference in the Election (link goes straight to testimony): Trey Goudy (a member of the House Permanent Select Committee on Intelligence) implied that the FBI had somehow dropped the ball by not going after New York Times and Washington Post journalists for protecting their sources when publishing classified information in the public interest.

It was quite odd watching a room ponder the prospect of charging the press with criminal activity for what is considered standard journalistic First Amendment protected practice (of publishing classified information) as if it were some kind of allowable solution to what’s been going on with the current round of White House leaks.

This issue has already been decided on quite clearly by the Supreme Court in the Pentagon Papers case, United States v. New York Times, 328 F. Supp. 324, 329 (S.D.N.Y. 1971).

This has mostly to do with something Justice Gurfein referred to as a “cantankerous press.”

As Gurfein writes in his decision:

The First Amendment concept of a “free press” must be read in the light of the struggle of free men against prior restraint of publication. From the time of Blackstone it was a tenet of the founding fathers that precensorship was the primary evil to be dealt with in the First Amendment…

The security of the Nation is not at the ramparts alone. Security also lies in the value of our free institutions. A cantankerous press, an obstinate press, an ubiquitous press must be suffered by those in authority in order to preserve the even greater values of freedom of expression and the right of the people to know…it is not merely the opinion of the editorial writer or of the columnist which is protected by the First Amendment. It is the free flow of information so that the public will be informed about the Government and its actions.

These are troubled times. There is no greater safety valve for discontent and cynicism about the affairs of Government than freedom of expression in any form. This has been the genius of our institutions throughout our history. It is one of the marked traits of our national life that distinguish us from other nations under different forms of government.

Here’s Trevor Timm (Freedom of the Press Foundation) explaining this in a brief 1 1/2 minute video. This clip is from the upcoming film “From DeadDrop To SecureDrop.” (Transcription below):

 

 

Transcription:

The Supreme Court case that came out of the Pentagon Papers was one of the most important First Amendment cases of the twentieth century. It essentially is affirmed that newspapers in the United States have the constitutional right to publish information – even that the government considers “Top Secret” – that’s in the public interest, and that they cannot be censored, or what courts refer to as “the government can’t issue a ‘prior restraint.’

The opinion was written incredibly fast – from the start of the case where it went from the District court to the Supreme Court took only 13 days, which is incredibly fast. If you ever read the history of Supreme Court opinions, it usually takes years to get there. And so, all nine judges wrote separate opinions, but the core of the case still stands, which is that unless there are extreme extreme circumstances – which we have never seen in this country – that newspapers and journalists have the right to publish classified information. And because of this, we have learned so much more about what our government does behind closed doors.

Often, what they do, that is immoral and wasteful and illegal, we never would have known without this decision.

 

Snowden Explains “Opsec” – Operational Security for Everybody

Micah Lee and Edward Snowden, in Moscow, Russia. Photo: Sue GardnerMicah Lee and Edward Snowden, in Moscow, Russia. Photo: Sue Gardner

A few weeks ago, Micah Lee, Technologist for The Intercept and   Co-Founder and Board Member of the Freedom of the Press Foundation, went to Moscow to meet Edward Snowden (who is on the Freedom of the Press Foundation’s Board).

They had been in close contact online, since January of 2013, albeit anonymously, on Ed’s end, for the first six months.

Snowden took the opportunity to explain some technical details about what he has come to refer to as “Opsec,” or “Operational Security,” a collection of a few simple best practices for security that folks can use to protect the privacy of their day to day communications.

Engaging in Opsec helps protect one’s privacy, not only against the threat of what is, to some, the merely abstract notion of “government surveillance,” but also against much scarier threats that are not so abstract. For instance, abusive relationship victims, stalking victims, or children who are at risk of being monitored by pedophiles. There are many scary scenarios, all made possible by the current lack of basic encryption on most people’s emails and text messages. In these cases, being a victim of online surveillance often translates into physical harassment or abuse in the “real world.”

Using Opsec to “reclaim your privacy” may seem confusing at first, especially to those who have not realized that their privacy is already compromised daily. But as Micah explains, “This doesn’t need to be an extraordinary lifestyle change. It doesn’t have to be something that is disruptive. It should be invisible, it should be atmospheric, it should be something that happens painlessly, effortlessly.”

In the article, Snowden outlines some Opsec basics, including:

  • Using “Signal” (“Text Secure” on Android), by Open Whisper Systems, to encrypt your text messages and phone calls. It’s very easy to install and use, instantly, on your Android or iPhone device.
  • Encrypting your laptop hard drive, so if your computer is stolen, the thief won’t also have access to all of your private data. (Micah has already written a guide for this.)
  • Using a password manager (here’s Bruce Schneier’s favorite) that helps you generate unique passwords for all of your different services and stores them for you, so you don’t have to remember them.
  • Using two-factor authentication to provide an additional level of security on your accounts.
  • Using browser plugins like HTTPS Everywhere by the EFF, to try to enforce secure encrypted communications so your data is not being passed while “electronically naked,” in transit.
  • Using adblocking software, such as Privacy Badger, by the EFF.
  • Using Tor and TorBrowser to anonymize your browsing.

