The Rise of Rogue Twitter Accounts

JAN 31, 2017 | COWORKER.ORG

Last week, several federal agencies including the Environmental Protection Agency and the U.S. National Park Service were ordered into a communications “blackout.” In the age of Twitter, federal agencies count on instant communication with both the public and with lawmakers on matters of policy. Just a few days into Donald Trump’s presidency, federal workers at these agencies — and many observers — see these orders as concerning, and even a betrayal of their duties serving the American public.

There are a few reasons behind this (unprecedented) “blackout.” Trump has not technically shut down or called for an end to public communication by federal agencies, as many have reported. After the NPS tweeted aerial photos comparing the crowd attending Trump’s inauguration to the significantly larger crowd at President Barack Obama’s 2009 inauguration, the White House demanded that the agency delete tweets. The page on climate change was also scrubbed from the White House’s website. Meanwhile, the heads of several federal agencies put out the call for workers not to communicate with the public through any channels, even pausing some inter-agency contact to discuss policy. While it is not out of the ordinary for federal agencies to tread lightly with sensitive information during presidential transitions, it seems that Trump’s jumping on the NPS’s tweets has chilled agency directors across the board.

Rightly, all of this has federal workers and other civil servants worried — and angry. While the crackdown on communications is expected to lift as the transition continues, some scientists and other experts working for federal agencies have “gone rogue”. At least 10 “alternative” Twitter accounts have sprung up to tweet out scientific facts, studies, and commentary that draw attention to the peril of our nation’s lands, air, water, and the dangers of climate change.

The workers running these accounts face significant risks. For that reason, many of the “alt” accounts have recently tweaked their names and handles, and turned over operations to experts and allies who do not work for the government. While it is not illegal for federal workers to tweet on private accounts on private computers during off-business hours, there are laws and guidelines that prohibit sharing certain information even inside an agency, and their jobs are very much at stake.

What are the specifics of online anonymity and protection for workers who are “tweeting rogue,” or who want to protect digital privacy when anonymously posting in any digital format in their private lives?

Micah Sherr, associate professor of computer science at Georgetown University, says that the safety of the rogue tweeters has crossed his mind in recent days. Twitter itself generally does not release the identities of users, but has certainly cooperated with law enforcement in the past, he says. And if the full resources of the NSA were deployed to investigate, for instance, any protection would be nonexistent. (Though, he says, these tweets — which are largely simply science facts — are hardly a national security concern, at least to a normal person.) But put simply: If they want to find you, they will find you.

Exactly what discipline would be meted out to a rogue tweeter depends on a number of factors: If they used government computers or tweeted during work hours, that’s a big problem. Rogue tweeters, then, should consider tweeting anonymously. For those who’ve gone rogue or plan to, it’s best to not get caught in the first place.

“I’ve been looking into anonymity systems for long time,” says Sherr, who runs a research group focused on the topic. (Some of this research is funded by the federal government.) “I try to think of myself not an activist; I just concentrate on the science.”

Sherr says that using an anonymity system or “anonymous proxy” such as a VPN or the more powerful Tor is the most secure way to hide the identity of someone posting online. However, these are sophisticated tools that are not really necessary for the average rogue tweeter. Plus, since not many people are using such methods, it could be easy to home in on the signals that are.

So how can the workaday, off-hours activist protect themselves? “Well, I definitely wouldn’t do it from home,” he advises. “I would try a library or coffee shop that has an open wireless network, and I use a ‘virtual machine,’ not my primary computer.” (This website is also a good resource for “tips, tools, and how-tos for safer online communications” regarding online surveillance.)

But really, the key to discovering who is tweeting may lie in the language of the tweeter. “You have to be very careful with how you word tweets,” he says. “If you have database of people’s speech” — say, tweets from their general account — “you can attribute style to an author.” This may, in part, be why many of the rogue twitter accounts have passed the torch to small groups of fellow scientists and journalists.

All of this is to say that workers should check out what agency rules are in place regarding their private communications, and also consider identity protection before popping off online, since it will relatively easily lead back to you.

When Anonymity is Critical

If you are in situation where it is absolutely critical to preserve your anonymity, there are ways to do so. They aren’t foolproof, and are fairly complicated, and so not really necessary to an average person.

However, a digital security expert at Georgetown University (who asked that their name not be used) offers these tips:

  • Buy (in cash) an iPad, iPod, or a device without cell coverage. This will be the device you use for all hidden activity. Never, ever use anything else.
  • Turn off your personal phone and leave it at home. Go to a very public place with open internet (and hopefully few security cameras). Use cash to pay for any coffee or other items.
  • Download TOR and use it to create an email and twitter account. Use TOR to post your tweets, then turn your device off and leave it off.
  • Don’t turn on any personal devices until you are far away from where you posted. (Over time, authorities could associate your personal phone with your secret device if it shows up at the same place over and over.)
  • Never visit your hidden account from your personal devices. When you want to check your hidden account, follow the same instructions for posting from it.
  • Try not to use the same open networks often; move around as much as possible.

Shauna Miller is a reporter, writer, and editor who has been doing all three, all the time, for quite some time.