Going Beyond Encryption: Keeping Your Stuff Clean
Encryption does not keep your data safe. Instead, encryption only buys you time.
This is because despite the spread of robust, and, more importantly, free encryption software, governments can legally compel anyone to decrypt their computer’s hard-drive. That, and an adversary can simply beat you up until you reveal the passphrase, or, if they have enough computing power, try all the different combinations until they correctly guess it.
If any of these scenarios were to happen, any sensitive information that you thought was protected because you used encryption is now in the hands of your enemy: your source’s name, their location, or perhaps the documents that they provided to you.
So, instead of simply hoping that they won’t find anything once they’ve decrypted your laptop, why not make sure that there is no information for your enemy to discover in the first place?
Some encryption programmes have tackled the problem of being forced to enter a passphrase head on. Truecrypt allows the creation of a ‘hidden volume’, the contents of which are only revealed when you want to open them. If you are under duress, enter another passphrase, and your computer opens a dummy folder which you should fill with less sensitive files. Hopefully this will satisfy the party that are trying to get into your hard-drive, unless they realise the trick and demand that you reveal what they are really looking for.
Another option is more obvious: simply delete the information that you don’t want someone else getting hold of. But don’t assume that just because you emptied your recycling bin that the files aren’t recoverable. In fact, more likely than not they can be restored.
Instead, you should securely delete your data with one of the readily available tools. Although remember that you may have stored copies of sensitive documents in multiple locations: your USB stick? A backup you made briefly on your desktop? All of these will need to be taken care of.
A less technically advanced, but more effective way to ensure that information isn’t nestled somewhere on your hard-drive, waiting to be discovered by an adversary is not to record it all. The real name of your source, or any personal information about them cannot be found it if hasn’t been saved on your computer to begin with.
If you’re not comfortable with the technicalities of deleting your data securely, or think that not being able to record details is a pain, there is a more conceptual approach that can be taken. ‘Compartmentation’ is the separation of information into different, distinct cells. For a fairly innocuous example, you may use a work laptop for everything related to journalism, but then another computer for your day-to-day social network use, or storing holiday photos.
More practically, this idea of compartmentation can be applied to a normal work computer, on which you do most of your journalistic tasks—writing articles, communicating with sources, doing research—and a travel computer; a laptop that you take when passing through an airport or meeting a contact, which only contains the absolutely necessary files for that particular journey (and is ideally completely wiped every time it is used for a different purpose).
This way, if you are stopped and forced to decrypt your hard-drive, your adversary is going to only have access to what you have deliberately stored on that computer. If your PGP secret key is stashed at home, or the leak you were provided with is on a computer elsewhere, your adversary isn’t going to get hold of them. But if you didn’t take this precaution, they are likely to gain access to everything: articles in progress, notes, interview transcripts, the lot.
Of course, how likely this is to happen to you depends on your individual situation: what story you are working on; who wants access to the information you hold (or, equally, who wants to suppress it); and where in the world you are located.
In the UK, the controversial Regulation of Investigatory Powers Act 2000 (RIPA) allows law enforcement to demand a suspect provide the password to encrypted files (the legislation uses the terms “key to protected material”). Not doing so can result in a maximum two year prison sentence. In June 2014, RIPA was used to imprison an internet troll for six months after he refused to hand over the passphrase to his encrypted laptop.
Perhaps of more salience to journalists, refusing to decrypt protected material under RIPA can carry five years in prison if it is a case of “national security.”
Although not dealing with encryption, another section of RIPA has been used in an attempt to uncover journalists’ confidential sources. 19 police forces made more than 600 applications for data in the past three years.
Of course the uptake of encryption by more journalists is a great thing, but my worry is that some may encrypt their hard-drives and think that no other action is needed. This ignorance—or arrogance, depending on how you look at it—could be dangerous to a source and a journalist’s work.