Archive for the ‘Reporting’ Category

IndonesiaLeaks [Leak early, Leak often]

Friday, December 15th, 2017

IndonesiaLeaks: New Platform for Whistleblowers and Muckrakers

From the post:

Ten media houses and five civil society organizations in Indonesia announced a collaboration this week to form a digital platform for whistleblowers.

IndonesiaLeaks will allow the public a platform to anonymously and securely submit information, documents and data sets related to the public interest. The information received by IndonesiaLeaks will then be vetted and verified for use in investigative reports by the ten affiliated media organizations.

The secure online platform is crucial in Indonesia due to the lack of whistleblower protection schemes. Those who take risks leaking information on offenses happening in their institutions are often prosecuted and intimidated.

“IndonesiaLeaks is designed as a collaborative platform between ten media houses to share tasks, responsibilities and resources, as well as risks,” said Wahyu Dhyatmika, the editor of IndonesiaLeaks member publication Tempo.co, at the platform’s launch in Jakarta on Thursday. “By creating this partnership, we hope the impacts of investigative journalism will be bigger and spread widely.”

A welcome surprise as a hard year for the media draws to a close. The chest pounding antics of the American President aren’t the only woes for the media in 2017, but they have been some of the most visible.

IndonesiaLeaks promises to give the sordid side of government (is there another side?) greater visibility. This collaboration will provide strength in numbers and resources for its participants, furthering their ability to practice investigative journalism.

I don’t read Indonesian but the website is attractive and focuses on the secure submission of documents. I rather like that, clean, focused, and to the point.

The collaboration partners to date:

Support these collaborators and other investigative journalists at every opportunity. You never know when one of their stories will impact your reporting on a frothing, tantrum throwing, press hater closer to the United States.

Journocode Data Journalism Dictionary

Friday, December 8th, 2017

Journocode Data Journalism Dictionary

From the webpage:

Navigating the field of data journalism, a field that borrows methods and terms from so many disciplines, can be hard – especially in the beginning. You need to speak the language in order to collaborate with others and knowing which words to type into a search engine is the first step to learning new things.

That’s why we started the Journocode Data Journalism Dictionary. It aims to explain technical terms from fields like programming, web development, statistics and graphics design in a way that every journalist and beginner can understand them.

Fifty-one (51) definitions as of today, 8 December 2017, and none will be unfamiliar to data scientists.

But, a useful resource for data scientists to gauge the terms already known to data journalists and perhaps a place to contribute other terms with definitions.

Don’t miss their DDJ Tools resource page while you visiting.

Don’t trust NGOs, they have their own agendas (edited)

Wednesday, December 6th, 2017

The direct quote is “Don’t trust NGOs, they may have their own agendas.”

I took out the “may” because NGOs are committed to themselves and their staffs before any cause or others. That alone justifies removing the “may.” They have their own agendas and you need to keep that in mind.

Wildlife Crimes: Focus On The Villain, Not The Victim by Ufrieda Ho, says in part:

Ease up on the blood shots, ditch the undercover ploys and think crime story, not animal story.

These are top tips from Bryan Christy, author, investigative journalist and National Geographic Society Fellow. He says environmental trafficking and smuggling should be treated like a “whodunnits” rather than yet another depressing tale of gore and horror.

Christy, a panelist at this morning’s GIJN session on Environmental Crime and Wildlife Smuggling, says: “We need to stop telling the rhino-victim story and start thinking about the trafficker-villain story.”

Christy says shifting the editorial telling of stories in this way is a tool to fight “sad story” fatigue. It trains the audience to follow the trail of a villain through plot-driven action rather than to be turned off by feeling hopeless and despairing in the face of another climate change story or another report on a butchered elephant.

“The criminal plot is also a pack horse – it can pack in a lot of information,” says Christy, understanding that the nature of environmental investigations on smuggling and trafficking is about exploring intricate webs.

That sounds like a data mining/science angle to wildlife crime to me!

There will be people in the field but connecting all the dots will require checking shipping, financial, even the Panama Papers and Paradise Papers for potential connections and leads.

Neo4j Desktop Download of Paradise Papers [It’s Not What You Hope For, Disappointment Ahead]

Tuesday, December 5th, 2017

Neo4j Desktop Download of Paradise Papers

Not for the first time, Neo4j marketing raises false hopes among potential users.

When you or I read “Paradise Papers,” we quite naturally think of the reputed cache of:

…13.4 million leaked files from a combination of offshore service providers and the company registries of some of the world’s most secretive countries.

Well, you aren’t going to find those “Paradise Papers” in the Neo4j Desktop download.

What you will find is highly processed data summarized as:


Data contained in the Paradise Papers:

  • Officer: a person or company who plays a role in an offshore entity.
  • Intermediary: go-between for someone seeking an offshore corporation and an offshore service provider — usually a law-firm or a middleman that asks an offshore service provider to create an offshore firm for a client.
  • Entity: a company, trust or fund created in a low-tax, offshore jurisdiction by an agent.
  • Address: postal address as it appears in the original databases obtained by ICIJ.
  • Other: additional information items.

Make no mistake, International Consortium of Investigative Journalists (ICIJ) does vital work that isn’t being done by anyone else. For that they merit full marks. Not to mention the quality of their data mining and reporting on the data they collect.

However, their hoarding of primary source materials deprives other journalists and indeed the general public of the ability to judge the accuracy and fairness of their reporting.

Using data derived from those hoarded materials to create a teaser database such as the “Paradise Papers” distributed by Neo4j only adds insult to injury. A journalist or member of the public can learn who is mentioned but is denied access to the primary materials that would make that mention meaningful.

You can learn a lot of about Neo4j from the “Paradise Papers,” but about the people and transactions mentioned in the actual Paradise Papers, not so much.

Imagine this as a public resource for citizens and law enforcement around the world, with links back to the primary documents.

That could make a difference for the citizens of entire countries, instead of for the insiders journalists managing the access to and use of the Paradise Papers.

PS: Have you thought about how you would extract the graph data from the .AppImage file?

The Motherboard Guide to Avoiding State Surveillance [Where’s Your Security Cheat Sheet?]

Wednesday, November 29th, 2017

The Motherboard Guide to Avoiding State Surveillance by Sarah Jeong.

From the post:

In the wake of September 11th, the United States built out a massive surveillance apparatus, undermined constitutional protections, and limited possible recourse to the legal system.

Given the extraordinary capabilities of state surveillance in the US—as well as the capabilities of governments around the world—you might be feeling a little paranoid! It’s not just the NSA—the FBI and even local cops have more tools at their disposal to snoop on people than ever before. And there is a terrifying breadth of passive and unexpected surveillance to worry about: Your social media accounts can be subpoenaed, your emails or calls can be scooped up in bulk collection efforts, and your cell phone metadata can be captured by Stingrays and IMSI catchers meant to target someone else.

Remember, anti-surveillance is not the cure, it’s just one thing you can do to protect yourself and others. You probably aren’t the most at-risk person, but that doesn’t mean you shouldn’t practice better security. Surveillance is a complicated thing: You can practice the best security in the world, but if you’re sending messages to someone who doesn’t, you can still be spied on through their device or through their communications with other people (if they discuss the information you told them, for instance).

