Cross-posted from XCity Magazine

The future of journalism, according to The Guardian’s ‘3 Little Pigs’ film, is “open journalism”. Users are becoming part of every element of news production. The newsroom no longer has walls.

If that is going to happen then journalists need to huff, and puff, and blow down three particular houses of our own: our preconceptions around the sources that we use online; around why people contribute to the news process; and about how we protect our sources.

The house of straw: the myth of democratisation

It’s well documented that not everyone has access to the web, and that that access is unequally distributed according to age, class, and various other factors. Even among those who have access, some are more vocal, more literate, and generally busier than others.

At a basic level, even when we seek out voices, we narrow the possible ‘sample’ of voices by relying on particular channels: we prefer Twitter over Facebook, Facebook over forums, and forums over Flickr groups. So as our processes rely more on these platforms we need to make sure that we challenge those habits (picking up the phone doesn’t solve things: not everyone has a listed landline either) and make ourselves as accessible as possible across numerous platforms too.

More importantly, perhaps, we need to monitor the ways that social media platforms can – and are – effectively censored by authorities and organisations in the UK. Those wanting to find critical voices on the day of the royal wedding, for example, would have found a surprising lack of them on Facebook, where 50 legal activist pages, including UK Uncut, had been shut down in the run up to the May Day bank holiday. The map, as they say, is not the territory.

The house of sticks: giving users the tools

It’s good to see that we’re moving beyond the ‘build it and they shall come’ mentality of publishing; the assumption of the gate keeper that we don’t need to give people a reason to contribute. In an open journalism system we’re no longer gatekeepers, and we need to give people the means, motive and opportunity to come to us – or for us to go to them.

We need to give our sources as many reasons as possible to participate in ‘open journalism’ – whether that is freedom of information (FOI), open data, acknowledgement, or picking up the batons that they hand on.

In some cases that will involve lobbying for a retention or extension of laws such as the FOI Act, or for release of publicly-funded data, as The Guardian has with Charles Arthur’s Free Our Data campaign. Or for more protection of whistleblowers.

More broadly, we should be concerned with legal developments that make it easy for organisations or public authorities to prevent the publication of information they do not like. Some recent examples include the use of harassment law, Section 127 of the Communications Act, the Anti-Terrorism Act (see this recent decision and video), copyright laws, and so on.

The house of bricks: protecting sources at every point of contact

One of the reasons for Wikileaks’ success was the way it solved a security problem between sources and journalists. Part of that was technical, but part also legal: when the Wall Street Journal and Al Jazeera launched their own Wikileaks clones, commentators pointed out that not only did they both have security weaknesses, but that that they would still be no match for requests from government agencies:

“Despite promising anonymity, security and confidentiality, [Al Jazeera’s service] can “share personally identifiable information in response to a law enforcement agency’s request, or where we believe it is necessary.” [WSJ’s] SafeHouse’s terms of service reserve the right “to disclose any information about you to law enforcement authorities” without notice, then goes even further, reserving the right to disclose information to any “requesting third party,” not only to comply with the law but also to “protect the property or rights of Dow Jones or any affiliated companies” or to “safeguard the interests of others.” As one commentator put it bluntly, this is“insanely broad.” Neither SafeHouse or AJTU bother telling users how they determine when they’ll disclose information, or who’s in charge of the decision.”

Providing a secure facility for passing on leaked documents is just the most obvious aspect of the contact between journalists and sources, but with so much of that contact taking place digitally, journalists will need to understand the data trail that is being laid by both parties.

Brian McDermott, for example, writes about how facial recognition technology “might be driving some sources away” from the news. In 2010 Google’s CEO, Eric Schmidt, was quoted saying:

“Show us 14 photos of yourself, and we can identify who you are. You think you don’t have 14 photos of yourself on the Internet? You’ve got Facebook photos!”

Even bloggers are vulnerable. Previously on OJB I blogged about the sad case of Nightjack, a police blogger outed by The Times. Their report, it now turns out, relied on the hacking of Nightjack’s email account, while Belle de Jour and Girl With A One Track Mind say they were also hacked. Hacking from a different source appears to have been used against journalists in Tunisia.

For journalists working in an ‘open’ system this is problematic: trust is our bargaining chip. Local journalists understand this when they see their national counterparts parachuting into an area and acting unethically, giving their profession a bad name without having to stick around to take the consequences.

Nowadays a journalist or brand using questionable methods to get their story will find those methods associated with their name on Google.

We can give users the means, but without trust they have no motive to choose that particular journalist to work with.

In timely fashion, Cleland Thom offers a checklist of 10 ways for journalists to protect online sources. What’s notable from this generally very useful list is the ‘horse has already bolted’ reaction to some of the points.

• Is it possible for us to cover a patch without ‘friending’, following or connecting to anyone who might potentially leak a story to us at some point?
• Even the first tip – to use direct messaging instead of public messaging – has a vulnerability: if the person registered with the service using their work email, then a DM will show up in the work’s email inbox.
• Operating from an assumption that we will already be connected to potential sources, how can we protect them?

Thom covers a lot of the ground already: don’t talk about who you’re meeting; assume all your electronic communication is or will be made public. But perhaps there’s an educational role here as well. When we do meet a contact in person, ask which email account their Twitter DMs go to; ask if their mobile phone is owned by their employers; and make sure no one is taking pictures for their Facebook account. If we have to make a call, to use Skype, and tell the other person to delete their call log.

Increasingly, police will not need to ask journalists for their sources: interception of communications; approaches to web hosts and ISPs; and a quiet word with the social media platform hosts are all now options.

As users become more savvy to the vulnerabilities of living in public, we’ll have to up our game with our new ‘open’ colleagues if we are going to earn their trust.