Online Privacy: How To Protect Your Data As A Journalist

January 23, 2023
Safe Online

5 Must-Have Online Privacy Tools For Journalists 

As a journalist, the only tools you needed were a pencil, a notepad, and a trilby to hold your press credentials. That was, of course, the 1940s and only seen in Hollywood films at the time. In today’s digital age, a world accustomed to a 24-hour rolling news cycle, the journey from story to print is not only longer, but much of it takes place online, raising the stakes when it comes to keeping a lid on a story or protecting critical data such as the identity of your source or confidential information.


The Privacy Threat

Privacy, particularly online privacy, is the oil that keeps the engine of any modern newsroom room running. Still, it is becoming increasingly complex, which is ironic given that the internet, in its original form, supported anonymity. Unfortunately, your online activities are no longer anonymous. 

Each browser request you make contains a wealth of information about you and your computer that trackers collect using fingerprinting techniques and cookies. The information gathered is then compiled by data brokers into detailed profiles. Targeted advertising is the most benign effect of this tracking; other effects are less innocent, including identity theft.

Photo of System Hacking on a Monitor


Every other day, it seems, there is another data breach, and journalists are a prime target of this invasion of privacy. 

You might be tempted to dismiss this as an alarmist cry because you believe you aren’t yet telling the hard-hitting stories, or you work for a small publication. However, give yourself some credit! Your work is important, and your data is very appealing to threat actors such as hackers, thieves, and even other newsrooms looking to steal a scoop. You may also receive special attention from more well-resourced adversaries, such as law enforcement and government agencies, for your reporting.

A data breach at the Israeli spy firm NSO Group, for example, revealed that the company’s Pegasus software is being used by governments all over the world to spy on journalists and political dissidents. At least 180 journalists have been targeted, including editors, reporters, and executives from CNN, the Financial Times, the New York Times, Reuters, France 24, The Economist, and others. More information about the data breach can be found in a report titled “The Pegasus Project” published by The Guardian in collaboration with 16 other news outlets.


Shields Up: How To Guard Your Privacy Online


While it is nearly impossible to maintain complete anonymity while using the internet, there are steps you can take to limit your exposure. Protecting your online privacy and avoiding trackers doesn’t have to be a hopeless task, as these top privacy apps can make a significant difference.

With that in mind, here are five online privacy tools that no journalist worth their salt should be without.

1. A VPN (Virtual Private Network) 


Grey and Black MacBook Pro Showing VPN


A VPN, or Virtual Private Network, is a simple app that allows you to hide your IP address from the rest of the web. This seemingly simple VPN superpower sells itself to you when you realize that, although it may feel secure, your internet service provider can see and log your activities every time you surf the web. Similarly, various websites and even the government can track your activity using your IP address, which can reveal a lot about you, what pages you’re viewing, and where you are.

A VPN can be a valuable tool in your online privacy protection toolbox –  use it. Allow it to mask and encrypt your data as it travels through secure networks of servers in distant countries and states. Doing so will hide your online identity, ensuring that you are able to browse the Internet anonymously and securely. 

However, not all VPNs can provide you with the level of online privacy you require. You might want to stick to one of our top five: ExpressVPN, PrivateVPN, IPVansish, CyberGhost, and Private Internet Access.


2. Email Encryptors 

Email, like the internet, was invented by people who had no idea it would be misused. But it’s pointless to cry over spilled milk; given that threat actors with the will and means can eavesdrop on your online communications, it’s best to be proactive in protecting this data, beginning with your email.

Email encryptors can help with this. It’s a powerful anti-snooping tool that deserves its own roundup. However, here’s a quick rundown of how it works. 

The best email encryption solutions on the market today are built with the PGP (Pretty Good Privacy) encryption algorithm, which is widely regarded as the best commercial encryption algorithm. PGP is so powerful that even the best-in-class decryption tools used by both the British and US governments are unable to decrypt PGP-encrypted communications or files.


Photo of a Person Taking Down Notes


However, if you don’t work in tech, PGP can be difficult to set up. If this is the case, we recommend that you use third-party applications such as Mailvelope. They take PGP’s power and make it simple to use. What’s more, Mailvelope can also encrypt files stored on your digital device, providing an extra layer of security for your data.


Here’s a pro tip: beyond encrypting your email messages, end-to-end encryption should be used whenever possible to prevent all of your other messages and communications from being easily intercepted. To get started, consider using Signal for Android and IOS to secure messages so that third parties cannot read them. Encourage sources and colleagues to use it as well. (Hint: Telling people, “This is the quickest way to reach me,” goes a long way.)


3. Disposable Email Addresses (DEA) 

When the contents of your email conversations are encrypted, no hacker can read your messages. However, your email address itself is exposed any time you sign up for any internet-based services, send a message, or buy a product online. At first glance, this may not appear to be a cause for concern, but because your email address also serves as your ID for many websites, you are still vulnerable to cyberattacks.


