10 Ways Journalists Can Shield Against Surveillance

In an era of widespread surveillance and increasing threats to press freedom, journalists must proactively safeguard their communications and protect their sources. 

Here are ten effective strategies journalists can employ to shield against surveillance in the digital age.

1. Encryption and Secure Communication Tools

Encryption is a crucial tool for safeguarding communications from unauthorized access. Journalists should use end-to-end encryption methods for their messaging and phone calls. Other journalists may use a phone number app to create separate numbers for their devices.

These tools ensure that only the intended recipients can decrypt and access the content, making it highly challenging for surveillance entities to intercept or read the messages.

2. Virtual Private Networks (VPNs)

VPNs provide additional protection by encrypting internet traffic and hiding the user’s IP address. Journalists can use VPN services to securely connect to the internet, making it difficult for surveillance entities to monitor their online activities. 

VPNs also enable journalists to access content blocked in their country, enhancing their ability to gather information from diverse sources. Remember that VPNs are not always the strongest measure of privacy protection, as certain agencies can easily bypass them

3. Secure Data Storage and Backup

Journalists should adopt secure practices for storing and backing up their data. It is essential to encrypt sensitive files and documents using strong encryption algorithms before storing them on external hard drives or cloud services. 

Tools like VeraCrypt and Tresorit offer robust encryption features for securing files, while services like SpiderOak and Sync.com provide end-to-end encryption for cloud storage.

4. Two-Factor Authentication (2FA)

Implementing two-factor authentication adds an extra layer of security to journalists’ online accounts, making it significantly harder for hackers or surveillance entities to gain unauthorized access. 

By requiring a second verification form, such as a unique code sent to a mobile device, 2FA adds a barrier against unauthorized login attempts.

5. Security Training and Digital Hygiene

Journalists should receive regular training on digital security best practices and maintain good digital hygiene. This includes using unique passwords for all accounts, regularly updating software and applications, and being cautious of phishing attempts. 

They should also avoid connecting to unsecured Wi-Fi networks, as malicious actors can easily exploit these to intercept communications.

6. Anonymous Source Communication

Journalists often rely on anonymous sources for sensitive information. To protect the identity of their sources, journalists should use secure and anonymous communication channels such as SecureDrop or GlobaLeaks. 

These platforms allow sources to submit information securely without revealing their identity, making it harder for surveillance entities to trace the source of the information.

7. Physical Security Measures

While digital security is crucial, journalists should not overlook physical security measures. Protecting physical devices, such as laptops and smartphones, is essential to prevent unauthorized access to sensitive data. 

Journalists should use strong passwords or biometric authentication, enable device encryption, and consider employing physical security tools like laptop locks or secure storage for sensitive documents.

8. Counter-Surveillance Techniques

Journalists can employ counter-surveillance techniques to identify and mitigate potential surveillance attempts. These techniques include conducting regular security audits of devices and accounts, scanning for malware or spyware, and being vigilant for any signs of unusual activity or unauthorized access. 

Journalists can also utilize network traffic analyzers to detect abnormal data flows indicating surveillance attempts.

9. Privacy-Focused Operating Systems and Applications

Journalists can consider utilizing privacy-focused operating systems and applications to enhance their security. For example, operating systems like Tails or Qubes OS are specifically designed to preserve privacy and security, so they can provide another layer of protection against surveillance. 

Similarly, opting for privacy-focused applications like ProtonMail for email or Firefox with privacy extensions for web browsing can minimize the risk of data breaches and unauthorized access.

10. Risk Assessments and Implement Mitigation Strategies

Journalists should conduct regular risk assessments to identify potential vulnerabilities and tailor their security measures accordingly. By assessing their threats, journalists can prioritize their defenses and implement mitigation strategies accordingly. 

This may include establishing secure physical workspaces, implementing secure remote access protocols, or creating contingency plans for emergencies involving surveillance or harassment.

Privacy, Protection, and Truth

These measures, combined with ongoing risk assessments and mitigation strategies, empower journalists and protect the fundamental right to freedom of information. Even if you aren’t a journalist, you deserve the right to privacy and protection. 

By staying vigilant, informed, and resilient, journalists can navigate the challenging surveillance landscape and continue to promote transparency, accountability, and the public’s right to know.

Tips for Journalists

• Use secure communication tools like end-to-end encryption or virtual private networks to protect your data.

• Implement two-factor authentication and strong passwords for all of your online accounts.

• Establish secure physical workspaces and backup systems.

• Utilize anonymous source communication channels like SecureDrop or GlobaLeaks to protect the identity of your sources.

• Adopt counter-surveillance techniques to detect surveillance attempts.

• Consider using privacy-focused operating systems and applications for extra protection.

• Conduct regular risk assessments and implement mitigation strategies accordingly.

• Stay vigilant, informed, and resilient in the face of surveillance.


What measures can journalists take to protect their data?

Journalists should use secure communication tools, implement two-factor authentication and strong passwords, establish secure physical workspaces and backup systems, utilize anonymous source communication channels, adopt counter-surveillance techniques, consider using privacy-focused operating systems and applications, conduct regular risk assessments, stay vigilant in the face of surveillance.

How can I protect my own online privacy?

You can protect your own online privacy by setting up two-factor authentication on all of your accounts, using a password manager to generate strong passwords for each account, avoiding connecting to unsecured Wi-Fi networks, being cautious of phishing attempts or other forms of social engineering, and opting for privacy-focused applications whenever possible.

What is two-factor authentication?

Two-factor authentication (2FA) is an extra layer of security that utilizes a unique code sent to a mobile device in addition to the usual username and password combination. This extra barrier makes it harder for unauthorized login attempts.

What is end-to-end encryption?

End-to-end encryption is a type of technology that scrambles data so it can only be read by the parties involved in the communication, making it more difficult for surveillance entities to access or intercept.

What are counter-surveillance techniques?

Counter-surveillance techniques involve detecting and mitigating potential surveillance attempts. These techniques include conducting regular security audits of devices and accounts, scanning for malware or spyware, being vigilant for any signs of unusual activity or unauthorized access, and utilizing network traffic analyzers to detect abnormal data flows.