A few weeks ago, Christopher Soghoian wrote a piece in the NY Times about computer security and journalism.

[As] governments increasingly record their citizens’ every communication — even wiretapping journalists and searching their computers — the safety of anonymous sources will depend not only on journalists’ ethics, but on their computer skills.

This is probably a problem of lack of tools as much as it is about tech savvyness.  That’s not to say that there aren’t excellent tools available for keeping information secure (there are) but they’re definitely not user friendly enough to be used by your average journalist, and certainly not designed specifically to fit nicely into a journalism workflow.

That said, I do think that there is a certain amount of this issue that’s the fault of lack of awareness/education.  I think that most people have absolutely no idea what counts as “secure” in an online context.  People who don’t lock their cars in their quiet neighbourhood do so because they have a rough sense of the risks involved.  I don’t think that people who pick an http-based email system versus an https-based one have a similar sense.

This is definitely a tricky area, because knowing enough to be bulletproof to government agencies would take a lot of specialized knowledge that I don’t think can realistically fall into the “everyone should know” camp, but there’s definitely some degree of privacy / security web knowledge that’s going to have to fall into the “everyone should know” category.  I’m hoping to chat with some people in the coming weeks who can help me figure out where a good line here would be.