1. Inhalt
  2. Navigation
  3. Weitere Inhalte
  4. Metanavigation
  5. Suche
  6. Choose from 30 Languages

#mediadev

Journalists should make 'digital hygiene a habit'

Digital tools have transformed how journalists do their work, but they can also pose a real security threat. The UNESCO Building Digital Safety report is a good starting point for understanding the issue.

default

Practical tips on how to keep journalists safe online

These days, digital surveillance carried out by governments and corporations is widespread. Some snooping is done for commercial marketing purposes, but the objectives are often even darker, like cracking down on critical journalism. Personal data can be hacked to get a home address, mobile phones users’ movements can be tracked, and cyber attackers can shut down controversial websites.

Many journalists don’t know enough about the digital threats they face. Or they may be overwhelmed by the rapid pace of technological change and the need to keep adapting to new threats.

The UNESCO report, Building Digital Safety for Journalism, is a valuable resource for those who are struggling to keep up with these challenges. It calls on journalists and editors to develop a security plan that makes "digital hygiene" as common as brushing their teeth.

Threat survey

The report takes a look at 12 specific security threats linked to ongoing digital developments. They’re briefly outlined here:

  • Surveillance and mass surveillance - This is widespread. It includes location tracking, deep packet inspection, facial recognition, mass monitoring and the interception of communications. Surveillance has a detrimental effect on writers’ and reporters’ willingness to research and publish stories, and makes it harder for them to protect sources.
  • Software and hardware exploits - Computers can be infected with malware that allows others to break into them, access data and monitor communications without the target's knowledge
  • Phishing attacks - "Phishing" or "spearphishing" campaigns often use links or attachments in e-mail or on social media that carry malware. Once these links are clicked on, they can do significant damage. Malware can allow attackers to get any information they want from a compromised computer, including a journalist’s personal information, data and sources.
  • Fake domain attacks - These are websites created to impersonate legitimate ones for malicious purposes. Independent media and civil society websites have often been victims. The fake sites serve up malware or publish false information in an effort to discredit the real media site or a particular journalist.
  • Man-in-the-Middle (MitM) attacks – Attackers insert themselves between a user and a target site. For example, a wireless router is configured to act as a Wi-Fi hotspot in a public place, to trick people into thinking it’s legitimate. When individuals connect to it, the attacker has instant access to the data passing through the router.
  • Denial of Service (DoS) attacks - These attacks are quite common, and involve one or more computers and Internet connections flooding a server with traffic, making it inaccessible to others. For journalists, these attacks prevent information from reaching the public and can become costly, as visitor numbers drop and technical help is needed.
  • Website defacement - This is frequently used against media outlets, often through MitM attacks or holes in a site’s server software.
  • Compromised user accounts - User accounts for e-mail, social media or Skype can be compromised by phishing attacks that install malware to track keystrokes, or fake websites that ask for login information.
  • Intimidation, harassment and forced exposure of online networks - Digital threats against journalists are often a precursor to physical threats. Sometimes journalists, especially those who have been detained, are intimidated into providing secret account information.
  • Disinformation and smear campaigns - Online smear campaigns can be especially bad for journalists as they spread very quickly. Online impersonation, online propaganda campaigns, and attacks in online forums can damage a journalist’s credibility, integrity and confidence.
  • Confiscation of journalistic tools - Journalists keep a great deal of information in digital format on laptops, mobile phones, external drives and the cloud. This increases the risk of exposure of confidential sources and information.
  • Data storage and mining - Data storage is getting cheaper, which makes data mining, or searching through large amounts of data to find patterns or trends, much easier. It can be used to pinpoint probable sources, invade privacy, intimidate and even lead to arrest and imprisonment.

Protecting yourself

The UNESCO report provides tips on how to keep yourself, and your data, safe. These include using Virtual Private Networks (VPNs), making sure your phone’s location data setting is off and privacy settings are on, and encrypting as much information as one can.

Another piece of advice is to only open attachments only in the cloud (several webmail providers have this service), to reduce the risk of malware making it onto your computer.

There's also a valuable collection of organizations around the globe working in the field of digital security. These groups try to raise awareness of the problems of security online and offer specific training courses or guides to teach journalists how to stay safe. Groups like the Tactical Technology Collective and Front Line Defenders are on the list, two groups that do excellent work.

Focus on women

Female journalists, according to the report, may be victims of a "double attack" – they’re targets both for being journalists and being women.

Online abuse against women, including journalists, is a growing international phenomenon (here's a recent study on the topic). The UNESCO report examines the digital online threats and abuse suffered specifically by women, including online sexual harassment, sexist comments, and cyberstalking. Female journalists also receive online comments focusing on their physical appearance, rather than their reporting.

These kinds of online threats and abuse make journalists increasingly worried about personal security. They might start using pseudonyms when they publish, or stop writing about a story or topic all together.

Challenges and recommendations

The report offers a number of recommendations to ensure that digital security is taken more seriously. These range from calling on news organizations and journalism institutions to provide regular digital security training for journalists. For example, reporters should know how to secure data on a laptop if it’s stolen or confiscated, and news outlets need to adopt secure technologies for all information and file-sharing.

It also calls on governments and policy-makers to recognize UN resolutions on the Right to Privacy in the Digital Age and corporations and governments to pledge not to sell surveillance technologies to clients or countries, which might abuse them.

"Building Digital Safety for Journalism" is a valuable addition to the growing body of research on digital security and worth a careful read. It provides practical tips on how to keep yourself and your sources safe online.

The Report is one of four in the UNESCO Internet Freedom series. You can download all of them here.