The recent FBI raid on a Washington Post reporter’s home marks a drastic escalation in the government’s ongoing attack on the press and their sources, going beyond secretive subpoenas served to service providers for phone and email logs to outright seizures of journalists’ personal and work devices.

Fortunately, while there are no perfect safeguards, there are a number of concrete measures reporters can take to minimize the amount of source-compromising information a raid and accompanying device seizure can produce.

Perform a data inventory

The first step to reducing the risk of information exposure is to take stock of what information you have, what harm it can cause if viewed by adversaries such as the government, and where you have everything stored.

Select a story you worked on that involved sensitive sourcing, and go through a mental inventory exercise. Ask yourself, “What story materials did I hang onto?” “Do I maybe still have my … ”:

  • Interview audio files?
  • Interview transcripts?
  • Primary documents or other materials supplied by my source?
  • Story drafts?
  • Email chains about the story?
  • Records of my correspondence with the source, like our back-and-forth messages?

Now, think about what could happen if the government gained access to any of these materials. Work through questions like:

  • What if the government obtained the copies of documents a source sent you, which you used in your reporting, but elected not to publish? Those copies may allow the government to further link a suspected leaker to you as your source.
  • What about your drafts? Do early versions contain potential source-identifying information that you opted to remove in later versions? If you’ve left drafts lying around with potentially sensitive information in them, you may further compromise your source.
  • And so on, going through each piece of story material and considering the potential ramifications for your source if an adversary such as the government got ahold of each item.

Once you have an idea of what exactly you have and the threat its discovery could pose to your source, figure out where everything is. Ask yourself:

  • Do I still have copies of my interviews on my laptop or phone? (And does my phone or laptop autosync to the cloud?)
  • What about on my stand-alone recorder?
  • Did I upload copies of the interview to any third-party transcription service?
  • Do I have notes scribbled in a notebook on my desk?
  • Did I print out copies of the documents my source sent me?
  • Do I have early drafts with sensitive content on my work computer?
  • Did I email them to myself and save them on my personal laptop?
  • Did I copy materials onto a thumb drive?

Resist the hoarding instinct

Though you may have an urge to preserve every single draft version or every conversation with a source, keep in mind that the best way not to compromise your source is to minimize the amount of information you retain about them.

If you or your editors balk at the notion of not retaining source materials, set up a designated data custodian, such as your editor, who will retain an encrypted (see below) copy of all materials you wish to preserve, while you yourself can delete everything from your devices and not keep any physical copies of materials in your home or workplace.

Don’t count on post-raid wiping

While various solutions exist for remote-wiping devices, don’t count on your newsroom’s IT staff being able to remotely wipe your work device after it’s been seized in a raid.

A key initial step in forensic acquisition is known as device isolation: preventing the seized devices from being able to “phone home,” precisely to prevent any possible alteration or tampering. In other words, when forensic investigators begin analyzing the seized devices, the devices very likely will not have any way to receive a remote wipe command before they no longer have any Wi-Fi or cellular data access.

Wiping devices may also come with legal repercussions. For instance, an activist was recently charged with evidence destruction after wiping his phone.

Instead of reliance on remote wiping, greater emphasis should be placed on setting up secure, full-disk encryption of the devices.

Encrypt all the things

No sensitive, potentially source-compromising material should be kept unencrypted.

If you’re maintaining materials that don’t readily lend themselves to being encrypted, then transform them into a format that does. Pages from your notebook can be digitized and put on an encrypted drive or file container, and the paper copies subsequently safely destroyed. Audio files from your voice recorder may be transferred to the same encrypted storage and securely wiped from the device. If the recorder uses an SD card, the card should ideally be destroyed, such as by cutting it into pieces.

Wiping devices may also come with legal repercussions. For instance, an activist was recently charged with evidence destruction after wiping his phone.

Nikita Mazurov, security researcher with the Press Freedom Defense Fund

If you’re electing to store materials locally on your computer, you can use encryption solutions such as VeraCrypt. Your computer operating system also comes with built-in drive encryption settings you can enable, such as FileVault for Macs, BitLocker for Windows, and LUKS for Linux operating systems.

If you opt for cloud-based backup options, most service providers will be able to decrypt or read the files you upload. You can prevent this by encrypting the files so only you can read them, using a key stored on your device. End-to-end encryption comes via tools such as Cryptomator, which encrypts your files locally before backing them up to a cloud account of your choice. If you’re backing up data using iCloud, be sure you have Apple’s Advanced Data Protection enabled. You can also always elect to manually upload your VeraCrypt container to a cloud storage platform of your choice.

Brace for impact

Generally speaking, a device that is locked behind a login screen but powered on is less secure than a device that is fully powered off.

For instance, let’s say your phone is fully shut down. You turn it on and get to the screen where you need to enter your passphrase. At this stage, your phone is in what’s known in forensic jargon as a BFU (before first unlock) state. Once you log in for the first time after booting up the phone, whenever it is on the lock screen again, it’s now in an AFU (after first unlock) state.

Owing to the intricacies of the security designs of modern mobile operating systems, a phone in a BFU state is harder for forensic investigators to break into than one in an AFU state.

This is all to say, if you don’t need to keep your devices on, like when you’re sleeping, it is safest to default to keeping them off.

Of course, if you have a weak authentication mechanism on your device, it won’t matter what state the device is in if it can be easily accessed once booted up. Biometrics, such as using your face or fingerprint to unlock the device, should be disabled in favor of a sophisticated alphanumeric passphrase so that authorities can’t just plop the phone in front of your face to get into it.

One forensics company claimed to be able to bypass a six-digit PIN within a few days, and that was years ago. Forensics firms are a bit like spyware vendors: They may use nonpublic zero-day exploits to gain access to locked devices, but you don’t need to make things easy for them. Once you set a strong passphrase, get into the habit of rebooting your phones and other devices before going to sleep, and don’t log in for the first time until you wake up.

Another solution to stymie unwelcome device access is to turn your power cord or USB cable into a kill cord or dead man’s switch. If your laptop detects that it has been disconnected from its power cord or that a USB cable has been unplugged, it can automatically be instructed to shut down. USB kill-cord solutions include BusKill, while power cord options include tools like MagSafe Guard. BusKill can also be configured to not just shut down but, if you’re using the Linux operating system, wipe your computer. However, as noted above, wiping devices may raise legal issues, and you may wish to consult with an attorney before setting up such a system.

If you don’t need to keep your devices on, like when you’re sleeping, it is safest to default to keeping them off.

Nikita Mazurov, security researcher with the Press Freedom Defense Fund

Minimize and secure sensitive data

While there are no surefire safeguards against information compromise following a raid, taking steps to minimize the amount of sensitive information you retain and to subsequently make sure that the retained information is stored securely can greatly reduce the adversarial impact a raid can have on you and, most importantly, your sources.

Journalists in need of assistance with digital safety, physical safety, and legal concerns should look forward to more training opportunities, public programing, and resources from the U.S. Journalist Assistance Network. Through this network, Freedom of the Press Foundation (FPF) is working with partners across press freedom organizations to ensure you have the support that you need.