Journalists are taught how to deal with chemical, biological and radiological hazards by Bruhn New Tech. Image: Courtesy of Ron Haviv, VII
Investigating War Crimes: Physical and Digital Security
Read this article in
Guide Resource
GIJN Reporter’s Guide to Investigating War Crimes
Chapter Guide Resource
Investigating War Crimes: Introduction
Chapter Guide Resource
Investigating War Crimes: What Is Legal in War?
Chapter Guide Resource
Investigating War Crimes: Attacks on Civilians
Chapter Guide Resource
Investigating War Crimes: Conflict-Related Sexual Violence
Chapter Guide Resource
Investigating War Crimes: Environmental and Property Damage
Chapter Guide Resource
Investigating War Crimes: Banned and Restricted Weapons
Chapter Guide Resource
Investigating War Crimes: Combatants and Others Engaged in Hostilities
Chapter Guide Resource
Investigating War Crimes: Genocide and Crimes Against Humanity
Chapter Guide Resource
Investigating War Crimes: Collecting and Archiving Evidence and Information
Chapter Guide Resource
Investigating War Crimes: Open Source Research
Chapter Guide Resource
Investigating War Crimes: Command Structures
Chapter Guide Resource
Investigating War Crimes: Tracing War Criminals
Chapter Guide Resource
Investigating War Crimes: Finding the Missing
Chapter Guide Resource
Investigating War Crimes: Documenting with Photo and Video
Chapter Guide Resource
Investigating War Crimes: Interviewing Victims and Survivors
Chapter Guide Resource
Investigating War Crimes: Physical and Digital Security
Chapter Guide Resource
Investigating War Crimes: Self-Care for Covering Traumatic Events
Chapter Guide Resource
Investigating War Crimes: Resources and Tipsheets
Chapter Guide Resource
Investigating War Crimes
Chapter Guide Resource
GIJN Launches First E-Book — Reporter’s Guide to Investigating War Crimes
Security should be a central part of the reporting process from day one for reporters investigating war crimes — especially in an era of increased surveillance, spyware, and other threats.
When reporters incorporate security into their workflow, they keep themselves, their research, and their sources safe. And while safety is the ultimate goal, increased security also enhances public trust in their work, making it more likely that potential sources will assist with future stories.
Many of the steps we’ll discuss in this chapter aren’t onerous. In fact, they can even enable journalists to report more effectively while keeping themselves and those around them safer.
We’ll start with physical security practices, then examine how journalists should consider their digital footprint. Thinking about security in this holistic way can help reporters — and their editors and colleagues — make more informed decisions when undertaking a story.
Before undertaking any story, it’s important for reporters to conduct a threat assessment on the work ahead. Covering war crimes stemming from an active conflict will pose a different set of threats than investigating events from conflicts long past, but both can be risky. A good place to start is this risk assessment template from the Committee to Protect Journalists.
Physical Security Best Practices
Conflict reporters wear ballistic helmets and vests. Reporters covering natural disasters bring water, food, and foul weather gear on assignment. Journalists investigating war crimes should take physical security precautions, as well, even if they are working in areas with less obvious risks.
Here are a few physical security steps to consider.
Decide When, Where, and With Whom to Meet in Person
Interviewing sources is the lifeblood of war crimes investigations. While many interviews now take place virtually, some sources may feel more comfortable speaking or sharing documents face to face.
Each individual reporter must decide whether an in-person meeting is necessary. But before choosing to meet a source in person, set some ground rules that they must follow. Select the location and time to meet, and clarify whether the source is coming alone or with others. Communicate any interview plans to someone trustworthy, such as an editor, a colleague, or a partner or friend.
In general, most non-sensitive meetings should take place somewhere public, where a conversation between two or three people wouldn’t raise suspicions or feel out of place. Avoid having sources visit your office or home, especially when interviewing them for the first time.
For more sensitive conversations, picking a neutral site such as a hotel room or rented office may be safest. And when dealing with highly sensitive sources, meeting in person may not be appropriate at all. This is often a delicate balance, as both in-person meetings and digital communications can be tracked and compromised. Make sure to understand the threat level faced by your sources, as well as the likelihood that they (or you) may already be under some form of physical or digital surveillance, when making any decision to meet.
Before choosing a rendezvous location, make sure to visit the area at different times of day. Gauge what “normal” feels like. For example, a coffee shop in a bustling city center may be busiest in the morning with a corresponding afternoon lull.
