August 25, 2021

The Lead is a weekly newsletter that provides resources and connections for student journalists in both college and high school. Sign up here to have it delivered to your inbox every Wednesday morning during the school year.

Journalism schools are far behind in digital security training, and a lot of newsrooms aren’t much better, handling doxxing incidents and hacks reactively instead of proactively. Organizations like the Freedom of the Press Foundation, Committee to Protect Journalists and more are working to get the industry up to speed and guard against digital attacks.

If you’re running a student publication’s online accounts, often accessed by multiple people, these tips are doubly important. Here are five steps you can take now to improve online privacy for yourself and your newsroom.

Turn on two-factor authentication for your personal accounts and your newsroom’s accounts. Two-factor authentication requires an additional verification of identity when you’re logging into an account, protecting you from hacks even if someone knows your password. If you’re setting up authentication for shared newsroom accounts, make sure the verification will go to an email account that multiple people have access to.

Use a secure password manager. Tools like 1Password or LastPass are useful for keeping track of your personal passwords and your student publication’s. (Sticky notes on desks or passwords written on office whiteboards aren’t exactly a secure method.) Logging in with one “master password” provides access to the rest of your passwords. 1Password is free for journalists and lets you share passwords among team members. I use LastPass, but recently they’ve moved some features from free to premium. Wirecutter recommends Bitwarden as a free option.

Background yourself. Open an incognito window and start searching for as much personal information as you can find publicly — social accounts, photos, addresses, family members and personal connections. The New York Times has a great guide on “doxxing yourself” that includes common data brokers (sites like WhitePages that collect personal information) and instructions for removing yourself from them. And while you might not want your information publicly available, these sites can be incredibly useful reporting tools for finding sources’ information.

Check all of your social accounts’ privacy settings. This is especially important for young journalists who are job searching — you need to know what potential employers can find publicly, because they’ll probably look you up during the interview process. Decide which accounts you’ll use for work and which are strictly personal, and change the settings on the personal ones to be as private as possible. Remember, too, that nothing on the internet is truly private; posts or DMs from private accounts can always be screenshotted and shared publicly.

Consider how your student newsroom can accept anonymous tips. Most student journalists probably don’t need to set up Signal (a secure messaging app), but consider the options your newsroom provides to sources who might want to send sensitive information. Can they send you snail mail or fill out a form anonymously? ProPublica’s tips page is a good model and also includes guidelines for sending tips.

This newsletter issue is the second in The Lead’s “Things I wish I’d learned in journalism school” series, intended to fill in schools’ gaps and provide practical advice. Last week, Emma Carew Grovum shared advice for building a relationship with a mentor.

More resources on digital security

For educators: The Freedom of the Press Foundation recently published a digital security curriculum for U.S. journalism schools. Its modules are free to use with attribution.

For women: The International Women’s Media Foundation offers online and in-person safety trainings, among other opportunities and programs.

For investigative journalists: The Global Investigative Journalism Network provides tipsheets and resources on protecting yourself, especially while reporting on sensitive material.

For everyone: The Committee to Protect Journalists’ digital safety kit includes tips on locking down accounts, protecting against phishing and crossing borders.

One story worth reading

Quoting people they know and not disclosing professional connections are just a few conflict of interest issues The New York Times has faced recently. But the Times has shrugged some of them off, “send(ing) the message to reporters that conflicts of interest don’t matter,” Tim Schwab writes for Columbia Journalism Review.

Conflicts of interest probably look a bit different in your student newsroom. What’s your policy? Are students prevented from using people they know as sources or reporting on topics they have connections with? If your newsroom doesn’t have a written policy, the Society of Professional Journalists’ Code of Ethics can help you get started.

Opportunities and trainings

💌 Last week’s newsletter: Building a relationship with a mentor is a two-way street. Here’s how to approach it with intention and respect

📣 I want to hear from you. What would you like to see in the newsletter? Have a cool project to share? Email

Support high-integrity, independent journalism that serves democracy. Make a gift to Poynter today. The Poynter Institute is a nonpartisan, nonprofit organization, and your gift helps us make good journalism better.
Taylor Blatchford is a journalist at The Seattle Times who independently writes The Lead, a newsletter for student journalists. She can be reached at…
Taylor Blatchford

More News

Looking back at a horrific week

Coverage of the police response and how politicians have responded, urgent questions about showing images, powerful late-night monologues, and more.

May 27, 2022
Back to News