Freedom of the Press

When Apple announced a new plan this month for scanning photos on user devices to detect known child sexual abuse material (CSAM), the company might have expected little controversy. After all, child sexual abuse is a problem everyone wants to solve.

But the backlash from privacy and human rights advocates was swift, loud, and nearly unanimous. The complaints were not largely about the precise implementation Apple announced, but rather the dangerous precedent it sets. The ways in which the technology could be misused when Apple and its partners come under outside pressure from governments or other powerful actors are almost too many to count.

Very broadly speaking, the privacy invasions come from situations where "false positives" are generated — that is to say, an image or a device or a user is flagged even though there are no sexual abuse images present. These kinds of false positives could happen if the matching database has been tampered with or expanded to include images that do not depict child abuse, or if an adversary could trick Apple’s algorithm into erroneously matching an existing image. (Apple, for its part, has said that an accidental false positive — where an innocent image is flagged as child abuse material for no reason — is extremely unlikely, which is probably true.)

The false positive problem most directly touches on press freedom issues when considering that first category, with adversaries that can change the contents of the database that Apple devices are checking files against. An organization that could add leaked copies of its internal records, for example, could find devices that held that data — including, potentially, whistleblowers and journalists who worked on a given story. This could also reveal the extent of a leak if it is not yet known. Governments that could include images critical of its policies or officials could find dissidents that are exchanging those files.

These concerns aren’t purely hypothetical. China reportedly already forces some of its citizens to install apps directly onto devices that scan for images it deems to be pro-Uyghur.

Apple has promised to stand up against the forced inclusion of non-CSAM images to the hash database in an FAQ document it published amidst the backlash: "Apple would refuse such demands and our system has been designed to prevent that from happening." If only it were that simple! Even with the best of intentions, Apple (and the organizations that maintain the databases in question) are likely to face extreme pressure from governments all over the world to expand their efforts to all sorts of other types of “illegal” content. And legal orders are not exactly something companies can just “refuse.”

As EFF said, “if you build it, they will come.”

After extensive criticism, Apple last week issued more clarifications about efforts to mitigate those concerns. It would only match against images that had been flagged by groups in multiple countries, and sophisticated users would be able to check that the list of images their own phone was checking against was the same as on every other phone. While these assurances help mitigate the risk of a single point of failure, they do not fully address the risks posed by a state-level actor.

And unfortunately, the company has in some cases yielded to that kind of pressure. Reporting earlier this year documented Apple agreeing to store user data and encryption keys in China, at the government's behest, and complying with requests for iCloud data. The company has also removed apps and games from its marketplace to comply with local regulations. What would it do differently in the face of new demands to misuse this image matching tech?

Beyond the possibility of database tampering, another way false positives could occur is if adversaries are able to generate files that are "collisions" with known images in the database. Since even before Apple's formal announcement, researchers have called for the company to publish its matching algorithm so they could see how susceptible it is to these kinds of generated bogus matches (which are usually called "adversarial examples" in the world of machine learning).

Apple has thus far declined to make that matching function available, even as the company has called on security researchers to check its work. However, researchers appear to have recently extracted the matching function from iOS, and even generated a "pre-image" match — that is, generating a file from scratch that Apple's matching function cannot distinguish from another known image.

This research represents a serious problem for Apple's plans: adversaries that can generate false positives could flood the system with bad data, even using the devices of unsuspecting users to host it. The earliest adversarial examples look like white noise, but it is likely only a matter of time before they can be embedded in another image entirely.

Journalists, in particular, have increasingly relied on the strong privacy protections that Apple has provided even when other large tech companies have not. Apple famously refused to redesign its software to open the phone of an alleged terrorist — not because they wanted to shield the content on a criminal’s phone, but because they worried about the precedent it would set for other people who rely on Apple’s technology for protection. How is this situation any different?

No backdoor for law enforcement will be safe enough to keep bad actors from continuing to push it open just a little bit further. The privacy risks from this system are too extreme to tolerate. Apple may have had noble intentions with this announced system, but good intentions are not enough to save a plan that is rotten at its core.

