Late on the evening of January 11, 2013, someone sent me an interesting email. It was encrypted, and sent from the sort of anonymous email service that smart people use when they want to hide their identity. Sitting at the kitchen table in the small cottage where I lived in Berkeley with my wife and two cats, I decrypted it. The anonymous emailer wanted to know if I could help him communicate securely with Laura Poitras, the documentary filmmaker who had repeatedly cast a critical eye on American foreign policy. From: [email protected]■■■■■■■■■

To: Micah Lee

Date: Fri, 11 Jan 2013 Micah, I’m a friend. I need to get information securely to Laura Poitras and her alone, but I can’t find an email/gpg key for her. Can you help? I didn’t know it at the time, but I had just been contacted by Edward Snowden, the National Security Agency contractor who was then preparing a momentous leak of government data. A month earlier, Snowden had anonymously emailed Glenn Greenwald, a Guardian journalist and chronicler of war-on-terror excesses, but Greenwald didn’t use encryption and didn’t have the time to get up to speed, so Snowden moved on. As is now well known, Snowden decided to contact Poitras because she used encryption. But he didn’t have her encryption key, as is necessary to send someone encrypted email, and the key wasn’t posted on the web. Snowden, extraordinarily knowledgeable about how internet traffic is monitored, didn’t want to send her an unencrypted email, even if just to ask for her key. So he needed to find someone he thought he could trust who both had her key and used encrypted email. That was me. And as it turned out, several months later I was drawn more deeply into the whole thing, when Snowden got back in touch and asked me to work with him to launch an online anti-surveillance petition. Until now, I haven’t written about my modest role in the Snowden leak, but with the release of Poitras’ documentary on him, “Citizenfour,” I feel comfortable connecting the dots. I think it’s helpful to show how privacy technologists can work with sources and journalists to make it possible for leaks to happen in a secure way. Securing those types of interactions is part of my job now that I work with Greenwald and Poitras at The Intercept, but there are common techniques and general principles from my interactions with Snowden that could serve as lessons to people outside this organization.

When I got that first email, I was working as a staff technologist for the Electronic Frontier Foundation and as the chief technology officer of the Freedom of the Press Foundation. My encryption key was posted at both sites, so Snowden was able to find it easily, and the key was digitally signed by people who were well-known in the privacy world (pioneering blogger Cory Doctorow and free software champion Richard Stallman, for instance); this meant those people had digitally vouched, in a way that was incredibly difficult to forge, that the key really belonged to me and not to, say, some NSA trickster. In other words, Snowden didn’t need to worry about the key being a fake. Poitras was a founding board member of the FPF, so he assumed I would have her key, and he was right. It wasn’t uncommon for me to receive the type of email Snowden sent — strangers send me encrypted emails all the time, requesting help. Some of those emails are from people who appear to have personal issues to work out, but the inquiry from Snowden, emailing under a pseudonym, struck me as serious. I quickly forwarded it in an encrypted email to Poitras. The encryption technology we used — the standard among email users concerned with privacy — is known by two acronyms: GPG, for GNU Privacy Guard, or PGP, for Pretty Good Privacy. From: Micah Lee

To: Laura Poitras

Date: Sat, 12 Jan 2013 Hey Laura, This person just send me this GPG encrypted email. Do you want to respond? If you want to, and you need any help with using crypto, I’m happy to help. Like me, Poitras was accustomed to receiving anonymous inquiries, and she recognized that this one was credible. A few hours later, she sent me a reply. From: Laura Poitras

To: Micah Lee

Date: Sat, 12 Jan 2013 Hey Micah, Thanks for asking. Sure, you can tell this person I can be reached with GPG at: [email protected] I’ll reply with my public key. I’m also on jabber/OTR at:

