updated 04/18/2016

"The National Security Agency is known to secretly intercept and modify computer equipment before it reaches the hands of customers."


A Reporter's Guide To

Protecting Themselves

And Their Sources

In this day of debilitating terrorist activities few would argue that there isn't a need for a level of secrecy in the name of national security.

The problem is that the mantle of "national security" is often used to hide nefarious and strictly self-serving activities. In a democracy it's the job of investigative journalists to expose the latter.

The jobs of investigative journalists have recently become much more difficult for four reasons.  

1. The 9/11 terrorist attacks and the resulting Patriot Act provided an excuse to classify a wide range of things under "national security" without the need to -- or ability to -- justify them. 

2. Although whistleblowers are supposedly legally protected, because of the unprecedented number of actions against  investigative reporters and a threat of jail time, reporters justifiably become understandably nervous. 

War On Whistleblowers Free Press and the National Security State, a 2013, 66 minute in-depth documentary, puts the importance of this topic in perspective.

3. Because of the big business / government interconnection the role of investigative journalism is seen as a threat to profits and in some cases is being been legally constrained.

4. According to a July, 2013 ruling, even though a reporter promises a source confidentiality the reporter can be legally compelled to reveal that source. A number of reporters and their sources have faced jail time for not doing so.  Even a resulting summons to testify can be illegal to disclose. 

" Our liberty cannot be guarded but by the freedom of the press, nor that be limited without danger of losing it. "
Thomas Jefferson.


Protecting Yourself

And Your Sources

The following safeguards are suggested.

First, assume that unless you take precautions (see below) everything you say or do can become known at some point.

Under the threat of jail time, the person you are talking to (your news source) could be legally compelled to reveal conversations.

Second, email providers are now being forced to turn over encryption keys to cell phones and the personal correspondence of users.

Several email providers have chosen to go out of business rather than being forced to betray user confidentiality.

Third, even after the Supreme Court decision announced in June, 2014 requiring warrants for routine searches of cell phone data, under certain conditions law enforcement officials can legally confiscate cell phones and download contacts and call logs without the need for a warrant.

Even the fact that you have been served a warrant for information can be illegal to disclose.

Trying to erase the data from your cell phone or computer will probably not work because even after this data is erased, it can, with the right equipment, be retrieved.

>> Is a reporter safe from offshore, "cloud" monitoring?


The United States cloud computing companies regularly get requests under the U.S. Patriot Act to turn over intercepts.

" After computers and telephones of major news centers, including The New York Times, The Washington Post, Fox News and the Associated Press were hacked, reportedly by a branch of the U.S. Government, some journalists have asserted that when you are working on a sensitive story you are not being overly paranoid if you operate as if you are living in a third-world dictatorship or even in the climate of Stalinist Russia. "


All this may seem like an overly dramatic or even paranoid reaction until you learn about the cell phones that have been confiscated for data and the laptop computers at airports have been sidetracked and perused for information.

Since even reporting these things can be against the law, we have no idea how often this takes place -- only that it does.

After your confidential data is seized, information on a story you may be working on or involved in is no longer confidential.

This means that as a reporter the source that you promised confidentiality can no longer trust that assurance. Not only does this discourage whistleblowing and exposing illegal activities but it severely cripples investigative journalism.

The following procedures and protections should now be considered part of the journalistic craft.

We'll start out with a "low-tech" example and then move to the many high-tech dangers we face today.

" Truth may be is less important than what can be made to look like truth. "


Paper Shredders are not exactly high tech, but they are quick, easy, and relatively inexpensive.

For people who start out with a conclusion and work backward to find supporting evidence, memos or sections of memos, or even what was intended as humor, can later appear quite different than originally intended.

For example, although you may have run into an old friend at a convention, a follow-up memo saying, "Connie, it was great catching up on old times," may not look so innocent to a government agency trying to "connect dots" and make a case against you. 

This is especially true if Connie has some questionable friends or contacts that you don't know about.

In addition to being careful how you word things to start with, the shredder might be a good place to put Connie's follow-up note about how much she enjoyed talking to you again.

Although this may sound ridiculously paranoid, if Connie comes into suspicion at some future point, such notes can pull you into the drama.

A surprise search through files in your home or office -- a warrant may not be necessary for those branded as an imminent threat, a term that can be defined as necessary under the Patriot Act.

But such "evidence" can't be used against you if it no longer exists.

Yes, this is definitely represents first-class paranoia and it's too bad that reporters now have to think in these terms, but this is the world we live in now. 

" If you are seriously concerned about your information staying secure, itís best not to send that data over a communications system of any kind."

Time magazine 04/15/'16



Now, we move into the world of electronic communications.

Passwords associated with your Internet and email accounts are a definite weak spot in personal security. We have an article elsewhere on this site that covers this.

You might want also want consider the next section on that page, "When You Delete Data It's Still There." (Short answer: generally, it is.)

Data Encryption  A good primer for beginners wanting to use the most famous and one of the best encryption programs, PGP, can find a beginner's primer at the University of Pittsburgh web site.

Although good encryption takes a bit of effort, it can help you sleep better at night.

