Why do I spend my Saturdays at a sports pub eating nachos, drinking Coca-Cola and obsessively blogging about cybersecurity for journalists?
Because if you aren’t practicing online safety while practicing journalism you are putting your sources, colleagues and newsroom at serious risk. Our pledge as reporters is to protect those who allow us to tell the stories that shape our world has moved into the digital realm, yet not all journalists recognize the additional ethical responsibility new technologies have placed on the practice of our craft.
From a recent survey of investigative journalists by the Pew Research Center in in association with Columbia University’s Tow Center for Digital Journalism: “Just 21 percent say their organization has taken steps or implemented policies in the past year to protect journalists and their sources, while 36 percent say their organization has not, and 42 percent do not know. About half (54 percent) report getting no formal training or instruction on electronic security issues from professional sources such as journalism associations, news organizations or journalism schools.” While this survey primarily focused on government surveillance of reporters, what we do know is that digital crime has grown exponentially in recent years -- to think some of that malicious activity hasn’t been directed at journalists is naïve.
In the past year I’ve had one too many conversations with journalists who don’t actively consider digital safety to be a serious part of their job. It’s more of a “nice-to-have” rather than a requirement of our work. I’ve met reporters who brag about disabling their antivirus program, seen photographs of sources in a manner that exposes the person’s sensitive data in the background, learned of news managers using the same passwords on all their accounts, and so many journalists who don’t lock their mobile phones with four-digit pins or thumb prints that it boggles my mind. I’ve had a Congressional reporter brag that he who would fight in court before disclosing his sources to authorities but didn’t consider the theft of his unlocked device as a risk to his sources’ identities…even though all communications with these individuals are easily accessible with the swipe of a screen!
And so I write…I write because as our newsrooms continually transition into the digital era so to do our responsibilities as journalists. We must not only write stories for multi-platform organizations, we must also practice safety as reporters spanning both the real and virtual worlds. Our sources, the people we rely on to help tell our stories, should have trust that we as journalists practice the highest standards of smart digital hygiene. But indicators have shown this might not be the case. Sources have the right to demand that you, as a journalist, will keep their data as safe as possible—starting by locking your devices containing their contacts and communications.
But digital safety is far more than a pin code. And that’s why I’m tackling the issue blog by blog starting with the most basic information security fundamentals and moving into more complex topics over time.
The news headlines we all hear–the Sony, Target or Home Depot compromises—are, sadly, stories all too real and devastating. That’s why we must understand these cyber crimes and their impact on our industry and how we practice our craft because the future of journalism depends on our digital safety.
My work today places me squarely at the intersection of journalism and online security. And so if just over half of the respondents in the Pew survey say they aren’t receiving any formal instruction on security issues from their employers or journalism organizations, I’ve made it my personal mission to help my peers learn about the real virtual world, so to speak. That’s why I write obsessively about cybersecurity for the National Press Foundation.
Plus eating nachos is always a good way to spend a Saturday.