Translate

Wednesday, 2 August 2017

Centuries of propaganda that the UK Police are honest is dispelled


Niel Wilby

The old-fashioned notion that honesty was an integral part of policing in the UK has been comprehensively swept away over the past few years, as corruption scandal after corruption scandal has emerged into the public domain.

Many of the worst public outrages concern police forces in Yorkshire. The Hillsborough Disaster, the Battle of Orgreave and Rotherham Abuse failings will forever stain those who wear the South Yorkshire Police uniform.

Their neighbours in West Yorkshire (WYP) have an unenviable record of ‘fitting-up’ innocent people for serious crimes they didn’t commit and this stretches back for decades to Stefan Kiszko and Judith Ward. Investigative and prosecutorial misconduct come easily to this force and one of the worst case ever to come before the courts was also down to them. Never before – or since – has a police force been so roundly and completely condemned by law lords as they were in the Karl Chapman supergrass case. Probably better known now as Operation Douglas.

Most recently, the confirmation that the jailing of one of their own most promising young constables, PC Danny Major, was corruptly grounded, takes WYP to depths in policing criminality rarely plumbed before.



The discredited West Yorkshire Police also share with North Yorkshire Police (NYP) the unenviable distinction of allowing the country’s most notorious child sex offender, Jimmy Savile, to go unchecked for almost 50 years on his home patches of Leeds and Scarborough.

North Yorkshire Police were, of course, out on their own in allowing another notorious and prolific paedophile, Peter Jaconelli to offend at will for a similar period.

Worse still, NYP tried very hard indeed, by way of two bogus investigations into themselves, to rubbish any claims that they knew about the nefarious activities of either of these hideous individuals. Indeed, but for the intervention of two citizen journalists, writing for a North Yorkshire internet news magazine, the police would have got clean away with hoodwinking the public over both Savile and Jaconelli.

This report by ACC Sue Cross (a former West Yorkshire Police officer and pictured below) took just nine days – and zero interviews – to dismiss over forty years of relentless sex offending by a man widely known as “Mr Scarborough”. It’s tone and content is directed much more to discrediting the two journalists than addressing the core issues. A trait much favoured by senior officers in the police service.

North Yorkshire Police were subsequently, and quite rightly, exposed as an incompetent, embarrassing and humiliated shambles. It seems more than a coincidence, therefore, that those same two journalists – Tim Hicks and Nigel Ward – have for the past fifteen months been facing civil court action both mounted and funded by the police (or more accurately the precept payer). This is the article by Mr Hicks that effectively dismantled the now discredited Cross Report.



I have investigated this matter of the claim concerning alleged harassment by the two journalists, extensively, since the issue of the court papers in January 2015 and have written a number of articles as a result:

Cost of silencing police force critics now approaches £1 million (click here)

Complete capitulation follows Fall of Rome (click here)

Key witness in police funded civil action is a proven liar (click here).

The North Yorkshire Police dilemma: Find a murderer or pursue journalists over harassment (click here)

This latest article focuses on just one single aspect of those investigations, upon which a large amount of time and money has already been spent:

North Yorkshire Police and the Police Commissioner, Julia Mulligan, have both quoted a figure of £409,970.90 as the alleged cost of a criminal investigation into the two journalists, and one other. The police investigation was styled Operation Rome and this is the published breakdown of their estimate:
Police officer time from December 2011 to September 2014; 94.6 months – £386,347
Legal services work from October 2010 to June 2014; 243.1 hours – £7,424.73
Civil disclosure work from September 2011 to October 2014; 352 hours – £5,181.44
Related complaints matters; 82 hours – £1,708.88
Chief Officer time; 259.08 – £9,308.85
TOTAL £409,970.90

This costing of what is, at best, a notional spend was the cornerstone that underpinned the decision by the Chief Constable and the Police Commissioner to go ahead and disburse an estimated £202,000 of the public’s money in legal fees, pursuing the civil harassment claim via the senior partner of one of the most expensive law firms in Leeds, and two barristers. One of whom is a well-known QC, with charge rates to match.

Indeed, Mrs Mulligan is quoted as saying: “Dealing with the actions of those involved in the civil case has tied up police resources to a significant extent, and it seemed reasonable to expect that further time and expense would be incurred if no action were taken“.

In layman’s terms, the PCC’s muddled hypothesis appears to be: (i) We have come up with some notional, and fanciful, figures to say it has ‘cost’ North Yorkshire Police £409,970 trying to silence these people, by criminalising them via an embarrassingly bad investigation. (ii) Now, we can save a bit of face by actually spending £202,000 of hard cash, and chase the same three men through the civil courts at the public’s expense. But, with no certainty of achieving anything more than the original failed police investigation (iii) It has actually cost a lot more than £202,000 so far, but we are keeping the lid tightly screwed down on that.