You should know that the government is trying to make it illegal to use encryption that they (or possibly someone else) can't break. That, of course, defeats and purpose of encryption

Other measures include: 

E-Mail Communication For email there is, which severely limits the ability of outside sources to hack your email.

Hushmail is licensed out of Canada, a country that protects privacy to a greater extent than the United States.

Even so, there is no guarantee that Hushmail will not be compelled under a court order issued by the Supreme Court of British Columbia, Canada to turn over data. It's just much more difficult than in the United States.

Search Engine Patterns A pattern of Internet searches can easily reveal the focus of a story a reporter is working on.

To help thwart that there is Although it uses Goggle as a reference, it claims that searches stay confidential.

Search information including IP addresses is either stripped off of search queries or quickly deleted.  Even if there is a government request for the information, it simply does not exist.

There are two other options to keeping searches confidential and, which bill themselves as private search engines.

In addition to switching on your browser's privacy settings, you can make DuckDuckgo the default for browser searches.

According to information released by Eric Snowden, the U.S. Government has been downloading the complete email address books from user email services. Once they do, they can establish links to every person that you have ever communicated with.

This has prompted some users to delete email site addresses and keep addresses "off line," as, for example, on a flash drive which can be plugged into your computer as needed. (Some flash drives also come with an encryption program built in.)

Use Disposable Cell Phones If you have reason to think that the story you are working on can endanger you or your source, you may want to take the step of using disposable cell phones ("burners") for story-related communication.

However, some in government are trying to force phone manufactures to make a record of all phone sales, together with the buyer's name and contact information. Thus, even "burner phones" will be able to be traced.

As you probably know from all the TV shows, cell phones make excellent tracking devices -- even in some cases when they are turned off.  

If you don't want your location revealed (which can easily be done with readily available apps), some people suggest you turn off your primary cell phone and, if you can, take out the battery.

The New York Times published an excellent article recently that addresses some of these issues.

Even if you use encryption a government agency can force you to supply them with the password.

Meet Sources in Person if at all possible. Ideally, use the "walk and talk" procedure in noisy public locations. 

Notes and Computer Files Can Be Seized

Keep in mind that you could be required at some point to turn over notes and recordings you make in doing a story. Given this, it may be wise to see that such data is not readily accessible.

" In an effort to trace sources of information under Patriot Act provisions reporter notes and computer hard drives have been legally seized directly from newsrooms.

At an English newspaper a room full of computers was broken up by sledge hammers when it was thought they contained whistleblowing information."


When a journalism instructor friend of this writer was asked by the FBI to turn over film on a perfectly legal antiwar protest, he had the foresight to lock it in a safe. He said, "Sure, you can get it, but you'll have to blow the safe first." 

They gave up on that and the instructor gave his students a valuable lesson on protecting their constitutional rights.

At another point some of my students were arrested, along with scores of protesters at an antiwar demonstration in Washington DC.

Although the students spent the night in jail, they were released the next day -- all charges dropped -- when it was determined they were involved in a perfectly legal protest.

The Republican administration of the day knew this, but their goal was to send a message to those who opposed their policies and reduce the number of future protesters that would appear in TV news footage.

Although a definite case can be made for the need to delve into personal communications in the true cause of national security, as we've suggested claiming that "need" is now being used to block legitimate press investigations into political cover-ups and government malfeasance.

The recently updated article, Whistleblowing vs. Leaking, has some examples.

Finally, and you probably picked this one up from TV crime shows, when you are working on a sensitive story, pay cash for things

Credit card transactions not only show where you were and when, but they provide strong clues as to what you were doing at the time.

" Whenever the people are well informed, they can be trusted with their own government. "

-Thomas Jefferson


What are we left with? Primarily the "old school" techniques covered earlier including guarded face-to-face communication and paper shredders.

Beyond this there are thumb drives disguised as keys, pens, and other common devices which can be stowed in small, inconspicuous places.

See Are You Paranoid Yet?

  • An excellent documentary that examines both sides of the government secrets issue, but before the Julian Assange and Edward Snowden cases, can be found on Netflix.
  • Also consider the points given here on protecting your personal identity on the Internet. 

  • Finally, although no method is foolproof, as pointed out in the case of the journalism instructor, putting these guidelines into action may well make the effort of breaking into your computer, cell phone, or where you live or work, more of a problem than it's worth.

  • *This may not work today because under the Obama administration news people can be forced to turn over passwords and safe combinations.

    Today, there is little that will withstand a full-blown Patriot Act challenge.

    - Ron Whittaker

    • The Freedom of The Press Foundation has addressed the issue of protecting press communications at Digital Security.

    ** NOTE: No encryption approach is totally safe from the NSA, the FBI, the agencies they subcontract work to, or the countries they share information with. Even local police departments have requested access to citizen computers and cell phones.

    All this notwithstanding, the information in this article will greatly complicate and confound eavesdropping.

    In the best of circumstances the government should not be the enemy of responsible newsgathering.

    Unfortunately, in the quest for ratings sometimes newspeople sacrifice the principles of responsible journalism just as government officials sometimes sacrifice the standards of conduct we expect from them.

    To Index Page  ~  © 2016, All Rights Reserved