The Trump Administration Is Using the Full Power of the US Surveillance
State Against Whistleblowers
By Micah Lee, The Intercept
05 August 19
The Trump Administration Is Using the Full Power of the U.S. Surveillance
State Against Whistleblowers
Government whistleblowers are increasingly being charged under laws such as
the Espionage Act, but they arent spies.
Theyre ordinary Americans and, like most of us, they carry smartphones that
automatically get backed up to the cloud. When they want to talk to someone,
they send them a text or call them on the phone. They use Gmail and share
memes and talk politics on Facebook. Sometimes they even log in to these
accounts from their work computers.
Then, during the course of their work, they see something disturbing. Maybe
its that the government often has no idea if the people it kills in drone
strikes are civilians. Or that the NSA witnessed a cyberattack against local
election officials in 2016 that U.S. intelligence believes was orchestrated
by Russia, even though the president is always on TV saying the opposite. Or
that the FBI uses hidden loopholes to bypass its own rules against
infiltrating political and religious groups. Or that Donald Trumps
associates are implicated in sketchy financial transactions.
So they search government databases for more information and maybe print
some of the documents they find. They search for related information using
Google. Maybe they even send a text message to a friend about how insane
this is while they consider possible next steps. Should they contact a
journalist? They look up the tips pages of news organizations they like and
start researching how to use Tor Browser. All of this happens before theyve
reached out to a journalist for the first time.
Most people arent very aware of it, but were all under surveillance.
Telecom companies and tech giants have access to nearly all of our private
data, from our exact physical locations at any given time to the content of
our text messages and emails. Even when our private data doesnt get sent
directly to tech companies, our devices are still recording it locally. Do
you know exactly what you were doing on your computer two months ago today
at 3:05 p.m.? Your web browser probably does.
Yet while we all live under extensive surveillance, for government employees
and contractors especially those with a security clearance privacy is
virtually nonexistent. Everything they do on their work computers is
monitored. Every time they search a database, their search term and the
exact moment they searched for it is logged and associated with them
personally. The same is true when they access a secret document, or when
they print anything, or when they plug a USB stick into their work computer.
There might be logs of exactly when an employee takes screenshots or copies
and pastes something. Even when they try to outsmart their work computer by
taking photos directly of their screen, video cameras in their workplace
might be recording their every move.
Government workers with security clearance promise never [to] divulge
classified information to anyone who is not authorized to receive it. But
for many whistleblowers, the decision to go public results from troubling
insights into government activity, coupled with the belief that as long as
that activity remains secret, the system will not change. While there are
some protections for whistleblowers who raise their concerns internally or
complain to Congress, there is also a long history of those same people
being punished for speaking out.
The growing use of the Espionage Act, a 1917 law that criminalizes the
release of national defense information by anyone with intent or reason
to believe that it is to be used to the injury of the United States or to
the advantage of a foreign nation, shows how the system is rigged against
whistleblowers. Government insiders charged under the law are not allowed to
defend themselves by arguing that their decision to share what they know was
prompted by an impulse to help Americans confront and end government abuses.
The act is blind to the possibility that the publics interest in learning
of government incompetence, corruption, or criminality might outweigh the
governments interest in protecting a given secret, Jameel Jaffer, head of
the Knight First Amendment Institute, wrote recently. It is blind to the
difference between whistle-blowers and spies.
Of the four Espionage Act cases based on alleged leaks in the Trump era, the
most unusual concerned Joshua Schulte, a former CIA software developer
accused of leaking CIA documents and hacking tools known as the Vault 7
disclosures to WikiLeaks. Schultes case is different from the others
because, after the FBI confiscated his desktop computer, phone, and other
devices in a March 2017 raid, the government allegedly discovered over
10,000 images depicting child sexual abuse on his computer, as well as a
file and chat server he ran that included logs of him discussing child
sexual abuse images and screenshots of him using racist slurs. Prosecutors
initially charged Schulte with several counts related to child pornography
and later with sexual assault in a separate case, based on evidence from his
phone. Only in June 2018, in a superseding indictment, did the government
finally charge him under the Espionage Act for leaking the hacking tools. He
has pleaded not guilty to all charges.