Prior to the meeting, arrive at the location early and see if anything feels different than the normal routine you’ve previously observed. Look for obvious warning signs, such as the unexpected presence of a crowd during an otherwise quiet afternoon, out-of-place individuals loitering nearby, or a lack of foot traffic during a normally busy morning.
Don’t hesitate to reschedule or reconsider a meeting when too many warning signs appear. While this type of vigilance shouldn’t be an obstacle to reporting, even a slight increase in situational awareness can help increase your safety.
Vary Your Daily and Weekly Routines
When living and reporting in the same place, consider the fact that groups opposed to your work may become aware of your efforts. In some cases, depending on the sensitivity of your work and your profile, these groups may assign an individual or a group to track your activities.
Surveillance like this seeks to map out a pattern that can track your daily life. Taking the same route to the office every day, going for a jog in the same park every morning, and stopping at the same restaurant every afternoon makes it very easy for potential adversaries to predict your movements. This also means that when you change the pattern — by meeting with a source in a location you don’t regularly visit, for example — that variation becomes more obvious.
By contrast, a less predictable routine makes it more difficult for adversaries to determine a reporter’s next move or to notice unexpected changes.
If you suspect that you are being followed, consider the potential consequences for your sources, as well. If they could face professional reprisals or threats to their physical well-being by meeting with you, it’s best to divert communication to other channels, such as encrypted messaging or video conferencing.
Even when not being surveilled, varying daily and weekly routines will make it more difficult for a potential adversary to collect information about your work. Depending on where you live, adding more variation to your schedule can also reduce your risk of street crime and kidnapping.
Not every journalist investigating war crimes will experience surveillance on this scale. Many will not be surveilled at all. But if you believe your reputation, past work, or profile are significant enough to raise suspicions, you may want to consider taking proactive steps.
Secure Your Home Base
Whether you work from a home office, a newsroom, or a coffee shop, it’s important to take steps to secure your “home base.”
Working from home offers the most control over security upgrades. If cost is not a factor, consider installing a home security system or other measures. At a minimum, purchase a reputable document safe to store any investigation-related materials, such as reporters’ notebooks and evidence, whenever you leave the premises. Power down and lock digital devices in a secure place in your home, as well. And, as much as possible, ask family and friends not to use or disturb any of the devices or paperwork associated with your work, to more easily maintain control over all information associated with your story.
When working in a newsroom, talk to editors about their security best practices. Consider a “clean desk” policy that requires journalists working on sensitive stories to secure all related materials under lock and key when leaving the newsroom each day. Secure digital devices to desks with locks and place privacy screens on laptops and computer monitors. Avoid a paper trail by shredding any printed materials that don’t need to be preserved.
Last, when working in a public space like a coffee shop or library, take extra steps to safeguard devices and notebooks. Don’t leave computers, phones, notes, or other materials unattended at any time. Power down and store devices when they’re not in use (and ensure they are encrypted, per below). Avoid storing sensitive information on the devices themselves and always use privacy screens.
And while public WiFi was once considered a high risk and something to avoid for security reasons, the EFF says that’s no longer the case thanks to the rise of HTTPS encryption on most websites. Still, the group warns that out-of-date software can make devices more vulnerable on public networks and it notes that metadata is not protected even when using HTTPS-encrypted websites.
Digital Security Best Practices
As more journalists conduct their work through digital devices and channels, their digital profile becomes just as significant as their physical profile. Luckily, with the advent of privacy-focused tools and increased awareness of digital risk, journalists are better equipped than ever before to conduct sensitive investigations.
Here are several best practices to get started.
Use a Dedicated Computer for Work
Computers can be expensive to purchase and maintain. But for journalists conducting investigations, using a dedicated computer for their work is critical. This practice not only keeps their personal and work use separate, it also allows reporters to use stronger security measures that might make their work computer more complicated to use.
For example, consider installing software on any work computer that allows easy tracking of the device’s location and enables erasing of its contents if lost or stolen. In some cases, you may also want to sacrifice a device’s convenient features, such as Bluetooth, or block its USB ports to greatly increase its digital security.
Dedicated work computers are also easier to clear and restore if there’s a chance they might become contaminated with malware or spyware, since there’s no risk of losing personal files or photos.
You may need a technical assistance provider to help select the appropriate computer and software necessary for your reporting, as well as offer recommendations on how best to use the computer during your investigation.