That’s why it’s important that we normalize good security practices: If you don’t have that much to be afraid of, it’s all the more important for you to pick up some of these tools, because doing that will normalize the actions of your friends who are, say, undocumented immigrants, or engaged in activism. Trump’s CIA Director thinks that using encryption “may itself be a red flag.” If you have “nothing to hide,” your use of encryption can actually help people at risk by obfuscating that red flag. By following this guide, you are making someone else safer. Think of it as herd immunity. The more people practice good security, the safer everyone else is.

The security tips provided earlier in this guide still apply: If you can protect yourself from getting hacked, you will have a better shot at preventing yourself from being surveilled (when it comes to surveilling iPhones, for instance governments often have few options besides hacking the devices). But tech tools don’t solve all problems. Governments have a weapon in their hands that criminal hackers do not: the power of the law. Many of the tips in this section of the guide will help you not only against legal requests and government hacking, but also against anyone else who may be trying to spy on you.

You don’t have to turn yourself into a security expert. Just start thinking about your risks, and don’t be intimidated by the technology. Security is an ongoing process of learning. Both the threats and the tools developed to address them are constantly changing, which is one of the reasons why privacy and security advice can often seem fickle and contradictory. But the tips below are a good starting point.

Jeong writes a great post but like most of you, what I need is a security cheat sheet so I start off everyday with the same standard security practices.

Read Jeong’s post but think about creating a personalized security cheat sheet that requires your initials at the start of each day and note any security fails on your part for that day.

At the end of each week, review your security fails for patterns and/or improvements.

What’s on your security cheat sheet?

New York Times (on Dark Web)

Sunday, November 26th, 2017

Have you tried the New York Times (Dark Web) Site Map? AKA spiderbites.nytimes3xbfgragh.onion

Navigation has the usual Tor overhead, but not bad unless you expect an instance response. 😉

What’s your experience like?

I first saw this in the Hunchly Daily Hidden Services Report for 2017-11-01.

A Docker tutorial for reproducible research [Reproducible Reporting In The Future?]

Wednesday, November 15th, 2017

R Docker tutorial: A Docker tutorial for reproducible research.

From the webpage:

This is an introduction to Docker designed for participants with knowledge about R and RStudio. The introduction is intended to be helping people who need Docker for a project. We first explain what Docker is and why it is useful. Then we go into the the details on how to use it for a reproducible transportable project.

Six lessons, instructions for installing Docker, plus zip/tar ball of the materials. What more could you want?

Science has paid lip service to the idea of replication of results for centuries but with the sharing of data and analysis, reproducible research is becoming a reality.

Is reproducible reporting in the near future? Reporters preparing their analysis and releasing raw data and their extraction methods?

Or will selective releases of data, when raw data is released at all, continue to be the norm?

Please let @ICIJorg know how you feel about data hoarding, #ParadisePapers, #PanamaPapers, when data and code sharing are becoming the norm in science.

Data Hoarding Journalists and Information Security

Tuesday, November 14th, 2017

A Study of Technology in Newsrooms

From the post:

We face a global media landscape rife with both uncertainty and excitement. The need to understand this new digital era — and what it means for journalists — has never been more urgent. That’s why we at the International Center for Journalists (ICFJ) launched the first-ever global survey on the adoption of new technologies in news media.

More than 2,700 newsroom managers and journalists, from 130 countries, responded to our survey, which was conducted in 12 languages. Storyful, Google News Lab and SurveyMonkey supported the research. ICFJ worked with Georgetown University’s Communication, Culture, and Technology (CCT) program to administer and analyze the survey, conducted using SurveyMonkey.

One highlight from the report:

Perhaps data hoarding journalists aren’t as secure as they imagine.

Considering they are hoarding stolen data for their own benefit, what would be their complaint if the data was liberated from them?

I’ve heard the “we act in the public interest” argument but unless and until the public can compare the data to their reports, it’s hard to judge such claims.

Notice I said “the public” and not me. There are entire areas of no interest to me or in which I lack the skills to judge the evidence. Interests and skills possessed by other members of the public.

I’m not interested in access to hoarded information until everyone has access to the same information. To exclude anyone from access is to put them at a disadvantage in any ensuing discussion. I’m not willing to go there. Are you?

Human Trafficking Resources (@gijn)

Tuesday, November 14th, 2017

The Global Investigative Journalism Network, @gijn, has created three guide for investigative reporters covering human trafficking:

  1. Human Trafficking Resources: Data.
  2. Human Trafficking Resources: Stories.
  3. Human Trafficking Resources: Best Practices in Reporting.

It’s a tough subject this close to the holidays but the victims of human traffickers don’t enjoy holidays, 365 days out of the year.

What I missed in “Best Practices” was mention of the use of data science to combat human trafficking.

On that score, a starter set of three resources:

Data science can help us fight human trafficking by Renata Konrad and Andrew C. Trapp.

Combating Human Trafficking Using Data Science (Booz Allen whitepaper)

How Data Analytics Is Helping to Fight Human Trafficking by Alex Woodie.

It’s unlikely that human traffickers are more cyber secure than your average corporation or government agency, so there is a role for hackers to breach information systems used by human traffickers.

If you have resources on human trafficking to suggest, contact @gijn.

New Maltese Investigative News Website – Security Suggestions

Friday, November 10th, 2017

Three Experienced Maltese Journalists Open Investigative News Website by Tim Diacono.

From the post:


“The vile execution of journalist Daphne Caruana Galizia is a wakeup call for civic action, to stop the greed and the rot and to assert the power of the pen over the might of criminals who want us to remain silent as they pile up their profits,” the journalists wrote in their first editorial. “It was nothing short of a declaration of war on our serenity and freedom to stand up to be counted.”

“We have come together to create The Shift months ago thinking that there could not have been a better time for a nonpartisan voice with a clear agenda for good governance, which speaks its truth to power respectfully but firmly, keeping a distance from economic and partisan agendas. We never could have anticipated that our country would descend into this nightmare,” they added.

“We have decided to take the plunge now because we also want to contribute to the civic awakening which followed the brutal elimination of a journalist who spoke her truths to power. We do not seek to step in Daphne Caruana Galizia’s shoes and our style and approach is very different. But we promise to honour the best part of her legacy, that of being a thorn in the side… of whoever is in power.”

To the extent The Shift can be “…a thorn in the side… of whoever is in power,” I’m all for it.

On the other hand, the organizers of The Shift should consider working with an umbrella organization that provides basic security.

The Shift organizers should retain their independence but among the more glaring flaws of their current site:

  1. http:// instead of https://
  2. No PGP key for encrypted email
  3. No secure drop box for leaks
  4. No advice on secure contacts
  5. Contact form requires name and email?
  6. … others I’m sure…

The Global Investigative Journalism Network (GIJN) maintains a great list of Digital Security resources.

Even if someone else in your organization is tasked with digital security, have a nodding acquaintance with the GIJN resources and revisit them on a regular basis.