The other three Espionage Act cases related to alleged leaks of government
secrets have involved people who are said to have been sources for The
Intercept. The Intercept does not comment on its anonymous sources, although
it has acknowledged falling short of its own editorial standards in one
case. It is not surprising that a publication founded as a result of the
Snowden leaks, and one that has specialized in publishing secret government
documents whose disclosure serves the public interest, has been an appealing
target for the Trump administrations war on whistleblowers.
The government comes to this war armed with laws like the Espionage Act that
are ripe for abuse, and with the overwhelming firepower of surveillance
technology that has almost no limits when applied to its own workers and
contractors. But journalists also have tools at their disposal, including
the First Amendment and the ability to educate ourselves about the methods
the government uses to track and spy on its employees. Weve mined the court
filings in all seven leak cases filed by Trumps Justice Department to
identify the methods the government uses to unmask confidential sources.
***
When a government worker becomes a whistleblower, the FBI gets access to
reams of data describing exactly what happened on government computers and
who searched for what in government databases, which helps narrow down the
list of suspects. How many people accessed this document? How many people
printed it? Can any of their work emails be used against them? What evidence
can be extracted from their work computers?
Once the FBI has a list of suspects based on the vast amount of data the
government itself has collected, they use court orders and search warrants
to access even more information about the targets of its investigation. They
compel tech companies, whose business models often rely on collecting as
much information on their users as possible, to hand over everything,
including personal emails, text messages, phone call metadata, smartphone
backups, location data, files stored in Dropbox, and much more. FBI agents
raid the houses and search the vehicles of these suspects, extracting
whatever they can from any phones, computers, and hard drives they find.
Sometimes, this includes files the suspects thought they had deleted or text
messages and documents sent through encrypted messaging services like Signal
or WhatsApp. The encryption these apps use protects messages while theyre
sent over the internet so that the services themselves cant spy on the
content or hand it over to the government, but this encryption doesnt
protect messages stored on a phone or other device that is seized and
searched.
Because whistleblowers arent spies, they normally dont know how to avoid
this kind of surveillance. One whistleblower who knew what he was up
against, former CIA and National Security Agency contractor Edward Snowden,
didnt see any way to get secret government information into the public
domain while retaining his anonymity.
I appreciate your concern for my safety, Snowden wrote in an encrypted
email, from an anonymous address not associated with his real identity that
he only accessed over the Tor network, to filmmaker Laura Poitras in the
spring of 2013, but I already know how this will end for me and I accept
the risk. In the documentary film Citizenfour, Snowden explains that the
security measures he took while reaching out to journalists were only
designed to buy him enough time to get information about the NSAs
overwhelming invasions of privacy to the American public. I dont think
theres a case that Im not going to be discovered in the fullness of time,
he said from a hotel room in Hong Kong before he publicly came forward as
the source.
If we want to live in a world where its safer for people to speak out when
they see something disturbing, we need technology that protects everyones
privacy, and it needs to be enabled by default. Such technology would also
protect the privacy of whistleblowers before they decide to become sources.
***
In 2017, in the first indictment of an alleged whistleblower since Trump
became president, the Justice Department charged Reality Leigh Winner under
the Espionage Act for leaking a top-secret NSA document to a news
organization that was widely reported to be The Intercept. At the time,
Winner was a 25-year-old decorated U.S. Air Force veteran, who was also a
dedicated CrossFit trainer with a passion for slowing the climate crisis.
The document was an NSA intelligence report describing a cyberattack:
Russian military intelligence officers hacked a U.S. company that provides
election support in swing states and then, days before the 2016 election,
sent local election officials who were customers of this company over
100 malware-infected emails, hoping to hack them next.
According to court documents, Winner was one of only six people who had
printed the document she was accused of leaking (she had searched for,
accessed, and printed the document on May 9, 2017). After searching all six
of those employees work computers, they found that Winner was the only one
who also had email contact with the news organization that published the
document. (Using her private Gmail account, she had asked the news
organization for a transcript of a podcast episode.) At the time, those who
accused The Intercept of having revealed Winners identity said that the
online publication, in an attempt to authenticate a document that had been
sent anonymously, shared a copy with the government that contained a crease,
suggesting that it had been printed. But Winners email and printing history
alone would have made her the prime suspect.