But how can you communicate without giving a service provider or merchant your email? The solution lies in a simple technology called a disposable email address (DEA). These services allow you to generate a temporary email address that you can use in place of your real one. Similar to the way burner phones work. Once you’re done using it to communicate with a source, or if one of your DEAs becomes compromised, you destroy it. Some DEA providers of note include Abine Blur, Burner Mail, and ManyMe. 

4. Password Managers 


The word "Password" Spelled Out in Scrabble Tiles

Regardless of how inconvenient they can be, passwords are not going away anytime soon because no universal replacement has been developed. It is best to use a different, difficult-to-guess, unique password each time you need to create an account on a website or app. This way, even if there is a data breach and one of your passwords is compromised, your other digital accounts will not be compromised.

But remembering all of these passwords is a difficult task for anyone. The only way to accomplish this feat is to use a password manager such as LastPass. In addition to allowing you to manage all of your passwords in one place, it can help you audit password strength, prevent you from entering your information on scam sites, and speed up logins by allowing you to automatically fill out credentials in online forms.

5. Public Exposure Detectors (PED) 

The appearance of your private data on the dark web is one of the first signs that your privacy is in jeopardy. Hackers who break into online data vaults are quick to sell what they find, which is a terrifying situation for any journalist to be in.

Fortunately, public exposure detector apps, such as the free Safe Me mobile app, can browse the dark web and assess all exposures of your personal data, such as email addresses and breached passwords, providing you with a report that you can use to update your online privacy security measures.

You can then use the report it provides to raise your privacy score by updating compromised passwords, properly configuring your device’s security, and completing recommended short security awareness courses.

Unlike Safe Me, which specifically seeks data associated with your email address, PEDs such as IDX Privacy collect all your personal information and then search the dark web for it. When its search is finished, it will give you advice on what you can do to minimize the adverse effects on your privacy and security for each exposure it finds.

However, for advanced-level PED protection, you may want to consider Bitdefender Digital Identity Protection, which scans the dark side of the web for your personal information but goes a step further by making connections between the data it gets to find other data that may be related to you. It fine-tunes its dark web search as you review these potential exposures and either confirms or rejects them.


Best Practices for Protecting Your Online Privacy


Regardless of your approach to protecting your online privacy, we also recommend doing the following as best practices to further protect your data. 

  • Keep Your Software and Hardware Up to Date

Every day, white hat hackers and security researchers discover flaws in software, and most software updates include valuable security patches to close these flaws. As such, if you use an older version of a software instead of the newer, more improved model, you are leaving yourself vulnerable to security breaches.

  • Use Two-Factor/Multi-Factor Authentication 

Two-factor authentication (2FA) or multi-factor authentication (MFA) adds extra layers of security to your online accounts by requiring anyone attempting to log in to provide a second piece of or more information. This is typically a shortcode, also known as a One Time Password( OTP), sent to a mobile device via an app such as Google Authenticator, a prompt to answer the security question you set up, a biometrics login option, or a combination of the above.

  • Take Caution with What You Download

Some of the most common files you interact with as a reporter on a daily basis (e.g., Microsoft Office documents and PDFs) are excellent at delivering malware. You should try to avoid launching or simply downloading documents from unknown sources. Of course, this does not mean you should pass up a potential scoop; rather, instead of launching suspicious documents on your personal computer, consider opening them in Google Drive.

  • Look for SSL (Secure Sockets Layer) on Websites

Before entering sensitive information on any website, always ensure that it has an SSL certificate. SSL establishes a secure connection between a server and a client (your device and IP address) through which any amount of data can be securely transmitted. You’ll have less to worry about when it comes to your data and privacy this way.

  • Disable File-Sharing, Check Your Wi-Fi Settings, and Install a Firewall 

The vulnerability to your online privacy can sometimes be traced back to a setting on your device. It’s surprising, but it’s true.

While we cannot advise you to use a light theme over a dark theme, we can ask that you disable file sharing on your computer so that intruders cannot access your private files over the network. You should also ensure that your Wi-Fi is not set to automatically connect to the nearest available Wi-Fi access point. This could be a hacker’s computer rather than a legitimate connection point.

Most importantly, make sure the firewall on your computer (operating systems like Windows come with an inbuilt firewall) is enabled at all times. This should prevent unauthorized access to the computer’s ports.


One Last Thing 

While it may be impossible to address all of the threats to your online privacy as a journalist because new ones emerge every day, using the tools on this list and following these best practices will leave you far less exposed than the alternative, which is doing nothing. 

Of course, if you need a more robust, tailored online privacy protection plan for your newsroom, we’d be delighted to assist you. Don’t hesitate to get in touch with us by email at emailxx or by phone at phonexx to arrange a meeting. Finally, don’t forget to share this article with colleagues and friends who would benefit from it as well!

Related Posts

Scroll to Top