With the revelations of surveillance practices by intelligence agencies, it is time for journalists to enter the "deep web", according to the advice of author of 'Deep Web for Journalists' Alan Pearce.
Speaking at the International Newsroom Summit in Berlin, he offered tips as to how journalists can stay secure online.
The 'deep web'
The deep web is the name he gives to how people can browse, converse and save files anonymously. One example is how journalists can use anonymous browser Tor to avoid being tracked.
He said that David Miranda, the partner of Glenn Greenwald – the journalist who worked with source Edward Snowden to report on surveillance carried out by America's National Security Agency – showed "stupidity" in carrying data on a hard drive with him through Heathrow.
By hiding that data in the deep web, there is no risk of the information being intercepted, he said.
Pearce added that "no terrorist is going to give stuff away on Facebook, in Google Docs or in an email" – and the intelligence services are therefore "wasting their time looking".
He said those journalists who want to go untraced should call a document a name such as 'my dissertation' or 'Grandma's goat head soup recipe' and hide it in the deep web.
One method that can be used is steganography, the art or science of hidden messages (think invisible ink). Conversations can be hidden within the digital files associated with photographs, he said.
A journalist could also hide "footage of a massacre", for example, inside the recording of a music track on an iPod or smartphone, he suggested.
The red flag of encryption
Encryption, the process of saving and sending information securely, is frequently recommended to journalists. But in Pearce's view, "the simple act of encrypting your data is enough to arouse interest".
"It's a red flag to anyone watching, you might as well hold a giant billboard with the words 'I have something to hide'," he said.
And encryption does not work if someone has already gained access to your computer.
It is better to "stay beneath the radar" and not attract attention. "Operate in areas they don't expect," offered Pearce. And don't rely on one piece of technology. "Use a range of tools, and mix and match them."
"The internet is a dangerous place for journalists," Pearce said. And starting an investigation – whether into child sex abuses or terrorist activity – might set off alarm bells with the security services. "A device will quickly be planted in your computer to follow you around," he warned.
"It's very easy for an algorithm to misconstrue your browsing activities," he said, explaining how a reporter working on a story about IEDs (improvised explosive devices) might read up on military history and watch a few videos on YouTube, but that could be "asking for trouble".
Pearce also said journalists, who often have privileged access to politicians and key sources, could also be a target for that reason.
And there have also been a number of cases recently of news sites and their social media accounts being targeted by hackers.
"Don't use any word you can find in a dictionary," for a password, Pearce warned.
But how can you remember a random collection of letters? He suggests you take a memorable opening passage from a book and take the first letter of each word and then add some symbols and numbers to the end of the password.
You also need to change the password on your home and office router, said Pearce. He uses and recommends Firefox as a browser, with free ad-ons to help boost security.
Journalists can go off-radar by creating "secret tunnels", Pearce said. You can appear to be in a different part of the world and "leave no trace".
One way to do this is to get a USB drive and install some free software, although Pearce did not go into detail about the specific technology. But, when plugged into a computer, the USB stick can allow the user to remain anonymous, he said.
"Mass surveillance is a threat," Pearce said. "And the press, as a cornerstone of democracy, has never faced such a threat." Journalists need to understand the "bad guys", he added.
Pearce forecast that "one day every journalist will know how to go off radar"; how to safely protect a source and how to transfer confidential files.
"We are an open book to intelligence agencies," he warned. "But one day every news outlet will employ a cyber security expert to keep journalists up to speed."
He added: "It's time to wake up to the internet and see it as the 21st century battleground."
Journalism.co.uk is at the World Publishing Expo in Berlin. Follow@SarahMarshall3 / @johncthompson / #wpe13 for updates. The 'live notes' from the session are at this link.
Free daily newsletter
- Weekly journalism news update: Newsletter strategies, remote podcasting and deepfakes
- A guide to beat reporting and developing a local patch
- Tip: Security measures for independent media
- Bellingcat launches investigative podcast about the Malaysia Airlines Flight 17 crash
- Al Jazeera's graphic novel-style story on Nigerian children facing witch-hunt receives award in innovation