Are Leaked Docs Safe With Canadian Reporters?

[Editor's note: An earlier version of this story ran on Canadaland, March 19. Since then, dozens of Canadian reporters have begun using encrypted email. To learn how to safely leak and receive documents, see Electronic Frontier Foundation's tutorials here.]

Thousands of people in Canada have access to top secret government documents, but if any of them are considering following in the footsteps of Edward Snowden and leaking records to journalists, they will find comparatively few reporters in this country who are capable of protecting them.

Snowden, an NSA contractor-turned-whistleblower, leaked a massive trove of documents that revealed potentially illegal surveillance programs throughout the "Five Eyes" intelligence alliance of Australia, Canada, New Zealand, the United Kingdom and the United States. Intelligence agencies in these countries not only monitor the communications of terrorists and foreign states, they also collect private and potentially compromising information from journalists and the public at large.

However, since the Snowden leaks were made public, only a handful of reporters in Canada have taken steps to secure themselves and their sources. Many investigative reporters and even some national security reporters in Canada are not equipped with email encryption.

A Canadaland investigation into over 100 Canadian media organizations, including all major papers and broadcasters, found only 37 journalists in the country have publicly begun using encrypted email with their work accounts since the first Snowden NSA stories in June 2013. This information was obtained using the MIT PGP Public Key Server, a sort of a phone book for PGP encrypted email contacts, to find journalists and other staff publicly using PGP encryption with their work email accounts. The number does not include freelance reporters, but it remains atrociously low when compared with journalists in the United States.

For example, in the same period from June 2013 to present, reporters at the New York Times alone registered 55 encrypted professional email accounts.

Only 12 media outlets in Canada have had reporters sign up for encryption since the Snowden leaks. The Toronto Star tops the list with seven new PGP users, Sun Media has six, and The Globe and Mail and La Presse tie the CBC with five new PGP users apiece.

Dozens of media organizations including Global, Maclean's and The Canadian Press, didn't have a single email address registered on a public key server. 

However, looking up the emails of media organizations on the public key server does not reveal all the journalists using encryption. Three categories of journalist do not show up: freelance journalists, reporters who have only encrypted their personal email accounts and those who have not listed themselves on the server.

For example, VICE Canada politics reporter Justin Ling uses PGP but hasn't uploaded his key to a public key server. His colleague, Matthew Braga, listed his personal account on the server in 2013, but only added his @vice.com email address this February.

To increase the scope of our investigation, Canadaland set up an email account under a pseudonym, "Loqior," and contacted several Canadian journalists while posing as a source hoping to leak them documents through encrypted means:

"Is there a way to send you an encrypted message? I was not able to find you on the Public Key Server. If you are using PGP encryption, please send me your public key."

The email was sent to national security reporters, the winners of the most recent round of Canadian Association of Journalists (CAJ) awards and to investigative news programs.

Reporters who were already using encryption were not contacted. These included the CAJ award winners Amber Hildebrandt and Michael Pereira of the CBC, who are currently collaborating with Dave Seglins to report on Snowden documents. National security reporters Michelle Sheppard of the Toronto Star and Colin Freeze of The Globe and Mail were also already using encryption.

However, the majority of CAJ award-winning reporters did not respond to the email. Neither did the investigative news programs W5, The Fifth Estate and 16x9. Update: The Fifth Estate says a PGP key can be provided on its website.* Two national security reporters who were contacted -- Jim Bronskill of The Canadian Press and Ian MacLeod of the Ottawa Citizen -- were not using encryption but are planning to do so in the future. Both indicated that if the matter was urgent they would set it up right away.

'Encryption works': Snowden

On the other hand, some positive stories did emerge.

Glen McGregor, a reporter with the Ottawa Citizen, initially responded, "No, don't have anything like that but I suppose I should probably get one." Less than 30 minutes later he replied with a newly established public key.

Similarly, Tyee journalist David Ball replied, "There is now" along with a link to his public key.

