Report Launch: Guide to SecureDrop

By Efrat Nechushtai

On May 12, Tow Center for Digital Journalism launched Guide to SecureDrop, a research project led by Tow Fellow Charles Berret, with a panel discussion at Columbia Journalism School. The report is available to download and read at the Tow Center’s GitBook repository.

SecureDrop is a platform that enables sources to contact journalists securely and anonymously through encrypted communications. It has been dubbed “a WikiLeaks for every newsroom,” and is currently used in roughly twelve news organizations, including The Guardian, The New Yorker, ProPublica, The Washington Post and The Globe and Mail. Another dozen independent journalists and non-profits are using the system, and there is a waiting list of about 75.

Berret’s report includes, for the first time, interviews with many of the journalists using SecureDrop. “The findings are promising,” said Berret at the event. “The impact of SecureDrop as a reporting tool is reported to be strong. The typical contents of SecureDrop inboxes fall into several categories. There is little variation in methods of newsroom coordination, but publishers differ on whether or not to cite the origin of SecureDrop stories.”

The panelists discussed at length why such a system, which costs over $2,000 and is less convenient to use than common communication applications, is necessary. “A Pew poll last year showed that 64% of investigative journalists believe that they are under surveillance, and almost half of them changed their practices in light of these concerns,” said Berret. “SecureDrop responds to a real need for more encryption.”

“In the past few years, the Obama administration had prosecuted more sources of journalists than all other administrations combined. One of the reasons why they have been able to do this is their surveillance capabilities,” said Trevor Timm, co-founder and executive director of the Freedom of the Press Foundation. “When you look at the indictments of these sources, you see that they have conducted some sort of digital surveillance on the sources, on the journalists, or on both.

“It has become increasingly important for journalists to start protecting sources, not after the fact, but immediately when they start talking to them,” said Timm. “There are many advantages to Using Gmail, but it puts your communications in the hands of a third party. They can have a court order served on them for all your communications, a gag order will be attached, and you may never know. SecureDrop tries to put that power back in the hands of journalists. There are no third parties involved when you set up SecureDrop in your news organization. Each organization owns its own SecureDrop system, and even we don’t have access to any of the data.”

In recent years, Susan McGregor, Assistant Director of the Tow Center for Digital Journalism and Assistant Professor at Columbia Journalism School, has been studying digital security practices among journalists. “Before the Snowden revelations, there wasn’t great awareness of the surveillance capabilities that are a side effect of electronic communications,” said McGregor. “We now see a second phase – an understanding that this is not just about national security reporting. Journalists who cover a wide range of themes, like finance or regulation, are appreciating the risks that come with that.”

“Default encryption is the direction we are seeing things move, and journalists too need to make this a default. News organizations should say: ‘This is how you talk to us.’”

Garrett Robinson, the Lead Developer on SecureDrop and one of the panelists, provided a quick demo. “The goal is to make leaking fairly easy and fairly safe,” Robinson explained. “SecureDrop allows journalists to ask the source questions without knowing who they are talking to, which gives them plausible deniability.”

“SecureDrop is pretty onerous for journalists to use, and in our training we help them find the workflow. When you make something easy to use, it is almost always the case that you will sacrifice security. We are trying to balance that and bring it back to usability,” said Robinson.

Betsy Reed, Editor-in-Chief of The Intercept, reported that implementing SecureDrop granted The Intercept access to a wider range of stories. “We are seeing a higher volume of submissions and a higher quality of material. One thing came through that looked interesting, but had nothing to do with anything The Intercept is doing. The source heard about our use of SecureDrop, and that is why they came to us. We can now give it to someone else who does not have access to the system.”

According to Barret, “The Globe and Mail said that if they get one story a year from SecureDrop, it will be worth the expense. They immediately got a story, and continue to get stories since.”

Mike Tigas, a News Applications Developer at ProPublica, emphasized that SecureDrop tries to make it as easy for the source as possible. If a source comes to you and says ‘I have this thing and I want to give it to you securely,’ there is already a record of that. SecureDrop provides a first contact that is more secure than what sources would normally do otherwise.”

“We got to a point where it is relatively easy for a source to use SecureDrop,” said Timm. “This is important, because we can spend a day or two in a newsroom and teach them tricks for keeping things as secure as possible, but it is impossible to train sources that we don’t know.”


Efrat Nechushtai is a current Ph.D. candidate at the Columbia University Graduate School of Journalism.