At Freedom of the Press Foundation, one way we support news organizations is through digital security education for reporters. We believe that, just as newsrooms are developing digital security competencies in real-time, student journalists should develop these skills as well. That’s why we’re thrilled to share the U.S. Journalism School Digital Security Curriculum, a resource to assist J-school instructors in bringing digital security know-how to their program.

From our research with J-school students and instructors, we know that journalism professors are always juggling competing priorities in their coursework. They are under pressure to teach a variety of skills that are in flux. Students are learning programming skills, and mastery over various forms of digital media that vary from year to year. We found most accredited U.S. J-school programs— roughly three-in-four — provide no digital security education of any kind, despite its outsized importance.

Just as we are asking students to work with digital tools online, we believe digital security is part of doing this work more safely and sustainably. With help from dozens of J-school instructors and security experts, we are excited to share that our digital security team has created a semester-long curriculum, complete with slides, lesson plans, and more. With attribution instructors may use and adapt the materials to their own needs, for free. We hope this digital security curriculum will help programs get started developing their own.

Some rare programs, such as the University of Nevada, Reno, and University of Southern California Annenberg School offer dedicated courses on digital security. But we also know most U.S. J-schools do not have in-house expertise for instructing on digital security, and where it exists, it typically takes the form of short workshops and ad hoc training. Workshops are a good starting point, but we think we can help programs go further.

To help programs scale their digital security offerings, we wanted to provide a resource that would help instructors build out their own curriculum. Because most programs are juggling so many competing priorities, we also understand that full courses may be impractical for some programs.

To help J-schools introduce smaller-scale but in-depth lessons, we took a modular approach to creating our digital security curriculum, breaking the curriculum into several sections. The modules examine foundational security topics such as threat modeling, how the internet and telecommunications work, chat safety, to authentication practices, malware, file safety, and more. We also created a broad “Digital security 101” for those who want to start with a beginner-friendly digital security workshop. Each module provides plans on how to conduct the lesson, suggested discussion questions, and even slides. Instructors can reach out to our team at freedom.press/contact for help.

Want to get started? Check out the U.S. Journalism School Digital Security Curriculum.

In recent years at Freedom of the Press Foundation — where we have one of the only full-time digital security teams focused on training journalists — we’ve seen firsthand how newsroom demand for security expertise has exploded. So you’d think educating the next generation of journalists about digital security would be a critical part of journalism schools as well. Unfortunately, our research suggests we have a long way to go.

Recently, we presented new and original research on the barriers to digital security education in U.S. J-schools at the 2021 International Communications Association conference.

Just like contemporary newsrooms targeted for hacking and surveillance, student journalists who move to professional newsrooms will be expected to promote their work online. In turn, they will have to worry about communications being monitored by their governments, state-sponsored hackers infiltrating their newsrooms, coordinated harassment campaigns, and much more.

We wanted to know what journalism schools are doing to prepare students for this volatile environment for digital safety. In early 2020[1] we reached out to accredited and provisionally accredited graduate and undergraduate university programs across the U.S. — at the time 106 departments. We contacted department heads, professors focused on technology coursework, and department staff whose roles involve knowledge of the program (e.g., students services specialists), and asked if they offered digital security courses or related coursework. Of the programs we contacted, 43% responded. We also examined the non-responsive programs’ course offerings to learn if they had related listings. Finally, we interviewed 13 instructors and 10 students to learn more about security education at their programs.

Despite the clear need for digital security education, of the responsive programs, roughly one-in-four said they offered digital security education of some kind. When these efforts do take place, typically they are one-time lectures embedded in ongoing coursework, as well as informal, ad hoc workshops. At the time of the study, among accredited and provisionally accredited programs we identified two J-schools — University of Nevada, Reno’s Reynolds School and University of Southern California’s Annenberg School — that offered dedicated digital security courses as electives. (To be clear, there may be others that we lacked visibility into.)

