Background

In 2021, Internews started recruiting participants for its Journalist Security Fellowship (JSF) project: a comprehensive effort to upskill journalists in Central and Southeastern Europe to boost knowledge and understanding of digital security within media communities.

As the project unfolded, the team soon realized that there was little high-quality data on the knowledge levels and needs of journalists within the region. Many of the studies conducted on journalist digital security focused on the US or Western Europe. Our internal desk research and interviews covered some of those knowledge gaps and resulted in an initial report. Still, more data was needed so Internews also conducted a survey across the Central and Southeastern European region which aimed to gauge the level of digital security knowledge and preparedness of journalists, and lay the groundwork for further work and trainings in the field.

The survey was distributed through local JSF country partners and reached 122 journalist participants in all nine JSF countries—Albania, Bulgaria, Croatia, Czech Republic, Hungary, Poland, Romania, Slovakia, and Slovenia. Anyone working as a journalist was welcome to fill it in. Those who completed the survey were also encouraged to share it with their colleagues; our data collection method therefore resembled snowball sampling. We received responses from June through September 2021. The survey asked questions about a variety of topics, including tool use, knowledge, and risk perceptions. We selected some of its most interesting conclusions and summarize and comment on them below.

Key Highlights From The Survey

The Prevalence of Attacks

One of the key goals of our survey was to figure out how prevalent digital threats and attacks are in the region and what security mechanisms journalists took.

When we asked about digital threats and attacks, which we defined to include “hacking attempts, device searches, leaked communications, account break-ins, and others”, we learned that 26% of participants suspected or suffered a digital threat or attack in the prior 12 months (while 74% did not). This is a high number and highlights the clear need for further journalist safety work in the region.

We made sure to use a broad definition of digital threats and attacks to capture all the ways in which adversaries can try to silence journalists or get them to self-censor. Survey respondents described many different attacks they faced, including phishing, harassment, legal threats, and attempted account break-ins.

Risk Perception

74% of surveyed journalists either agree or strongly agree that they could face risks to their digital safety because of their work. In the study, we gave several examples of possible risks: adversaries accessing journalists’ emails or messages, surveilling their online activities such as website visits, or trying to figure out their personal data and banking information.

Journalists are at particular risk of digital attacks for two main reasons. Their work, by shining a light on the abuses of power, can irritate and upset well-resourced adversaries. Journalists are furthermore often expected to be quite public about their work, broadcasting their locations, reporting live from some travels, and keeping a wide network of contacts. While some researchers, think-tanks, or investigators can use pseudonyms and reveal little about their identity to reduce the changes of attacks or reprisals, journalists have this option, making them particularly vulnerable to digital (and other) attacks.  

Barriers to Operating More Securely

For this question, respondents could select multiple options and check all the barriers which they encountered. The three of the top four barriers journalists selected—insufficient knowledge, insufficient time for research, and difficulties with threat assessment—could all be addressed by further trainings, engagements, and fellowships.  

The third barrier identified is an interesting one: journalists can struggle to convince others, including sources and colleagues, to adopt stricter security protocols. Future trainings should also take this into consideration. They could build tabletop exercises or similar trainings (we have designed a series of templates) that focus on cooperating with and persuading those who initially resist adopting basic digital safety practices.

Finally, 31% of surveyed journalists continue to struggle with accessing secure software and hardware. While newsroom funding has been continuously declining, affecting spending on hardware and services, we must still look at ways to make secure tools more accessible. This could include partnerships with tool teams and providers, stipends, and trainings for newsroom on the most accessible and best value tools.

Support from Community

Only 39% of surveyed journalists receive sufficient institutional support from their media outlet, organization, and community. The remaining 61% either receive insufficient support or are unaffiliated.

Given the above, there are two ways to support journalists in Central and Southeastern Europe more effectively: further build capacity within institutions, and create better programs and networks for freelances.

