Press photographers working with sensitive topics are at high risk of being targeted as they potentially carry digital evidence in their cameras. In this article, Reporters Without Borders (RSF) provides a checklist for press photographers to protect themselves and their sources against surveillance and digital attacks.
Cybersecurity threats have become increasingly serious as technology evolves. Press photographers working on sensitive stories, and potentially carrying images that could be used as evidence in courts, are at heightened risk of having their electronic devices hacked or their communications monitored.
- Only install vetted apps. It is vital to only install apps from official app stores or developer websites. Journalists should regularly check app permissions on all their devices to prevent their data and information from being transferred to third parties. Always do a quick background check on a new app.
- Use strong, unique passwords. Strong passwords should be long, and include a mix of upper and lower cases, numbers and symbols. Avoid using the same passwords across apps, or across devices, and never store lists of passwords digitally. A password manager can provide additional security measures, including end-to-end encryption and sharing capabilities with colleagues.
- Regularly check and update devices. Press photographers should regularly conduct antivirus scans and update their electronic devices. Experts also recommend using external services to verify that devices have not been compromised, such as apps monitoring network traffic, or task manager programmes that provide information about the processes running on a computer.
- Understand the risk related to metadata. Metadata refers to the concealed information attached to digital documents, photographs, and videos. The date the file was created, ownership history, editing history, even camera and lens settings and device serial numbers can be discerned if not properly cleared. If metadata is not absolutely necessary, RSF recommends identifying and removing them by using Metadata2go, or EXIF Cleaner.
- Use encryption tools. Encryption makes data unreadable to third parties. RSF’s experts recommend using operating system (OS) specific software that offers full-disk encryption (FDE). By employing these tools, journalists can protect their data and sources, ensuring the integrity of their information even in high-risk situations such as travel or protests. For Windows OS, BitLocker provides comprehensive full-disk encryption, effectively safeguarding the entire computer system. For Mac OS, FileVault is an essential tool for achieving full-disk encryption. Visit here for more information on how to set passwords and unlock files on Apple devices.
- Know how to quickly disable devices in an emergency. In an emergency, shut down all devices if possible. If authorities confiscate a device, Face ID and Touch ID can both be forcefully used to unlock the device without the owner’s consent. Disable these functions instantly by holding power and volume up/down buttons.
This article is based on a training session for journalists and press freedom defenders organised by RSF in June 2023.