Don’t be a passive consumer of security services.

Passive consumers of security services are also known as “victims.”

Open Ownership Project

Thursday, November 9th, 2017

Open Ownership Project

From about page:

OpenOwnership is driven by a steering group composed of leading transparency NGOs, including Global Witness, Open Contracting Partnership, Web Foundation, Transparency International, the ONE Campaign, and the B Team, as well as OpenCorporates.

OpenOwnership’s central goal is to build an open Global Beneficial Ownership Register, which will serve as an authoritative source of data about who owns companies, for the benefit of all. This data will be global and linked across jurisdictions, industries, and linkable to other datasets too.

Alongside the register, OpenOwnership is developing a universal and open data standard for beneficial ownership, providing a solid conceptual and practical foundation for collecting and publishing beneficial ownership data.

I first visited the Open Ownership Project site following two (of four) posts on verifying beneficial ownership.

What we really mean when we talk about verification (Part 1 of 4) by Zosia Sztykowski and Chris Taggart.

From the post:

This is the first of a series of blog posts in which we will discuss the critical but tricky issue of verification, particularly with respect to beneficial ownership.

‘Verification’ is frequently said to be a critical step in generating high-quality beneficial ownership information. What’s less clear is what is actually meant by verification, and what are the key factors in the process. In fact, verification is not one step, but three:

  1. Ensuring that the person making a statement about beneficial ownership is who they say they are, and that they have the right to make the claim (authentication and authorization);

  2. Ensuring that the data submitted is a legitimate possible value (validation);

  3. Verifying that the statement made is actually true (which we will call truth verification).

Another critical factor is whether these processes are done on individual filings, typically hand-written pieces of paper, or their PDF equivalents, or whole datasets of beneficial ownership data. While verification processes are possible on individual filings, this series will show that that public, digital, structured beneficial ownership data adds an additional layer of verification not possible with traditional filings.

Understanding precisely how verification takes place in the lifecycle of a beneficial ownership datum is an important step in knowing what beneficial ownership data can tell us about the world. Each of the stages above will be covered in more detail in this series, but let’s linger on the final one for a moment.

What we really mean when we talk about verification: Authentication & authorization (Part 2 of 4)

In the first post in this series on the principles of verification, particularly relating to beneficial ownership, we explained why there is no guarantee that any piece of beneficial ownership data is the absolute truth.

The data collected is still valuable, however, providing it is made available publicly as open data, as it exposes lies and half-truths to public scrutiny, raising red flags that indicate potential criminal or unethical activity.

We discussed a three-step process of verification:

  1. Ensuring that the person making a statement about beneficial ownership is who they say they are (authentication), and that they have the right to make the claim (authorization);

  2. Ensuring that the data submitted is a legitimate possible value (validation);

  3. Verifying that the statement made is actually true (which we will call truth verification).

In this blog post, we will discuss the first of these, focusing on how to tell who is actually making the claims, and whether they are authorized to do so.

When authentication and authorization have been done, you can approach the information with more confidence. Without them, you may have little better than anonymous statements. Critically, with them, you can also increase the risks for those who wish to hide their true identities and the nature of their control of companies.

Parts 3 and 4 are forthcoming (as of 9 November 2017).

A beta version of the Beneficial Ownership Data Standard (BODS) was released last April (2017). A general overview appeared in June, 2017: Introducing the Beneficial Ownership Data Standard.

Identity issues are rife in ownership data so when planning your volunteer activity for 2018, keep the Open Ownership project in mind.

The Great Wall of Journalistic Secrecy – Paradise Papers

Wednesday, November 8th, 2017

At time mark 21:20, you learn the International Consortium of Investigative Journalists (ICIJ) is absolutely committed to being The Great Wall of Journalistic Secrecy between you and the Paradise Papers.

Even secrecy-before-effectiveness agencies of the U.S. government, the CIA, the FBI and the NSA, among others, pay more lip service to the idea of transparency than the ICIJ.

The ICIJ claim its secrecy protects the privacy of some while its members profit from violating the privacy of others, sounds more like the current US president than a credible news organization.

What were the conditions under which the ICIJ was entrusted with this leak? How are the interests of the leaker advanced by the ICIJ’s handling of this leak? Those are are only two questions the public will never have answered if the ICIJ has any say in the matter. Numerous others will occur to you.

Perhaps the ICIJ should have some preliminary period of exclusive access to the leaked materials, say 3 years from the first published report based on the leaked materials. But thirty-six months is more than long enough for the public to wait to confirm for itself the claims and stories published by ICIJ members.

If transparency is important for government, it is even more important for watchdogs of government.

Scoop Mainstream Media on “… 6 Russian Government Officials Involved In DNC Hack”

Friday, November 3rd, 2017

You have read US Identifies 6 Russian Government Officials Involved In DNC Hack or similar coverage on Russian “interference” with the 2016 presidential election.

Here’s your opportunity to scoop mainstream media on the identities of the “…6 Russian Government Officials Involved In DNC Hack.”

Resources to use:

Russian Political Directory 2017

The Russian Political Directory is the definitive guide to people in power throughout Russia. All the top decision-makers are included in this one-volume publication, which details hundreds of government ministries, departments, agencies, corporations and their connected bodies. The Directory is a trusted resource for studies and research in all matters of Russian government, politics and civil society activities. Government organization entries contain the names and titles of officials, postal and e-mail addresses, telephone, fax numbers plus an overview of their main activities.

Truly comprehensive in scope, and listing all federal and regional government ministries, departments, agencies, corporations and their connected bodies, this directory provides a uniquely comprehensive view of government activity.

For playing “…guess a possible defendant…,” $200 is a bit pricey but opening to a random page is a more principled approach than you will see from the Justice Department in its search for defendants.

If timeliness isn’t an issue, consider the Directory of Soviet Officials: Republic Organizations:

From the preface:

The Directory of Soviet Officials identifies individuals who hold positions in selected party, government, and public organizations of the USSR. It may be used to find the incumbents of given positions within an organization or the positions of given individuals. For some organizations, it serves as a guide to the internal structure of the organization.

This directory dates from 1987 but since Justice only needs Russian sounding names and not physical defendants, consider it a backup source for possible defendants.

For the absolute latest information, at least those listed, consider The Russian Government. The official site for the Russian government and about as dull as any website you are likely to encounter. Sorry, but that’s true.

Last but be no means least, check out Johnson’s Russia List, which is an enormous collection of resources on Russia. It has a 2001 listing of online databases for Russian personalities. It also has a wealth of Russian names for your defendant lottery list.

When Justice does randomly name some defendants, ask yourself and Justice:

  1. What witness statements or documents link this person to the alleged hacking?
  2. What witness statements or documents prove a direct order from Putin to a particular defendant?
  3. What witness statements or documents establish the DNC “hack?” (It may well have been a leak.)
  4. Can you independently verify the witness statements or documents?

Any evidence that cannot be disclosed because of national security considerations should be automatically excluded from your reporting. If you can’t verify it, then it’s not a fact. Right?

Justice won’t have any direct evidence on anyone they name or on Putin. It’s strains the imagination to think Russian security is that bad, assuming any hack took place at all.