Most impressive was the response from CBC's Ian Johnson, who replied to the email with the key for a "trusted colleague" and explained, "If necessary, we have access to an air-gap computer, use Tails and can also use other tools to help ensure privacy if the situation requires it."

Robert Fife, a parliamentary reporter with CTV, responded by saying the he did not use PGP encryption, but provided his BlackBerry PIN-to-PIN, another means of sending an encrypted message that is widely used in government circles. While much more secure than sending unencrypted messages, Blackberry PIN messages fall short of the security provided by other forms of encryption. The CSE states on their website that "any BlackBerry device can potentially decrypt all PIN-to-PIN messages sent by any other BlackBerry."

"Encryption works," declared Snowden, shortly after stories based on his leaks were first revealed. "Properly implemented strong crypto systems are one of the few things that you can rely on."

Whether through legal or illicit means, unencrypted emails can be read by a variety of parties, including internet service providers, email providers, law enforcement, spy agencies, and criminal hackers. Without encryption, a journalist has shut the door to sources who need a secure method of communication in order to protect their identity.

"As a reporter, you are holding yourself out to the public as someone who sources can trust" says Lex Gill, a Montreal based activist and law student, who has organized training sessions, dubbed 'crypto parties,' aimed at helping the public learn to use encryption tools. "In this day and age it is irresponsible for anyone who is communicating with vulnerable sources, or has sensitive documents, to not be using encryption. This is a matter of journalistic ethics."

If any CSE employees are disturbed by their agency's current activities, they may not feel safe approaching many media organizations in Canada. That's because the handful of journalists using PGP encryption on its own this is not enough to protect sources with highly sensitive records.

The new manilla envelope

In 2013, The New Yorker began using SecureDrop, a system designed to allow sources to send journalists records with considerable protection.

The following year The Guardian, the Washington Post and many other media outlets began using SecureDrop. However, it wasn't until earlier this month that the Globe and Mail became the first organization in Canada using the tool.

"SecureDrop is the 21st-century equivalent of the manila envelope," said David Walmsley, The Globe and Mail's editor in chief, when the newspaper announced earlier this month that it had adopted the technology.

Sources can upload encrypted data to SecureDrop, but the system is only accessible through Tor, a tool that allows users anonymity by routing their online traffic through multiple computers across the internet.

Journalists then receive the encrypted data from SecureDrop and transfer it via a USB key to an air-gapped computer -- a machine without an internet connection -- to prevent external access. The data is then decrypted on the air-gapped computer, which uses Tails, an operating system that runs off a USB key and leaves no trace on the computer running it.

The Globe and Mail, however, is not the only media organization in Canada that is capable of secure communication beyond PGP. Some reporters at CBC are capable of decrypting messages on an air-gapped computer running Tails. The problem is that the broadcaster doesn't publicize this capability, and potential sources have no way of knowing.

The handful of CBC reporters using encryption are likely a product of the broadcaster's current collaboration with Glenn Greenwald, one of the reporters first approached by Edward Snowden, and his publication The Intercept.

On Oct. 21, 2014, Greenwald visited CBC's Toronto headquarters to talk about his reporting on surveillance. On that same day Dave Seglins first registered an encrypted email account. Soon after Amber Hildebrandt and Michael Pereira would also encrypt their emails, and a few weeks later the CBC began publishing stories on Snowden documents related to CSE.   

While any number of spy agencies around the world may be targeting journalists covering national security, reporters covering other beats are not immune from risk.

"The government isn't the only party who has strong incentives to monitor your communications: everyone from the private sector to organized crime might pose a risk to journalists," says Gill, the Montreal based law-student.  

She is convinced encryption is integral to the future of journalism, and encourages reporters to not only learn to use PGP encryption but to also use other tools that are designed to encrypt their phone calls, chats, text messages, and the data that is stored on their computers. She thinks it is particularly important that reporters are encrypting their notes, and other sensitive documents.

"Learning basic encryption is not difficult," states Gill, "reporters have no excuse for not using it."

*Updated Friday, March 27 at 8:10 a.m.