Threat Modeling for Journalists and Activists: A Practical Guide

Most privacy advice is written for people whose worst realistic adversary is an advertiser. That advice is fine for most people, and we’ve written the general version of it. This guide is different. It’s for journalists protecting sources, activists organizing under surveillance, and anyone whose adversary is genuinely capable, motivated, and possibly the state itself.

When the stakes are that high, generic checklists are dangerous — they create a false sense of security or burn effort on the wrong things. What you need instead is a real threat model: a structured, honest assessment of what you’re protecting, who’s coming for it, and what they can actually do. This guide walks through building one and turning it into a proportional plan.

Why Threat Modeling Matters More When the Stakes Are High

A threat model is a security plan tailored to your actual situation. The Electronic Frontier Foundation’s Surveillance Self-Defense project frames it around a set of questions, and they’re the right ones to start from:

• What do I want to protect? (your assets)
• Who do I want to protect it from? (your adversaries)
• How bad are the consequences if I fail?
• How likely is it that I will need to protect it?
• How much trouble am I willing to go through to prevent those consequences?
• Who are my allies?

The discipline these questions impose is proportionality. Without a threat model, people either under-protect (using ordinary email to talk to a source in a country that monitors email) or over-protect in ways that backfire (adopting exotic tools they can’t use reliably, or whose mere use draws attention). The goal is to spend your limited effort and attention on the threats that are both realistic and serious for you.

Step 1: Inventory Your Assets — Including the People

Start with what you’re protecting. For a journalist or activist, the list goes well beyond “my files”:

• Source identities — often the single most important asset. A source’s safety, livelihood, or freedom can depend on the link between them and you never being established.
• Communications — the content of messages, but critically also the metadata: who contacted whom, when, from where, how often. Metadata alone can expose a source even if the content is encrypted.
• Unpublished work — drafts, notes, recordings, documents that could identify sources or be suppressed before publication.
• Your location and movements — relevant if physical surveillance or detention is a possibility.
• Your accounts and devices — the keys to everything above.
• Your own identity — for activists working pseudonymously, the link between the pseudonym and the real person.

Be specific. “My communications with Source A about Topic B” is a more useful asset than “my privacy”, because it lets you reason about exactly which channel and which metadata need protecting.

Step 2: Identify Adversaries — and Be Honest About Capability

This is where high-stakes threat modeling diverges most from ordinary advice. Your adversary might genuinely be powerful. Name them and assess two things separately: capability (what they can technically and legally do) and motivation (how much they care about you specifically).

Common adversaries in this space:

• A government or law enforcement agency. Potentially very high capability: legal compulsion of service providers, access to telecom metadata, device seizure at borders, network-level surveillance, and in some jurisdictions, malware deployed against targets. Motivation depends entirely on what you’re working on and where.
• A corporation you’re investigating. May have lawyers, private investigators, insider access, and the budget to buy data or commercial spyware. Often highly motivated about a specific story.
• A hostile non-state group. Variable capability but sometimes extreme motivation, including physical threat.
• Insiders and your own infrastructure. A colleague, a compromised account, a phone backup syncing to a cloud you forgot about. Many real-world exposures come from mundane operational failures, not exotic attacks.

The honesty matters in both directions. If your adversary can compel your phone company to hand over call records, then “we used encrypted messaging” doesn’t help if the metadata of the connection is what exposes the source. Conversely, if you’re an activist whose realistic adversary is local police with limited technical resources, planning around nation-state malware wastes effort you should spend on basics like full-disk encryption and not carrying your real phone to a protest.

Step 3: Reason About Consequences and Likelihood

For each asset–adversary pair, ask: how bad is it if they succeed, and how likely is it?

The consequences in this domain can be severe and irreversible: a source imprisoned, an activist detained, a story killed, physical harm. When consequences are that high, even a low likelihood justifies serious protection. This is the inverse of ordinary privacy advice — for most people you ignore low-likelihood threats, but when failure means someone goes to prison, you protect against it even if it’s unlikely.

Walk it through concretely:

Asset: the identity of a whistleblower source. Adversary: a government agency with legal authority to subpoena providers and seize devices. Consequence of failure: the source is identified, loses their job, faces prosecution. Likelihood: moderate if the story embarrasses the agency.

That single line of reasoning tells you that metadata-resistant contact and no recoverable record on either end aren’t paranoia — they’re the proportionate response.

Step 4: Pay Special Attention to Metadata

For a capable adversary, content encryption is often the easy part — and the part they route around. They go after metadata: the fact that your phone connected to a source’s phone, the location records both phones generated, the timing correlation between your meeting and a leak.

Practical implications:

• Encrypted content is necessary but not sufficient. Signal protects message content and minimizes the metadata it retains, which is why it’s the baseline tool — but the existence of an account tied to a phone number is itself metadata.
• Consider tools that minimize metadata when the source link is the critical asset. For tip intake, SecureDrop (maintained by the Freedom of the Press Foundation) lets sources submit documents to a newsroom over Tor without the journalist ever learning the source’s identity — it’s purpose-built to break the metadata link.
• Compartmentalize identities and devices. A separate device, a separate account, an anonymity-focused operating system used over Tor — these exist to ensure that even the metadata can’t be tied back to you. Which one fits depends on your threat model; we compare them in our anonymity operating systems guide.

Step 5: Account for the Physical and Human Layer

Capable adversaries don’t only attack the network. Build these into the model:

• Border crossings and device seizure. Devices can be searched or copied at borders. Travel with clean devices; don’t carry sensitive data through a checkpoint you don’t have to.
• Physical surveillance and coercion. No tool protects against a camera over your shoulder or a court order compelling you personally. Plan meeting locations and assume some channels may be observed.
• Operational discipline. The most common failure is human: a screenshot synced to the cloud, a source’s name in an unencrypted note, a reused password, telling one person too many. Strong tools paired with sloppy habits fail.
• Coercion resistance. Disappearing messages and amnesic systems mean that a seized device or a detained person has less to give up — by design, there’s less to find.

Step 6: Build a Proportional Plan

Now turn the analysis into actions, ranked by impact and matched to the threats you actually identified. A realistic plan for someone with a capable adversary often includes:

1. Lock the foundation. Unique passwords in a password manager ↗, strong 2FA (a hardware key for the highest-value accounts), full-disk encryption on every device, and current software. This blocks the most common real-world compromises.
2. Choose communication channels by metadata needs. Signal as the baseline; a metadata-resistant intake channel like SecureDrop when protecting a source’s identity is paramount; in-person, no-device conversations when the network itself is the threat.
3. Compartmentalize. Separate identities, accounts, and where warranted, separate devices or an anonymity OS used over Tor for the sensitive work.
4. Plan for the physical layer. Clean travel devices, careful meeting logistics, and an assumption that some channels are observed.
5. Enlist allies. Your “who are my allies” answer matters. Newsroom security desks, the Freedom of the Press Foundation’s training resources, EFF, and digital-security trainers exist precisely to help with high-stakes situations. You don’t have to design this alone — and for genuinely dangerous work, you shouldn’t.

Revisit It

A threat model is not a document you file away. Revisit it when the story changes, when you take on a new source, when you travel to a different jurisdiction, or when something makes you feel specifically targeted. The adversary, the assets, and the consequences all shift — and your plan should shift with them.

The aim, as always, is proportionality: the right protection for the right threats. When the cost of getting it wrong is someone’s freedom, that discipline isn’t optional — it’s the work. And when the stakes are this high, get a real digital-security trainer involved rather than relying on any single article, including this one.