My investigations go a long way to proving that reliance on that particular foundation of the £409,970 calculation will bring the whole Operation Rome edifice to the ground:
The inclusion in the calculations of 94.6 months of police officer time, allegedly costing £386,347, to pursue three members of the public on a harassment without violence investigation stretches the bounds of credibility, far beyond breaking point.
That is the type of sum you would normally expect to see spent on a murder investigation where the perpetrator(s) remain undetected after six months.
Compare Operation Rome’s “£409,970” harassment enquiry, for example, with the recently wound up Operation Essence, a major crimes review of the Claudia Lawrence disappearance and murder. As many as 20 detectives and police staff worked full time for two and a half years. Cost: £800,000 Source: NYP.
Even 94.6 hours would be well beyond the routine for a harassment investigation of this type. That would bring the ‘cost’ in at a more realistic £2,240.34.
A harassment investigation would normally involve a neighbourhood police constable overseen by a sergeant, or possibly an inspector. The police hear what the complainant(s) have to say, speak to the suspects and make a charging decision based on the evidence. There is no forensic science involved, or complex issues to unravel. Even Heartbeat‘s PC Geoff Younger (pictured below) would shine in such probes.
The police have declined to say how many detectives were actually involved. They rely on a total of 14 people including lawyers, civil disclosure officers, PSD officers and staff from the PCC’s office as their answer.
The link between the cost of dealing with complaints against the police, freedom of information requests, reported at £6890.32, and a harassment investigation would also appear very tenuous at best. The complaints against NYP officers and information requests either had merit, or not. No evidence has been produced to me to suggest they were outside the scope of the legislation under which such issues could, quite properly, be raised.
The other ‘big ticket’ items on the costs estimate for Operation Rome also have the fishy odour of red herring. £16,733.58 is the combined total allegedly spent on Chief Officer time and the cost of Legal Services support. It begs the question as to what Chief Officers (who are most unhelpfully not identified by either name or job title) were actually doing that was connected to a criminal harassment investigation and involved 259.08hrs of their time?
The same comment applies to lawyers who are employed by the police force to deal with civil claims, not criminal investigations. How did they manage to spend 243.1 hours on a criminal harassment probe and what were they actually doing?
The bottom line here is that the TOTAL of £409,970 has very much the appearance of a figment of the imagination – and appears to be a figure largely plucked out of the air to justify raiding the public purse so that senior officers, including the Chief Constable and his Deputy could get their hands on free legal fees.



The next step in the process is to look at how the Operation Rome investigation was conducted and what it actually achieved:
None of the three suspects have ever been issued with a Police Improvement Notice (PIN), more commonly known as a harassment warning. More on PIN’s here.
Only one of three suspects, Mr Hicks, was interviewed by the police. The focus of that 2012 interview was alleged damage to the reputation of North Yorkshire Police by his work as a citizen journalist, rather than harassment.
No disclosure was made to Mr Hicks, or his solicitor who was present throughout, that would persuade an independent reviewer that the police claims of harassment were credible.
The letter from Mr Hicks’ solicitor to NYP following the interview can be read here. It amounts to another humiliation of those police officers involved in Operation Rome.
Mr Ward, meanwhile, was completely unaware that any such investigation was in progress that involved him. He was never contacted by either a police officer, or any alleged ‘victim’, at any time concerning harassment allegations.
There was no mention of Mr Ward in the interview conducted with Mr Hicks at Fulford Road police station.
Meanwhile North Yorkshire Police actively canvassed other public officials from parish, borough and county councils, and the Independent Police Complaints Commission, to make complaints against the two citizen journalists.
One of the public officials, York City Council social worker, Mark Bednarski, was found to have misled police in his own witness statement by withholding information that damaged his claim.
Another public official, County and Borough Councillor Jane Kenyon lied in her CJA statement. A fact she has recently admitted after being cornered by documentary evidence.
No arrest was made at any time during Operation Rome.
The Crown Prosecution Service (CPS) twice refused to authorised the arrest and charging of Mr Hicks under Section 3 of the Protection from Harassment Act 1997.
The CPS guidance on issue of harassment warnings can be read here.
Following the second refusal by the CPS a ‘leading specialist barrister’, believed to be Simon Myerson QC, was consulted in an effort to make criminal charges stick. That was also a failure.
With Bednarski and Kenyon as star witnesses there would be little prospect of a prosecution succeeding, in any event.

At the end of a near three year investigation, Operation Rome was closed down as an incompetent, embarrassing and humiliating shambles.

But there are a number of questions, asked via appropriate legal channels, that remain unanswered by North Yorkshire Police which cast further and serious doubt on the provenance of the information already supplied about the harassment investigation and its ‘cost’.
NYP have stated in response to a FoIA request that none of the elements of the £409,970 costings are broken down for the years 2011,2012, 2013 and 2014
On the same request, the force cannot provide details of the incident that triggered the Operation Rome investigation. That suggests there is no policy log (sometimes called the policy book) in existence. The first sign of a poorly led, and badly directed, investigation
It is further claimed by NYP that Operation Rome was led by an inspector. Yet, I have in my files letters written by CI Heather Pearson (to Tim Hicks) and DCC Tim Madgwick (to Jane Kenyon) concerning this investigation.
Why was the Force Solicitor, Jane Wintermeyer, who essentially concerns herself with legal disputes in the civil courts tasked with collecting financial estimates for a three-year criminal investigation?
Why is there no written request to Mrs Wintermeyer to carry out this work – upon which so much rested – in existence? The costing exercise was, allegedly, instigated following a verbal request from PCC Julia Mulligan and Chief Constable Dave Jones. Who both, separately, employ a highly qualified, and commensurately paid, Chief Financial Officer (Mike Porter and Jane Palmer respectively).
How could a back of the envelope exercise, delivered in such sloppy form, take over three months to produce?
Why did NYP reply to a FoIA request on 1st December, 2014 (almost at the centre point of the Wintermeyer cost collection exercise according to information she supplied to me by letter) saying that they could neither ‘confirm nor deny’ that such information existed?
Why are NYP dragging their feet on a FoIA request asking them to justify the breakdown of hourly rates used in the calculations?
More crucially, and in the interests of openness and transparency much touted by Mrs Mulligan, why does the Chief Constable, and the PCC, not simply publish the workings of Mrs Wintermeyer with the names of anyone lower than the managerial rank of inspector (or its civilian equivalent) redacted?

This all has the look of a third incompetent, embarrassing and humiliating shambles for North Yorkshire Police. Yet the mindset of its Chief Constable, and his lap dog Police Commissioner, is to dig both him, her and themselves ever deeper into a hole. Rather than confront the fact that they have been caught with their fingers in the till, so to speak, and deal with it in an honest, ethical and professional manner



More importantly, for a police force and a police commissioner to be prepared to relentlessly break the law to try, in vain, to cover its tracks over some distinctly shady territory mean that questions need to be urgently asked, at the Home Office: How can Dave Jones and Julia Mulligan justify conducting police operations in this manner – and for whose benefit are these ‘investigations’ actually being run?