No direct evidence means Justice is posturing for reasons best know to it. Don’t be a patsy of Justice, press for direct evidence, dates, documents, witnesses.

Or just randomly select six defendants and see if your random selection matches that of Justice.

Fact-Free Reporting on Kaspersky Lab – Stealing NSA Software Tip

Thursday, October 12th, 2017

I tweeted:

@thegrugq Israelis they hacked Kerspersky, saw Russians there, tell NSA, lots of he, they, we say, few facts.

[T]the grugq‏ @thegrugq responded with the best question on the Kaspersky story:

What would count as a fact here? Kaspersky publicised the hack when it happened. Does that count as a fact?

What counts as a fact is central to my claim that thus far, all we have seen is fact-free reporting on the alleged use of Kaspersky Lab software to obtain NSA tools.

Opinions are reported but not facts you could give to an expert like Bruce Schneier ask for an opinion.

What would I think of as “facts” in this case?

What did Israeli intelligence allegedly see when it hacked into Kaspersky Lab?

Not some of the data, not part of the data, but a record of all the data seen upon which they then concluded the Russians were using it to search for NSA software.

To the automatic objection this was a “secret intelligence operation,” let me point out that without that evidence, the NSA and anyone else further down the chain of distribution of the Israeli opinion, were being manipulated by that opinion in the absence of facts.

Just as the NSA wants to foist its opinion on the public, through unnamed sources, without any evidence for the public to form its own opinion based on facts.

The prevention of contrary opinions or avoiding questioning of an opinion, can only be achieved by blocking access to the alleged evidence that “supports” the opinion.

Without any “facts” to speak of, the Department of Homeland Security, is attempting to govern all federal agencies and their use of Kaspersky security software.

Stating the converse, how do you dispute claims made by unnamed sources that say the Israelis saw the Russians using Kaspersky Lab software to look for NSA software?

The obvious answer is that you can’t. There are no facts to check, no data to examine, and that, in my opinion, is intentional.

PS: If you want to steal NSA software, history says the easiest route is to become an NSA contractor. Much simpler than hacking anti-virus software, then using it to identify likely computers, then hacking identified computers. Plus, you paid vacation every year until you are caught. Who can argue with that?

Online Verification Course (First Draft) [Open To Public – January 2018]

Wednesday, October 11th, 2017

First Draft launches its online verification training course

From the post:

Journalists strive to get the story right, but as we are bombarded by far more information than ever before, the tools and skills crucial to telling the whole story are undergoing a profound change. Understanding who took the photo or video, who created the website and why, enables journalists to meet these challenges. Verification training, up until now, has largely been done on the job and as needed. But today, we’re thrilled to announce the launch of our online verification course.

In this course, we teach you the steps involved in verifying the eyewitness media, fabricated websites, visual memes and manipulated videos that emerge on social media. The course is designed so that anyone can take the course from start to finish online, or educators can take elements and integrate into existing classroom teaching. For newsroom training managers, we hope the you can encourage your staff to take the course online, or you can take individual videos and tutorials and use during brown-bag lunches. We provide relevant and topical examples — from events such as Hurricane Irma and the conflict in Syria — to show how these skills and techniques are put into practice.

The course is open only to First Draft partners until January 2018, so consider that as an incentive for your organization to become a First Draft partner!

I haven’t seen the course material but the video introduction:

and the high quality of all other First Draft materials, sets high expectations for the verification course.

Looking forward to a First Draft course on skepticism for journalists, which uses the recent Wall Street Journal repetition of government slanders about Kerspersky Lab, which is subsequently discovered to be: “we (Israel) broke into the Kerpersky house and while robbing the place saw another burglar (Russia) there and they were looking for NSA software, so we alerted the NSA.” How Israel Caught Russian Hackers Scouring the World for U.S. Secrets

Only an editor suffering from nationalism to the point being a mental disorder would publish such a story without independent verification. Could well all be true but when all the sources are known liars, something more is necessary before reporting it as “fact.”

Busting Fake Tweeters

Tuesday, October 10th, 2017

The ultimate guide to bust fake tweeters: A video toolkit in 10 steps by Henk van Ess.

From the post:

Twitter is full of false information. Even Twitter co-founder Ev Williams recognizes that there is a “junk information epidemic going on,” as “[ad-driven platforms] are benefiting from people generating attention at pretty much any cost.”

This video toolkit is intended to help you debunk dubious tweets. It was first developed in research by the Institute for Strategic Dialogue and the Arena Program at the London School of Economics to detect Russian social media influence during the German elections. It was also the basis for a related BuzzFeed article on a Russian bot farm and tweets about the AfD  — the far-right party that will enter the German parliament for the first time.

This is an excellence resource for teaching users skepticism about Twitter accounts.

For your use in creating a personal cheatsheet (read van Ess for the links):

  1. Find the exact minute of birth
  2. Find the first words
  3. Check the followers
  4. Find Twitter users in Facebook
  5. Find suspicious words in tweets
  6. Searching in big data
  7. Connect a made up Twitter handle to a real social media account
  8. Find a social score
  9. How alive is the bot?
  10. When (and how) is your bot tweeting?

Deciding that a Twitter account maybe a legitimate is only the first step in evaluating tweeted content.

The @WSJ account belongs to the Wall Street Journal, but it doesn’t follow their tweets are accurate or even true. Witness their repetition of government rumors about Kerpersky Lab for example. Not one shred of evidence, but WSJ repeats it.

Be skeptical of all Tweets, not just ones attributed to the “enemy of the day.”

OnionShare – Safely Sharing Email Leaks – 394 Days To Mid-terms

Sunday, October 8th, 2017

FiveThirtyEight concludes Clinton’s leaked emails had some impact on the 2016 presidential election, but can’t say how much. How Much Did WikiLeaks Hurt Hillary Clinton?

Had leaked emails been less boring and non-consequential, “smoking gun” sort of emails, their impact could have been substantial.

The lesson being the impact of campaign/candidate/party emails is impossible to judge until they have been leaked. Even then the impact may be uncertain.

“Leaked emails” presumes someone has leaked the emails, which in light of the 2016 presidential election, is a near certainty for the 2018 congressional mid-term elections.

Should you find yourself in possession of leaked emails, you may want a way to share them with others. My preference for public posting without edits or deletions, but not everyone shares my confidence in the public.

One way to share files securely and anonymously with specific people is OnionShare.

From the wiki page:

What is OnionShare?

OnionShare lets you securely and anonymously share files of any size. It works by starting a web server, making it accessible as a Tor onion service, and generating an unguessable URL to access and download the files. It doesn’t require setting up a server on the internet somewhere or using a third party filesharing service. You host the file on your own computer and use a Tor onion service to make it temporarily accessible over the internet. The other user just needs to use Tor Browser to download the file from you.

How to Use

http://asxmi4q6i7pajg2b.onion/egg-cain. This is the secret URL that can be used to download the file you’re sharing.

Send this URL to the person you’re sending the files to. If the files you’re sending aren’t secret, you can use normal means of sending the URL, like by emailing it, or sending it in a Facebook or Twitter private message. If you’re sending secret files then it’s important to send this URL securely.