[email protected] I hope all is good with you! Laura The frustrating and ironic thing about GPG is that even experts make mistakes with it. Even, as it turns out, Edward Snowden. I now had Poitras’ permission to send Snowden her encryption key, but in his first email to me, Snowden had forgotten to attach his key, which meant I could not encrypt my response. I had to send him an unencrypted email asking for his key first. His oversight was of no security consequence—it didn’t compromise his identity in any way—but it goes to show how an encryption system that requires users to take specific and frequent actions almost guarantees mistakes will be made, even by the best users. After receiving Snowden’s key, I sent him an encrypted email with Poitras’ key. This enabled him to send his first encrypted email to Poitras, in which he called himself Citizenfour. But I wasn’t out of the identity-confirmation picture yet. Snowden and Poitras quickly set up a more secure channel for communication. Poitras created an anonymous email account, doing so with the Tor Browser that masks your identity on the web, and she created a new GPG key, just for communicating with Citizenfour. This was advisable because, if she were under surveillance by the NSA or any other intelligence agency, they might have compromised her known accounts, and she would prefer for there to be no trace of her true name in the correspondence with this secrecy-seeking stranger. But the internet is a hall of mirrors. Even though Snowden and Poitras had set up new anonymous email accounts and traded GPG keys through a trusted chain of communication, it’s still possible that something could have gone wrong. Maybe one end of the communication (either Snowden or Poitras) could have had their computer hacked, with the attacker in a position to impersonate them. Or maybe they could be victim to a man-in-the-middle attack where, for example, the NSA tricks two parties who think they’re having an encrypted conversation directly with each other into secretly having two separate encrypted conversations with the attacker, who forwards their messages along. To be extra sure that these things weren’t happening, Snowden wanted to verify through a separate channel that he had Laura’s legitimate key. He asked Poitras to get me to tweet the fingerprint of her new GPG key. Just a tiny bit of background: encryption keys are technically just strings of random data that scramble and unscramble information. Because these keys are too long to memorize or conveniently post on bios or put on business cards, each one has a far shorter “fingerprint” that is unique to the key. These fingerprints are just 40 characters long. To verify the new key that Poitras had sent him, Snowden needed to receive her new fingerprint from me and then compare it to the one he was using. If the fingerprint that I tweeted didn’t match the key that Poitras sent him, that would be evidence that NSA or some other actor may be attempting a man-in-the-middle attack. If the fingerprints matched, however, he could be confident that he had her real key and no one was attacking their communication. On January 28, Laura sent me the following encrypted email— From: [email protected]

To: Micah Lee

Date: Mon, 28 Jan 2013 Hey Micah,

This is Laura Poitras.

Someone is trying to verify my fingerprint to this email. The person has proposed you tweet the fingerprint. Would you be able to tweet this to your acct:

1EBF 5F15 850C 540B 3142 F158 4BDD 496D 4C6C 5F25

Let me know if possible.

Thanks,

Laura It might seem strange to use Twitter, a public platform, to convey crucial information, but in some circumstances it makes perfect sense. Doing a man-in-the-middle attack against encrypted email without getting caught is significantly simpler than performing an attack on a public platform that anyone in the world might notice. If NSA had hacked my Twitter account and posted the wrong fingerprint, there’s a good chance I, or one of my followers, would notice and start looking into it. So on January 28, I tweeted Poitras’ new fingerprint:

With that, Snowden, using the handle Citizenfour, had a very secure channel for communicating with Poitras, using the email address [email protected] I assumed this would be the end of my work with him. Encrypting Greenwald Snowden signed off from my life, or so I thought, with a final request: He asked that I help Greenwald get encrypted. He said it was an important task, though he didn’t tell me why. He also told me that someday I would be proud of the role I was playing. I tried to teach GPG to Greenwald but I had the same problem Snowden had encountered when he reached out in December, that Greenwald was busy and couldn’t focus on it. Several months later, however, I succeeded in getting Greenwald up to speed on using an encrypted chat system called Off-the-Record (OTR), which is much simpler than GPG. For the first time he was able to have encrypted communications on the internet. Then, on May 9, I got an encrypted email from Poitras that was exciting and alarming. From: Laura Poitras

To: Micah Lee

Date: Thu, 9 May 2013 I’m working on something with Glenn and I really need to get him on a secure (preferably Tails) system. He does not have the technical skills to set this up himself, and I’m trying to keep things compartmentalized, so I don’t want to email him about this topic directly on a non-secure channel. Poitras didn’t tell me what was going on, and I didn’t ask. Not who, not what. The same with Greenwald. I didn’t ask. This was basic operational security. Whatever they were doing was sensitive, and I had no need to know. Whether you’re working in the analog or digital world, this is one of the simplest and most important security practices: share secrets only with people who have to know. The fewer people who know a secret, the lower the chances are that it will be compromised. Tails, the secure system Poitras asked me to get for Greenwald, is serious business. It’s a hardened operating system designed for people who need to be anonymous, and not a lot of people use it. The acronym stands for The Amnesic Incognito Live System. Before Poitras asked me to teach it to Greenwald, I had never used it. Crucially, everything you do in Tails is anonymous. All internet activity is routed through Tor, so by default your privacy is protected. And you run Tails directly off of a DVD or a USB stick — it is not installed on your hard drive. Since Tails operates completely independently from your hard drive and usual operating system, it offers a hefty dose of protection from malware and from anyone who might inspect your computer to look at what you’ve been doing. It’s also a free software project, just like Tor, GPG, and OTR. That means the code is open source and can be peer reviewed, a level of transparency that makes the software resistant to backdoors, covert access points buried deep in the code. On May 13, after creating a customized version of Tails for Greenwald, I hopped on my bike and pedaled to the FedEx office on Shattuck Avenue in Berkeley, where I slipped the Tails thumb drive into a shipping package, filled out a customs form that asked about the contents (“Flash Drive Gift,” I wrote), and sent it to Greenwald in Brazil. He received the package two weeks later, it having been delayed in transit, for what I believed to be bureaucratic rather than nefarious reasons, and the blue thumb drive actually made a cameo appearance in “Citizenfour.” For a technologist, this was a dream come true.