There are, currently, at least 409,970 reasons for the Secretary of State, or the Home Affairs Select Committee, to seek answers to these questions.

Both Chief Constable Jones and Mrs Mulligan have been approached for comment on this article. None has yet been forthcoming from Jones, but a spokesman for the Commissioner said: ‘It would be inappropriate to comment on an ongoing legal matter‘.

North Yorkshire Enquirer‘s Nigel Ward said this: “At the material time, I was passing North Yorkshire Police a large volume of information regarding SAVILE and JACONELLI and was profusely thanked, by detectives, for my contributions. But during that same period, it seems, the police were plotting (unsuccessfully) to nail me on criminal harassment allegations made by Jane Kenyon. I refute those accusations made by her, entirely“.

But the last words should belong to Lord Maginnis of Drumglass who most presciently commented in Parliament, about North Yorkshire Police, in 2012:

“That particularly dubious Constabulary merits careful investigation”.

________________________________________________________________Written by Niel Wilby _https://neilwilby.com/2016/03/20/409970-reasons-not-to-trust-north-yorkshire-police/

© Neil Wilby 2015-2016. Unauthorised use or reproduction of the material contained in this article, without permission from the author, is strictly prohibited. Extracts from and links to the article (or blog) may be used, provided that credit is given to Neil Wilby, with appropriate and specific direction to the original content.

Photo credits: North Yorkshire Enquirer, Yorkshire Television, Darlington and Stockton Times and Office of Police and Crime Commissioner for North Yorkshire

Thursday, 6 July 2017

TERROR IN BRITAIN: WHAT DID THE PRIME MINISTER KNOW?


31 May 2017

gadaffi_cameron_may.jpg
The unsayable in Britain's general election campaign is this. The causes of the Manchester atrocity, in which 22 mostly young people were murdered by a jihadist, are being suppressed to protect the secrets of British foreign policy.

Critical questions - such as why the security service MI5 maintained terrorist "assets" in Manchester and why the government did not warn the public of the threat in their midst - remain unanswered, deflected by the promise of an internal "review".

The alleged suicide bomber, Salman Abedi, was part of an extremist group, the Libyan Islamic Fighting Group, that thrived in Manchester and was cultivated and used by MI5 for more than 20 years.

The LIFG is proscribed by Britain as a terrorist organisation which seeks a "hardline Islamic state" in Libya and "is part of the wider global Islamist extremist movement, as inspired by al-Qaida".

The "smoking gun" is that when Theresa May was Home Secretary, LIFG jihadists were allowed to travel unhindered across Europe and encouraged to engage in "battle": first to remove Mu'ammar Gaddafi in Libya, then to join al-Qaida affiliated groups in Syria.

Last year, the FBI reportedly placed Abedi on a "terrorist watch list" and warned MI5 that his group was looking for a "political target" in Britain. Why wasn't he apprehended and the network around him prevented from planning and executing the atrocity on 22 May?

These questions arise because of an FBI leak that demolished the "lone wolf" spin in the wake of the 22 May attack - thus, the panicky, uncharacteristic outrage directed at Washington from London and Donald Trump's apology.

The Manchester atrocity lifts the rock of British foreign policy to reveal its Faustian alliance with extreme Islam, especially the sect known as Wahhabism or Salafism, whose principal custodian and banker is the oil kingdom of Saudi Arabia, Britain's biggest weapons customer.

This imperial marriage reaches back to the Second World War and the early days of the Muslim Brotherhood in Egypt. The aim of British policy was to stop pan-Arabism: Arab states developing a modern secularism, asserting their independence from the imperial west and controlling their resources. The creation of a rapacious Israel was meant to expedite this. Pan-Arabism has since been crushed; the goal now is division and conquest.
In 2011, according to Middle East Eye, the LIFG in Manchester were known as the "Manchester boys". Implacably opposed to Mu'ammar Gaddafi, they were considered high risk and a number were under Home Office control orders - house arrest - when anti-Gaddafi demonstrations broke out in Libya, a country forged from myriad tribal enmities.

Suddenly the control orders were lifted. "I was allowed to go, no questions asked," said one LIFG member. MI5 returned their passports and counter-terrorism police at Heathrow airport were told to let them board their flights.

The overthrow of Gaddafi, who controlled Africa's largest oil reserves, had been long been planned in Washington and London. According to French intelligence, the LIFG made several assassination attempts on Gaddafi in the 1990s - bank-rolled by British intelligence. In March 2011, France, Britain and the US seized the opportunity of a "humanitarian intervention" and attacked Libya. They were joined by Nato under cover of a UN resolution to "protect civilians".

Last September, a House of Commons Foreign Affairs Select Committee inquiry concluded that then Prime Minister David Cameron had taken the country to war against Gaddafi on a series of "erroneous assumptions" and that the attack "had led to the rise of Islamic State in North Africa". The Commons committee quoted what it called Barack Obama's "pithy" description of Cameron's role in Libya as a "shit show".

In fact, Obama was a leading actor in the "shit show", urged on by his warmongering Secretary of State, Hillary Clinton, and a media accusing Gaddafi of planning "genocide" against his own people. "We knew... that if we waited one more day," said Obama, "Benghazi, a city the size of Charlotte, could suffer a massacre that would have reverberated across the region and stained the conscience of the world."

The massacre story was fabricated by Salafist militias facing defeat by Libyan government forces. They told Reuters there would be "a real bloodbath, a massacre like we saw in Rwanda". The Commons committee reported, "The proposition that Mu'ammar Gaddafi would have ordered the massacre of civilians in Benghazi was not supported by the available evidence".

Britain, France and the United States effectively destroyed Libya as a modern state. According to its own records, Nato launched 9,700 "strike sorties", of which more than a third hit civilian targets. They included fragmentation bombs and missiles with uranium warheads. The cities of Misurata and Sirte were carpet-bombed. Unicef, the UN children's organisation, reported a high proportion of the children killed "were under the age of ten".

