Tag Archives: leaks

Cracking the code: Workshop gives journalists a crash course in encryption

  • TestBed's Aaron Rinehart lectures to seminar attendees prior to the hands-on portion of the day on April 3, 2015. (Jennifer-Leigh Oprihory/MEDILL NSJI)

WASHINGTON — The minds behind TestBed, Inc., a Virginia-based IT consulting firm specializing in IT planning, analytics, testing, prototyping and business advice for the public and private sectors, gave journalists a crash course in digital safety and encryption techniques at an April 3 seminar in Washington.

The daylong event, “Cyber Security Skill Workshop for Journalists: Sending Secure Email,” was co-sponsored by the Medill National Security Journalism Initiative and the Military Reporters & Editors Association, and held in the Medill Washington newsroom.

The seminar began with an introductory lecture on cybersecurity basics and common misconceptions about online privacy and security. Security-related superstitions, such as the idea that browsing in so-called “incognito” or “invisible” modes will keep your digital whereabouts truly hidden, were promptly dispelled.

TestBed’s Aaron Rinehart and David Reese then transformed the event into a hands-on lesson in PGP – an acronym for “Pretty Good Privacy” – as well as understanding other aspects of digital fingerprints (including how to create a public key, how to register it in the Massachusetts Institute of Technology’s PGP directory so that you are more widely contactable by those in the encryption know and how to revoke (or deactivate) a key for security reasons.

The program also included a brief introduction to the Tor network, a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tor, originally developed by the U.S. Navy, hides the route taken from a computer’s IP address to its eventual browsing destination.

Learn how Tor works via Medill reporter William Hicks’ helpful primer and infographic here.

When asked for the top three lessons he hoped attendees would take away from the event, Rinehart emphasized the importance of “good key management,” or not sharing your private PGP key with anyone, operating “under good security practices”(such as updating software and antivirus programs) and making email encryption a regular habit.

“Don’t compromise convenience for security,” Rinehart said in a post-workshop interview. “Try to make this something you can use everyday.”

The event drew a mix of reporters, security experts and students, which included military veterans and defense journalists.

Northwestern University in Qatar journalism student James Zachary Hollo attended the event to research encryption resources available for foreign correspondents and to report on the workshop for the Ground Truth Project in Boston, where he is currently completing his Junior Residency.

Hollo said the seminar gave him a better understanding of how to use PGP.

“I had sort of experimented with it before I came here, but this gave me a much better and deeper understanding of it, and I got to sort of refine my ability to use it more,” he said.

Hollo said he was surprised that many attendees came from military service or military reporting backgrounds, since, in his view, “one of the blowbacks against the NSA story [involving whistleblower Edward Snowden] was that it’s like reporting is like betraying your country.”

 

Whistleblowing in the FBI: problems lie deeper than confusing legal boundaries

WASHINGTON — Former FBI agent Michael German thought the agency had the information it needed to see the 9/11 terrorist attacks coming. In the aftermath of the attack, German reported a cover-up of a failed counterterrorism investigation that infringed upon people’s civil liberties in unprecedented ways.

Yet when German raised these concerns, the Department of Justice inspector general failed to investigate, he said. He also said the IG Office failed to protect him from official retaliation within the FBI, including possible surveillance, resulting in the 16-year veteran resigning in 2004.

“I tried to challenge the system from within, but they don’t like that,” German said in an interview with the American Civil Liberties Union. “They made it very uncomfortable so I finally realized it was time to work on the outside.”

German’s case became one of the most visible examples of the challenges facing whistleblowers in the intelligence community. In addition to a legal framework that makes it incredibly difficult for whistleblowers to come forward, a more subtle influence lurks beneath the surface: a culture that views whistleblowers as traitors, not reformers.

A new report by the Government Accountability Office released last Thursday found that, despite recent efforts to extend whistleblower protections to FBI employees, they remain exposed to retaliation for reporting wrongdoing.

Under the Whistleblower Protection Act of 1989, federal employees are generally protected from retaliation for reporting wrongdoing, entitling them to pursue legal recourse should they face retribution. However, FBI employees were excluded from these protections, and in 1998 the Department of Justice established separate guidelines that were meant to protect whistleblowers within the agency.

Yet the guidelines permitting FBI agents to disclose wrongdoing are unclear, according to the GAO report. For example, FBI employees must report wrongdoing only to a handful of designated officials. As a result, more than half of the 62 cases reviewed by the GAO were dismissed without review.

According Steven L. Katz, formerly counsel to the Senate Committee on Governmental Affairs and an expert on federal whistleblowing law, those in the FBI face much deeper issues than simply unclear legal guidelines. Instead, intelligence agents are a part of a culture that targets whistleblowers and punishes their behavior.

“When someone raises concerns, do you throw them overboard, or do you sit down with them and thank them?” he said. “The FBI throws them overboard.”