Snowden’s Website Near the end of May, I received an anonymous and encrypted email from an account called “verax,” which is Latin for “truth teller.” The writer told me that he was the same person I had been in touch with several months earlier. He had a new request. Would I help him build a website that would launch a global petition against surveillance? I still didn’t know his name, where he was located, or what else he was up to, though clearly whatever he had going on with Poitras and Greenwald was sensitive. Because of my respect for them, I believed that anything they were going to this much trouble to accomplish was going to be worthwhile, so I agreed to build the site. I started using Tails in all my work with the contact, because I sensed that I had to take the highest security precautions possible. As Poitras had done with him in January, I created a new anonymous email account and GPG key just for communicating with him. He was glad that I did. From: [email protected]■■■■■■■■■

To: ■■■■■■■■■

Date: Sat, 1 Jun 2013 Got it. Good idea, btw. There are some issues with keys being used for fingerprinting as they move over the network. He said he was writing an anti-surveillance manifesto that he wanted to post on the yet-to-be-named site, along with a petition that people could add their names to. The site would be unveiled once the journalists he was working with published their first stories. I had ample experience building privacy-respecting websites, including many online petitions for EFF. Among others, I built a petition against the draconian online copyright enforcement bill SOPA that sent more than a million emails to Congress. So this was familiar territory for me. Working in Tails to remain anonymous while I developed the site, however, meant that this would be trickier than the web development I’d done in the past. I didn’t have access to the latest browsers I was used to, and I didn’t dare test the mobile version of the site on my smartphone. I also had concern that my coding style might betray my identity: my code for this project used similar commenting and naming conventions as other code I’d written in the past. Trying to develop software without your personal coding style is like trying to write an essay using someone else’s voice. I was also concerned that the visual designs I was creating could be compared to my work in the past. Snowden was even more worried about detection, though I didn’t know it at the time. He expected to be quickly arrested and prevented from speaking for himself, and predicted that the government would use that silence to mischaracterize his intentions. To keep that from happening, Snowden decided to take a highly visible online stand against mass surveillance. Part of his plan included the petition website that he asked me to build. On May 27, Snowden had his first encrypted conversation directly with Greenwald, who agreed to travel to Hong Kong with Poitras, funded by Guardian. As my work on the site got underway, I had an encrypted chat with Poitras and mentioned what I was doing, though I didn’t give her many details; just as I didn’t need to know everything she was doing, she didn’t need to know everything I was doing. She warned me to be extremely careful, and added that a very big story was in the works. I promised to be careful. I was in a strange position. I was working with Snowden (whose name, in late May, I still didn’t know) and I suspected he was a whistleblower working with Poitras, but I didn’t know what he was blowing the whistle on, I didn’t know a large volume of documents were involved, and I had no idea where he was located. I didn’t know, for that matter, that Greenwald and Poitras would soon be heading to Hong Kong to meet him there. My ask-no-questions cluelessness was best for all concerned. Days later, I was having an encrypted chat with Poitras, from our anonymous accounts, and she sounded excited. “You’ll never guess where we are right now,” I remember her writing. She didn’t tell me where she was, of course, because I didn’t need to know. Snowden and I exchanged encrypted emails to discuss the site mockup and the site’s functionality, and he let me know a bit of what was going on. “Just wanted to provide an update on the work out here,” he emailed me on June 3. “Had an extremely productive meeting with two journalists today you may know, and will encounter a third tomorrow [Ewen MacAskill, a Guardian reporter who joined Greenwald and Poitras at the last moment]. After discussion, may hold off on the declaration for a few more days to give them time to work first.” He told me his name, so that I could attach his signature to the end of the manifesto. This was about a week before the rest of the world would learn who he was. Using Tor, I searched the internet for Edward Snowden, but I couldn’t find anything. I checked LinkedIn, I checked Facebook, I think I even checked Twitter, and I found nothing. Who was this guy? I learned more from the manifesto he sent me. It chilled my spine. He wrote about ubiquitous surveillance by not just the NSA but the intelligence agencies in the “Five Eyes” alliance: Britain, Canada, Australia, New Zealand and the U.S. He wrote about privacy and the lack of accountability, and what this means to democracy around the world. I still didn’t know exactly what he was leaking, but I could tell it would be big. It turned out that he wasn’t familiar with the subtleties of using Twitter in petition campaigns. Due to my work at EFF, I knew that one of the things that can make a campaign go viral is offering a pre-written tweet to people who sign your petition and allowing them to send that tweet from their own account with just a couple of clicks. People often post these tweets, and that’s almost more helpful than their signatures since it vastly increases the campaign’s visibility. I explained this to Snowden, and also explained that it was really important to have a good hashtag for the campaign. He got it immediately, thanked me for pointing this out, and suggested the following Twitter template: “This tweet is being monitored. Join me in breaking the back of the internet spy machine: https://www.supportonlinerights.com #HiNSA #HiGCHQ” Snowden decided that the site should be called supportonlinerights.com, and we got to work registering it and finding a hosting company. But we ran into trouble paying for the registration and hosting. Snowden was using his real name and email address ([email protected]lavabit.com) and his own credit cards — he was not yet an international fugitive — but he was also using Tor, and this caused problems. Tor protects your identity by routing your web activity through a number of nodes, so that the site you are in touch with does not know your IP address or where you connect to the Internet from. But this creates a problem when you want to pay a bill, because the use of Tor can trigger fraud warnings with corporate payment departments, since Tor links your traffic to IP addresses that might be flagged as sources of abuse. The company through which Snowden was registering his domain name and hosting his site, Dreamhost, initially rejected his credit cards. This led to a funny situation. Snowden, in his Hong Kong hotel room, wasn’t just discussing government secrets with Greenwald, Poitras and MacAskill. He was also chatting online with customer support. Trying to troubleshoot these problems, I checked the complaint logs he had opened and noticed that he explained he was using Tor because he was traveling overseas and didn’t trust the local ISPs. Eventually he prevailed and his credit cards were accepted. Here is the original registration record in the internet’s “WHOIS” system:

