CNTI’s Summary
The digital security of publishers, journalists and their sources is under threat in many parts of the world. At the governmental level, policymakers must acknowledge the very real threats facing journalists specifically and ensure that digital policy initiatives both protect them and, in doing so, do not threaten free expression, basic privacy rights, or encryption and VPN protections. At the platform level, technology companies can establish and protect human rights and privacy safeguards, but they also must at times navigate challenging state demands (at times via legislation) to provide private data and information on their users, potentially permitting governments’ abuses of power. At the publisher level, proactive efforts around cyber education, safety and support, as well as sharing experiences within the industry, are equally critical. Finally, researchers and civil society need to do their part to collaboratively shed light and provide data on the trends, risks and potential avenues forward.
The physical and digital security of journalists and their sources are under threat in many parts of the world. Digital security and cybersecurity threats, in particular, have become more important than ever for the global news media as journalists and publishers are becoming high-profile targets for malware, spyware and digital surveillance, compromising their and their sources’ personal information and safety. More broadly, digital security and cybersecurity have gained the attention of policymakers globally, with 156 countries having enacted cybercrime legislation as of 2021.
Cybersecurity threats come in many forms, including increasingly sophisticated domestic and transnational spyware, denial-of-service (DDoS) and malware (malicious software used to gain unauthorized access to IT systems and spread across a network), ransomware (malware where attackers demand a payment or ransom in exchange for restoring access), and phishing attacks. A range of actors can be behind these tactics, including nation-states and politicians, powerful individuals, corporations, criminal networks and extremist organizations.
Digital security challenges facing the global news media also involve broader threats to data privacy and security which include growing concerns about software vulnerabilities as well as the use of digital platform surveillance. For example, some governments attempt to chip away at encryption protections offered by secure apps like Signal, WhatsApp, ProtonMail or SecureDrop. Additionally, there are digital safety and privacy concerns about legacy social media platforms like X (formerly known as Twitter) — a staple of global journalism practice and sourcing — where data and communications are rapidly becoming far less secure for journalists and civil society organizations in the wake of ownership and infrastructure changes.
Digital and physical threats to journalists are connected. For instance, the use of spyware has been linked to hundreds of acts of physical violence around the world. In particular, human rights organizations and cybersecurity experts have expressed concerns about the use of spyware largely developed by companies in Europe, the Middle East and the U.S. — including NSO Group’s ‘Pegasus’ and QuaDream’s ‘Reign’ — being used in dozens of countries around the world, especially in Latin America. There is also an increasingly important link between governments’ use of spyware and their use of lawfare (i.e., the weaponization of legal systems or institutions) against journalists. Together, these threats have critical detrimental effects on journalists’ mental health (discussed in more detail in CNTI’s upcoming issue primer on journalist safety), leading to calls for a holistic approach to security efforts.
In addition to raising safety and psychosocial concerns, digital security threats also damage trust in the news media. In an attention economy, cyberattacks can eliminate entire business models and push audiences away by slowing or crashing websites. A lack of digital security training in newsrooms — particularly newsrooms outside of large national (and largely Western) publishers with the means to provide such training — can create chilling effects for sources and whistleblowers who increasingly fear being unintentionally exposed by journalists. These patterns are representative of the public’s broader lack of trust in the safety of personal data, including in the hands of news publishers. In cases where sources are less aware of digital security concerns, research finds journalists are often hesitant to request protective measures for fear of scaring off sources.
These threats are expensive and difficult for newsrooms to address on their own. They are even more difficult for independent journalists or publishers operating in (or in exile from) countries with hostile governments or authoritarian regimes. Thus, collaboration among policymakers, platforms, researchers and domestic and international civil society organizations is critical to ensure digital security of the global press.
Read more: https://innovating.news/article/journalists-cyber-threats/