Katz argued that the GAO report fails to reflect the human aspect of the FBI in making it difficult for whistleblowers to come forward, focusing instead solely on the regulations that govern whistleblowing activities.

“The agencies are full of people, not just processes,” Katz said. “It’s the people who screw up because the laws look perfect on the books.”

According to Katz, other government agencies have faced similar problems with whistleblower culture. Last year, a series of attempted break-ins at the White House prompted Secret Service Director Julia Pierson to resign. A report released after the incident found that the Secret Service was “too insular,” ignoring the warning signs made plain by the attacks.

“In the agencies where you have a law enforcement culture, where power is might, people tend to transfer that culture of enforcement that’s outward facing inwards,” he said.

In 2012, President Barack Obama released Presidential Policy Directive 19, which established whistleblowing protection for those in the intelligence community. Elements of the directive were codified under the Intelligence Authorization Act for FY2014, but the guidelines of the directive aren’t permanent and can be easily reversed by a different president.

The result adds up to a climate that, while improving in some key ways, remains hostile to the act of whistleblowing. In an organization that possesses some of the nation’s most important classified information, the threat to the success of the FBI is intimately tied to the future of the country itself, as the 9/11 attacks demonstrated.

“You want the FBI to be effective, and so to help them be more effective you’d expect them to have better protection against retaliation from reporting problems,” said David Maurer, director for GAO’s homeland security and justice department. “It’s ironic that they have less whistleblower protection than the rest of the government.”

Retaliation against whistleblowers remains problem in FBI

WASHINGTON—Former and current FBI agents Wednesday said the agency needs a “culture shift” to stop retaliation against whistleblowers, especially an improved reporting process to better protect those reporting alleged abuses.

Their recommendations came on the heels of a Washington Times report that an agent received an email last August explaining he or she could face retaliation for revealing a potential abuse, or blowing the whistle, to a supervisor.

Whistleblowers reveal corrupt practices, such as waste or abuse of authority, typically to a superior within their government agencies or organizations.

Whistleblower protection laws, which were most recently updated in 2012, shield government employees from retaliation if they report corruption to a superior. The 35,000 people the FBI employs do not receive those same protections, however, according to critics (They are protected under the law, right, just not in practice?).

“This ought to be cause for anybody to scratch their head,” Sen. Chuck Grassley, R-Iowa, said during a Senate Judiciary Committee hearing on Wednesday. During the hearing, professionals familiar with the FBI’s reporting system provided testimony about its flaws.

Stephen Kohn of the National Whistleblowers Center outlined numerous cases in which whistleblowers had to leave their positions at the FBI after making whistleblower retaliation complaints. Their cases took too long to resolve within the Department of Justice or their work environment became too hostile, Kohn said.

“The Department of Justice’s program for protecting FBI whistleblowers is broken,” said Kohn, a lawyer who represents agents in these cases.

Former FBI special agent Michael German, who was a whistleblower, said the FBI’s policy is not conducive to whistleblowing. Currently, all employees are expected to report corruption to a Special Agent In Charge.

“I can’t overstate how difficult it would be for an agent to break protocol and report directly to an SAC,” German said, adding that it would be uncommon for an agent to approach such a high-ranking official. Reporting to a more direct supervisor would be more logical, he said.

The FBI does not protect reports made to direct supervisors against retaliation, Kohn said.

The Department of Justice has thrown out many FBI retaliation investigation cases on the basis that the agent did not report to the designated superior.

The Government Accountability Office’s David Mauer said its January report on FBI retaliation complaints found that in one year, the DOJ threw out a majority of retaliation cases for this reason.

All FBI employees are expected to report to one of nine agency officials, including the director of the FBI and the attorney general, Mauer said.

Another concern with FBI retaliation cases is the length of time the Department of Justice spends resolving them. Some of these cases last eight to 12 years, effectively ruining promising agents’ careers, Kohn said.

Mauer, the GAO’s director of homeland security and justice, said the agency made similar findings. Timelines for these cases were very inconsistent, he said.

“DOJ took the longest for those cases where it found the FBI had retaliated against the whistleblower,” said Mauer.

The GAO report recommended a policy change that would ensure retaliation complaints were resolved within a specific, consistent timeframe.

Kohn, German and several lawmakers at the hearing agreed that the agency’s work does not automatically necessitate its own class of whistleblower protection policies.

“The details of the national security issues almost never have to go in front of a court,” Kohn said. “If they did, the federal courts have very good procedures for guarding secrets.”

Grassley, the Senate Judiciary Committee chairman, described the need for a “culture shift” within the FBI. The agency’s associate deputy director, Kevin Perkins, said he shares this vision.

“Whistleblowers are a critical element of a functional democracy,” Perkins said. “We share the desire for the process to be improved and expedited.”