In the months since his death, Aaron Swartz has became an icon of the right-to-know movement. Along with founding a precursor to reddit, Swartz made his name advocating for the right to public access of information, before ultimately taking his life in the light of a pending multi-decade prison sentence for illegally downloading academic articles via the MIT network. Swartz felt that the selling of public knowledge undermined the people’s scholarship and understanding by making research a commodity available only to those that can afford to purchase it.
Nine months after Swartz’s suicide, one of his projects — a secure platform for whistleblowers to deliver messages and documents to the media — have come to fruition. SecureDrop, a Freedom of the Press Foundation-backed application first coded by Swartz himself — is a server application in which contributors can “drop” material in a manner that does not leave a digital trail, as would be the case with email or a conventional dropbox.
“We’ve reached a time in America when the only way the press can assure the anonymity and safety of their sources is not to know who they are,” said JP Barlow, co-founder of the Freedom of the Press Foundation. “SecureDrop is where real news can be slipped quietly under the door.”
“A truly free press hinges on the ability of investigative journalists to build trust with their sources,” said Freedom of the Press Foundation Executive Director Trevor Timm. “The recent NSA revelations and record number of whistleblower prosecutions under the current administration have shown the grave challenges to this relationship and the lengths governments will go to undermine it. Freedom of Press Foundation is committed ushering in a new era of security for journalists and newsrooms of all sizes.”
Protection from a government out of control
When Swartz created the code, he did it in response to the threat of the government coercing media organizations to reveal confidential sources. In light of an increasing number of governmental leaks, pressure has been substantial on the media to cooperate with the government to disclose what is known of the whistleblowers. SecureDrop attempts to resolve this problem by making the document drop anonymous.
Revelations — such as the May disclosure that the Justice Department secretly secured two months of telephone records from Associated Press reporters and editors, or reports that the department subpoenaed and searched Google’s servers to access FOX News reporter James Rosen’s emails based on allegations of his involvement in a North Korea leak and subsequent leaks revealing that the NSA has obtained and searched the electronic communication records of Americans repeatedly — show that the federal government is willing and able to use covert surveillance tactics to monitor those it sees as targets, placing the media underneath an uncomfortable and unyielding searchlight.
“SecureDrop is a Python application that accepts messages and documents from the web and encrypts them for secure storage,” wrote the Freedom of the Press Foundation in a blog entry. “Each source who uses the platform is assigned a unique codename that lets the source establish a relationship with the news organization without having to reveal her real identity or resort to email.”
“I think the [former National Security Agency contractor, Edward Snowden] case showed that there are sources out there that really care about security and will only go to journalists who take it seriously,” Timm told Ars Technica.
“On the flip side of things, I don’t think your average source is as brilliant as Snowden. He may have been able to [leak information securely] through various methods because he was a trained expert in this type of way of communicating. For others it may not be so easy. What we hope to accomplish with this is to allow a source who does not have as much technical prowess as Snowden to feel much safer than using an open source communication like email.”
Journalistic shield
SecureDrop is an Open Source application available for free to media organizations. The Freedom of the Press Foundation has offered to provide technical assistance for installation and servicing for exchange for reimbursement for “travel and hardware costs” incurred by the group for the repair call. Since May, The New Yorker has used the SecureDrop code to power its StrongBox project. “Not only is it a good tool for people we didn’t know about to send us information we don’t know, it’s also a good tool for just communicating with sources who don’t want to meet in a park,” said Nicholas Thompson, the magazine’s online editor.
The way SecureDrop works will be similar to the mechanics of StrongBox: connected via the Tor Network — a redundantly-encoded private Darknet internet — the submitter uploads his/her messages and files to the media outlet’s SecureDrop application. In response, the contributor receives an unique, randomly-generated code name for future communication. As the uploader receives a new code name per each submission, it is impossible to ascertain which files came from the same source from the transmission log alone. The files are encrypted with P.G.P. (Pretty Good Privacy, the industry’s standard for encryption) and transmitted to a server separate from the host’s home server. The files are transmitted to the editors’ computer via virtual private network and the editors are able to comment on the piece. The comments, however, will only be visible from the SecureDrop interface and only if the proper code name is presented.
Despite the fact that SecureDrop’s security has been tested independently by the University of Washington, the fact that this is far from the first whistleblowing app to be released after the death of Swartz is tempering enthusiasm. WikiLeaks remain virtually shut down, in light of Julian Assange’s effective house arrest after receiving asylum from the Ecuadorian Embassy at London and the nearly complete blocking of external funding to the organization. Due to the legal challenges to WikiLeaks, other online submission systems — such as those of Radio Sweden, Folha de Sao Paolo, Al Jazeera and the Wall Street Journal — have also struggled to maintain success in their leak collection.
“It’s not as easy as it looks to set up an anonymous site that’s safe for its users,” Timm said. “We may have seen more WikiLeaks sites become successful if the crackdown against WikiLeaks wasn’t so hard after the State Department cables. When WikiLeaks did what they did, despite not breaking any law, they were cut off from all sorts of finances and had a grand jury investigation opened against them. I think this created a chilling effect for other developers who would want to do the same thing.”
“We still need brave human beings”
In the drive to empower more media organizations to safely receive and publish whistleblower leaks and secure messages, one must consider that there are those that will go to extreme lengths to control the free flow of this information. In creating new drop-sites, media organizations are inviting increased scrutiny and heightened attempts to hack or disrupt operations. For example, in February, Balkanleaks released the “Buddha dossier,” a massive trove of secret documents from the national police which led to the resignation of Bulgaria’s prime minister Boyko Borisov 18 days later.
As a result, Bivol, the media outlet behind Balkanleaks became the target of a “massive smearing campaign in the [Bulgarian] media and a recurring DDoS attack on the site.”
As with all things, technology cannot perfectly shield those that choose to whistleblow. But in that uncertainty lies the moral implication of those that choose to ensure the public’s understanding.
“By far the majority of leaks have nothing to do with encrypted emails—they have to do with brave people within various bureaucracies having relationships with enterprising journalists,” said Ben Wizner, the director of the American Civil Liberties Union’s Speech, Privacy & Technology Project. “Technology can aid whistleblowing, but technology is not a solution. It doesn’t create the courageous patriotic whistleblower who is willing to face risk to expose illegality. It doesn’t create that person because it cannot create a foolproof way to leak without detection and punishment — and I don’t think [such sites purport] to. What the leaking sites are trying to do is to minimize the risk of leaking, but they can’t eliminate that risk. We still need brave human beings. It doesn’t replace the person who has to make a moral decision—and a moral decision with some risk.”