Join us
Tow Center

Newsrooms are making leaking easier–and more secure–than ever

March 1, 2017
Image: Getty

Sign up for The Media Today, CJR’s daily newsletter.

A growing number of disaffected government insiders have been approaching journalists to share information anonymously since the election in November and the inauguration just over a month ago. In response, news organizations have made it safer and easier for potential whistleblowers by actively encouraging them to use a variety of secure communication channels.

Many outlets have even posted instructions and assigned additional staff to monitor the information that arrives over these channels–such as the encrypted mobile application Signal and the dedicated whistleblowing platform SecureDrop. The Washington Post wrote a lengthy piece offering advice for leaking government documents. ProPublica updated its “How to Leak” page and posted an instructional video with Nieman Lab. And The New York Times published a page titled “Got a confidential news tip?” which details a number of secure channels, from encrypted email to plain manila envelopes, alongside basic instructions for using them safely.

But even as more news outlets promote secure channels for outreach from potential sources, it is still incredibly rare for these tools to be mentioned in published stories. Every newsroom has editorial policies regarding the treatment of anonymous sources, and most interpret the mere mention of tools like Signal or SecureDrop to be an unnecessary risk. As a result, the usefulness of these tools is underpublicized, and a study published by the Tow Center for Digital Journalism last year still offers the only account of SecureDrop’s value in newsrooms. Of the ten news outlets studied at the time, nine said that they regularly receive newsworthy information through SecureDrop.

The demand for secure communication tools has only risen since Trump’s election. The Times launched SecureDrop just a week after the election, while downloads of the Signal app rose 400 percent during the month of November. There are currently 22 active SecureDrop installations in newsrooms—nearly twice as many as there were just a year ago. A handful of freelance journalists and about a dozen non-profit groups also use SecureDrop.

Sign up for CJR’s daily email

Government employees, too, are taking advantage. Members of the Environmental Protection Agency, Foreign Service, and Department of Labor have been using Signal to communicate with the press against the President’s gag order. Aids to politicians are using Signal and a similar app called Confide not just for leaking, but for personal protection under increased suspicion and surveillance. These apps may pass unnoticed unless users are subjected to a “phone check,” like the one press secretary Sean Spicer allegedly demanded from a dozen communications staffers last week.

According to Derek Kravitz, research editor at ProPublica, a single source often uses multiple secure channels to communicate with a reporter. Signal has become the most common way for new sources to contact them, while SecureDrop mainly serves as a guarded vessel for documents and data dumps. “It’s mostly people contacting us on Signal or another medium,” Kravitz said, “and then we’ll go to SecureDrop to see if they’ve sent anything.”

Kravitz added that “the flow of tips and leaks has been consistent since inauguration,” and so has their quality: “Nearly all messages have had some news value or public interest.”

Tools like Signal and SecureDrop are not only resilient to attack, but also fairly user-friendly. They are designed to minimize risk, even for inexperienced users. “Not every source is an expert on being an anonymous source,” says Kevin Poulsen, the hacker and longtime Wired reporter who originally conceived of SecureDrop. “That’s not why they’re contacting a reporter. It’s because they’re an expert on something else.”

It makes sense that so many first-time whistleblowers are turning to Signal, in particular: There is little separating the experience of using Signal from typical texting and calling on a smartphone. Yet this ease does not come at the expense of security. Signal’s code, developed by Open Whisper Systems, is freely available for anyone to test and verify. Even Edward Snowden endorses Signal as the best secure communication tool for most people.

The barrier of entry for SecureDrop is also fairly low, at least for sources. To submit via SecureDrop, sources must access the system via the Tor anonymous browser, which is very similar to conventional browsers except for the fact that it can access hidden websites. More advanced users are also advised to boot into the Tails anonymous operating system. And in order to carry out an exchange with a journalist, returning users need to remember a string of random words that serve as their identity in a news outlet’s SecureDrop inbox.

For journalists, the process of installing, monitoring, and receiving documents through SecureDrop is somewhat more involved, and often requires special training. The system runs on two Linux servers set behind a carefully configured firewall, and the document viewing station is an “air-gapped” computer that has never been connected to anything besides an encrypted USB drive used for file transfers. As a result, most news outlets require a guided installation of SecureDrop, and interest is on the rise.

“Since the election and Donald Trump’s inauguration, we’ve seen an absolute explosion in requests for SecureDrop installations,” says Trevor Timm, the executive director of the Freedom of the Press Foundation and a CJR columnist. Timm said in the weeks following the inauguration, the FPF has received at least one request a day for guided installations. He attributes this interest to the rising visibility of press leaks and greater willingness in newsrooms to advertise secure communication channels.

Despite promoting the use of tools like Signal and SecureDrop, news organizations almost never disclose when these tools lead to a published story. In a rare case last October, during the fevered month before the presidential election, Washington Post reporter David Fahrenthold tweeted a succinct acknowledgment of SecureDrop’s efficacy: “It works. I know.” Most assumed that Fahrenthold was referring to his story from the previous day, when he revealed an audio recording from 2005 in which Trump bragged that “you can do anything” to women “when you’re a star,” even “grab them by the pussy.”

https://twitter.com/Fahrenthold/status/785195210347163648]

“That tweet was recognized in other newsrooms and pushed them to adopt SecureDrop,” says Timm, adding that this marked a turning point in which newsrooms “began talking about SecureDrop in a more public way.”

The first story ever to acknowledge the use of SecureDrop was published only in November of 2015, when The Intercept ran an investigation that revealed the illegal monitoring of phone calls between prison inmates and their lawyers—a practice in clear violation of attorney-client privilege. Micah Lee, a SecureDrop developer there, said that this choice followed a careful examination of the potential risks: “We couldn’t see any harm that could be done to our source, or our source’s identity, by saying that it came from SecureDrop,” Lee said in a phone call last year. “We don’t know the actual identity of our source, but we were able to validate the information.” Since then, The Intercept has acknowledged the use of SecureDrop in several more stories.

Despite the clear danger that whistleblowers face—underlined by a wave of high-profile prosecutions during the Obama years—most political leaks not only go unpunished, but are informally tolerated. In a 2013 study titled “The Leaky Leviathan,” the legal scholar David Pozen found that leaks are a routine and even healthy function of the US government. Even though the official response to leaking is typically to excoriate the practice, it is often condoned among high-level officials who recognize its role in a healthy democracy.

When I asked Pozen whether the hardline stance on leaks expressed by this White House is any different from past administrations, he pointed to the level of intensity as a distinguishing factor.“While both high-level leaks and presidential complaints about such leaks have emerged in every recent administration, we seem to be witnessing an acceleration and amplification of that pattern,” Pozen wrote in an email. “Throw in this president’s mistrust of the intelligence and foreign policy establishment, his taste for demagoguery, and his famously thin skin, and the situation looks volatile.”

If Trump does plan to wage an information war against the swelling ranks of motivated whistleblowers, he should know that he would also be waging war against modern cryptography—and the odds are never good when you bet against mathematics itself. Secure whistleblowing tools have come of age. They are more useable and more resilient to attack than ever before. And they have taken root within a growing number of major newsrooms who not only operate, but now also promote these tools as a means to gather information in the public interest.

Has America ever needed a media defender more than now? Help us by joining CJR today.

Charles Berret is a Ph.D. candidate in Communications at Columbia and a fellow at the Brown Institute for Media Innovation. He keeps webspace at charlesberret.net.