The person who is receiving the files doesn’t need OnionShare. All they need is to open the URL you send them in Tor Browser to be able to download the file.
(emphasis in original)

Download OnionShare 1.1. Versions are available for Windows, Mac OS X, with instructions for Ubuntu, Fedora and other flavors of Linux.

Caveat: If you are sending a secret URL to leaked emails or other leaked data, use ordinary mail, no return address, standard envelope from a package of them you discard, on the back of a blank counter deposit slip, with letters from a newspaper, taped in the correct order, sent to the intended recipient. (No licking, it leaves trace DNA.)

Those are the obvious security points about delivering a secret URL. Take that as a starting point.

PS: I would never contact the person chosen for sharing about shared emails. They can be verified separate and apart from you as the source. Every additional contact puts you in increased danger of becoming part of a public story. What they don’t know, they can’t tell.

TruthBuzz: Announcing the winners! [Does Fake/False News Spread Differently?]

Wednesday, October 4th, 2017

TruthBuzz: Announcing the winners! by Oren Levine.

From the post:

Caricatures of politicians, time-lapse videos and an app modeled on a classic video game were among the winners of TruthBuzz, the Viral Fact-Checking Challenge.

Organized by the International Center for Journalists (ICFJ) with support from the Craig Newmark Foundation, the TruthBuzz contest aimed to find new ways to help verified facts reach the widest possible audience. The competition sought creative solutions to take fact-checking beyond long-form explanations and bullet points.

The goal of the contest was to “…make the truth go viral…,” which the winners did with style.

Except no distinction is offered between the spread of fake/false news and “truth.”

Enjoy reading about the winners but then ask yourself:

Could these same techniques be used to spread fake/false news?

My answer is yes.

What’s yours?

PS: My answer to why fake/false news spreads unchecked? There are fewer ad dollars in corrections than headline stories. You?

BuzzFeed News Animates Jewish Folktale

Tuesday, October 3rd, 2017

Zahra Hirji and Lam Thuy Vo team up in Here’s Why Debunking Viral Climate Myths Is Almost Impossible, In One Animated Chart to animate a Jewish folktale, A Pillow Full of Feathers (as retold by Shoshannah Brombacher).

In the folktale, a businessman repeats all the gossip he hears, enjoying the attention it brings. One day his repeating of gossip brings real harm to another. The businessman asks his rabbi what he can do to undo his deed. At the direction of the rabbi, he cuts into a feather pillow, which scatters feathers all over the room, some fly out the window, etc. Now the rabbi commands him to recover every feather that came from the pillow.

The businessman protests it is impossible to recover all the feathers and the rabbi points out the same is true for undoing his gossip. He can’t ever reach everyone who heard his gossip. (Brombacher’s retelling is much better than mine so see his version. Please.)

Hirji and Vo are concerned with a story published on February 4 (2017) and admitted to be false on September 16 (2017). They write:

When a British newspaper published an exposé in February alleging proof that US government scientists had used flawed data to show recent global warming and rushed to publish their research to sway the Paris climate talks, conservative media was lit.

“The latest example of misinformation from the left comes directly from the federal government,” SarahPalin.com said about the article, published in Britain’s Mail on Sunday. It was a “bombshell,” according to the climate skeptic blog Watts Up With That, and “explosive,” according to The Federalist Papers Project. “BUSTED: NOAA Lied About Climate Change Data to Manipulate World Leaders,” blared the website Louder with Crowder.

The story centered on a two-year-old Science study showing that the rise in global temperatures had not recently stalled, as previous data had suggested. The Science paper had repeatedly been attacked by climate skeptics, including House Science Committee chair Lamar Smith (R-Tex.). After the Mail on Sunday’s piece, Smith demanded, for at least the sixth time, that the National Oceanic and Atmospheric Administration turn over its correspondence about the Science data.

Now, some seven months later, the Mail on Sunday has begrudgingly admitted its story was wrong. But will this update change anyone’s minds?

That seems unlikely, based on a BuzzFeed News review of how widely the article was shared across social media compared to early attempts to debunk it.

Hirji and Vo have a great visualization of the rapid spread of Daily Mail story by the Internet. BTW, they reach the same conclusion as the businessman and the rabbi on undoing fake news once it spreads.

Pillow Full of Feathers differs from this account of the spread of a climate myth in the following exchange:


When the nice man with the nasty problem heard from the rabbi how devastated his colleague was, he felt truly sorry. He honestly had not considered it such a big deal to tell this story, because it was true; the rabbi could check it out if he wanted. The rabbi sighed.

True, not true, that really makes no difference! You just cannot tell stories about people. This is all lashon hara, slander, and it’s like murder—you kill a person’s reputation.” He said a lot more, and the man who started the rumor now felt really bad and sorry. “What can I do to make it undone?” he sobbed. “I will do anything you say!”
… (emphasis added)

It’s popular to talk about the spread of false or mis-leading news, but the mechanisms for spreading true and false news are the same.

The emphasis on false or mis-leading news has a hidden assumption that we have correctly identified false or mis-leading news.

That’s certainly not my presumption when I hear the management at Facebook, Twitter, Google or any of the other common suspects discussing false or mis-leading news.

What about you?

Female Journalists Fight Online Harrassment [An Anti-Censorship Response]

Saturday, September 30th, 2017

(Before you tweet, pro or con, I take everything Ricchiari reports as true and harassment of women as an issue that must be addressed.)

Female Journalists Fight Online Harrassment by Sherry Ricchiardi.

From the post:

Online tormentors have called Swedish broadcaster Alexandra Pascalidou a “dirty whore,” a “Greek parasite” (a reference to her ethnic heritage), a “stupid psycho,” “ugly liar” and “biased hater.” They have threatened her with gang rape and sexual torture in hideous detail.

But Pascalidou has chosen to fight back by speaking out publicly, as often as she can, against the online harassment faced by female journalists. In November 2016, she testified before a European commission about the impact of gender-based trolling. “(The perpetrators’) goal is our silence,” she told the commission. “It’s censorship hidden behind the veil of freedom of speech. Their freedom becomes our prison.”

In April 2017, Pascalidou appeared on a panel at the International Journalism Festival in Italy, discussing how to handle sexist attacks online. She described the vitriol and threats as “low-intense, constant warfare.”

“Some say switch it off, it’s just online,” she told The Sydney Morning Herald. “It doesn’t count. But it does count, and it’s having a real impact on our lives. Hate hurts. And it often fuels action IRL (in real life).”

Other media watchdogs have taken notice. International News Safety Institute director Hannah Storm has called online harassment “the scourge of the moment in our profession” and a “major threat to the safety and security of women journalists.”

“When women journalists are the target, online harassment quickly descends into sexualized hate or threats more often than with men,” she added. “Women are more likely to be subjected to graphic sexual and physical violence.”

You will be hard pressed to find a more radical supporter of free speech than myself. I don’t accept the need for censorship of any content, for any reason, by any public or private entity.