One-off workshops cover digital security fundamentals, such as an introduction to risk assessment techniques, password practices, and encrypted chat tools like Signal. And while these types of seminars — which usually only last 2-3 hours — are a good starting point, students may not retain all of the information taught in a single workshop, given the range of tools and practices introduced in a relatively short time. Likewise, they may not have dedicated time to practice implementing the suggested security practices, and therefore may not develop the experience necessary to incorporate them into their work. Extended courses, by comparison, provide this time and space.

Many professors suggested that their program would have a difficult time accommodating digital security coursework because they already struggle to fit so many topics into their existing program. Each year, industry trends influence how departments prioritize their coursework, and in recent years departments have been pulled into dozens of less-familiar topic areas, such as novel digital media techniques and programming skills, further straining instructors’ time.

J-schools’ education priorities are highly market-driven. Many newsrooms are influencing J-schools to help them develop competencies that will be used in journalistic output, such as podcasting and data reporting. By contrast, digital security is often seen as less critical to the output of reporting—despite its outsized importance.

We also know the Accrediting Council on Education in Journalism and Mass Communications has prioritized a variety of digital media literacy topics, but does not ask departments to require any form of digital security education. Such a requirement would incentivize over a hundred programs to adopt digital security in their curriculum.

Another reason so few programs have digital security offerings is that department leadership is simply not aware of the significance of this problem. We spoke to a few instructors in positions of leadership who said that when they worked in a newsroom, security was not a contemporary issue. Likewise, though many students do have traumatic experiences online, students have not often faced digital attacks specifically in response to their reporting assignments, like the kind they will likely face on the job. With less exposure to security threats seen in newsrooms, these issues are often rendered invisible among faculty.

In other words, J-schools are dealing with significant knowledge gaps and competing incentives. Even when it’s a topic on their radar, J-school programs may not always have the in-house knowledge or the willingness to give this topic the time it needs. You could understand why, then, it’s rare for a program to dedicate more than 1-2 hours to digital security education.

It’s not all doom and gloom, however. A growing number of programs are turning their attention to the need for digital security skills in journalism. For example, the new Craig Newmark Center for Journalism Ethics and Security is making hefty investments in this area.

Likewise, a constellation of educators within and across J-schools are working to advance journalistic security. Susan McGregor is one of the few experts in this area who has studied and instructed on journalistic security in multiple programs at Columbia University. Dr. Gi W. Yun at the Reynolds School of Journalism at the University of Nevada, Reno, with help from the Electronic Frontier Foundation, has developed an innovative course on cybersecurity, privacy, and surveillance. At Freedom of the Press Foundation, we partnered with former national security reporter Marc Ambinder to help devise an exhaustive digital security course for the University of Southern California’s Annenberg School for Communication and Journalism. The people doing this work are few and far between, but they are out there.

We need more of these security champions. In J-schools, security champions advance journalistic security by organizing appropriate expertise (typically by going outside of the department), convincing department leadership it’s worthwhile, and by building sustainable infrastructure, such as external partnerships, funding, and advocating for opportunities to embed these lessons into the broader curriculum. Each program with a digital security offering started with one or more security champions who earned department buy-in.

Though digital security workshops conducted in many J-schools are often ad hoc, they are one of the few places where security education has broken through. Workshops also introduce opportunities to invite in external expertise. For example, at Freedom of the Press Foundation, the digital security team regularly conducts workshops with newsrooms and universities, and in 2020 over 1200 journalists attended at least one of these workshops.

While we think these workshops are vital to working journalists, they aren’t a one-size-fits-all solution. Consider the devices and platforms we use in a given day: cell phones, computers, and tablets of all different brands and models. Then add on top of that the ways we communicate over these devices: calls, emails, text messages, social media, and countless other apps. Those devices and platforms are constantly updating and changing, and the advice on what tools to use changes radically depending on the situation. (For example, the advice you’d give journalists covering national security in the U.S. is sometimes the opposite of what is necessary in Russia.) You can quickly see it would be impossible for journalists to learn everything they need to stay safe in a day or two. A workshop can be a meaningful starting point, but the time needed to reflect on and engage the material is often lacking.

