Survey for (Investigative) Journalists

Help us to develop high-end usability and security for digital communications!

Security on the Internet in terms of privacy, anonymity, encrypted communication and research as well as keeping track of one's data is of major importance.

The Center for Investigative Journalism, London, and the Wau Holland Foundation, Berlin, are cooperating to provide significantly improved usability for communication services over the Internet. We are aiming at requirements of (investigative) journalists in particular. Hence, we ask you to help us by filling out this survey:

Please tick the circles and use the text fields to describe details! Thank you!

USE CASES

1. Under which circumstances, in which cases would you like to be able to rely on secure communication?

Very important → unimportant
Communication with sources and whistleblowers
Communication with journalists in your country
Communication with journalists in other countries
Communication with your home/back office
Communication with businesses
Sharing information in exclusive social networks
Other:

2. Which situations are currently the most problematic/dangerous for you in terms of security?

THREATS

3.Which kind of wiretapping attacks are you most afraid of?.

Very important → unimportant
Internet service providers
People who can access the local network
People who can physically access the office / private home
Companies that provide privacy services
Border control officials
People who can otherwise access portable devices
Government agencies
SERVICES

4. Which secure services do you need the most?

Very important → unimportant
Email (Asynchronous one-to-one messaging)
CC: mails, mailing lists (Asynchronous group messaging)
Instant messaging (Real-time one-to-one communication)
Chat (Real-time group conversations)
One-to-one audio telephony
One-to-one video telephony
Group audio conferencing
Group video conferencing
File exchange, data storage
Small-scale social networking (exchange among colleagues, friends)
Large-scale social networking (nurturing viral dissemination)
Anonymous blog posting
Overcome firewalls to anonymously access information
DEVICES

5. On which kind of devices is secure digital communication most important to you?

Very important → unimportant
Mobile computer
Office computer
Tablet device
Smartphone
External harddisks
USB storage
Memory cards

6. In which situations are you dependent on secure digital communication the most?

Very important → unimportant
At home / private houses
At work / offices
On the road / somewhere outdoors, in trains, busses etc.
In the car
PROBLEMS WITH AVAILABLE SOLUTIONS

7. Which security tools and channels do you currently use?

  • PGP for e-mail

  • PGP for encrypted file exchange

  • Tor for anonymised web-browsing

  • Tor to access hidden services

  • Tor to anonymise other tools

  • OTR over messaging services

  • Mumble for encrypted group audio conferencing

  • Complete dedicated bootable toolkits (TAILS, Libertè, Whonix)

  • Installed free operating systems (Linux, BSD, other)

8. What kind of problems / deficits do you see in existing available security solutions?

Very important → unimportant
Complicated or unsafe to obtain
Complicated to install/configure
Complicated to explain to somebody who doesnt know'
Updates are difficult or unsafe
Usage is difficult, also after understanding how
Risk of doing something wrong (e.g. to switch on before submitting)
First contact / bootstrap problems
Safe storage of keys or passwords
Nobody there to ask if problems arise / no "service hotline"
How to be sure if it works? (e.g. hidden loss of privacy by using a PGP key server)
Openly visible subject line (using PGP over e-mail)
Which hardware?
Different versions for different devices
Different programs for different services
Psychological or social inhibitions
Other problems / deficits:
IMPROVING USABILITY

9. Are you able to use a shell?

Yes
No

10. Are you able to work with demands in computer language (even if they are simple)?

Yes
No

11. Are you successful in following step-by-step video tutorials for installing security programs?

Yes
No

If not, why not?

12. Where do you find information if a security software doesnt work properly or if you are insure how to use it correctly?'

13. What troubles you most in security software installation (e.g. with a handbook/tutorial)?

Very important → unimportant
I don´t know/understand many of the used terms (sometimes even if they are explained).
I don´t understand, what to do.
I am doing something, but the result isnt right.'
I don´t understand the logical function/principle of the software (e.g. why using two keys or what means revoking them).
Important details for installation and usage are not explained in the order I need to know/understand them.
Once it is installed I still don´t really know how to use it (or if I use it right) because explanations remained foggy till the end.

14. Try to prioritize what the toolkit needs to achieve the most. Some goals are technically mutually exclusive, that is why this question is particularly important

Very important → unimportant
End-to-end (no information is ever in the clear on insecure devices such as servers)
Anonymising (it is undetectable who is communicating with whom)
Forward secret (if somebody gets at my devices later, they cannot decrypt past communications)
Failsafe (no matter what I do, I can´t break the safety of the communications)
Resilient (no bottlenecks or single points of failure that could be taken down)
High bandwidth (allows for delivering large amounts of data)
Low latency (capable of near real-time exchange)
Simple to use (not needing extensive training to get going)
Submit your results

If you want to participate in this survey and have filled out the above form, please press the "Submit" button to send us your results anonymously.

The results will be evaluated anonymously for realising efficient usability improvements. Upcoming concrete projects will be linked on this website under "Informational Self-Determination"