Having said that, users should be enabled to robustly filter speech they encounter, so as to avoid harassment, threats, etc. But they are filtering their information streams and not mine. There’s a difference.

Online harassment is consistent with the treatment of women IRL (in real life). Cultural details will vary but the all encompassing abuse described in Woman at point zero by Nawāl Saʻdāwī can be found in any culture.

The big answer is to change the treatment of women in society, which in turn will reduce online harassment. But big answers don’t provide relief to women who are suffering online now. Ricchiardi lists a number of medium answers, the success of which will vary from one newsroom to another.

I have a small answer that isn’t seeking a global, boil-the-ocean answer.

Follow female journalists on Twitter and other social media. Don’t be silent in the face of public harassment.

You can consider one or more of the journalists from Leading women journalists – A public list by Ellie Van Houtte.

Personally I’m looking for local or not-yet-leading female journalists to follow. A different perspective on the news than my usual feed plus an opportunity to be supportive in a hostile environment.

Being supportive requires no censorship and supplies aid where it is needed the most.

Yes?

@niccdias and @cward1e on Mis- and Dis-information [Additional Questions]

Friday, September 29th, 2017

10 questions to ask before covering mis- and dis-information by Nic Dias and Claire Wardle.

From the post:

Can silence be the best response to mis- and dis-information?

First Draft has been asking ourselves this question since the French election, when we had to make difficult decisions about what information to publicly debunk for CrossCheck. We became worried that – in cases where rumours, misleading articles or fabricated visuals were confined to niche communities – addressing the content might actually help to spread it farther.

As Alice Marwick and Rebecca Lewis noted in their 2017 report, Media Manipulation and Disinformation Online, “[F]or manipulators, it doesn’t matter if the media is reporting on a story in order to debunk or dismiss it; the important thing is getting it covered in the first place.” Buzzfeed’s Ryan Broderick seemed to confirm our concerns when, on the weekend of the #MacronLeaks trend, he tweeted that 4channers were celebrating news stories about the leaks as a “form of engagement.”

We have since faced the same challenges in the UK and German elections. Our work convinced us that journalists, fact-checkers and civil society urgently need to discuss when, how and why we report on examples of mis- and dis-information and the automated campaigns often used to promote them. Of particular importance is defining a “tipping point” at which mis- and dis-information becomes beneficial to address. We offer 10 questions below to spark such a discussion.

Before that, though, it’s worth briefly mentioning the other ways that coverage can go wrong. Many research studies examine how corrections can be counterproductive by ingraining falsehoods in memory or making them more familiar. Ultimately, the impact of a correction depends on complex interactions between factors like subject, format and audience ideology.

Reports of disinformation campaigns, amplified through the use of bots and cyborgs, can also be problematic. Experiments suggest that conspiracy-like stories can inspire feelings of powerlessness and lead people to report lower likelihoods to engage politically. Moreover, descriptions of how bots and cyborgs were found give their operators the opportunity to change strategies and better evade detection. In a month awash with revelations about Russia’s involvement in the US election, it’s more important than ever to discuss the implications of reporting on these kinds of activities.

Following the French election, First Draft has switched from the public-facing model of CrossCheck to a model where we primarily distribute our findings via email to newsroom subscribers. Our election teams now focus on stories that are predicted (by NewsWhip’s “Predicted Interactions” algorithm) to be shared widely. We also commissioned research on the effectiveness of the CrossCheck debunks and are awaiting its results to evaluate our methods.

The ten questions (see the post) should provoke useful discussions in newsrooms around the world.

I have three additional questions that round Nic Dias and Claire Wardle‘s list to a baker’s dozen:

  1. How do you define mis- or dis-information?
  2. How do you evaluate information to classify it as mis- or dis-information?
  3. Are your evaluations of specific information as mis- or dis-information public?

Defining dis- or mis-information

The standard definitions (Merriam Webster) for:

disinformation: false information deliberately and often covertly spread (as by the planting of rumors) in order to influence public opinion or obscure the truth

misinformation: incorrect or misleading information

would find nodding agreement from Al Jazeera and the CIA, to the European Union and Recep Tayyip Erdoğan.

However, what is or is not disinformation or misinformation would vary from one of those parties to another.

Before reaching the ten questions of Nic Dias and Claire Wardle, define what you mean by disinformation or misinformation. Hopefully with numerous examples, especially ones that are close to the boundaries of your definitions.

Otherwise, all your readers know is that on the basis of some definition of disinformation/misinformation known only to you, information has been determined to be untrustworthy.

Documenting your process to classify as dis- or mis-information

Assuming you do arrive at a common definition of misinformation or disinformation, what process do you use to classify information according to those definitions? Ask your editor? That seems like a poor choice but no doubt it happens.

Do you consult and abide by an opinion found on Snopes? Or Politifact? Or FactCheck.org? Do all three have to agree for a judgement of misinformation or disinformation? What about other sources?

What sources do you consider definitive on the question of mis- or disinformation? Do you keep that list updated? How did you choose those sources over others?

Documenting your evaluation of information as dis- or mis-information

Having a process for evaluating information is great.

But have you followed that process? If challenged, how would you establish the process was followed for a particular piece of information?

Is your documentation office “lore,” or something more substantial?

An online form that captures the information, its source, the check fact source consulted with date, decision and person making the decision would take only seconds to populate. In addition to documenting the decision, you can build up a record of a source’s reliability.

Conclusion

Vagueness makes discussion and condemnation of mis- or dis-information easy to do and difficult to have a process for evaluating information, a common ground for classifying that information, to say nothing of documenting your decision on specific information.

Don’t be the black box of whim and caprice users experience at Twitter, Facebook and Google. You can do better than that.

571 threats to press freedom in first half of 2017 [Hiding the Perpetrators?]

Tuesday, September 26th, 2017

Mapping Media Freedom verifies 571 threats to press freedom in first half of 2017

First Limit on Coverage

When reading this report, which is excellent coverage of assaults on press freedom, bear in mind the following limitation:

Mapping Media Freedom identifies threats, violations and limitations faced by members of the press throughout European Union member states, candidates for entry and neighbouring countries.

You will not read about US-based and other threats to press freedom that fall outside the purview of Mapping Media Freedom.

From the post:

Index on Censorship’s database tracking violations of press freedom recorded 571 verified threats and limitations to media freedom during the first two quarters of 2017.

During the first six months of the year: three journalists were murdered in Russia; 155 media workers were detained or arrested; 78 journalists were assaulted; 188 incidents of intimidation, which includes psychological abuse, sexual harassment, trolling/cyberbullying and defamation, were documented; 91 criminal charges and civil lawsuits were filed; journalists and media outlets were blocked from reporting 91 times; 55 legal measures were passed that could curtail press freedom; and 43 pieces of content were censored or altered.

“The incidents reported to the Mapping Media Freedom in the first half of 2017 tell us that the task of keeping the public informed is becoming much harder and more dangerous for journalists. Even in countries with a tradition of press freedom journalists have been harassed and targeted by actors from across the political spectrum. Governments and law enforcement must redouble efforts to battle impunity and ensure fair treatment of journalists,” Hannah Machlin, Mapping Media Freedom project manager, said.