More than "giving rise" to Islamic State - ISIS had already taken root in the ruins of Iraq following the Blair and Bush invasion in 2003 - these ultimate medievalists now had all of north Africa as a base. The attack also triggered a stampede of refugees fleeing to Europe.

Cameron was celebrated in Tripoli as a "liberator", or imagined he was. The crowds cheering him included those secretly supplied and trained by Britain's SAS and inspired by Islamic State, such as the "Manchester boys".

To the Americans and British, Gaddafi's true crime was his iconoclastic independence and his plan to abandon the petrodollar, a pillar of American imperial power. He had audaciously planned to underwrite a common African currency backed by gold, establish an all-Africa bank and promote economic union among poor countries with prized resources. Whether or not this would have happened, the very notion was intolerable to the US as it prepared to "enter" Africa and bribe African governments with military "partnerships".

The fallen dictator fled for his life. A Royal Air Force plane spotted his convoy, and in the rubble of Sirte, he was sodomised with a knife by a fanatic described in the news as "a rebel".

Having plundered Libya's $30 billion arsenal, the "rebels" advanced south, terrorising towns and villages. Crossing into sub-Saharan Mali, they destroyed that country's fragile stability. The ever-eager French sent planes and troops to their former colony "to fight al-Qaida", or the menace they had helped create.

On 14 October, 2011, President Obama announced he was sending special forces troops to Uganda to join the civil war there. In the next few months, US combat troops were sent to South Sudan, Congo and the Central African Republic. With Libya secured, an American invasion of the African continent was under way, largely unreported.

In London, one of the world's biggest arms fairs was staged by the British government. The buzz in the stands was the "demonstration effect in Libya". The London Chamber of Commerce and Industry held a preview entitled "Middle East: A vast market for UK defence and security companies". The host was the Royal Bank of Scotland, a major investor in cluster bombs, which were used extensively against civilian targets in Libya. The blurb for the bank's arms party lauded the "unprecedented opportunities for UK defence and security companies."

Last month, Prime Minister Theresa May was in Saudi Arabia, selling more of the £3 billion worth of British arms which the Saudis have used against Yemen. Based in control rooms in Riyadh, British military advisers assist the Saudi bombing raids, which have killed more than 10,000 civilians. There are now clear signs of famine. A Yemeni child dies every 10 minutes from preventable disease, says Unicef.

The Manchester atrocity on 22 May was the product of such unrelenting state violence in faraway places, much of it British sponsored. The lives and names of the victims are almost never known to us.

This truth struggles to be heard, just as it struggled to be heard when the London Underground was bombed on July 7, 2005. Occasionally, a member of the public would break the silence, such as the east Londoner who walked in front of a CNN camera crew and reporter in mid-platitude. "Iraq!" he said. "We invaded Iraq. What did we expect? Go on, say it."

At a large media gathering I attended, many of the important guests uttered "Iraq" and "Blair" as a kind of catharsis for that which they dared not say professionally and publicly.

Yet, before he invaded Iraq, Blair was warned by the Joint Intelligence Committee that "the threat from al-Qaida will increase at the onset of any military action against Iraq... The worldwide threat from other Islamist terrorist groups and individuals will increase significantly".

Just as Blair brought home to Britain the violence of his and George W Bush's blood-soaked "shit show", so David Cameron, supported by Theresa May, compounded his crime in Libya and its horrific aftermath, including those killed and maimed in Manchester Arena on 22 May.

The spin is back, not surprisingly. Salman Abedi acted alone. He was a petty criminal, no more. The extensive network revealed last week by the American leak has vanished. But the questions have not.

Why was Abedi able to travel freely through Europe to Libya and back to Manchester only days before he committed his terrible crime? Was Theresa May told by MI5 that the FBI had tracked him as part of an Islamic cell planning to attack a "political target" in Britain?

In the current election campaign, the Labour leader Jeremy Corbyn has made a guarded reference to a "war on terror that has failed". As he knows, it was never a war on terror but a war of conquest and subjugation. Palestine. Afghanistan. Iraq. Libya. Syria. Iran is said to be next. Before there is another Manchester, who will have the courage to say that?

Follow John Pilger on twitter @johnpilger

Tuesday, 20 June 2017

On Line Privacy Guide for Journalists

Online Privacy Guide for Journalists 2017

You can see the eBook PDF-version of this guide here.

1. Introduction

Many veteran journalists, but not only these, surely noticed that we are all of a sudden bombarded again from all-over with mentions of Watergate. Books like George Orwell’s 1984 are on display at bookstores and an air of danger to freedom of speech and freedom of the press is spreading slowly like a dark cloud over the Western Hemisphere, raising old fears.
When an American serving president accuses a former president of surveillance; when he prevents central US media outlets access – so far always granted, and taken for granted – to press conferences he holds; and when he incessantly knocks and accuses the media of being the country’s enemy number one, it isn’t surprising that memories of President Nixon surface up more with every self-pitying tweet about SNL, and that even Republican Senators such as John McCain express fear for the future of democracy.
And McCain is not alone. Many journalists whom I have spoken with recently, expressed concern for whatever lays ahead for the freedom of the press. At a time when it’s possible to express the following statement – “Donald Trump controls the NSA” – and not be held a liar, anything’s possible. Add that to the fact that recent news on CIA taught us that almost all encryption systems can be compromised, if someone has the perseverance to crack them – and you are en route to envisioning an utterly Dystopian world, where you cannot even get too comfortable laying on your sofa, in front of your own smart TV.
The good news is that it is nevertheless possible to make it difficult for anyone to try and intercept your emails, the text messages you’re sending or your phone calls. You can take measures to make the lives of those who want to uncover your sources and the information being revealed to you, much harder. Of course, the degree of effort you’re prepared to take to protect your privacy, your sources’ anonymity and your data’s safety, should be commensurate to the likelihood of a real threat, be that hacking or spying.
“The old-fashioned promises – I’m not going to reveal my source’s identity or give up my notes – are kind of empty if you’re not taking steps to protect your information digitally”, says Barton Gellman of the Washington Post, whose source, former NSA contractor Edward Snowden, helped uncover the scope of the NSA’s and British GCHQ’s operations, to his interviewer Tony Loci. Loci herself, who covered American judicial system for AP, The Washington Post and USA Today, and was herself held in contempt of court for refusing to identify sources, would probably endorse that.
So, what is it that needs to be done to ensure that a journalist’s sources and data are secure and well? Grosso modo, the tips can be described as falling within the following categories:
  1. Securing on-device applications and functions- This is known as reducing the “attack surface”, i.e. limiting the installed apps to the bare minimum, installing only from trusted sources, selecting apps that require minimal rights, keeping the system fully patched and updated, and having as many security controls (based on recent best-practices white papers) on the device.
  2. Isolating your devices and/or their environment– For example, the physical insulation of a computer for the purpose of checking files, or the use of prepaid mobile devices.
  3. Acting cautiously both in the digital and real world- This has a lot to do with common sense and a little less to do with software: For example, never write down the name of the source, certainly not on any app or on any document that’s stored on your computer – and most certainly not on anything stored on the cloud.

