It's long been known that governments across the world are far more capable and equipped to acquire digital information about their desired targets than the latter are at protecting it.
This isn't a scenario reserved for some tyrannical government in a faraway place, either. And it scales to the media, as well. In May, the Associated Press revealed that the U.S. Department of Justice (DoJ) secretly obtained records for more than 20 phone lines used by the AP and its journalists over a 60-day period in early 2012. Days later, an even more shocking DoJ probe was uncovered, this one involving access badge, email and phone surveillance of James Rosen, Fox News' chief Washington correspondent.
The purpose of journalism, as intrepid war reporter Jeremy Scahill has said, is two-fold: Give voice to the voiceless and hold the powerful accountable for their actions. To accomplish this, the craft relies on whistleblowers, leakers and tipsters – and the promise that they can be protected. Without them, some of the most important stories ever told would never have seen the light of day.
In today's network-connected world, operational security, or OpSec, is more critical than ever, but typically isn't taught in journalism school. As we learned from Woodward and Bernstein, arguably the safest way for information to be exchanged among reporter and source is in person, but this method often is not practical.
That's why The New Yorker, coincidentally just as the AP spying scandal broke, released “Strongbox,” an encrypted online dropbox co-created by the late Aaron Swartz. It relies on underlying, open-source code known as DeadDrop and uses the Tor network, so sources can ensure they remain anonymous and untraceable when communicating with the magazine – and without any worry that a major service provider, like Google or AT&T, will be subpoenaed for records. Other media outlets are sure to follow suit.
“Readers and sources have long sent documents to the magazine and its reporters, from letters of complaint to classified papers,” explained senior editor Amy Davidson in an article announcing the technology. “But, over the years, it's also become easier to trace the senders, even when they don't want to be found. Strongbox addresses that; as it's set up, even we won't be able to figure out where files sent to us come from. If anyone asks us, we won't be able to tell them.”