To drive systemic change in security education needed in newsrooms today and in the future, journalism schools would ideally integrate these practices into a digital security curriculum, where students can not only learn the proper tools to use, but more importantly the mindset to think critically through these problems. That way, when the tools change they’ll be able to change with them. This is only possible to do when they have the time and space to take in everything they need to navigate their work in relative safety.

To help instructors get started, later this year Freedom of the Press Foundation will be releasing an exhaustive digital security curriculum with modular lessons on security basics for journalists, which will be free and openly available to the community.

We desperately need more security champions in the field, and universities should be leading the way, instead of following from behind.

--

[1] We contacted universities to learn about their course offerings between February 20 to April 2, 2020, and gathered our interviews between January 29, 2020 to June 2, 2020.

Dr. Martin Shelton is principal researcher at Freedom of the Press Foundation, focused on security and user research.

Dr. Jennifer Henrichsen recently defended her dissertation at the University of Pennsylvania’s Annenberg School of Communication, and she worked with Freedom of the Press Foundation on this research. She is an incoming Assistant Professor at Washington State University in fall 2021.

Image credit: Elisabeth Woldt. CC-BY-NC 2.0

In a welcome and long-overdue move, the Department of Justice (DOJ) today formally adopted a policy prohibiting, with few exceptions, the use of surveillance on journalists "acting within the scope of newsgathering activities."

The new memo, signed by Attorney General Merrick Garland, codifies an announcement outlined last month, when the White House and DOJ promised important new restrictions of the kind of surveillance that has been used in leak investigations spanning at least four presidential administrations, including in a series of high-profile cases beginning under former President Trump but only disclosed earlier this year.

The following statement can be attributed to Freedom of the Press Foundation advocacy director Parker Higgins:

These new rules prohibiting the surveillance of journalists are the strongest in the modern history of the Department of Justice — and that’s a big victory for press freedom. But it’s important to note that this new policy could be undone by a future Department of Justice memo.

Congress must immediately codify these new guidelines into law so that they will be permanent and cannot be broken or ignored on the whim of whoever holds the office of the Attorney General. Senator Ron Wyden's PRESS Act would do just that, and members of both parties should get behind swift passage of the bill.

Fifty years ago today, with the New York Times and the Washington Post tied up in the Supreme Court over whether they could report on the leaked Pentagon Papers, a young Senator named Mike Gravel was taking matters into his own hands.

Gravel had just obtained a second copy of the Pentagon Papers from whistleblower (and, much later, Freedom of the Press Foundation co-founder) Daniel Ellsberg, through a midnight curbside handoff from Ben Bagdikian, an editor and journalist at the Post. In an act of remarkable bravery, Gravel convened a subcommittee meeting, and read from the Papers until one A.M., culminating in an emotional description of the violence of war. He then inserted 4,100 pages of the document into the Congressional Record.

In the morning, the Supreme Court cleared the Times and the Post to continue publishing, in one of the most important press freedom decisions in the court's history.

Gravel took action despite considerable nerves; he reportedly "had not slept for three nights, overwrought with fatigue and fear that he might be headed to prison." But he was also protected by the "Speech or Debate Clause" of the U.S. Constitution, which protects Congress members from arrest or inquiry for statements made on the floor of the House or Senate. Many state constitutions have similar forms of parliamentary immunity.

Still, a Gravel aide faced a subpoena from a federal grand jury empaneled to investigate the Senator's actions. Gravel moved to intervene, and the question of whether the aide could be compelled to testify also made its way to the Supreme Court. In Gravel v. United States, the Court issued a 5-4 opinion holding that Congressional aides and employees enjoy the same legal protection as the legislators themselves.

(The decision also narrowed the Speech or Debate Clause in part, explicitly limiting it to actions "essential to the deliberations" of the legislative body, and thus deeming it did not cover Gravel's transmitting the Papers for private publication. In a powerful dissent to that portion in particular, Justice William O. Douglas argued: "To allow the press further to be cowed by grand jury inquiries and prosecution is to carry the concept of 'abridging' the press to frightening proportions.")