I was a bit nervous at the time, and my wife was very nervous, because the government does not look kindly on whistleblowers and the people who work with them. For security reasons, we were in a bubble. I hadn’t told any of my co-workers at EFF that I was building a website for a whistleblower. So there weren’t a lot of people to turn to for advice or comfort. Nonetheless, I was quite excited, especially after Greenwald’s first story was published on June 5, revealing a secret NSA program to collect massive amounts of domestic phone data. I finally knew what Snowden was leaking. “Big news today, huh?” I emailed him. “How are you doing?” He responded quickly. From: [email protected]■■■■■■■■■

To: ■■■■■■■■■

Date: Thu, 6 Jun 2013 Oh, that old thing? That could have come from anywhere.. Timing is everything on this, and we aren’t close to finished. It’s encouraging to see prominent civil rights organizations already calling for change, and I’m hopeful that maybe this time, things will be different. Come Monday, people will have something to be angry about. I think that will be the day. Please feel free to criticize the draft as much as you’d like: it needs to be something people are willing to give words to their own feelings. The next few days brought a blitz of headline-grabbing stories about NSA surveillance from Greenwald, Poitras, and MacAskill as well as the The Washington Post’s Barton Gellman, who received documents from Snowden even though he hadn’t made the risky trip to Hong Kong. On June 9, there was another thunderbolt: Greenwald, MacAskill, and Poitras broke the news that Edward Snowden was their source, releasing a 12-minute interview with him in which he explained his motivations. At this point I was terrified. What if he got arrested and extradited to the U.S.? What if he were forced into solitary confinement for long stretches, as had happened to Chelsea Manning? What if he was tortured or killed? I also worried about properly shepherding the project with which he had entrusted me. What was the contingency plan for the petition website? If he was arrested, should I unilaterally launch supportonlinerights.com? “I hope you’re safe and doing well,” I emailed Snowden. “In case anything happened to you, what would you like me to do with the website?” The site was ready to go. At the time, I was using the Declaration of Independence as a placeholder for the manifesto; for security reasons, I didn’t want to load the manifesto until the launch. Here’s what it looked like: