In the analog world of our parents, leaks to the press were heavily protected in both ends – both for the leaker and for the reporter receiving the leak. In the digital world of our children, this has been unceremoniously thrown out the window while discussing something unrelated entirely. Why aren’t our digital children afforded the same checks and balances?
Another area where privacy rights have not been carried over from the analog to the digital concerns journalism, an umbrella of different activities we consider to be an important set of checks-and-balances on power in society. When somebody handed over physical documents to a reporter, that was an analog action that was protected by federal and state laws, and sometimes even by constitutions. When somebody is handing over digital access to the same information to the same type of reporter, reflecting the way we work today and the way our children will work in the future, that is instead prosecutable at both ends.
Let us illustrate this with an example from the real world.
In the 2006 election in Sweden, there was an outcry of disastrous information hygiene on behalf of the ruling party at the time (yes, the same ruling party that later administered the worst governmental leak ever). A username and password circulated that gave full access to the innermost file servers of the Social Democratic party administration from anywhere. The username belonged to a Stig-Olof Friberg, who was using his nickname “sigge” as username, and the same “sigge” as password, and who accessed the innermost files over the Social Democratic office’s unencrypted, open, wireless network.
Calling this “bad opsec” doesn’t begin to describe it. Make a careful note to remember that these were, and still are, the institutions and people we rely on to make policy for good safeguarding of sensitive citizen data.
However, in the shadow of this, there was also the more important detail that some political reporters were well aware of the login credentials, such as one of Sweden’s most (in)famous political reporters Niklas Svensson, who had been using the credentials as a journalistic tool to gain insight into the ruling party’s workings.
This is where it gets interesting, because in the analog world, that reporter would have received leaks in the form of copied documents, physically handed over to him, and leaking to the press in this analog manner was (and still is) an extremely protected activity under law and indeed some constitutions — in Sweden, as this concerns, you can even go to prison for casually speculating over coffee at work who might have been behind a leak to the press. It is taken extremely seriously.
However, in this case, the reporter wasn’t leaked the documents, but was leaked a key for access to the digital documents — the ridiculously insecure credentials “sigge/sigge” — and was convicted in criminal court for electronic trespassing as a result, despite doing journalistic work with a clear analog protected equivalent.
It’s interesting to look at history to see how much critically important events would never have been uncovered, if this prosecution of digital journalism had been applied to analog journalism.
For one example, let’s take the COINTELPRO leak, when activists copied files from an FBI office to uncover a covert and highly illegal operation by law enforcement to discredit political organizations based solely on their political opinion. (This is not what law enforcement should be doing, speaking in general terms.) This leak happened when activists put up a note on the FBI office door on March 8, 1971 saying “Please do not lock this door tonight”, came back in the middle of the night when nobody was there, found the door unlocked as requested, and took (stole) about 1,000 classified files that revealed the illegal practices.
These were then mailed to various press outlets. The theft resulted in the exposure of some of the FBI’s most self-incriminating documents, including several documents detailing the FBI’s use of postal workers, switchboard operators, etc., in order to spy on black college students and various non-violent black activist groups, according to Wikipedia. And here’s the kicker in the context: while the people stealing the documents could and would have been indicted for doing so, it was unthinkable to charge the reporters receiving them with anything.
This is no longer the case.
Our digital children have lost the right to leak information to reporters in the way the world works today, an activity that was taken for granted — indeed, seen as crucially important to the balance of power — in the world of our digital parents. Our digital children who work as reporters can no longer safely receive leaks showing abuse of power. It is entirely reasonable that our digital children should have at least the same set of civil liberties in their digital world, as our parents had in their analog world.
Privacy remains your own responsibility.
This article was previously published at Private Internet Access..