Reporters’ Guide to Covering the Beijing Olympics: Secure communications


In electronic communications, avoid using sensitive words or names authorities may be monitoring. Install anti-virus software on your computer and ensure your hard drive and confidential files are password- protected. Change your passwords frequently. If you are sending emails you have any reason to believe could result in negative consequences for yourself or others if they are seen by third parties, especially the Chinese authorities, you need to use encryption when sending emails.

NEVER open unsolicited email attachments even if they are purportedly from somebody you know: even US government computer systems have been compromised by spyware delivered via email attachments. If your computer is compromised with key-logging software or other spyware, your communications can be monitored no matter how much encryption you use.

Note that there is no such thing as foolproof security. There are only degrees of security, degrees of risk, and degrees of convenience and inconvenience—you need to make your own choices based on the specifics of your situation.

Relatively secure:
(Note that none of these methods is really secure unless the recipient is also using encrypted email—especially if that recipient is inside China.)

Create an account with an encrypted email service, such as Hushmail (, which is not open-source and offers free accounts in addition to paid services with more custom features.

Another good new service is VaultletSoft (; it requires you to download a secure email client, but you can put it on a USB drive and use it from any computer.

A simple way to send encrypted email (assuming that you trust Google in the particular circumstance) is to use Gmail—but IF AND ONLY IF you add “s” to the “http” in the URL, so that your address bar reads: (you will know the encryption is working in Firefox when the top address bar turns yellow).

A more technical and secure way to encrypt your email is by using a PGP key. Instructions are provided in “Ensuring your e-mail is truly private” by Reporters Without Borders, available online at:

Not secure:

Email services provided by internet service providers are not secure because the ISP administrators can access the email, and because such services are generally not encrypted so that the people who control the internet connection you are using at any given time (or who are snooping on it) can potentially monitor your communications going back and forth. Yahoo and Hotmail are also not secure because they too are not encrypted. (Also, if you use a email account, or any mainland email service provider, your email records will be shared with the Chinese police upon request.)