https://www.cjr.org/tow_center/emma-best-ddosecrets.php
A new group devoted to transparency is exposing secrets Wikileaks chose
to keep
[links in online article]
By Sam Thielman, CJR
February 6, 2019
This article is the second in a series focusing on notable forensic
journalists for the Tow Center for Digital Journalism.
“The truth is its own goal,” Emma Best says of the new journalist
collective, Distributed Denial of Secrets. Think of DDoSecrets (a play
on the name of a type of cyberattack called a “distributed denial of
service”) as an alternative to Wikileaks—indeed, in some cases it hosts
the same material—that devotes more attention to explaining its
standards for the material it distributes and less to eye-catching press
releases. It distributes caches of previously secret data—emails,
government records, contracts—some via direct download through the site
linked above, some by carefully vetted request. “We simply want to make
the information available, and to prevent it from disappearing,” Best,
who is the only non-pseudonymous member, says.
The site, which has existed since December of last year, publishes huge
volumes of raw data through Tor Hidden Services, an encrypted amenity
provided by the Tor Project. In January, for instance, DDoSecrets
released a huge dump of emails and messages from Russian officials that
Wikileaks had declined to host on the grounds that they were “already
public” (many were not), detailing the deployment of Russian troops to
Ukraine in 2014, which the Kremlin categorically denied was happening at
the time.
Reportage and opinion based on that data is left to traditional deadline
journalists, but DDoSecrets’s archive, which includes dozens of document
troves from around the world, is carefully—journalistically,
even—designed. State-sponsored hacks are flagged, as are hacked
materials that cannot be verified and may be adulterated. Independent
journalists like Marcy Wheeler and major organizations like The New York
Times have built stories on DDoSecrets’s publications. Wikileaks, too,
has been the source for major news stories, but it has consistently
earned criticism for not vetting its sources in the way that DDoSecrets
claims to do. (Wikileaks did not respond to request for comment.)
Best says she and another member, called The Architect, began the
project last year. “In 2018, The Architect came to me with their desire
to see a new platform for leaked and hacked materials, along with other
relevant datasets,” she says. “We’ve known each other for some time, and
they were willing to bring their technical expertise to the project. We
pooled our resources, along with those of people who chose to not be
directly acknowledged, and worked on the initial archive which publicly
launched in early December 2018.”
Best’s reputation as a national security journalist and dogged FOIA
filer precedes her. Now, she is the public face of DDOS’s otherwise
anonymous or pseudonymous collective, both writing about the group’s
newest data cache releases and helping to acquire them. On her MuckRock
page are both newsy investigations and several indexes of organizational
recordkeeping manuals—unglamorous to publish and arduous to acquire but
priceless to fellow FOIA filers. Her most recent work to catch the
broader public eye was about another nontraditional journalistic
operation: Wikileaks—which, Best reported, had sent out a list of 140
things the organization considered “false and defamatory” when said
about Wikileaks founder Julian Assange. (Hilarity ensued.) She had
reported skeptically on the organization before, noting among other
things the incomplete nature of its archive of John Podesta’s emails.
The project has met with high praise from Best’s peers. “People are
quick to call it the work of ‘transparency activists,’ which really
disappears a lot of labor,” Wheeler, who covers national security from
an outsider perspective at her blog Emptywheel, says.
“Journalism is changing, and maybe it’s comfortable [for institutional
journalists] to dismiss that.” Some of DDoSecrets’s most scandalous
Russian documents had already been made public, Wheeler says—two
Ukrainians brought them to the BBC. But DDoS’s freely available download
of the entire cache, which had been available only piecemeal and through
dodgy websites hosted in Russia and Ukraine, got the attention of The
New York Times, Foreign Policy, The Daily Beast, and other high-profile
newsrooms.
Like Wikileaks, DDoSecrets is cagey about the nature of its
operations—always a paradox for organizations that promote transparency.
Best says there are “fewer than 20” people working with the collective.
And while Best knows who “The Architect” is, she’s not sure whether it’s
the same “Architect” who was a founding employee of Wikileaks—and
acrimoniously departed in 2010. “I understand people would like that
narrative. But an answer would need info I don’t have,” she tells CJR
during an interview conducted using the secure messaging app Signal. She
knows the identity of her Architect, but not Wikileaks’s. “If I can’t
relay the info and don’t have a need to know, I try not to even ask..”
Some of Best’s colleagues have backgrounds working for state
authorities. “Those experiences are a big part of what drove some of us
to (sometimes radical) transparency work, as they did for Chelsea
Manning and Ed Snowden (neither of whom are part of DDoSecrets, to be
clear),” she writes via Signal. “Those associations all ended well prior
to DDoSecrets coming together and were internally disclosed early on.”.
At the moment, the entire project is a labor of love for Best, The—or at
least or at least an—Architect, and their undisclosed colleagues.
“Everything is out of pocket for the time being,” she says. “We haven’t
setup any mechanisms for people to provide financial support, and we’ve
rejected offers from people who were willing to pay for access to our
LIMDIS [limited distribution—available by request only, but listed on
the site] data sets or for us to perform searches on them.”
The DDoSecrets website also includes a “Wanted” section—a list of hacked
documents the group is actively seeking. Best cautions CJR that the
group does not steal or solicit theft. “Our “Wanted” page lists only
materials known to exist from preexisting breaches and leaks for this
reason – there are ethical (not to mention legal) lines that would be
crossed in soliciting or committing the actual theft of data.” No one in
the group, she says, has even suggested stealing or copying information
in a way that would break the law.
With all this data-gathering firepower, why has DDoSecrets not simply
set up a news site? There are, after all, only a few journalist teams
capable of navigating the multilingual, technically complex tranches of
information that DDoSecrets has made available, and DDoSecrets has one
of them. “Agendas creep into press releases, and biases,
misrepresentations or misunderstandings get repeated,” Best says. “We’ve
seen this with releases from some other platforms. By simply saying,
‘Here’s the data, it should speak for itself,’ it’s easier to accept.”
=====================================
To subscribe, unsubscribe, turn vacation mode on or off,
or carry out other user-actions for this list, visit
https://www.freelists.org/list/keiths-list