Senator Gravel died this weekend at 91 years old. Without a doubt, his willingness to bring the Pentagon Papers to the public is one shining example that more lawmakers should follow.

But despite the fact that Gravel’s heroic actions in protest of the nation’s broken secrecy system would be his defining legacy, other members of Congress have largely not followed in his footsteps. From the CIA torture program to NSA surveillance to extrajudicial drone strikes, the US government has used the classification system to shield corruption, abuse, and illegal behavior from the American public. In many cases, courts have protected the executive branch from accountability. At the same time, they have harshly punished whistleblowers who come forward to the press.

Members of Congress enjoy a unique broad immunity to expose illegal government programs and lies. And yet, besides Senator Gravel, no one has chosen to use it. We hope in the future, more members of Congress will show the same bravery he did fifty years ago today.

PayPal and its subsidiary Venmo must bring more transparency and accountability to its practices around account freezes and closures, argues a new letter signed by Freedom of the Press Foundation and nearly two dozen human rights and civil liberties groups.

The payment giant has become notorious for suspending or disrupting transfers for lawful controversial content without due process, including of course in the financial blockade against the whistleblower site WikiLeaks in the early 2010s — an extralegal embargo that Freedom of the Press Foundation was founded in part to address. In another case, PayPal froze the account of News Media Canada over a payment to submit an article about Syrian refugees for an award.

The risk of arbitrary interruption to online payments can be a serious one, especially for independent reporters without institutional support. And the problem isn't limited to news reporting: supporters of the privacy network Tor, creators engaged in erotic fiction or sex work, and online communities simply accused of copyright infringement have all faced restrictions at one point or another. These disruptions can be existential, as we note in the letter:

In our increasingly digital world, in which websites and online consumers rely on payment processors such as PayPal to send online payments for goods and services, fund their online infrastructure, and even pay staff, these opaquely implemented account freezes can be disruptive and disadvantageous to individuals, nonprofits, and companies. PayPal and your subsidiary Venmo have over 360 million users — which means you have a staggering amount of influence over the financial lives of these individuals as well as access to an enormous trove of highly sensitive information that should not flow to the government without adequate safeguards.

The recommendations in the letter are in line with the Santa Clara Principles on Transparency and Accountability in Content Moderation, which aim to help companies center human rights when moderating user-generated content and accounts.

Today's letter, which can be found in full below, was led by the Electronic Frontier Foundation and signed by 7amleh - The Arab Center for the Advancement of Social Media, Access, ACLU of Northern California, American Civil Liberties Union, Article 19, the Center for Democracy and Technology, Center for LGBTQ Economic Advancement & Research (CLEAR), Demand Progress Education Fund, European Legal Support Center (ELSC), Fight for the Future, Freedom of the Press Foundation, Global Voices, Masaar-Technology and Law Community, Mnemonic, New America’s Open Technology Institute, PDX Privacy, the Tor Project, Taraaz, Ranking Digital Rights, Restore the Fourth Minnesota, and SMEX.

Three major news organizations are set to meet with the Department of Justice (DOJ) today to discuss the recent journalist surveillance scandals, and talk with the Attorney General Merrick Garland about how the DOJ plans to to prevent the use of subpoenas and surveillance to root out journalistic sources in future leak investigations.

While the news outlets plan to push for more concrete promises from the Justice Department to prevent further spying on reporters, it’s vitally important that the same publishers use today’s opportunity to press the Attorney General to drop the prosecution of WikiLeaks founder Julian Assange, which constitutes the most clear and present danger to this country’s press freedom rights. If the case continues, it would render Garland’s new promises worthless.

Assange is charged under the Espionage Act and the Computer Fraud and Abuse Act, largely for activities U.S. national security journalists engage in all the time. When the Trump administration proceeded with the indictment, many major news publishers spoke out forcefully against it, despite harshly criticizing Assange in the past. Virtually every major human rights and civil liberties group in the country urged Biden's DOJ not to continue with the prosecution earlier this year.

