I’ve had the pleasure to work with a series of colleagues over the past few years to assess and better understand the nature of security practices which are adopted by journalists around the world. Past outputs from this work have included a number of talk, an academic article by one of my co-authors Lokman Tsui, as well as a Columbia Journalism Review article by Joshua Oliver. Most recently, a collection of us have published an article entitled, “The Information Security Cultures of Journalism” with Digital Journalism.
This article is an exploratory study of the influence of beat and employment status on the information security culture of journalism (security-related values, mental models, and practices that are shared across the profession). The study is based on semi-structured interviews with 16 journalists based in Canada in staff or freelance positions working on investigative or non-investigative beats. We find that journalism has a multitude of security cultures that are influenced by beat and employment status. The perceived need for information security is tied to perceptions of sensitivity for a particular story or source. Beat affects how journalists perceive and experience information security threats. Investigative journalists are concerned with surveillance and legal threats from state actors including law enforcement and intelligence agencies. Non-investigative journalists are more concerned with surveillance, harassment, and legal actions from companies or individuals. Employment status influences the perceived ability of journalists to effectively implement information security. Based on these results we discuss how journalists and news organisations can develop effective security cultures and raise information security standards.
The CBC has recently partnered with Glenn Greenwald to publish some of Edward Snowden’s documents. Taken from the National Security Agency (NSA), the documents the CBC is exclusively reporting on are meant to have a ‘Canadian focus.’ Many of the revelations that have emerged from Mr. Snowden’s documents have provided insights into how the NSA conducts its activities both domestically and abroad, and have also shown how the Agency’s ‘Five Eyes’ partners conduct their affairs.
Journalists have redacted documents or provided partial copies since first reporting on the Snowden documents in summer 2013. To date, no common method or system of redacting documents has been agreed upon between the journalists and news agencies covering these documents.
In this post I want to spend some time talking about the redactions that the CBC has made to the sole Snowden document it has (thus far) released to the public. I begin by explaining how I got my – almost entirely unredacted – version of the document and why I am comparing my copy to the ‘publicly released’ version. Next, I discuss the various redactions made by the CBC and comment on the appropriateness of each redaction. Where I think that information ought to have been released, or the redacted information is outside of the ‘personal information’ reason the CBC gave for redacting information, I provide or describe the information to the public. Finally, I write about the need for a more robust way of redacting documents: as I will make clear, the CBC’s approach seems (at best) scattershot and (at worst) inappropriate. The CBC is the journalist source that will be controlling the Canadian Snowden documents and, as a result, has a public obligation to dramatically improve its explanations for why it is redacting sections of the leaked documents. Continue reading