Leaving a Place for Whistleblowers in the Private Cloud

Posted by on Jul 22, 2013

The NSA PRISM scandal has sent a wave of caution and paranoia through both the public and private sectors. Journalists now must worry about being indicted for reporting on “sensitive information” and government whistleblowers now fear imprisonment for leaking illegal government activities. For whistleblowers in the private sector, protections are uncertain and the current governmental climate of aggression against leaks provides few incentives for revealing exploitative practices. But that doesn’t mean that the practice of whistleblowing is lost. Private cloud services hold a place for leakers of all sorts, protecting sensitive information and shielding whistleblower identities.

Sean McAllister

Photo courtesy of closeupfilmcentre.com

One journalist that could have protected himself and his sources through the private cloud is Sean McAllister. While interviewing a Syrian dissident going by the pseudonym “Kardokh”, in Damascus, McAllister jeopardized the dissident’s security through the careless lack of data protections. While Kardokh and his fellow dissidents encrypted their communications, they “started to feel that Sean was careless. He was using his mobile and SMS, without any protections.” A few months later, McAllister was arrested and held for five days. Once returned to the UK, the journalist said, “I didn’t realize exactly what they were risking until I went into that experience.” Although no rebels were directly imprisoned as a result of McAllister’s actions, simple precautionary measures could have avoided the entire situation. Iinstead of risking their lives and the lives of their sources, journalists can remain anonymous through exclusively storing sensitive data and sources in a private cloud that secures user anonymity. According to Frank Smyth, senior advisor for journalist security at the Committee to Protect Journalists, “I think that the journalism community in the US, and to some degree elsewhere, is just beginning to grasp the fact that they need to protect their information and, by extension, their sources. It’s just too easy to get in and lift their information or monitor their communications without them ever knowing they were compromised.”

Syrian Dissidents Protecting Online Identities

Photo courtesy of hotforsecurity.com

Journalists, whistleblowers, and dissidents in conflict zones have a place in all democratic societies that value transparency. In an op-ed for USA Today, blogger and University of Tennessee Professor of Law, Glenn Reynolds, Said, “What does matter is that the Snowden affair occurs in the context of an unprecedented administration war on whistleblowers. And that’s a bad idea because whistleblowing is one of the things that maintains the legitimacy of a government as big, and otherwise unaccountable, as ours. The freer people are to blow the whistle on wrongdoing, the more we can assume that when no whistle is blown, things aren’t so bad. The more the government cracks down on whistleblowers, the more likely it is that they’ve got something to hide.” Whistleblowing preserves freedom around the planet, and is thus an act that should be protected as stated by the Declaration of the Nuremberg War Crimes Tribunal. Part of the Declaration reads, “Individuals have international duties which transcend the national obligations of obedience. Therefore individual citizens have the duty to violate domestic laws to prevent crimes against peace and humanity from occurring.”

Julian Assange

Photo courtesy of infowars.com

As the United States government continues to defend programs like PRISM while attacking whistleblowers, journalists have turned to technology to safeguard sources and secrets. The notorious whistleblower Julian Assange criticized the Obama administration’s aggression and lack of transparency, claiming, “In the Obama administration’s attempt to crush these young whistleblowers with espionage charges, the US government is taking on a generation, a young generation of people who find the mass violation of the rights of privacy and open process unacceptable. In taking on the generation, the Obama administration can only lose.” Such sentiments are echoed in a statement put out by Edward Snowden while hiding in Hong Kong. The controversial whistleblower said, “[Other whistleblowers] are all examples of how overly-harsh responses to public-interest whistleblowing only escalate the scale, scope, and skill involved in future disclosures. Citizens with a conscience are not going to ignore wrongdoing simply because they’ll be destroyed for it: the conscience forbids it. Instead, these draconian responses simply build better whistleblowers.”

Even former CIA agent and whistleblower, John Kiriakou, voiced his support for Snowden from prison, “Thank you for your revelations of government wrongdoing over the past week.  You have done the country a great public service. I know that it feels like the weight of the world is on your shoulders right now, but as Americans begin to realize that we are devolving into a police state, with the loss of civil liberties that entails, they will see your actions for what they are: heroic.” Time will tell whether or not history deems Snowden a criminal or hero, but in the face of governmental crackdowns on whistleblowers, one of the only hopes for transparency is through third party cloud services.

Whistleblowers in the Private Cloud

In order keep sensitive secrets private while protecting sources, whistleblowers and journalists should stick to the Journalist Security Guide. After following basic security protocols, store any sensitive information and contact lists exclusively through a private third party cloud service. Most cloud services on the market have security gaps that leave sensitive information vulnerable to snooping, hacking, or even subpoenas. But through SpiderOak, journalists and whistleblowers can rest easy with 100% user anonymity.

As for just how SpiderOak protects sensitive data, the service offers two-factor password authentication and 256-bit AES encryption so that files and passwords stay private. Leakers can store and sync sensitive information with complete privacy, because this cloud service has absolutely “zero-knowledge” of user data. And plaintext encryption keys are only stored on the user’s chosen devices. SpiderOak’s private cloud services are available on Windows, Mac, and Linux platforms, along with Android and iOS mobile devices.

Leave a Reply