FBI agents then raided her house and interrogated her without a lawyer
present and without telling her she had a right to remain silent, leading to
defense accusations that the government violated her Miranda rights. In her
house, they found handwritten notes about how to use a burner phone and Tor
Browser. They also seized her Android smartphone and her laptop and
extracted evidence from both devices.
The FBI also ordered several tech companies to hand over information from
Winners accounts. Facebook provided data from her Facebook and Instagram
accounts, Google provided data from two separate Gmail accounts she used,
Twitter provided data on her account, and AT&T also contributed.
We dont know exactly what these companies turned over, but we do know that
they were ordered to disclose all information associated with her accounts,
including:
Usernames, email addresses, physical addresses, phone numbers, and credit
card numbers
A history of every time she logged on, for how long, and from which IP
addresses
Metadata about every instance of communication she ever had over these
services, including the type of communication, the source and destination,
and the file size or duration of the communication
The FBI also requested records of accounts that were linked to her Facebook,
Instagram, Google, Twitter, and AT&T accounts those that were created
using the same email address, accessed from the same IP address, or logged
into from the same web browser. (If users dont take extra steps to remain
anonymous, service providers can trivially link different accounts accessed
from the same computer.)
The FBI also extracted everything it could from Winners phone:
Her photos, including one that was taken on February 7, 2017, of a webpage
that listed eight SecureDrop servers run by different media organizations.
Data extracted from her smartphone apps like the Facebook app, which
contained private messages she had exchanged with her sister, which were
later used against her.
Her phones browser history: On March 7, she visited a website that
contained a list of dark web email providers, and she searched the
internet for tor email. On May 9, at approximately 7:29:49 p.m. (EST),
Winner searched for and viewed the tips page of the news outlet to which she
was accused of leaking the NSA document, as well as the tips page of a
second news outlet; later that night, she logged into her Dropbox account,
and three minutes after that, she viewed the first media organizations tips
page again.
So the FBI got a search warrant issued to Dropbox, demanding all the files
and other information stored in Winners account, as well as any messages,
records, files, logs, or information that have been deleted but are still
available to Dropbox, Inc. Dropbox gave the FBI a thumb drive containing
that data.
They also got a search warrant issued to Google, demanding nearly everything
stored in Winners account, including:
All the messages in her Gmail account.
Her Google search history.
Her location history.
All of her web browser activity that could be identified based on web
browser cookies (this could possibly include a list of every webpage she
visited that used the Google Analytics service).
Backups of her Android phone.
Based on metadata that the FBI got from its previous court order to Google,
the bureau learned about a new, separate Google account that it suspected
Winner used, which it hadnt previously known about. The search warrant
demanded data from this other account as well. Google gave the FBI
electronic files in excess of 809mb (compressed) of data from Winners two
Google accounts.
The FBI also extracted data from her laptop. It discovered that she had
downloaded Tor Browser on February 1, 2017, and had used it in February and
March. The FBI also discovered a note saved to her desktop that contained
the username and password for a small email company called VFEmail, and so
it got another search warrant demanding a copy of everything in the VFEmail
account as well.
Winner was found guilty and sentenced to five years in prison, the longest
sentence ever given to an alleged journalistic source by a federal court.
The Intercepts parent company, First Look Media, contributed to Winners
legal defense through the Press Freedom Defense Fund.
***
During Terry Alburys distinguished 16-year counterterrorism career at the
FBI, he often observed or experienced racism and discrimination within the
Bureau, according to court documents. The only black FBI special agent in
the Minneapolis field office, he was especially disturbed by what he saw as
systemic biases within the bureau, particularly when it came to the FBIs
mistreatment of informants. In 2018, the Justice Department charged Albury
with espionage for leaking secret documents to a news organization,
reportedly The Intercept, which in early 2017 published a series of
revelations based on confidential FBI guidelines, including details about
controversial tactics for investigating minorities and spying on
journalists.
Even though the FBI did not know whether the documents had been printed
before being shared, it was not hard to track down who had accessed them.
The FBI identified 16 people who had accessed one of the 27 documents that
the media organization published on its website. They searched all 16 of
those peoples work computers, including Alburys, and found that his
computer had also accessed over two-thirds of the documents that were made
public.
