mediadev library

Anjuli R. K. Shere, Jason R. C. Nurse, Andrew Martin

In: Proceedings of the International Conference on Cybersecurity, Situational Awareness and Social Media

Cyril Onwubiko; Pierangelo Rosati; Aunshul Rege; Arnau Erola; Xavier Bellekens; Hanan Hindy; Martin Gilje Jaatun (eds.)

Singapore: Springer (2023), pp. 303–326

"Threats associated with the consumer Internet of Things (IoT) may particularly inhibit the work and wellbeing of journalists, especially because of the danger of technological surveillance and the imperative to protect confidential sources. These issues may have knock-on effects on societal stabili ... more

"The consumer Internet of Things (IoT) is a fast-growing area of technology, increasingly embedded in the public and private spheres, including both in and on bodies. There are various security concerns and academic investigations into potential risks of this expansion, but none yet specifically add ... ressing the implications to journalists and the democratic pillar of press freedom. Not only are risks to this community not yet assessed, but IoT threats generally are not communicated without technical jargon, making them inaccessible to non-experts. Given the importance of a free press, mapping IoT devices and, crucially, communicating associated risk in ways understandable and actionable to journalists themselves, is key. Journalists and the press are particularly at-risk from IoT devices that may feature in the environments with which they must regularly interact because of the fundamental imperative of source confidentiality. Previous research demonstrated that members of the press are largely unaware of the ways in which the IoT can threaten their work and wellbeing. The networked capabilities of IoT devices increases the ease with which well-resourced threat actors can target journalists who routinely handle confidential information and are already at risk around the world from a variety of non-IoT threats. This paper therefore presents a novel categorisation of both ambient and wearable consumer IoT devices according to the environments in which journalists are most likely to interact with them. It draws on related academic work classifying devices for technical audiences to create a system that is accessible to journalists and their sources. Its goal is to make members of the media aware of the prevalence of these technologies and which of the devices’ capabilities may increase their individual risk. Useful risk assessments cannot be undertaken without an accurate understanding of where threats may be encountered. By systematically outlining risks in numerous environments, this taxonomy can be easily incorporated into existing security training materials and risk assessments for journalists. This paper presents a novel taxonomy to codify and organise IoT present in different environments, with examples of how journalists and their work could be impacted, both passively (i.e. via surveillance) or actively (i.e. via information theft). It also discusses how different environments that may contain IoT devices are often under the control of actors whom journalists cannot easily influence, nor protect themselves against. Especially as these devices continue to proliferate, journalistic risk from IoT devices in surrounding environments are growing. It is therefore important to address the contemporary and emerging risks to journalism that are associated with connected devices. This paper enables journalists and readers to not only visualise and conceptualise how IoT devices in different environments may create risks, its user-focused language and organisation also empower journalists to begin to use this taxonomy for awareness, mitigation, and protective purposes." (Abstract) more

"Open-source intelligence gathering and analysis (OSINT) techniques are no longer predominantly the remit of private investigators and journalists. An estimated 80-90% of data analysed by intelligence agencies is also now derived from publicly available material. Additionally, the massive expansion ... more

Threats to Journalists from the Consumer Internet of Things

“It's not paranoia if they really are out to get you”: Navigating risk to journalists when connected devices are everywhere

Reading the Investigators their Rights: A review of literature on the General Data Protection Regulation and open-source intelligence gathering and analysis

Now you [don’t] see me: How have new legislation and changing public awareness of the UK surveillance state impacted OSINT investigations?

Security should be there by default: Investigating how journalists perceive and respond to risks from the Internet of Things