2. Communicating with your source and
safeguarding the sensitive data

Let’s begin by listing what you can do when it comes to communicating with a source, and storing sensitive information obtained thereof:
  1. Beware of big names: Presume that large companies’ encryption systems and possibly even big name operating systems (proprietary software) have back doors that secret services in their country of origin (at least in the US and the UK) can access. Bruce Schneier, Security Expert, explains it here.
  2. Always encrypt everything: Security experts use simple math to make their point: as you raise the cost of decrypting your files (say, for intelligence agencies like the NSA), you automatically increase the degree of effort expended on following you. If you’re not Chelsea Manning, Julian Assange, or Edward Snowden and if you weren’t involved in active surveillance around Trump Tower apartments, They may give up the effort even if your encrypted communications were stored. And should anyone decide to track you despite your efforts, it will be more of a headache if you use strong encryption like AES (Advanced Encryption Standard) and tools like PGP or openVPN, which are the strongest widely available encryption methods (VPN’s are used by the US government itself).But if you want bullet-proof security, you will need more than the AES encryption method. P.S. if you want to discover the year your information landed at the NSA’s hands, just have a peek here.
  3. Perform full disk encryption: This is done just in case someone gets their hands on your computer or phone. Full disk encryption can be done using FileVaultVeraCrypt or BitLocker. Putting a computer to “Sleep” (instead of Shutdown or Hibernate) may allow an attacker to bypass this defense. Here, Mika Lee gives a complete guide for encrypting your laptop.
  4. Avoid chatting with sources on the phone: All phone companies store data related to the caller and the receiver’s numbers, as well as the location of the devices at the time calls were made.  In the US and several other countries, they’re required by law to disclose information on registered calls in their possession.What can be done? You should use a secure call service, such as the one the Signal app – which was tested repeatedly for security – possesses. Although this may mean that both the source and the editor need to download the app as well, the process takes just a few minutes. Here is a guide on how to use it. Just for the hang of it, check out how many of your non-journalist friends are hanging out there.However you choose to communicate with your source, do not bring your mobile phone to sensitive meetings. Buy a disposable device and find a way to convey its number to the source in advance. The source needs to have a disposable safe device too. Authorities can track your movement through cellular network signals and it’s advised to make it harder on them to locate you retroactively in the exact same cafe where the source was sitting. If you fail to follow this rule, all local authorities will be required to do is ask (politely and legally) for the video filmed by the cafĂ©’s security camera at the time of your meeting.
  5. Choose secure messengers: your calls (cellular ones and via landlines) can be monitored by law enforcement agencies and each SMS is like a postcard – all text is fully visible to those who may intercept it. Therefore, use Messengers that allow for secure end to end call: signal, which was already mentioned above, and Telegram are considered to be the safest (although Telegram as well as WhatsApp’s web apps were compromised once and then fixed). According to some experts, you can  also consider using SMSSecure, Threema and even Whatsapp.The Signal Protocol has been actually implemented into WhatsAppFacebook Messenger, and Google Allo, making conversations using them encrypted. However, unlike Signal and WhatsApp, Google Allo and Facebook Messenger do not encrypt by default, nor notify users that conversations are unencrypted – but offer end-to-end encryption in an optional mode. You should also keep in mind that Facebook messenger and WhatsApp are both owned by Facebook.Adium and Pidgin are the most popular Mac and Windows instant messaging clients that support the OTR (Off the Record) encryption protocol and Tor – the web’s best encrypted browser, which we will get to in detail later (See how to enable Tor in Adium here and in Pidgin here). Naturally, you could also use the Tor Messenger itself, which is probably the safest of them all.Two final notes on texting: A cyber security expert I’ve discussed this with, says you should also have a working hypothesis that text is encrypted but the fact that these specific two individuals are talking, at this present time, might not go unnoticed.The second note is you should also remember to delete the messages in your phone (although this may not be enough to withstand a forensic check), just in case your device falls in the wrong hands, to avoid exposing them.
  6. Do not use organizational chats: Slack, Campfire, Skype and Google Hangouts should not be used for private conversations. They are easy to break in, and are exposed to disclosure requests for courts use, to resolve legal issues at the workplace. Therefore, it’s best to avoid them, not only when it comes to conversations with sources, but also conversations between colleagues, editors, etc., when you need to pass information received from your source, whose identity must be kept under cover. Many popular VoIP services like Jitsi have built-in chat features, and several of them are designed to offer most of Skype’s features, which make them a great replacement.
  7. In extreme cases, consider using a Blackphone: This phone, which strives to provide perfect protection for web surfing, calls, text messages and emails, is probably the best substitute for a regular phone if you are about to topple your government or getting ready to publish secret military files. An anti-bullet vest may also come in handy. Alternatively, try to do without a cell phone, Or opt for a cellular phone RFID signal-blocking bag. There’s always an option that even the Blackphone can be tracked using its IMEI (the mobile phone’s ID).
  8. Protecting Data on your computer: It’s very easy to break regular passwords, but it can take years to break passphrases – i.e., random combinations of words. We recommend trying secure password management tools like: LastPass and 1Password and KeePassX. You’ll need to remember only one password, versus too many Passwords. And still, when handling important services such as your email, do not rely on password managers: Just make sure you remember the password.In an interview to Alastair Reid in journalism.co.uk, Arjen Kamphuis, an information security expert, recommended that for encrypted hard drives, secure email, and unlocking laptops, one should choose a password of over 20 characters. Of course, the longer the password, the harder it is to crack – but the harder it is to remember too. That’s why he recommends the use of a passphrase. “It can be anything, like a line of your favorite poetry,” Kamphuis says, “maybe a line from something you wrote when you were nine that no one else will know about”.Reid reports this thought provoking calculation, using the Gibson Research Corporation’s password strength calculator: A password like “F53r2GZlYT97uWB0DDQGZn3j2e”, from a random password generator, seems very strong, and indeed it is, taking 1.29 hundred billion trillion centuries to exhaust all the combinations even when the software is making one hundred trillion guesses per second.Screenshots from GRC.com, showing the difference in strength between a password and a passphraseThe phrase: “I wandered lonely as a cloud”, he points out, is so much easier to remember and is also more secure, taking the same software 1.24 hundred trillion centuries to exhaust all possibilities. Well, passphrase it will be.
  9. Two-factor authentication is also a very good idea. In a regular two-stage authentication you sign in with your password and receive a second code, often via a text message to your smartphone. You can use Yubikey, as well as hardware tokens to further secure sensitive files on your computer.  For more information, read the 7 golden rules for password security.
  10. Assign a computer for inspecting suspicious files/attachments: The easiest way to distribute malware and spyware is through installation via USB or through attachments and email links. It is recommended therefore you use one air-gapped computer to examine these threats under quarantine. With this computer, you can freely use a USB and download files from the Internet, but do not transfer the files to your regular computer or re-use that USB.
  11. How to buy your own secured computer: Security expert Arjen Kamphuis recommends purchasing a pre-2009 IBM ThinkPad X60 or X61. These are the only modern enough laptops with modern software systems, which enable replacing low level software. Another point to take into account is that you should not buy your computer online, as it may be intercepted during delivery. Kamphuis recommends buying it from a second-hand store for cash. He also points out that you should abolish all connectivity: Remove all Ethernet, modem, Wi-Fi or Bluetooth capabilities. Personally, I know security experts who wouldn’t trust such a computer.

