With journalist Silkie Carlo I have co-authored a 'handbook' on practical information security for journalists commissioned by the UK Centre for Investigative Journalism. The CIJ handbook 'Information Security for Journalists' was launched at the CIJ Summer School 2014 in London. The book will be forever freely available in a range of electronic formats - see download links below. In the four months after the initial publication in we have rewritten certain parts based on feedback from the initial readers and updated other parts to stay current with the latest software changes. Many thanks to all who gave us valuable feedback.
Altough this book was originally written for investigative journalists most of the described concepts and technical solutions are just as usable by lawyers or advisors protecting communications with their clients, doctors protecting medical privacy and of course politicians, activists or anyone else who engages powerful state and corporate organisations. Really, we're all journalists now. Inside the book is a mailadres for getting in touch, please let us know how your are using it and what we can do better.
If you have reasons to suspect your online movements are already under some form of surveilance you should not download this book using a computer or netwpork associated with your identity (such as your home or work systems).
Several participants of journalist training programs have written articles: Information security for journalists: staying secure online by Alastair Reid (from journalism.co.uk) - A day with the surveillance expert by Jason Murdock, Offtherecord.in - Valentina Novak wrote this interview after a lecture & workshop in Slovenia last November.
From the 'backflap' of the book:
On Friday October 17th I was interviewed by Russia Today on the security of 'secure' smartphone apps that turn out to not be so secure. After 18 months of Snowden revelations that should be not news but for the Guardian newspaper it is.
On Tuesday July 8th 2014 I was once more a guest on Max Keiser's programme 'The Keiser Report'. Max is a former Wall Street trader who foresaw the current economic crisis a decade ago. On his show he lets rip on the insane financial system and allows his guests to do the same.
Max asked me about the handbook 'Information Security for Journalists' I co-authored with journalist Silkie Carlo. The tools and methods it describes can help is slowing down the NSA by increasing the cost of surveiling individuals by a factor of about 1 million. We also discussed the latest US-inspired attempt-at-corporate-takeover-disquised-as-trade-agreement known as TTIP. I think this wil be defeated in the same way as its smaller precursors ACTA and SOPA before it because it is not in Europe's interest. This will require some serious action on behalf of Europeans since our politicians seem a tad slow in recognising the patterns here.
With journalist Silkie Carlo I have co-authored a 'handbook' on practical information security for journalists commissioned by the UK Centre for Investigative Journalism. The CIJ handbook 'Information Security for Journalists' was launched at the CIJ Summer School 2014 last weekend in London. The book will be freely available in electronic format and in print after the summer. Just like last year I gave lectures (slides) and ran a hands-on workshop to get journalists 'tooled-up' so they can better protect their sources, themselves and their stories in a post-Snowden world.
From the 'backflap' of the book:
This handbook is a very important practical tool for journalists. And it is of particular importance to investigative reporters. For the first time journalists are now aware that virtually every electronic communication we make or receive is being recorded, stored and subject to analysis and action. As this surveillance is being conducted in secret, without scrutiny, transparency or any realistic form of accountability, our sources, our stories and our professional work itself is under threat.
After Snowden’s disclosures we know that there are real safeguards and real counter measures available. The CIJ’s latest handbook, Information Security for Journalists, lays out the most effective means of keeping your work private and safe from spying. It explains how to write safely, how to think about security and how to safely receive, store and send information that a government or powerful corporation may be keen for you not to know, to have or to share. To ensure your privacy and the safety of your sources, Information Security for Journalists will help you to make your communications indecipherable, untraceable and anonymous.
Although this handbook is largely about how to use your computer, you don’t need to have a computer science degree to use it. Its authors, and the experts advising the project are ensuring its practical accuracy and usability, and work with the latest technology.
Director of the Centre for Investigative Journalism
This handbook is being translated into Arabic, Chinese, French, German, Portugese, Spanish, and other languages
Over the last 10-15 years public IT in Europe has not developed in line with public interests, nor does it guarantee the fundamental rights of citizens such as privacy and freedom of expression. Tremendous opportunities in the field of economic development and employment have also been missed. Europe effectively outsources much of its information processing (software & services) to foreign parties at the direct cost of hundreds of billions of Euros (typically around 1% of GNP). The opportunity-cost to local economic growth and employment opportunities are much greater than that. Even more costly than either of these is the de-facto handing over of control of data of governments, businesses and individual citizens to foreign spies who use it for political manipulation, repression of citizens' freedoms and industrial espionage. Although the warnings about the negative consequences of current policies date back at least 15 years, these aspects have been documented in irrefutable detail over the last year by the revelations of Edward Snowden. 12 months later there has not even been the beginning of a policy response.
It could all have been so different ...
In the first 21 months of the 21st century, the dot-com bubble burst and then three skyscrapers in New York collapsed. Between these two events a largely forgotten report to the European Parliament appeared in the summer of 2001. This report described the scale and impact of electronic espionage in Europe by the U.S. and its 'Echelon' partners (Canada, UK, Australia and New Zealand). Besides a detailed problem analysis, the report also gave concrete examples of IT policies that governments could take to significantly limit foreign intelligence spying on Europe.
In the same period was U.S. government won one of the largest anti-trust cases its history, against Microsoft, and the EU followed this victory by launching a similar case that would also be won leading to the highest fine to a company for economic crimes in the history of the EU.
It was against this background that thinking about strategic versus operational aspects of IT in the public sector changed. The report on Echelon made it clear that reducing IT into a merely operational exercise had disastrous consequences on the sovereignty of European states with respect to, in particular, the United States (and perhaps in the near future, China, other technically capable countries or non-state organizations). The economic consequences of industrial espionage against many high-tech and R&D-intensive companies became a major concern for the government.