Integrating digital security practices into a newsroom workflow will require concerted organizational effort. Editors will need to recognize the importance of digital security in the reporting process, and honor the scheduling implications it may entail. Reporters will need training and technical support for new systems and software. At the highest levels, implementing robust digital security practices will require an institutional commitment both financially and culturally, wherein noncompliance is not tolerated and privacy and security considerations sit at the table alongside legal and editorial ones.
While not insurmountable, the complexities of operationalizing digital security in a newsroom are certainly real. Likewise, it is unrealistic to expect every journalist to become expert in all possible nuances of digital security practice. Yet here is another sense in which digital security is not sui generis. In its technical complexity and importance to the industry, digital security is much like libel. Just as news organizations expect that reporters and editors have a basic literacy in libel considerations, so too should they assess and/or train their reporters and editors in the essentials of digital security. And just as news organizations retain experts to consult on particularly thorny libel issues, they should have experts on hand to advise on sensitive digital security measures where needed; some organizations already do.51 At a time when most news organizations are overstretched and underfunded, the very idea of adding yet another step to the reporting process or another employee to the payroll may seem laughable, even cruel. Yet, as is often the case, with new approaches also come new opportunities. Some of these are financial, as I will discuss below. No less significant, however, are the editorial opportunities. Reporters well-versed in digital security practices will find themselves with a new array of skills for locating and verifying sources and stories. They may even find themselves with new sources altogether as their networks learn of their better security practices.