    ThinkPad X60. Don’t buy it online
  12. Educating your Sources: It’s possible that by the time the original and valuable information reaches you, it’s already too late. Your source may have made every possible mistake, leaving behind a trail of evidence. But beyond the need to secure the information once it’s in your hands, you should strive to teach your sources how to hide the information: store it securely and communicate safely via safe devices. Most people have no clue how to handle sensitive information, and in general what they’re up against the moment they get in touch with you.
  13. Use a designated secure system for receiving documents: Replace Dropbox or Google Drive and use something less popular but more secure. For example, SecureDrop is a designated system allowing you to receive files from anonymous sources and to safely scan and check them. Edward Snowden described Dropbox as “hostile to privacy” and recommended Spideroak instead. OnionShare is another free service that allows transferring files easily and anonymously.
  14. Don’t keep notes: neither on a laptop, nor calendars or contact lists on your cellphone or computer or in the cloud – do not keep record of your sources name, initials, phone number, email or user name in messengers. Just don’t.
  15. Visual tracking: On the way to sensitive meetings, avoid using public transportation and guide your source to do the same. You should also avoid meeting places such as modern malls, where video cameras are spread all over the place.
  16. Evading social media: Some people prefer to opt for radical anonymity. If for some reason, you need to vanish from the face of the earth without leaving a fully blown profile behind on every social media, totally delete your accounts. It’s different from ‘deactivating’ them, a state in which all your info is stored and can be re-activated.
  17. Make friends among hackers: This will help you avoid big mistakes, save time and headaches and keep you up to date on the technological arms race.
  18. Payment method: Pay for everything in cash, consider using Bitcoins – buy them anonymously (use this Business Insider guide for that purpose) – and, if you have somebody willing to accept them at the other end of the transaction, use Dash. A pre-paid credit card from an online store is also an option.
  19. Scribble wisely: If you jotted down information on a piece of paper, what they used to call a note in the Precambrian world, destroy it. And don’t forget even that wrinkled one at the bottom of your pocket. Yes, right next to that gum.