According to court documents, the FBI used a variety of activities on
Alburys computer as evidence against him: exactly which documents he
accessed and when, when he took screenshots, when he copied and pasted these
screenshots into unsaved documents, and when he printed them. For example,
on May 10, 2016, between 12:34 p.m. and 12:50 p.m., Albury accessed two
classified documents. Nineteen minutes later, he pasted two screenshots into
an unsaved Microsoft Word document, and over the following 45 minutes, he
pasted 11 more screenshots into an unsaved Excel document. Throughout the
day, he accessed more secret documents, pasting more screenshots into the
Excel document. At 5:29 p.m., he printed it and then closed the document
without saving it.
And it wasnt just his work computer that was under surveillance. Using a
closed-circuit video surveillance system in his workplace, the FBI captured
video of Albury. On June 16, August 23, and August 24, 2017, the system
recorded Albury holding a silver digital camera, inserting what appeared to
be a digital memory stick into it, and taking photos of his screen. On all
three days, the court documents say, Albury was viewing documents on his
computer screen.
It became a human rights thing for him, Alburys wife said in a court
document requesting a lenient sentence, the mistreatment and tactics that
were used by FBI and how he was a part of it. Albury, who is 40 years old,
pleaded guilty and was sentenced to four years in prison and three years of
supervised release.
***
Services like Signal and WhatsApp have made it simple for journalists to
communicate securely with their sources by encrypting messages so that only
the phones on either side of the conversation can access them and not the
service itself. (This isnt true when using non-encrypted messaging services
like Skype and Slack, direct messengers on Twitter and Facebook, or normal
text messages and phone calls.) However, encrypted services dont protect
messages when a phone gets physically searched and the user hasnt deleted
their message history. This was made exceedingly clear on June 7, 2018, when
the Justice Department indicted former Senate Intelligence Committee aide
James Wolfe for making false statements to the FBI.
According to court documents, Wolfe had told FBI leak investigators that he
had not been in contact with journalists. But the indictment against Wolfe
quoted the content of Signal conversations hed had with journalists. It
doesnt mention how the FBI obtained these messages, but the only reasonable
conclusion is that agents found them when they searched his phone.
In addition to obtaining his Signal messages, the FBI searched Wolfes work
email and found messages hed traded with a journalist. The FBI knew about
physical meetings hed had with journalists and where they had occurred.
They mention hundreds of text messages hed exchanged with journalists,
which journalists hed talked to on the phone, and for how long.
During the same investigation, the Justice Department sent court orders to
Google and Verizon to seize years worth of phone and email records
belonging to New York Times national security reporter Ali Watkins, who had
previously worked for BuzzFeed News and Politico. The FBI was investigating
Watkinss source for a BuzzFeed article about a Russian spy trying to
recruit Trump adviser Carter Page. The seized records went all the way back
to when Watkins was in college. This was the first known case in which the
Trump administration went after a reporters communications.
Wolfe pleaded guilty to lying to investigators about contacting the media
and was sentenced to two months in prison and a $7,500 fine.
***
Even without physically searching a phone, the FBI can obtain real-time
metadata, who sends messages to whom and when, for at least one encrypted
messaging app. This happened in the case of Natalie Mayflower Sours Edwards,
a senior official with the Treasury Departments Financial Crimes
Enforcement Network, or FinCEN. At the end of 2018, the Justice Department
indicted Edwards for allegedly providing a journalist, widely reported to be
BuzzFeed Newss Jason Leopold, with details about suspicious financial
transactions involving GOP operatives, senior members of Trumps campaign,
and a Kremlin-connected Russian agent and Russian oligarchs.
According to court documents, the FBI got a judicially-authorized pen
register and trap and trace order for Edwardss personal cellphone. This is
a court order that allows the FBI to collect various types of communication
metadata from the phone using a range of techniques ordering third parties
to hand over this metadata, for instance, or using a device such as a
StingRay, which simulates a cellphone tower in order to trick phones into
connecting to it so they can be spied on.
Using this court order, the FBI was apparently able to gather real-time
metadata from an encrypted messaging app on Edwardss phone. For example, on
August 1, 2018, at 12:33 a.m., six hours after the pen register order
became operative and the day after BuzzFeed News published one of the
articles, Edwards allegedly exchanged 70 encrypted messages with the
journalist. The following day, a week before BuzzFeed News published another
story, Edwards allegedly exchanged 541 encrypted messages with the
journalist.
The court documents dont name the messaging app that was used, and its not
clear how the government obtained the metadata. However, it could not have
gotten the metadata by directly monitoring the internet traffic coming from
Edwardss phone, so it is most likely that the government ordered a
messaging service to supply real-time metadata, and the service complied.
Moxie Marlinspike, the founder of Signal, said his app wasnt responsible.
Signal is designed to be privacy-preserving and collects as little
information as possible, Marlinspike told The Intercept. In addition to
end-to-end encryption for every message, Signal does not have any record of
a users contacts, the groups they are in, the titles or avatars of any
group, or the profile names or avatars of users. Even GIF searches are
protected. Most of the time, Signals new Sealed Sender technology means
that we dont even know who is messaging who. Every government request weve
ever responded to is listed on our website along with our response, in which
its possible to see that the data were capable of providing a third party
is practically nothing.
A spokesperson for WhatsApp said that they cant comment on individual cases
and pointed to a section of its frequently asked questions about responding
to law enforcement requests. The document states that WhatsApp may collect,
use, preserve, and share user information if we have a good-faith belief
that it is reasonably necessary to respond to legal process, or to
government requests. According to Facebooks transparency report, which
includes requests for WhatsApp user data, during the last half of 2018,
which was when the pen register order against Edwardss phone became
operational, Facebook received 4,904 Pen Register / Trap & Trace requests,
asking for data from 6,193 users, and responded with some data to 92
percent of the requests.
A spokesperson for Apple declined to comment but referenced the section of
its legal process guidelines about the type of data related to iMessage that
Apple can provide to law enforcement. iMessage communications are
end-to-end encrypted and Apple has no way to decrypt iMessage data when it
is in transit between devices, the guidelines state. Apple cannot
intercept iMessage communications and Apple does not have iMessage
communication logs. Apple does, however, acknowledge having iMessage
capability query logs, which indicate that an app on one users Apple
device has begun the process of sending a message to another users iMessage
account. iMessage capability query logs do not indicate that any
communication between users actually took place, the guidelines say.
iMessage capability query logs are retained up to 30 days. iMessage
capability query logs, if available, may be obtained with an order under 18
U.S.C. §2703(d) or court order with the equivalent legal standard or search
warrant.
The FBI also ordered Edwardss personal cellphone carrier to hand over her
phone records; the bureau did the same with a colleague of hers, whom it
referred to as a co-conspirator. The FBI obtained a search warrant for
Edwardss personal email account, mostly likely Gmail, and from that,
accessed her internet search history records (she is accused of searching
for multiple articles based on her alleged leaks shortly after they were
published). The FBI got a search warrant to physically search her person,
and it seized a USB flash drive, as well as her personal cellphone.
According to the criminal complaint, the flash drive contained 24,000 files,
including thousands of documents describing suspicious financial
transactions. The bureau extracted the messaging app data from her phone,
allowing agents to read the content of the messages she allegedly exchanged
with the journalist.
Edwards faces up to 10 years in prison. She has pleaded not guilty.
***
Government workers are often able to access restricted documents using
internal databases that they log into and search, including databases run by
private companies like defense contractor Palantir. These databases track
what each user does: which terms they search for, which documents they click
on, which ones they download to their computers, and exactly when. IRS
official John Fry had access to multiple law enforcement databases,
including one run by Palantir, as well as FinCENs database the same one
from which Edwards is accused of leaking suspicious activity reports.
This past February, the Justice Department indicted Fry for allegedly
providing details about suspicious financial transactions involving Trumps
former attorney and fixer Michael Cohen to prominent attorney Michael
Avenatti and at least one journalist, the New Yorkers Ronan Farrow. In one
of these transactions, Cohen had paid $130,000 of hush money shortly before
the 2016 election to an adult film actress in exchange for her silence about
an affair she says she had with Trump.
On May 4, 2018, at 2:54 p.m., Fry allegedly searched the Palantir database
for information related to Cohen and downloaded five suspicious activity
reports, according to court documents. The same day, Fry allegedly conducted
several searches for specific documents in the FinCEN database.
The FBI obtained Frys phone records from his personal cellphone carrier.
After downloading suspicious activity reports related to Cohen, Fry
allegedly called Avenatti on the phone. Later, he allegedly called a
journalist and spoke for 42 minutes. The FBI then obtained a search warrant
for Frys phone. Between May 12 and June 8, 2018, Fry allegedly exchanged 57
WhatsApp messages with the journalist. After the article was published, he
allegedly texted, Beautifully written, as I suspected it would be. The
journalists cellphone number was allegedly in Frys cellphone contact list.
Fry faces up to five years in prison. He has pleaded not guilty.
***
Daniel Hale was ideologically opposed to war before he joined the military
in 2009, when he was 21 years old, but he felt he had no choice. I was
homeless, I was desperate, I had nowhere else to go. I was on my last leg,
and the Air Force was ready to accept me, he said in National Bird, a
2016 documentary about drone warfare whistleblowers.
He spent the next five years working in the drone program for the NSA, the
Joint Special Operations Task Force in Afghanistan, and as a defense
contractor assigned to the National Geospatial-Intelligence Agency. His job
included helping identify targets to be assassinated.
Hale is also an outspoken activist. The most disturbing thing about my
involvement in drones is the uncertainty if anybody that I was involved in
kill[ing] or captur[ing] was a civilian or not, he said in the film.
Theres no way of knowing.
In May, the Justice Department charged Hale with espionage for allegedly
leaking classified documents related to drone warfare to a news organization
identified by Trump administration officials as The Intercept, which
published a series of stories in 2015 that provide the most detail ever made
public about the U.S. governments assassination program.
In an indictment unsealed on May 9, the government alleges that documents
on the U.S. drone program were leaked to a news organization, Intercept
Editor-in-Chief Betsy Reed said in a statement about Hales indictment.
These documents detailed a secret, unaccountable process for targeting and
killing people around the world, including U.S. citizens, through drone
strikes. They are of vital public importance, and activity related to their
disclosure is protected by the First Amendment. The alleged whistleblower
faces up to 50 years in prison. No one has ever been held accountable for
killing civilians in drone strikes.
On August 8, 2014, dozens of FBI agents raided Hales house with guns drawn
and searched his computer and flash drives. This all happened during the
Obama administration, which declined to file charges. Five years later,
Trumps Justice Department revived the case.
According to court documents, investigators could see the exact search terms
that Hale allegedly typed into different computers he used, one for
unclassified work and the other for classified work, and when. The evidence
against him includes quotes from text messages that Hale allegedly sent to
his friends and quotes from text and email conversations he allegedly had
with a journalist who media outlets have identified as The Intercepts
Jeremy Scahill. It describes his phone call metadata. It alleges that he
went to an event at a bookstore and sat next to the journalist. All of these
things occurred before he had allegedly sent any documents to the media.
Between September 2013 and February 2014, according to the indictment, Hale
and the journalist allegedly had at least three encrypted conversations via
Jabber, a type of online chat service. Its unclear where the government
got this information; it could have been from internet surveillance, from
the Jabber chat service provider, or from analyzing Hales computer. And as
in the Winner and Albury cases, the FBI knew exactly which documents Hale
had allegedly printed and when. Hale allegedly printed 32 documents, at
least 17 of which were later published by the news organization in whole or
in part.
When the FBI raided Hales house, agents allegedly found an unclassified
document on his computer and a secret document on a USB stick that Hale had
attempted to delete. They also found another USB stick that contained
Tails, an operating system designed to keep data and internet activity
private and anonymous and can be booted off a USB stick, though it does not
appear that the FBI gathered any data from it. In Hales cellphone contacts,
agents allegedly found the journalists phone number.
Hale, who is now 31, faces a maximum of 50 years in prison. He has pleaded
not guilty.
***
Even though the odds are stacked against sources who want to remain
anonymous, its not hopeless. Different sources face wildly different risks.
If you work for a company like Google, Facebook, or Goldman Sachs, you might
be under intense scrutiny on your work devices while your personal devices
remain outside the reach of your employers surveillance (so long as you
dont rely on services it controls to communicate with journalists). And
some government sources may have ways of accessing secret documents whose
disclosure is in the public interest that dont involve generating a log
entry with a time stamp and associating their username with that access.
Its increasingly clear that the primary evidence used against
whistleblowers comes from events that happened before they contacted the
media, or even before they made the decision to blow the whistle. But its
still critical that journalists are prepared to protect their sources as
best as they can in case a whistleblower reaches out to them. This includes
running systems like SecureDrop, which gives sources secure, metadata-free
ways to make first contact with journalists and minimizes traces of the
contact on their devices.