Regardless of which type of computer is chosen, ensure that full disk encryption is enabled, which will prevent an adversary from accessing data without your passcode. You can access this option through BitLocker (Windows) and FileVault (Mac).
Compartmentalize Your Information
An old adage in cybersecurity is: “They can’t find it, if it doesn’t exist.” This is the principle behind compartmentalization, which is the practice of keeping sensitive information separate from personal information.
For example, rather than storing all interview notes in the same folder as personal photos and files, consider storing those documents in a more secure location, such as an encrypted cloud or external storage site (see below). This way, if an adversary gains access to your personal accounts or systems, they still couldn’t access your work-related information.
Compartmentalization also means choosing more secure options for communication. For example, if you frequently use text messaging, you should switch to an encrypted messaging app like Signal for any source communication. This helps avoid a “single point of failure” that an adversary can target for information about your research. As we note below, it’s important to pick the appropriate tools and channels for each individual situation, which may require help from a local expert.
Use Appropriate Privacy Tools
We live in a golden age of privacy-focused tools designed to help journalists do their work more safely.
Selecting the right tools for your own work is a necessary first step. Before starting your assignment, seek out a technical expert who’s familiar with your region and the type of work you want to do. They will be able to recommend the right tools for your needs, taking into account local restrictions, bandwidth, and usage trends.
In general, using encrypted messaging tools such as Signal and WhatsApp will be more secure than non-encrypted options. The same holds true for browsing the Internet with a Virtual Private Network (VPN). However, every country is different, and using a tool designed for one situation may raise concerns or heighten risks in another. That’s why local knowledge is so critical when selecting the appropriate toolkit.
Educating yourself about these tools is a good first step. Resources like the Electronic Frontier Foundation’s Surveillance Self-Defense guides and Front Line Defenders’ Security in a Box can help you navigate the landscape of tools available to you.
Store Documents Carefully
Documents, data, and other forms of evidence are central to successful war crimes reporting. Safely and securely storing this information should be a top priority.
If you choose to collect digital documents or evidence, it’s important to go a step further than storing copies on your computer or smartphone. Devices break, disappear, or fall into the wrong hands. Keeping documents backed up in secure formats reduces those risks.
Placing information in the cloud ensures access to documents from almost anywhere while keeping the documents themselves off your devices. When selecting a cloud storage provider, it’s safest to use an encrypted, zero-knowledge provider. Encryption ensures that the data is stored in a cryptographic format that makes it challenging to read without a key. Zero-knowledge means that only you have the key to unlock that data. As a result, the cloud provider can’t access any of the information that you upload, reducing your risk of breach due to an attack or a subpoena from a court to the provider.
One downside of a zero-knowledge system is that the provider can’t restore a lost account if you lose your key. If you choose to use this type of account, make sure to store your password securely in a password manager. Some password managers, such as 1Password, even offer free licenses for journalists. But keep in mind, even these services are not immune to security lapses, in 2022 password manager LastPass was breached and an attacker gained access to customer data.
If you prefer to store documents on a physical device, try an encrypted external hard drive. These drives resemble the devices you’ve likely used to store files outside of a laptop or desktop, except that they also contain a keypad to unlock the data within. Only users who know the appropriate passcode can decrypt and access the data on the drive.
Should encrypted drives be too cumbersome, you can also use software such as Cryptomator to encrypt folders and files directly, which can then be safely stored on an unencrypted hard drive or in cloud storage.
When gathering documents, testimony, or evidence from the general public, consider using a tool like SecureDrop, where anyone with Internet access can anonymously submit information to reporters. This requires some technical know-how to set up but can greatly expand the reach of an investigation.
Next Steps
Journalistic security is complex and multifaceted. Best practices in one part of the world may differ slightly in another region. Nonetheless, these are some basic steps that any reporter can take to be safer.
We invite journalists who want to go deeper into their security workflow to use GIJN’s Journalist Security Assessment Tool (JSAT). This will provide an assessment of their current security footing, as well as recommendations on areas for improvement. For journalists doing the long, grueling work of investigating war crimes, JSAT may be a shortcut towards a safer way of conducting their vital mission.
Matt Hansen is the strategic director at Global Journalist Security, a former contributor at The Los Angeles Times, and a former journalist security researcher at the Committee to Protect Journalists.
Ron Haviv is a director and co-founder of The VII Foundation and co-founder of VII Photo Agency. In the last three decades, Haviv has covered more than 25 conflicts and worked in over 100 countries. His work, which has won numerous awards, is featured in museums and galleries worldwide.