Skip to content

Freelancers and mobile security

Freelancers and mobile security

On Wednesday we asked a group of freelancers to join us and the Guardian Project for a chat on mobile phone security in the field. The result is hopefully the start of increased awareness and better practices to keep newsgatherers, their sources and colleagues safer.

We're open about privacy, so we used Google Hangouts to let as many freelancers watch and take part with us and The Guardian Project, which develops open source mobile security apps. You can see watch the video below, and still post questions or comments via the hangout page, our Twitter hashtag, or even in the comments section on this blog post.

Joining in were Nathan Freitas and Diana del Olmo from The Guardian Project, and yours truly with the Trust. We also had freelance photagraphers Giulio Petrocco and Victor Breiner, freelance journalist Emma Beals who is part of the Frontline Freelance Register's governing committee, and Marcel Mettelsiefen, a freelance filmmaker and Rory Peck Award finalist. 

This is the start of a series of on air hangouts about  digital security, safety and other issues that matter to freelancers. We'll be continuuing to work with Guaridan Project in their efforts to collaborate with various groups and projects to create an open space in which more people can join in and find out about digital security.

It was interesting to hear from Victor and Giulio about how few journalists think about where their mobile's transmissions are going and who could be listening in. We also identified that there's a need for freelancers to find easier ways to upskill their confidential sources on secure methods to communicate.

Often times, the most secure solution isn't always that technical. As Marcel and others said, simply using the technology to organise an in-person and offline conversation can be the most secure method available.

We also identified another main issue freelancers face with strong digital security (on mobiles or any device, really): Encryption requires both users to participate. Getting a contact up-skilled in secure methods takes some preparation. Nathan's quick run through of how to use Ostel and ChatSecure offered a couple of potential solutions.

"It is important for people building software tools that attempt to address specific problems or needs, to come face to face (or screen to screen) as often as possible with the people who have those problems and needs," Nathan said after the hangout. "The term 'journalist' can be quite vague, and the types of threats and risks faced varied from region to region. Having the chance to hear specific stories, challenges and insights directly from our proposed users is invaluable."

Here's a run through of a few key points in the conversation:

  • A "burner phone" is a vital piece of kit when confidentiality could be at risk and you're not sure who could be targeting you. It's just a different phone you've got for calls and communication you don't want to make on your regular phone that may be under scrutiny, and one you'll not miss when you have to eventually dispose it.
  • Using call-forwarding phone numbers can help you keep your mobile private from everyone, and disguise whose calling you. It can also help you blend in and not be targeted for surveillance.
  • Realising that some security is better than none is a good thing. Skype isn't that secure, but could be better than using a regular, "open" phone conversation. Using something like Red Phone can help more. Using stronger encryption through Ostel can provide even better security, and works on many types of mobiles including Android and iPhone.
  • Encrypting email using your mobile is still a troublesome process. Guardian Project works on tools for this, but suggests you use different encryption keys on your mobile than you use on your computer to avoid exposing your private encryption keys by moving them between devices, and that your better off using the likes of ChatSecure instead of email for really private electronic texts.
  • There's dragnet surveillance (monitoring whole networks) and then there's targeted surveillance (specifically spying on you). By using better practices like the ones discussed in our hangout, you can avoid being picked out of a crowd. Targeted survelliance is more difficult to work around, and solutions must be specific to the situation.
We plan to hold more On Air hangouts with freelancers and specialists such as our friends at Guardian Project and elsewhere. What would you like us to discuss next? You can either send me a message, or use this blog post's comments section to let us know.

Andrew is the digital producer and project manager for Rory Peck Trust. He's on twitter, @drew3ooo. His public GPG encryption key is here.

We use cookies to give you the best experience of using this website. By continuing to use this site, you accept our use of cookies. Please read our Cookie Policy for more information.