SKeyes Center for Media and Cultural Freedom - Samir Kassir Foundation

An Evaluation of Online Security Guides for Journalists

Monday , 08 February 2021
Attacks on journalists and freedom of the press have increased markedly over the past several years around the globe. Covering protests in the aftermath of the murder of George Floyd by police officers in Minneapolis in 2020, journalists experienced a significant increase in attacks from an already high number of incidents. The attacks run the gamut from personal online attacks on and harassment of journalists, to damage and confiscation of journalists’ equipment by law enforcement, to arrest and detention of reporters covering protests and other events. Yet most journalists are not adopting online security practices that could help defend against such attacks.

This paper posits that a key reason why journalists do not take sufficient action to protect themselves online is that there is an overwhelming amount of security advice on the internet, most of which is difficult for journalist-readers to understand or translate into practice, and difficult for the authors of the advice to keep up to date. Most guides do not account for journalists’ busy schedules and time-pressured work cycles. Journalists also operate in an increasingly hostile environment, even in countries with democratic governments and some historical guarantees of freedom of the press and rule of law.

The analysis in this paper seeks to answer three questions: (1) what security advice exists for journalists specifically? (2) is the existing advice effective? and (3) what is the best way to measure that? We report findings from an analysis of 33 online security guides available on the public internet that are geared toward journalists. We documented nearly 300 separate pieces of advice provided in these guides, including recommendations for roughly 200 different tools. We catalogued each separate piece of security advice, recorded how often a piece of advice appeared across all the guides, and organized the advice into categories. We also evaluated each guide according to a set of quantitative and qualitative criteria to gauge each guide’s efficacy in improving journalistic security.

As detailed in this paper, the analysis revealed that most online security guides for journalists do not prioritize their content effectively, and provide no clear path for users to improve their security in a time-efficient way. The advice provided was also inconsistent across the guides. This paper concludes with recommendations to make guides and security education of journalists overall more effective:

1. Always start with risk. Help the journalist understand and assess the risk of their story or beat. Only then will the reader-journalist be receptive and curious about the tool or practice that is appropriate given their risk assessment.

2. Integrate security practice with the journalist’s workflow. Journalists will allow only so much friction in their workflow, given the unceasing time pressure of publication. If they first recognize the threat, appropriately measure the risk, and then choose a tool or practice that they can work with on a daily basis, the chances of long-term success as a journalist who keeps themselves, their story, and their sources secure will rise significantly.

3. Security as a competitive advantage. The journalist who has secured their accounts and devices will be empowered to safely explore the darker corners of the internet to extract the information needed to tell the stories that help maintain democracy and freedom in society.

4. Newsrooms and journalism schools should integrate security education into their programs. Journalists could be more effective and their work would have more impact if they had institutional support for their online security, and if journalism schools graduated students with the skills to protect themselves and their stories, in addition to the investigative techniques to get the stories.

The digital age provides immense opportunities for investigative journalism, but it also offers thousands of ways in which journalists can get trolled or threatened. Security education for journalists must be contextually informed, prioritized, and actionable to be effective in facilitating journalists’ critical role in democratic society.

Share News