Journalists should also take steps to reduce the amount of information about
their communication with sources that tech companies can access, and that
ends up on their sources devices, by always using encrypted messaging apps
instead of insecure text messages and always using the disappearing messages
feature in those apps. They should also encourage their sources not to add
them to the contacts in their phone, which might get synced to Google or
Apple servers.
The journalistic process of verifying the authenticity of documents also
carries risk to anonymous sources, but that process is essential to
establish that the material has not been falsified or altered, and to
maintain credibility with readers. Authentication, which often involves
sharing information about the contents of a forthcoming story with the
government, is a common journalistic practice that allows the government to
weigh in on any risks involved in publishing the material of which the
journalist may not be aware. By turning that process into a trap for
journalists and sources, the government is sacrificing an opportunity to
safeguard its legitimate interests and tell its side of the story.
News organizations also need to make hard decisions about what to publish.
Sometimes, they may decide that it is safer to not publish documents if the
story can be reported by describing the contents of the documents and
leaving it ambiguous where the revelations came from. However, these
approaches diminish transparency with readers and can also limit the impact
of a story, which is important to both journalists and whistleblowers. In an
era when the label fake news is used to discredit serious investigative
journalism, original source documents serve as powerful evidence to refute
such charges.
***
Encrypted messaging apps have made significant progress in securing
conversations online, but they still have major issues when it comes to
protecting sources. Many, including WhatsApp and Signal, encourage users to
add the phone numbers of people they message to their contacts, which often
get synced to the cloud, and WhatsApp encourages users to back up their text
message history to the cloud. Although Facebook, which owns WhatsApp,
doesnt have access to the content of those backed-up messages, Google and
Apple do.
Its not enough that these apps encrypt messages. They also need to do
better at promptly deleting data thats no longer needed. End-to-end
encryption protects messages as they travel from one phone to another, but
each phone still has a copy of the plain text of all these messages, leaving
them vulnerable to physical device searches. Disappearing messages features
are a great start, but they need to be improved. Users should have the
option to automatically have all their chats disappear without having to
remember to set disappearing messages each time they start a conversation,
and they should be asked if theyd like to enable this when they first set
up the app. And when all messages in a conversation disappear, all forensic
traces that a conversation with that person happened should disappear too.
There is also much more work to be done on protecting metadata. Signals
sealed sender feature, which encrypts much of the metadata that the Signal
service has access to, goes further than any other popular messaging app,
but its still not perfect. Messaging apps need to engineer their services
so that they cannot access any metadata about their users, including IP
addresses. If services dont have access to that metadata, then they cant
be compelled to hand it over to the FBI during a leak investigation.
By default, web browsers keep a detailed history of every webpage you ever
visit. They should really stop doing this. Why not only retain a month of
browser history by default, and allow power users to change a setting if
they want more?
At the moment, Tor Browser is the best web browser for protecting user
privacy. Not only does it never keep a history of anything that happens in
it, but it also routes all internet traffic through an anonymity network and
uses technology to combat a tracking technique called browser
fingerprinting, so that the websites you visit dont know anything about
you either. Unfortunately, simply having Tor Browser or other
privacy-specific tools installed on a computer has been used as evidence
against alleged whistleblowers. This is one reason Im excited about
Mozillas plan to integrate Tor directly into Firefox as a super private
browsing mode. In the future, instead of downloading Tor Browser, sources
could simply use a feature built into Firefox to get the same level of
protection. Maybe Google Chrome, Apple Safari, and Microsoft Edge should
follow Mozillas lead here. (The privacy-oriented browser Brave already
supports private Tor windows.)
Finally, tech giants that amass our private data through services like
Gmail, Microsoft Outlook, Google Drive, iCloud, Facebook, and Dropbox should
store less information about everyone to begin with, and encrypt more of the
data they do store in ways that they themselves cant access and therefore,
cant hand to the FBI. Some companies do this for certain categories of data
Apple doesnt have the ability to access the passwords stored in your
iCloud Keychain, and Google cannot access your synced Chrome profiles but
its not nearly enough. Im not holding my breath.
Email This Page
e-max.it: your social media marketing partner