2.1 Types of stories & risks (20 mins)

Trainers should include context-specific examples in this section

  1. Plenary discussion about the types of stories that the women journalists cover.
  2. The trainer first puts participants into small groups to discuss the types of stories they cover and the risks and problems they face.
  3. The trainer puts participants in a circle and participants give feedback as a group. 
  4. The trainer writes up situations and stimulates conversation around common risks they are facing.
  5. The trainer asks participants to recap what they learned on day one of the training. Participants give feedback to the class. 
  6. The trainer tells participants that they will continue to focus on mitigating risk with a focus on how a story or beat puts you at risk. 
  7. The trainer sets out objectives for the day.
  8. Participants are told that they will be completing a section of the risk assessment form at the end of the day.

Objectives

  • Share experiences of common issues and problems when covering certain beats.
  • Review information and learning from day one in relation to risk.
  • Lay out objectives for the day.

Materials & resources

  • Whiteboard/ flip chart

Optional extra resources

2.2 Secure online research (60 mins)

Phone and internet companies and your data 

  1. The trainer asks journalists about the steps they take to initially carry out research. Journalists give feedback as a class. This feedback is likely to include Internet research.
  2. The trainer puts participants into small groups and tells them they are going to discuss how much data phone and internet companies collect on users.
  3. On A3 paper participants brainstorm what information the company knows about them. Participants brainstorm with help from the trainer.
  4. Feedback is collected on the board.
  5. Ideas include:
    • Contact details after you signed up
    • IP address
    • Browsing history
    • Home address
  6. The trainer elicits whether there was anything participants found surprising or alarming.

Secure Internet research

  1. The trainer asks participants what steps they can take/are currently taking to secure their online research. Feedback to the class. 
  2. The trainer emphasizes that as soon as participants search for something on the internet there is a record of it. 
  3. This includes:
    • Browsing history on computer
    • Search engines servers
    • ISP
  4. The trainer walks the journalists through best practice for carrying out internet research on their computer/phone
  5. This includes:
    • Importance of updates – browsers, apps, operating systems
    • Clearing browsing history and when to clear it
    • Limits of clearing browsing history 
    • Https & it’s importance
    • Issues with mobile browsing, such as automatic downloading of documents 
  6. The trainer asks the participants how they can protect their online browsing from their Internet Service Provider? 
  7. The trainer introduces the topic of VPN providers.
  8. The trainer outlines what a VPN does and does not do in terms of security:
    • Moving trust from the ISP to the VPN
    • Collect browsing history
    • This can be handed over to governments
    • What an ISP can see when you are connected to a VPN
  9. When choosing a VPN important to think about:
    • Is it legal to use one
    • Will it work
    • Located outside journalist’s country, including servers. 
    • Not located in a country that has good relations with journalist’s country
    • Is it collecting browsing history
    • Audits
    • Free VPNs and malware  
  10. Other issues:
    • Slows down connections
    • Choose the nearest country with the best connection
  11. Possible options for VPNs include:
    • Psiphon
    • Tunnel Bear
  12. Participants can look up the VPNs on their devices and download one if appropriate to do so. 
  13. Participants try using a VPN and the trainer answers any questions that may arise.

Objectives

  • Participants understand who has access to their data and how that puts them and their sources at risk.
  • Participants are able to take practical steps to secure themselves when conducting research online.

Materials & resources

  • Whiteboard
  • Pens
  • A3 paper

2.3 Secure communications (60 mins)

The trainer must let participants know that there is no such thing as a completely safe communications method.
Deciding what communications tool to use will depend on a journalist’s risk profile and the profile of the person they are contacting.

Tools

  1. The trainer asks participants the different ways they communicate with sources.
  2. Participants give feedback and the trainer writes up information on the board. 
  3. The trainer hands each group an A3-sized paper and asks students to divide into three sections; Not safe, Safer, Safest 
  4. Participants write down the tools they use, for example Skype, on post it notes and stick it in the section they think corresponds with it. 
  5. Participants are also encouraged to include reasons for their decisions. 
  6. Once finished participants are encouraged to present their ideas to the class.
  7. The trainer walks participants through common doubts and issues with communication tools.

Ownership

  1. Who owns the tool they are using and why this is important. 
  2. The trainer should talk here about issues such as how companies store data and whether they are subpoenaed by governments. The trainer also talks about metadata and what that could mean in terms of someone’s safety.

Encryption

  1. The trainer explains that there are different types of encryption and this has different implications for security. The trainer also talks about what no encryption means and why this is significant.
  2. End-to-end encryption (E2E)
    • What data is secured when using E2E
    • How E2E works on different tools 
    • Importance of metadata and what that means for them and their work.
    • E2E by default compared to turning on encryption.
  3. Encrypted to server
    • The risks this poses
    • Subpoenas
  4. Participants review the tools again and make decisions about which ones are secure for them and why. 

