Encryption Works: How to Protect Your Privacy (And Your Sources) in the Age of NSA Surveillance

Micah Lee

Former Board Member, Freedom of the Press Foundation

Encryption works. Properly implemented strong crypto systems are one of the few things that you can rely on. Unfortunately, endpoint security is so terrifically weak that NSA can frequently find ways around it.

— Edward Snowden, answering questions live on the Guardian's website

The stories of how NSA whistleblower Edward Snowden first contacted journalists Glenn Greenwald and Laura Poitras (both Freedom of the Press Foundation board members), and how he communicated with the Washington Post's Barton Gellman, have given the public a rare window into digital security and conversing online in the age of mass surveillance.

In response, we've just published our first whitepaper—using the public comments by both Snowden and the journalists involved as illustrations—to show how reporters, whistleblowers, and ordinary Internet users can still protect their privacy online.

You can read the whitepaper here [PDF version].

It's important to remember that while the NSA is the biggest, best funded spy agency in the world, other governments, including China and Russia, spend massive amounts of money of their own high-tech surveillance equipment and are known to specifically seek out journalists and sources for surveillance. In the US, bad digital security can cost whistleblowers their freedom, but in other countries it can cost both journalists and sources their lives. A recent example from Syria illustrates how careless digital security can have tragic results.

The whitepaper covers:

  • A brief primer on cryptography, and why it can be trustworthy
  • The security problems with software, and which software you can trust
  • How Tor can be used to anonymize your location, and the problems Tor has when facing global adversaries
  • How the Off-the-Record instant message encryption protocol works and how to use it
  • How PGP email encryption works and best practices
  • How the Tails live GNU/Linux distribution can be used to ensure high endpoint security

Donate to support press freedom

Your support is more important than ever.

Read more about Security

New guide helps journalists know their rights when police come knocking

Guide responds to confusion (at best) among law enforcement and judges evidenced by recent raids of newsrooms and journalists' homes in Kansas and Florida

Five years of Secure The News

In 2016, Freedom of the Press Foundation launched Secure The News to track and grade HTTPS adoption by news organizations. Today, five years later, we’re happy to say that its goals have been largely achieved, and we are retiring the project while archiving and preserving its historical data.

Filmmakers, take action: A new digital security resource and free digital security clinic

Today, we're launching an interactive digital security platform and free clinic for filmmakers.