This is a study of threats, violations and limitations to media freedom throughout Europe as submitted to Index on Censorship’s Mapping Media Freedom platform. It is made up of two reports, one focusing on Q1 2017 and the other on Q2 2017.

You can obtain the report in PDF format.

Second Limit on Coverage

As I read about incident after incident, following the links, I only see “the prosecutor,” “the police,” “traffic police,” “its publisher,” “the publisher of the channel,” and similar opaque prose.

Surely “the prosecutor” and “the publisher” was known to the person reporting the incident. If that is the case, then why hide the perpetrators? What does that gain for freedom of the press?

Am I missing some unwritten rule that requires members of the press to be perpetual victims?

Exposing the perpetrators to the bright light of public scrutiny, enables local and remote defenders of press freedom to join in defense of the press.

Yes?

Evidence of Government Surveillance in Mexico Continues to Mount [Is This News?]

Monday, September 25th, 2017

Evidence of Government Surveillance in Mexico Continues to Mount by Giovanna Salazar, translated by Omar Ocampo.

From the post:

In early September, further attempts to spy on activists in Mexico were confirmed. The president of Mexicans Against Corruption and Impunity (MCCI), an organization dedicated to investigative journalism, received several SMS messages that were intended to infect his mobile device with malicious software.

According to The New York Times, Claudio X. González Guajardo was threatened with Pegasus, a sophisticated espionage tool or “spyware” sold exclusively to governments that was acquired by the Mexican government in 2014 and 2015, with the alleged intention of combating organized crime. Once installed, Pegasus spyware allows the sender or attacker to access files on the targeted device, such as text messages, emails, passwords, contacts list, calendars, videos and photographs. It even allows the microphone and camera to activate at any time, inadvertently, on the infected device.

Salazar’s careful analysis of the evidence leaves little doubt:

these intrusive technologies are being used to intimidate and silence dissent.

But is this news?

I ask because my starting assumption is that governments buy surveillance technologies to invade the privacy of their citizens. The other reason would be?

You may think some targets merit surveillance, such as drug dealers, corrupt officials, but once you put surveillance tools in the hands of government, all citizens are living in the same goldfish bowl. Whether we are guilty of any crime or not.

The use of surveillance “to intimidate and silence dissent” is as natural to government as corruption.

The saddest part of Salazar’s report is that Pegasus is sold exclusively to governments.

Citizens need a free, open source edition of Pegasus Next Generation with which to spy on governments, businesses, banks, etc.

A way to invite them into the goldfish bowl in which ordinary citizens already live.

The ordinary citizen has no privacy left to lose.

The question is when current spy masters will lose theirs as well?

Behind the First Arab Data Journalists’ Network – Open For Collaborations!

Sunday, September 24th, 2017

Behind the First Arab Data Journalists’ Network

From the post:

When it comes to data journalism in the Middle East, one name stands out. Amr Eleraqi is the data journalist spreading data journalism to the Middle East. In 2012, he launched infotimes.org, the first Arabic website specializing in data journalism in the region. Since then, Eleraqi and his organization have both been nominated for GEN Data Journalism Awards — once in 2015 as an individual, and the second in 2016 for the best data visualization website of the year.

His goal: to introduce Arab journalists to the concept of data visualization as a new tool for storytelling. It worked. As the site grew so did the interest of Arab journalists in the field of data journalism. So he and a team of nine recently launched the first Arab Data Journalists’ Network. Advocacy Assembly spoke with Eleraqi to learn more about the network and how it’s changing the scene for Arab journalists.

The website, Arab Data Journalists’ Network, is available in three languages (Arabic, English, French) and is focused on educational material for Arab journalists in Arabic.

The tweet from @gijn where I saw this says contact @arabdjn or @aeleraqi for collaborations!

Excellent opportunity to expand your news awareness and data journalism contacts.

Leaky Media Paywalls!

Friday, September 22nd, 2017

In paywall age, free content remains king for newspaper sites by Ariel Stulberg.

From the post:

THE MAJORITY OF AMERICA’S largest newspapers continue to employ digital subscription strategies that prioritize traffic, ad revenues, and promotion—despite the ongoing collapse of display ad rates.

Even as they’ve added paying Web subscribers by the hundreds of thousands, daily newspapers have decisively rejected an all-in approach featuring “hard” website paywalls that mimic their print business models. Instead, most are employing either “leaky” paywalls with unlimited “side doors” for non-subscribers or no paywalls at all, according to a CJR analysis of the nation’s 25 most-visited daily newspaper sites.

There was little agreement on a paywall strategy and certainly no consensus solution to the problem of the “ideal” newspaper paywall. The paywalled news sites, 15 in total, diverged widely in the cost of their subscriptions, the number of free articles dispensed, the specific combination of “side door” exceptions employed, and whether they operated via one flagship website or two—one free and one for subscribers.

Despite what seems like widespread optimism about the prospect of digital subscriptions buttressing the industry, a full 10 sites, 40 percent of the outlets we looked at, focused on ad revenue exclusively, eschewing paywalls.

News executives who spoke with CJR expressed confidence in their company’s approach and cited their favorite figures to back it up. But without examining internal data, the best way to gauge whether they were right will be to check back in a few years and see whether each is sticking with their approach. No matter the format, the prospect of news organizations relying on paywalls as primary drivers of revenue still seems remote.
… (emphasis in original)

As you might imagine, Stulberg finds the evidence is mixed on the use of paywalls, non-use of paywalls and leaky paywalls in between. Each approach has some advocates but there’s not enough accessible and representative data to reach any hard conclusions.

Still, the post provides you with a handy list of “leaky paywalls” to enjoy as part of your media experience. Just in time for the weekend as well.

Enjoy!

PS: Drop by the Donate page for the Columbia Journalism Review to support quality writing on journalism.

Self-Censorship and Privilege on the Internet

Thursday, September 14th, 2017

Sloppy U.S. Spies Misused A Covert Network For Personal Shopping — And Other Stories From Internal NSA Documents by Micah Lee, Margot Williams, Talya Cooper.

From the post:

NSA agents successfully targeted “the entire business chain” connecting foreign cafes to the internet, bragged about an “all-out effort” to spy on liberated Iraq, and began systematically trying to break into virtual private networks, according to a set of internal agency news reports dating to the first half of 2005.

British spies, meanwhile, were made to begin providing new details about their informants via a system of “Intelligence Source Descriptors” created in response to intelligence failures in Iraq. Hungary and the Czech Republic pulled closer to the National Security Agency.

And future Intercept backer Pierre Omidyar visited NSA headquarters for an internal conference panel on “human networking” and open-source intelligence.

These stories and more are contained in a batch of 294 articles from SIDtoday, the internal news website of the NSA’s core Signals Intelligence Directorate. The Intercept is publishing the articles in redacted form as part of an ongoing project to release material from the files provided by NSA whistleblower Edward Snowden.