3. How to become anonymous online

Beyond securing the communications with your source, and protecting possible breaches of the sensitive data you get hold of, you should also avoid being tracked while browsing. Online habits can disclose or provide hints as to the story you’re working on, or worse, hint or disclose the identity of your source. Here are the golden rules for surfing the net safely and then, at the next chapter, for securing your email account:
  1. Private browsing mode: There are two basic ways to maintain anonymity while surfing the web. The first, most basic and popular, yet insufficient way is to browse the information in private mode, an option that most browsers allow. Your browsing history will not be saved, and basic tracking technologies, which advertisers use, such as HTTP cookies, will be prevented from creating your detailed profile. But this is more of a nice to have privacy: It basically hides your browsing history from family members who can access your computer. Your IP address can still be monitored and information regarding all the sites you visited is still exposed to your ISP.
  2. Use alternative browsers: browsers, such as DoobleComodo Dragon or SRWare Iron, which focus on user privacy, are limited in capabilities. You can achieve a similar degree of privacy offered by these browsers simply by deleting cookies – bits of code which have been downloaded to your system by websites you visit, that monitor your activity and sometimes even follow which content you consume; Another way to remain anonymous is by neutralizing your browser’s location settings, and installing various features aimed at achieving anonymity. To check whether you disabled all cookies effectively, you can use the app CCleaner, which also handles Flash cookies, but none of these browsers are fully encrypted. The only standard browser that ensures total privacy is the Tor browser. Tor is ugly and slow, but it will protect you and your sources. The next section will give a more detailed account of it.
  3.  TOR: This “notorious” browser, which was developed by the US Navy, allows you to operate in a hidden network, carry out private communications and set up web sites anonymously. Tor’s browser, which can be downloaded at Torproject.org, makes it very difficult to monitor your activities on the internet, or let governments or your ISP pinpoint your location. The only drawback is that it’s slow at times, a bit cumbersome – but that’s only because Tor routes you through three encrypted random relays around the world, before landing you at your destination site. You should also bear in mind that your neighbors may be shady characters.
    Another option related to Tor is to download Whonix, a secure operating system that is focused on privacy. It works as an access gate to Tor, and only allows connections with Tor sites and users. But the most popular Tor OS is Tails (The Amnesiac Incognito Live System). Tails can be booted from a USB stick or DVD, and it anonymizes all information. Edward Snowden is considered a fan of this software. Qubes is another OS that supports Whonix and is recommended by Snowden.
  4. Alternative search engines: Google, the most popular search engine, saves your search history in order to optimize the results. To stop this personalization you should click on: Search Tools > All Results > Verbatim. Or you sign into your Google account on www.google.com/history, find a list of your previous searches and select the items you want to remove by clicking the ‘Remove Items’ button.

    DuckDuckGo. A search engine that doesn’t store your info

    But to avoid being monitored entirely, it’s preferable to use a search engine such asDuckDuckGoIf you find it difficult to give up Google, download Searchlinkfix to at least keep away URL Trackers.
  5. Direct treatment of “short-term” computer memory: Another way to neutralize options for monitoring your surfing is by deleting the DNS (domain name system) cache. Deletion is done using simple commands in the operating system. Rebooting the router – which sometimes has a DNS cache – or rebooting the computer can also reboot both their respective DNS cache, if the router has one.
  6. Try to avoid HTML Web Storage: Web Storage is built into HTML5, and unlike cookies, the stored information is impossible to monitor or selectively remove. Web storage is enabled by default, so if you’re using Internet Explorer or Firefox, simply turn it off. You can also use the add-on Better Privacy for Firefox to remove the stored information automatically. The Click and Clean extension will do the same job for Google Chrome.
  7. Use a VPN:  As I mentioned already, your ISP can monitor the sites you surf, and anyone who wants to eavesdrop on you, can also intercept your communications. To protect all incoming and outgoing communications, it’s important to make use of a VPN (For a complete explanation, click here). VPN encrypts all your communications, so that even the ISP or the secret services, or just hackers hovering around your favorite coffee shop’s Wi-Fi, won’t be able to know who you sent an email to, which service you used, etc.The use of a VPN is very common among people who, for example, wish to see the complete Netflix movies catalog outside of the United States, but not every VPN is suitable for journalists. A VPN for journalists won’t necessarily be the fastest one or have the best support, but it has to be trusted not to keep VPN logs – that is, it cannot determine who you are, what sites you’ve visited and so on.A safe VPN is bound to be provided by a company who’s not located at one of the “14 Eyes” countries, where intelligence networks are allowed to collect and share information with one another; firstly and foremost, in the USA. So VPN companies located in the territory of the former Soviet Union countries have an advantage. Their courts do not easily hand out orders to retrieve information collected by local companies, be it regarding their citizens or foreign nationals. Here you’ll find a list of 5 VPN services that stand out regarding privacy and all are located outside the “14 Eyes” countries.wBy the way, even if governments are out on the hunt for Traffic that is sheltered by a VPN, you can still use stealth VPNs like TorGuard, to confront the challenge, whether it is active government censorship or just spying you’re dealing with. Tor and VPN’s give you the perfect protection when someone is trying to retrieve your browsing history in order to profile you.
  8. Repair DNS leaks: Using a VPN does not protect you completely, because that DNS Traffic may hint at your identity. DNSLeakTest.com will allow you to detect such leakage. If the test shows that DNS is of your VPN, you can relax, but if it shows that the DNS is of your ISP, you are not anonymized. In this case you, check out what you can do here.
  9. Virtual Machines: This nifty little trick is actually a second (virtual) computer, which operates as an app in your operating system. You can download files or open links in a similar way to the isolated computer I recommended earlier, so that your computer is less exposed to malware or spyware of any kind. Virtualization software, like VirtualBox should be opened using a secure operating system. File downloading is done with the virtual machine Internet connection shut down; after using the file, you’ll need to delete it – and depending on your adversary, perhaps delete it along with the machine.

    HideMyAss proxy server. I’ll hide yours, if you’ll hide mine

  10. Proxy server: As in the case of virtual machines, here too the activity moves to another “area” and allows you to keep safe from spying and other attacks. Actually, the proxy servers substitute your IP address with theirs, which can mislead people into thinking you’re in a different country, for instance. HideMyAss.com/proxyPsiphon (open source) and JonDonym all provide a similar service. Some experts say that these should be used with a VPN and/or Tor for higher levels of security. But then, some experts I’ve talked to claim that if you bother using Tor, you’re as secured as one can be anyway.
  11. Three more types of extensions that can increase your level of security: To verify that the Internet protocol where you operate is https secure, you can install an extension called HTTPS Everywhere , made by the Electronic Frontier Foundation’s (EFF), one of the organizations that funds the Tor Project. This extension is recommended by many cyber experts; it will ensure that websites you visit use the secure protocol, which is definitely not an insurance policy against anything, but better than the unencrypted protocol.The second type of extension controls the data that javaScript is revealing to websites (in order to improve your browsing experience). Two popular options here are ScriptSafe  and NoScript.Another extension is the Ghostery browser. This extension will reveal who is following you among 2,000 companies, and will allow you to block unwanted ones. It’s sweet, but you probably won’t be blocking the NSA this way. Privacy badger, a project by the EFF, also works similarly.


