Digital Marketing Blog

Tony Ahn's digital marketing blog, bringing you tips and tactics on content marketing, social media marketing, industry news and trends.

Secrets of Secrecy: How to Secure Sensitive Projects

- by , in Other Services, with 0 -

Silhouettes on frosted glass of two men, one handing something to the otherSecrecy in PR is oft overlooked, seemingly at odds with the industry’s commitment to open, honest communications with target publics. But sometimes in public relations, what’s happening behind the scenes needs to stay behind the scenes, or risk damage to the stakeholder(s), and is becomes key. When the stakeholder(s) need to be able to not only deny involvement with a project, but have it be so secret that they’re never asked about it in the first place, here are the secrecy protocols Tony Ahn & Co. uses. They can be replicated by anyone.

When Moderate Secrecy is Enough

What we call a “moderate level of secrecy” is are generally used when release could cause stakeholder embarrassment, negatively affect stock prices, create negative public opinion, or cause issues with various types of government regulators. Why choose moderate secrecy when you can choose high? Because high secrecy costs more, so if moderate secrecy meets your needs, save the extra budget.

  1. You may contact us via conventional methods and I’ll give you a secure channel for us to communicate on that works for you.
  2. Our proposal comes from a fictitious company and uses code words to describe the work. That way if discovered by the wrong party or leaked, it doesn’t provide direct evidence that the stakeholder entertained the proposal. For example, the proposal may be about acquiring and then distributing information to a number of members of the press. That proposal may come from “Ed’s Construction Supply” and talk about delivering “electric generators” to “construction sites.” Because the cost of a generator can vary widely, we’ll find one that’s the same cost as the work, per columnist. It is very professional and will include photos of the product and a spec sheet. If you have a disgruntled employee, they won’t be able to send that to anyone without explaining everything, and even then it will seem far fetched. Much better security then if that whistleblower handed over a proposal on our letterhead that explained everything.
  3. All communication is done over Telegram or Wicker. These are end-to-end encrypted messaging programs like WhatsApp or Viber. We can set a self-destruct so that messages are erased seconds after they are seen. There are versions of the software for Macs, PCs, and phones (Android and iOS) as well, and that makes it easy to send files.
  4. These jobs are paid in cash or in cryptocurrency (such as Bitcoin).

Blind Protocols: The Highest Secrecy Possible

Top Secret Protocols are generally used when the client requires a greater level of secrecy (operational security). This is generally because the consequences for release could include criminal indictment, arrest, major lawsuits, military intervention, or loss of life. It could also be due to possibility of already being under electronic or physical surveillance.

  1. In this scenario, I may not know who you are, and communications are designed to keep it that way. You also may not know who is doing the work as I outsource parts of some sensitive projects to create a double-blind situation. If we’re doing a political cartoon designed to ridicule the CEO of a company in order to influence public opinion against him, the art can be split between three artists: one draws the subject (we can ask them to draw five different people, so they won’t even know who our target is), one draws the scene, and one draws the speech bubbles. None of them know what the final image will look like.
  2. You buy a SIM card and send it to me. You communicate with me only at that number. You create an email address for me on gmail or and send me the email address and password. I will change the password when I log in. You may even send me a SIM card without first contacting me, in which case I will put it into a phone and wait for a message.
  3. Once initial communication is established, I will give you the location of a PirateBox or we will set up a cloud dead drop (cloud drop): a place you can leave information for me, and I can leave information for you. Anybody can put a message or a file into it. It is impossible to know who did it or where it came from. I will show you how to encrypt your files so that nobody can read them, then transmit them to the dead drop. Any entity seizing the PirateBox or breaking into the cloud drop will find only encrypted files they can’t open. Even the FBI won’t be able to open them. We can either set a specific recurring time to check to see if there is anything in the PirateBox/cloud drop (i.e. “You check it at 10am each day, and I’ll check it at 4pm each day”), or we can signal each other. I can’t go into how the signals are arranged. There are many different online and offline options.
  4. The proposal can follow the format relayed in the Secret Protocol (above), or an even more secure format we can’t reveal here.
  5. These jobs are usually paid in Bitcoin, but we have a way to arrange secure transfer of cash as well.

In this way, I don’t know you, you don’t know me, and most importantly there is no proof that we ever communicated.

Read previous post:
The Facebook Responsiveness Badge Explained

While you may know the Very responsive to messages badge lights up when you have a response rate of 90% and a response...