Assessing the digital risks in our Hangout

Assessing the digital risks in our Hangout
Thursday, 17 July 2014 Written by Andrew Ford Lyons

We hosted the first in our series of this year's live Hangouts on Google Plus yesterday, looking at how freelance journalists can assess potential digital risks in a time of increasing targeted cyber attacks and mass survelliance. You can still catch it here.



What does it take to create your own threat model when it comes to digital security? Questions of this sort are becoming more commonplace among media workers, particularly those working on sensative topics or dealing with classified information. This hangout was inspired by our work on a digital security risk assessment template and guide for freelancers. You can still cach it above, and add your questions and comments.


Good online safety practices help reduce the risk of threats, as well as protecting your own safety and that of your sources, colleagues and story. But knowing where to start can be difficult. That's where an assessment comes in. We asked the group of freelance journalists and digital security experts in our hangout how they plan their own digital safety and what they recommend to others.

We'd like to thank all our particpants for joining in. It's worth pointing out that freelance photojournalist and videojournalist Patrick Tombola, currently working in Gaza, was trying to join in but the connection just wasn't working. Here are a few interesting points from the hangout:

Ela Stapley, a freelance journalist in Mexico (and working on developing a mobile phone safety app, Hancel) pointed out that two obstacles seem to keep journalists from adopting better practices. The fist was awareness of the problem, that is, until some find out the hard way. She also said that usability of some of the technology out there remained an obstacle for some. There's a learning curve to using things like encryption or anonymous internet tools properly.

Freelance photojournalist Victor Breiner agreed. He added that a number of journalists could immediatly improve their security by starting some basic practices, such as using stronger passwords and adopting 2-step authenticacation for their online accounts. 

"There are many easy steps you can take to protect yourself from digital threats, it's just a case of starting" said Geoffrey King, Internet Advocacy Coordinator for Committee to Protect Journalists. He suggested a few resources that we've linked to on our Google hangout page and at the bottom of this blog post.


In starting a digital risk assessment, there are a few basic questions a journalist can ask themselves, said Jennifer Henrichsen, director of the Journalism After Snowden Initiative at Columbia University's Tow Center for Digital Journalism. She's got those questions posted online here.

Things to take away

  • Create stronger passwords and use 2-step authentication for online accounts when possible.
  • A password manager can help protect your online accounts and create passwords no one will guess.
  • Strong privacy tools like Tor and Tails are worth learning. The most recent versions are also much easier to start using and run faster.
  • Learn how to use encryption and encourage your colleagues and contacts to use it whenever discussing something confidential.
  • Consider not using technology for really private conversations. Use the technology to set up a meeting in person.
  • Open-source software is the safest technology to use when protecting your work. 

Resources mentioned in the Hangout

Questions from viewers

Craig Johnston asked: "When it comes to border crossing or even checkpoints, what steps would you take to avoid the material being found or taken?"

This is where doing assessments in advance is vital. Know where you're traveling and talk to journalists who've crossed those borders themselves previously. What's known about security checks and practices there? Removing SIM cards and backing confidential data up somewhere off the device would be useful. This has to be done before getting close to the crossing point. Making sure you'll be able to access the data once through is also worth thinking about.

Saleem Khan asked: "What are the main human and social mistakes that people should avoid?"

Different members of our panel talked a little bit about this. Over-sharing personal information (your location, for example) on social networks is one of the main things. Using the same accounts for both personal and professional use is another. Likewise, using a lot of data-intensive apps on a smartphone can expose you more than you'd like.

You can still watch the hangout in the video at the top of this post. Let us know what you think, or ask any of your questions in the comment area below, and also let us know what you'd like to see in future hangouts.

In our next hangout, we'll talk with Camera Confidential author Christian Parkinson about his experiences starting out as a video news journalist, and what he's learned from writing his book that can help others get started and give their careers a boost.

Comments

All comments are moderated
comments powered by Disqus

This website uses cookies. For more information about these please click here.
By continuing to browse you consent to the use of cookies