Storage

  1. The trainer explains that there is a lot of content stored in messaging apps and this puts them and sources at risk. This includes cloud backups, data being stored on phones, people unaware of where data is being downloaded.
  2. Journalists individually note down the type of content they have stored in messaging apps.
  3. The trainer teaches that the best solution is to have a plan for working securely with messaging apps, including turning on disappearing messages, and creating a workflow for backing up and deleting data.
  4. In group feedback: participants share one thing they learned from the session.

Objectives

  • Participants understand the security differences between different types of communication methods.
  • Participants are able to choose suitable communication tools based on their own personal risk and the risks for the people they are speaking with.

Materials & resources

  • Whiteboard/flipchart
  • Worksheet A3-sized paper
  • Post-it notes
  • Pens

Optional extra resources

2.4 Meeting Sources (60 mins)

  1. The trainer asks journalists if they follow any best practices around meeting with sources
  2. Participants give feedback with their best practices, questions, and concerns.

With a class of all women journalists importance to bring up the situations of sexual harassment, stalking, rape. 
Gauge how comfortable women journalists are speaking about this subject. Don’t press for personal stories instead focus on common issues, such as sources treating interviews as dates.

3. The trainer goes through best practices:

  • Understand your source and their background
  • Public vs private spaces for meeting
  • Secure communications and digital surveillance 
  • Have a plan for if things go wrong
  • The importance of check ins. 
  • Appearance, including clothing suitable for the location.

Include here flat comfortable shoes for moving fast and possibly tying hair back into a bun to reduce possibility of someone grabbing their hair. 
It is important here to avoid victim blaming.

Activity: meet your source

  1. Class is split into groups of three. The trainer explains that they are going to plan to meet a sensitive source. 
  2. Participants are given the role card of an editor, a journalist, and a source. They must make decisions based on the information on that role card.
  3. Using information learned throughout the day the participants plan for how they are going to contact the source securely to arrange to meet them and what steps they will take to be physically secure while meeting them. 
  4. The trainer chooses a couple of groups to give feedback to the class. 
  5. The class is encouraged to say whether they agree or if they think anything is missing.

Objectives

  • Participants are given best practices for meeting with sources.
  • Participants put into practice skills learned throughout the course so far, to plan a meet up with a source.

Materials & resources

2.5 Arrest & detention (45 mins)

  1. The trainers puts the class into small groups and tell them that they will be looking at the case study of a women journalist who was arrested and detained. 
  2. Participants read the case study individually and then discuss it in their group. Get feedback from the class on the text. 
  3. Participants are encouraged to discuss whether a similar situation happens in their country or with the beat they are covering.
  4. The trainer asks groups to think of how people can prepare for the possibility of being arrested and detained, including outlining scenarios of when that could happen. The trainer gives feedback to the class. 

Be aware that journalists may not want to talk about arrest and detention on a personal level. Frame the conversation around best practice instead.

  1. The trainer writes up group feedback and then starts to detail other best practices in case of arrest and detention.  
  2. Preparation is key. Journalists should: 
    • Speak with an editor about what to do in case of arrest.
    • Importance of a risk assessment and a communications plan.
    • Legal support in place before something happens.
    • Know your rights in case of arrest and detention.
  3. The trainer explains to journalists that preparing devices is key to better protecting their data and the data of others. Journalists should:
    • Know what is on their devices and how it puts them at risk.
    • Backup and delete content to an external hard drive.
    • Encrypt devices while being mindful of the law around encryption.
    • Password protect their devices.
    • Limit access to apps on their phone.
    • Set up their devices to remote wipe.
  4. While being detained:
    • Stay calm.
    • Know your rights.
    • Activate the risk assessment protocol by letting someone know you have been detained.
  5. The trainer can put the class into small groups to think about best practices beforehand. The trainer then facilitates this feedback adding other best practices that may have been left out.

Objectives

  • Participants are given practical steps for how to act during and after an arrest or detention.
  • Participants look at the case study of a journalist from the region who was arrested/detained.

Materials & resources

2.6 Risk assessment (20 mins)

  1. Participants complete the risk assessment section: the story and its risks
  2. Brief feedback

Objectives

  • Participants are able to apply teachings from this class into practical real-life situations. 
  • Participants will leave the course with a completed risk assessment.

Materials & resources

2.7 Wrap up (10 mins)

  1. Participants are encouraged to write down three things they learned from the lesson.
  2. Quick feedback to the class.

Objectives

  • Participants reflect on learnings from the day.

Day 2 – Risk and the story

Total duration: 4.5 hours

Description

From conducting research to meeting with sources, this session works with women journalists to ensure they have better security in place in order to be safer both digitally and physically when working on a story.

Objectives

By the end of this training day, participants should be able to:

  • Use tools to carry out safer research
  • Make informed decisions about safer communication methods
  • Apply physical security practices to meet with sources more securely
  • Learn best practices for detention and arrest 

Curriculum Resources

For this training day, we have developed specific materials and activities to accompany the curriculum. You can find all resources of day 2 here.