Beyond the injustice of the case itself, though, its precedent threatens to undermine the very same new rules that publishers will discuss today. As Garland said in Senate testimony Wednesday: “In developing this policy, we have to distinguish between reporters doing their jobs and reporters committing crimes unrelated to the leaking.”

If the Justice Department is promising on the one hand not to use subpoenas against journalists unless they are otherwise engaged in a crime, and on the other hand is laying out the blueprint for charging journalists who report on sensitive national security information, the problem could not be more clear.

We are cautiously optimistic about the new Department of Justice rules, pending final language, and we view their introduction as a possible sea change for press freedom in the United States. We absolutely encourage the news organizations meeting today to push for the strongest possible guidelines, and for Congress to codify those guidelines into law that cannot be changed at the stroke of a future president's pen.

But we also must remain vigilant to loopholes and exceptions to these new guidelines, and expect this and future administrations to interpret the rules as they see fit. With the Knight First Amendment Institute, we've written about one major unknown in terms of who constitutes a "journalist" for the purpose of the guidelines.

Today, as stakeholders hammer out the details of this new rule, we urge the news organizations and the self-described press freedom advocates within the administration to consider the danger of pending Espionage Act charges against a publisher. And we continue to urge the Department of Justice to drop the prosecution.

After a month of disclosures about the Trump Justice Department pursuing surveillance records of journalists through leak investigation subpoenas — culminating in yesterday’s revelation of a subpoena and a gag order pertaining to four New York Times journalists, served by the Trump administration and initially defended by the current Department of Justice — the Biden administration has announced a new policy that could signal a major shift in the interaction of press freedom and state surveillance.

White House press secretary Jen Psaski released a statement today saying “the issuing of subpoenas for the records of reporters in leak investigations is not consistent with the President’s policy direction to the Department.” The Justice Department separately told reporters: “in a change to its longstanding practice, [the DOJ] will not seek compulsory legal process in leak investigations to obtain source information from members of the news media doing their jobs."

The following statement can be attributed to Freedom of the Press Foundation executive director Trevor Timm:

This announcement is a potential sea change for press freedom rights in the United States. Over the past decade — spanning multiple administrations run by both parties — the Justice Department has increasingly spied on reporters doing their job, casting a chill over investigative reporting and putting countless whistleblowers at risk.

While we’re encouraged to see this announcement ending this invasive and disturbing tactic, the devil is — of course — in the details. The Justice Department must now write this categorical bar of journalist surveillance into its official ‘media guidelines,’ and Congress should also immediately enshrine the rules into law to ensure no administration can abuse its power again. If they follow through, this commendable and vitally important decision by the Biden administration has the potential to stem the tide of more than ten years of erosion of press freedom.

The U.S. Press Freedom Tracker, a project of Freedom of the Press Foundation and Committee to Protect Journalists, has published an overview of a truly remarkable year’s worth of press freedom violations during nationwide protests since the police killing of George Floyd. Building on individually reported accounts of every journalist assault, arrest, damaged equipment, or other press freedom violations, the Tracker aims to provide the definitive telling of the crackdown on journalists that emerged alongside the protests.

As reporters covered the movement, they were subjected to more than 150 arrests or detainments, 580 physical attacks, and 112 incidents of damaged equipment. The phenomenon peaked last summer and has continued into 2021, which has seen two dozen arrests or detainments, nearly three dozen physical attacks, and 9 incidents of damaged equipment.

“To say the past year was a historic chapter in the story of press freedom in the United States would be an understatement. I had to stop using the word ‘unprecedented’ even as we reported out case numbers that were unlike any we’d ever seen,” said U.S. Press Freedom Tracker’s managing editor Kirstin McCudden. “But even after following each case as it developed, pulling together a full year of data paints a picture of American press freedom that is shocking and alarming.”

• Read more on the U.S. Press Freedom Tracker
• Find all published incidents
• Follow the Tracker on Twitter at @uspresstracker