In addition to the aforementioned highlights, summarized in further detail below, the documents show how the NSA greatly expanded a secret eavesdropping partnership with Ethiopia’s draconian security forces in the Horn of Africa, as detailed in an investigation by longtime Intercept contributor Nick Turse. They describe the NSA’s operations at a base in Digby, England, where the agency worked with its British counterpart GCHQ to help direct drones in the Middle East and tap into communications through the Arab Spring uprisings, according to a separate article by Intercept reporter Ryan Gallagher. And they show how the NSA and GCHQ thwarted encryption systems used to protect peer-to-peer file sharing through the apps Kazaa and eDonkey, as explained here by Intercept technologist Micah Lee.

NSA did not comment for this article.

If you are interested in reporting based on redacted versions of twelve year old news (last half of 2005), this is the article for you.

The authors proclaim self-censorship and privilege saying:


The Intercept is publishing the articles in redacted form as part of an ongoing project to release material from the files provided by NSA whistleblower Edward Snowden.

These authors can milk their treasure trove of unredacted SIDreports, giving them an obvious advantage over other journalists.

Not as great an advantage as being white and male but it is a privilege unrelated to merit, one violates any concept of equal access.

Other reporters or members of the public notice connections unseen by the Intercept authors.

We won’t ever know since the Intercept, along with other media outlets, is quick to call foul on the privileges of others while clinging to its own.

PS: The lack of efforts by intelligence agencies to stop the SIDtoday series is silent testimony to its lack of importance. The SIDtoday series is little better than dated office gossip and not a complete (redacted) account of the same.

Meaningful intelligence reporting derails initiatives, operations, exposes criminal excesses with named defendants and holds the intelligence community accountable to the public. Not to be confused with the SIDtoday series and its like.

New Anti-Leak Program (leaked of course)

Wednesday, September 13th, 2017

Trump Administration Launches Broad New Anti-Leak Program by Chris Geidner.

From the post:

The top US national security official has directed government departments and agencies to warn employees across the entire federal government next week about the dangers and consequences of leaking even unclassified information.

The Trump administration has already promised an aggressive crackdown on anyone who leaks classified information. The latest move is a dramatic step that could greatly expand what type of leaks are under scrutiny and who will be scrutinized.

In the memo about leaks that was subsequently obtained by BuzzFeed News, National Security Adviser H.R. McMaster details a request that “every Federal Government department and agency” hold a one-hour training next week on “unauthorized disclosures” — of classified and certain unclassified information.

I’m guessing that since BuzzFeed News got the memo leaked before next week, then this didn’t count as as a leak under the new anti-leak program. Yes?

If “next week” means ending 24 September 2017, then leaks on or after 25 September 2017 count as leaks under the new program.

Journalists should include “leak” in all stories based on leaked information to assist researchers in tracking the rate of leaking under the new anti-leaking program.

Every leak is a step towards transparency and accountability.

Guide to Investigative Web Research (Populating A Topic Map)

Tuesday, September 5th, 2017

Guide to Investigative Web Research

From the webpage:

We’ve just finished working with a partner to create an introductory guide to investigative web research.

As part of our aim to encourage shared, open documentation about the use of technology in social change, we’re publishing it so that other people can use it too.

The guide is designed for researchers, activists and journalists who need to collect online information about people, entities or events and use it for investigative research or advocacy. If you’re tracking corporate ownership, monitoring corruption or mapping political influence, this guide is for you.

Read our guide to investigative web research

It’s designed to be practical and straightforward, pointing you to more detailed resources and giving you the context to decide what tools you might need.

As part of our philosophy of reuse and replication, we publish all our research and guides in the same open format on our Library. The Library aims to help build our collective knowledge of how technology can help activists and organisations. It has guides in Spanish, Portuguese, French, Bahasa and English, is responsive (unlike a PDF), and is designed to let people find and reuse content quickly and easily. Topics range from drones and messaging apps to participatory budgeting – and there are more guides coming soon!

Check out more guides from The Engine Room’s Library

The Library code is available on Github, and all the content is Creative Commons-licensed. We’ll keep you updated whenever new guides are added. If you’d like to chat about investigative web research techniques and how they could help your work, get in touch.

Once you decide to author a topic map, the really hard work comes in populating it with information. At least, if you want information that can be traced to verifiable sources (unlike presidential press releases these days).

The Investigative Web Research guide is a useful starting point, especially if you aren’t a seasoned web user. The more web experience you have, the less useful it will become.

There are a number of links to other resources, which is useful, but collections of links can only take the reader so far.

I had to smile when I read:

A key difference between hacking and web scraping is respect for legitimate legal barriers.

“…[L]egitimate legal barriers” support illegitimate, oppressive, patriarchal and discriminatory regimes, along with more just ones. Consider legal barriers for your own personal safety, but nothing more. Legal barriers are the carriers (in the sense of infection) of privilege in a society. Act accordingly.

GIJN’s Complete Global Guide to Freedom of Information (Attn: Activists/Journalists)

Monday, September 4th, 2017

Unlocking Laws to Set Information Free: GIJN’s New Global Guide by Toby McIntosh.

From the post:

More than 115 countries worldwide have laws that require officials to turn over public records. Of course, even in the countries that have no laws it never hurts to ask. But there’s an advantage to using an access law — variously called freedom of information laws, access to information laws, right to information and right to know laws.

There are many resources for journalists seeking to file records requests in countries with laws governing access to information. To help exploit these legal tools, we’ve lined up GIJN’s Complete Global Guide to Freedom of Information, a resource with three sections:

  • Tips and Tricks: A collection of the best advice on how to use access laws.
  • Inspirational FOI: Ideas of what to ask for and stories about journalists active in using FOI.
  • Global Resources: Country-by-country guidance and links to national resources.

Government information can be obtained by:

  • liberating government information
  • insiders leaking government information
  • “laws governing access to information”

Assuming you place credence in information a government disgorges voluntarily, this is a great resource for activists and journalists around the world.

If you like these resources, be sure to visit/support freedominfo.org.

Hacking For Government Transparency

Monday, August 28th, 2017

The 2017 U.S. State and Federal Government Cybersecurity Report by SecurityScorecard lacks details of specific vulnerabilities for identified government units, but paints an encouraging picture for hackers seeking government transparency.

Coverage of the report:


In August 2017, SecurityScorecard leveraged its proprietary platform to analyze and grade the current security postures of 552 local, state, and federal government organizations, each with more than 100 public-facing IP addresses, to determine the strongest and weakest security standards based on security hygiene and security reaction time compared to their peers.

Security Rankings by Industry

Out of eighteen (18) ranked industries, best to worst security, government comes in at a tempting number sixteen (16):

Financial services, with the fifth (5th) best security, is routinely breached, making it curious the government (#16) has any secrets at all.

Why Any Government Has Secrets

Possible reasons any government has secrets:

  • 1. Lack of interest?
  • 2. Lack of effort by the news media?
  • 3. Habituation to press conferences?
  • 4. Habituation to “leaks?”
  • N. Cybersecurity?

You can wait for governments to embarrass themselves (FOIA and its equivalents), wait for leakers to take a risk for your benefit, or, you could take the initiative in obtaining government secrets.

The SecurityScorecard report makes it clear the odds are in your favor. Your call.