A few relevant quotes from the article:

On Tor:

Lee: What do you think about Tor? Do you think that everyone should be familiar with it, or do you think that it’s only a use-it-if-you-need-it thing?

Snowden: I think Tor is the most important privacy-enhancing technology project being used today. I use Tor personally all the time. We know it works from at least one anecdotal case that’s fairly familiar to most people at this point. That’s not to say that Tor is bulletproof. What Tor does is it provides a measure of security and allows you to disassociate your physical location…

But the basic idea, the concept of Tor that is so valuable, is that it’s run by volunteers. Anyone can create a new node on the network, whether it’s an entry node, a middle router, or an exit point, on the basis of their willingness to accept some risk. The voluntary nature of this network means that it is survivable, it’s resistant, it’s flexible.

Micah: [Tor Browser is a great way to selectively use Tor to look something up and not leave a trace that you did it. It can also help bypass censorship when you’re on a network where certain sites are blocked. If you want to get more involved, you can volunteer to run your own Tor node, as I do, and support the diversity of the Tor network.]…

On Whistleblowing:

Snowden: What we do need to protect are the facts of our activities, our beliefs, and our lives that could be used against us in manners that are contrary to our interests. So when we think about this for whistleblowers, for example, if you witnessed some kind of wrongdoing and you need to reveal this information, and you believe there are people that want to interfere with that, you need to think about how to compartmentalize that.

Tell no one who doesn’t need to know.

Micah: [Lindsay Mills, Snowden’s girlfriend of several years, didn’t know that he had been collecting documents to leak to journalists until she heard about it on the news, like everyone else.]

Snowden: When we talk about whistleblowers and what to do, you want to think about tools for protecting your identity, protecting the existence of the relationship from any type of conventional communication system. You want to use something like SecureDrop, over the Tor network, so there is no connection between the computer that you are using at the time — preferably with a non-persistent operating system like Tails, so you’ve left no forensic trace on the machine you’re using, which hopefully is a disposable machine that you can get rid of afterward, that can’t be found in a raid, that can’t be analyzed or anything like that — so that the only outcome of your operational activities are the stories reported by the journalists.

Micah: [SecureDrop is a whistleblower submission system. Here is a guide to using The Intercept’s SecureDrop server as safely as possible.]…

On Simple and Practical Threat Modeling:

Snowden: …You can drive yourself crazy thinking about bugs in the walls and cameras in the ceiling. Or you can think about what are the most realistic threats in your current situation? And on that basis take some activity to mitigate the most realistic threats.

In that case, for most people, that’s going to be very simple things. That’s going to be using a safe browser. That’s going to be disabling scripts and active content…And making sure that your regular day-to-day communications are being selectively shared through encrypted means…

On How Cell Phones Track Us By Default:

Micah: People use smartphones a lot. What do you think about using a smartphone for secure communications?

Snowden: Something that people forget about cellphones in general, of any type, is that you’re leaving a permanent record of all of your physical locations as you move around. … The problem with cellphones is they’re basically always talking about you, even when you’re not using them. That’s not to say that everyone should burn their cellphones … but you have to think about the context for your usage. Are you carrying a device that, by virtue of simply having it on your person, places you in a historic record in a place that you don’t want to be associated with, even if it’s something as simple as your place of worship?

 

 

Great Round Up of Journalist Encryption Tools From Aaron Swartz Day

Jenny Manrique has written a wonderful round up of five tools you can start using today to keep your sources’ data (or clients’ data,  no matter what field you are in) safe and secure:

Five tools for journalists’ online safety, privacy

by Jenny Manrique for the International Journalists’ Network.

From the article:

These are some tools featured over the weekend:

Onion Share

Developed by Lee, Onion Share lets anybody securely share any size file…”It is like Dropbox, but encrypted and reliable. As soon as the person downloads the file, it can be erased from the server and it’s no longer accessible to anyone,” explains Micah Lee… (Freelancers can find this tool useful for communicating with whistleblowers.)…

Tor Messenger

If you are familiar with the TOR Project, currently the best way to navigate online without leaving trace, you will be glad to learn that it recently launched TOR Messenger. The cross-platform tool facilitates encrypted chats on a variety of networks like Facebook and Gchat…

Keybase

Keybase is an open directory of public keys that you can verify through social media accounts… the Keybase directory can tell you who’s that key, according to his or her profiles on Twitter, Reddit, Github, Bitcoin and domain names…

Signal (TextSecure on Android)

Don’t confuse it with the Facebook or Linkedin Signal apps. This tool, developed by Open Whisper Systems, allows you to make encrypted voice calls, as well as send encrypted text messages, with your existing number and the contacts that also download the app.

OpenArchive

OpenArchive is a mobile application that seeks to preserve audiovisual civic media in a secure way…The app, currently in beta for Android, uses mobile TOR technology to allow people on the ground to send sensitive images without fear of being tracked…