4. Securing your email

How should you protect your e-mail? The problem with maintaining the confidentiality of emails is even tougher: Google and Microsoft will most likely just give out your emails to government agencies if and when required to do so. What should you do?
  1. Safe extensions: The simplest option, assuming you use common Web mail services such as Yahoo and Google, is to install the browser plugin Mailvelope, and make sure that the person on the receiving end does too. This extension simply encrypts (and decrypts) the e-mail. A similar but limited extension to Gmail called SecureGmail will perform a similar job. Emails that go through this extension are encrypted, and can’t be decrypted by Google. Another possibility is “Encrypted Communication”, which is a simple to use Firefox extension. For that you will need a password that the recipient has access to – but remember to never transmit the password by email.
  2. Secure email providers: Hushmail is an example of an email service that provides better security than the more common networks you use, but it may be forced to hand over emails to the US government under a court order, and it does log IP addresses. Another email service with similar features and security levels is Kolab Now, which prides itself amongst other things with storing data exclusively in Switzerland.
  3. Disposable Email Addresses (DEA’s): This is an email created ad hoc for a specific purpose, which is completely anonymous and is deleted immediately after use. This solution, commonly used when signing up for various services in order to avoid spam, is also a great solution for maintaining anonymity. However I wouldn’t advise journalists to communicate with their sources over it, because security is not its strongest trait. There are dozens of such temporary emails, but the British Guardian, for example, recommended Guerrilla Mail and Mailinator.Using Guerrilla Mail in the Tor Browser ensures that not even they can connect your IP with your email address. Likewise, if you use email encryption software, such as GnuPG, on Tor, you’re all set and secure. So, let’s talk a bit about email encryption.
  4. Encrypting your mail:  Wired got this recommendation from Micah Lee, a privacy-focused technologist who worked with the EFF and First Look Media (here is an interview Lee held with Edward Snowden): Encrypting messages with webmail can be tough. It often requires the user to copy and paste messages into text windows and then use PGP to scramble and unscramble them (PGP – Pretty Good Privacy – is an encryption program that provides cryptographicprivacy and authentication for data communication). That is why Lee suggests a different email setup, using a privacy-focused email host like Riseup.net, the Mozilla email app Thunderbird, the encryption plugin Enigmail, and another plugin called TorBirdy that routes its messages through Tor.As Reid pointed out in his interview with Kamphuis on journalism.co.uk, Greenwald almost lost the NSA story because he initially ignored Snowden’s instructions on email encryption. In other words, if you want a story that will go down in history it makes sense to be secure. Kamphuis agrees that PGP can be trusted. As he and Reid explain, with PGP encryption, you have a public key, like your public phone number, and a private key. The public key can go on Twitter biographies, business cards, websites and wherever else your work is publicized, but the private key must be stored securely, as with any other sensitive information. Then, when a source wants to send information, they will use your public key to encrypt their email, that only your private key can unlock.Kamphuis recommended the GNU Privacy Guard, an open-source version of PGP, that is simple to set up and has an active support community. For encrypting files, data and hard drives, he suggested consulting his free eBook, “Information security for journalists”, published with Silkie Carlo and released through the CIJ, which fully explains the process.If you do choose to encrypt the message itself regardless of your mail provider’s identity, using zip with a password is a good idea, and 7ZIP is a recommended tool for accomplishing that.
  5. Back to basics: Yes, I know that this is back to email security 101 – but please try to avoid phishing. Watch the “from” field in your email for little misspellings; someone else can pose as somebody you know.And one last word on email encryption: One of the real problems to bear in mind is that even after encrypting them, not everything is encrypted. The email addresses of the sender and recipient, the subject line and the time and date when the email was sent, are all out on the open. Attachments and the message itself are the only data that is encrypted.


 5. Final words

These are perhaps the most radical pieces of advice I ran through, when preparing this eBook.
As Micah Lee put it when interviewed on privacy on WIRED: “If your computer gets hacked, the game is over. Creating a virtual sandbox around your online communications is a good way to keep the rest of your system protected. Tor is awesome and can make you anonymous. But if your endpoint gets compromised, your anonymity is compromised too. If you really need to be anonymous, you also need to be really secure”.
And Journalist Tony Loci puts it in even harsher words in an article published in an eBook about the future of cross border investigative journalism for the Nieman foundation at Harvard: “Some journalists, computer scientists and privacy advocates are so alarmed that they recommend reporters go old school… and rely on in-person interviews and snail mail”.
I hope I have helped people in the trade, and others, gather some information that will clarify what needs and can be done to ensure your and your source’s security in these hectic times.

6. List of Sources for This Book

  • Security for journalists: How to keep your sources and your information safe
  •  Securing data, sources and yourself
  • Surveillance and Security: Are reporters and news organizations doing enough to protect sources?
  • Muckraking Goes Global: The Future of Cross-Border Investigative Journalism
  • The Ultimate Guide for Online Privacy
  • What Is a DNS Cache?
  • How to Anonymize Everything You Do Online
  • 19 ways to stay anonymous and protect your online privacy
  • Edward Snowden explains how to reclaim your privacy
  • Information security for journalists: staying secure online
  • NSA targets the privacy-conscious
  • Obama DOJ formally accuses journalist in leak case of committing crimes
  • Your WhatsApp secrets are safe now. But Big Brother is still watching you…
  • Obama Pursuing Leakers Sends Warning to Whistle-Blowers
  • 6 encryption mistakes that lead to data breaches

You can help others! Click to share on Facebook or Tweet!

Source  https://www.vpnmentor.com/blog/online-privacy-journalists/