The Journalist Security Fellowship pursued a security champion model. Our research showed that many newsrooms and similar groups have one or several journalists who serve as key security contact points, can answer questions about it, and direct colleagues to good materials. The upskilling of new security champions alone should go a long way to ensuring that media institutions are better able to support their member journalists.

Future programs could also focus on researching and addressing the particular security needs of freelancers. Some media organizations are introducing new policies, only purchasing stories on certain regions from freelancers who have completed safety and security trainings. Given the limited funding some freelancers receive and the struggles they might experience with accessing safety trainings, another fellowship that focuses on this region could provide a more tailored curriculum that addresses their specific security needs.

Digital Security Practices

98% of respondents use personal devices for professional purposes in some way or another, highlighting the importance of securing these devices against potential threats. Strong policies and security practices are essential to protect sensitive information and reduce the risk of cyber threats. While in an ideal world, journalists would separate work and personal lives and keep those to different devices, in practice professional and personal contacts intersect greatly. Newsrooms are often under-resourced and out-of-hours work can be common, complicating the use of discrete work devices.

89% of respondents use a screen lock on their mobile devices, highlighting a general awareness and practice of basic mobile security measures. However, there is still a small portion, around 11%, who do not use screen locks. This is a serious vulnerability that should be fixed; to do so, however, it’s crucial to understand why some journalists engage in such behavior. While poor security education is likely to blame, some respondents might for example be used to giving phones to younger children or others. It’s crucial to carry out more training and awareness on this and emphasize to journalists just how important securing one’s device is. Journalists who need to share devices should be taught both about the importance of adding phone unlock passwords and additional options, such as per-app locks or multiple users on some Android phones.

A notable portion of respondents, approximately 38%, reuse passwords across different accounts, which poses a substantial risk. Greater use of password managers within the journalist community, as well as the gradual rollout of passkeys, will hopefully improve journalists’ security and password hygiene.

Tool Use

44% of respondents sometimes use a VPN, while 10% always use one, while 46% either never use a VPN or are unaware of what it is. VPNs remain a very tricky area to train journalists and other high-risk individuals on, given significant disinformation around the topic and large number of disreputable vendors. It’s clear that such lessons must be emphasized further within the journalism community more widely.

WhatsApp (with 85% of respondents using it, of which 52% doing so frequently) remains the most popular secure messaging app, with Signal in second place (used by 54% of respondents, with 25% using it frequently). While WhatsApp and Signal both use the same encryption protocols, Signal’s additional metadata protections could help protect journalists and sources from subpoenas and accidental exposures. Signal also recently introduced a usernames feature that can also provide an additional layer of privacy for journalists and sources alike, but the survey was conducted prior to this feature’s release. At the same time, WhatsApp’s ubiquity is key: sources might assume that Signal is an app associated with secrecy and be therefore unwilling to install or use it. Telegram remains in third place—reassuringly so, given its security issues and general distrust with which security professionals approach the messenger.

Concluding Thoughts

Journalists can be a difficult target audience to design security trainings for. Professional use of personal devices is nigh ubiquitous, likely unsurprising in a profession where work and personal contacts frequently intermingle. This also makes it ever more important to rely not just on organizational policies but also solid security trainings and emphasize the necessity of secure messengers, screen locks, and password hygiene.

This survey was carried out in mid to late 2021. Since then, the Internews Journalist Security Fellowship upskilled 47 fellows in nine countries, who went on to train approximately 1,500 journalists in digital security. We remain hopeful that, thanks to our efforts and those of countless other organizations and trainers, the journalism safety landscape across the region continues to evolve and journalists, particularly those pursuing high-risk reporting, continue to upskill and improve their security practices.

At the same time, this survey has shown that more challenges remain in the region which future engagements could tackle. Those include closer collaborations between newsrooms and tool teams, bespoke materials addressing the particular needs of freelance journalists, and in-depth tabletop exercises and other trainings on how to persuade sources, colleagues, and others about the need for solid digital safety protocols.