Contact methods and account separation for journalists
Contact Methods and Account Separation
Mixing contact methods used for reporting with everyday personal accounts weakens source protection.
Real-name email, a personal phone, personal social media, an everyday cloud account, work chat. These are convenient, but if they are used to contact sources, notifications, histories, contacts, login state, and sharing history get mixed together.
For journalists, account separation is not only for protecting yourself.
It is a basic practice for keeping contact with sources from being left in unnecessary places.
Why separation is necessary
When contact methods are mixed, unintended correlation is created.
Exchanging messages with a source through personal email. Sending DMs from an everyday social media account. Storing materials in a personal cloud account. Pasting screenshots into a work chat. These actions create traces in multiple places.
What gets mixed
Remaining risk
Personal email
Private contacts and sources remain in the same environment
Real-name social media
Follow relationships and past posts become linked to contact with sources
Personal phone
Notifications, photos, contacts, and call history get mixed
Everyday cloud account
Owner names, sharing history, and sync logs remain
Work chat
Information spreads to people outside the reporting team
Without separation, you lose track of where points of contact with sources remain.
Reporters often work under their real names. They routinely use public email addresses, social media, accounts from their media organization, personal phones, and newsroom chats. If contact with a high-risk source is mixed into that environment, traces spread through notifications, histories, files, contacts, and cloud sharing.
The purpose of contact separation is not only to hide the reporter's identity. It is to leave contact with sources only where it needs to remain. It helps you keep track of where traces are left.
Units to separate
Separation does not mean simply changing the account name.
Separate email, devices, browsers, cloud accounts, contacts, storage locations, and notifications.
What to separate
Reason
Email address
Separate source contact from normal work and personal use
Browser
Avoid mixing login state, cookies, and history
Device
Separate notifications, files, contacts, and photos
Cloud account
Avoid mixing owner names and sharing history
Storage location
Limit who can access materials
For high-risk reporting, consider a dedicated device or dedicated environment.
Even for lower-risk reporting, at minimum you need a habit of not mixing it with everyday personal accounts.
The depth of separation depends on the risk of the reporting. For an ordinary request for comment, a work email address may be enough. For whistleblowing, labor issues involving fear of retaliation, political repression, crime victimization, minors, or immigration status, consider a dedicated environment.
Type of reporting
How to think about separation
General reporting
Manage it through work contact methods
Reporting that could disadvantage a source
Use dedicated email or storage
Whistleblowing
Separate first contact, materials, and reply paths
High-risk reporting
Consider a dedicated device, dedicated communication, and expert consultation
Strong separation takes more work. But when the harm to a source could be serious, that work is part of source protection.
Guide sources to separate their side too
Even if the journalist's environment is separated, traces remain if the source contacts you from their everyday environment.
If they contact you from real-name email, a workplace device, company Wi-Fi, a work cloud account, or personal social media, records are created at that point.
Source-side action
Risk
Sending from a workplace device
Remains in device management or network logs
Using real-name email
The sender is directly visible
Sharing through a work cloud account
Owner, viewing history, and sharing history remain
DMing from personal social media
Account relationships remain
Taking photos with an everyday phone
Photo metadata or sync records remain
Not guiding a source toward dangerous contact methods is also the journalist's responsibility.
Before saying "send it here," think about what traces will remain.
Sources are not always familiar with the technical side of providing information. If you only say "please send the materials," they may use a workplace device, real-name email, a work cloud account, or personal social media. At that point, strong traces remain.
Journalists need to explain in the first contact what should not be sent. For example: do not send from a workplace device, do not attach internal materials to real-name email, do not upload them to an ordinary cloud account, and first discuss only the outline.
Do not relax just because separation is in place
Even if accounts are separated, writing style, posting times, devices, IP addresses, browser information, and file handling can still connect them.
Remaining correlation
Explanation
Login mistakes
Logging into a personal account in a reporting browser
Notifications
Appearing in screen sharing or screenshots
File sync
Reporting materials entering an everyday cloud account
Writing style
Using the same phrasing or signature
Time
Always making contact in the same time window
Separation is not something you configure once and finish.
What matters is not mixing environments during daily operation.
Operational mistakes still happen in a separated environment. Opening personal email in a dedicated browser. Installing personal social media on a reporting device. Moving reporting materials to an everyday cloud account. Capturing a source's name or a notification in a screenshot. These failures happen through everyday use, not through settings.
Separate where reporting materials are stored
Even if contact methods are separated, risk remains if storage locations for materials get mixed. If files received from a source are placed in a personal cloud account or a general newsroom shared folder, more people can access them. Filenames, thumbnails, sync history, and revision history can also reveal a source.
Handle reporting materials by deciding who can view them, where they are stored, how they are backed up, and when they should be deleted. For high-risk materials, do not place them in an ordinary work folder. Separate them into a location that only necessary people can access.
Review the separation regularly
When reporting continues for a long time, the separation created at the beginning can break down. Using ordinary email for an urgent confirmation. Temporarily sending materials to a personal device. Moving files into a normal cloud account for editing. When these exceptions accumulate, points of contact with the source spread.
What to review
Why to check
Contact methods
Whether conversations with sources have mixed into everyday environments
Devices
Whether notifications, histories, or files remain
Cloud accounts
Whether owner names, sharing history, or revision history appear
Storage locations
Whether people other than necessary staff can view materials
Reply paths
Whether you are asking the source to use dangerous contact methods
Separation is not an initial setting. It is an operation maintained until the reporting is complete.
Summary
Separating contact methods and accounts is a basic part of source protection.
If personal email, real-name social media, personal phones, everyday cloud accounts, and work chats are mixed with source contact, traces spread.
Separate email, browsers, devices, cloud accounts, storage locations, and notifications.
Sources also need guidance about options that do not use real-name email, workplace devices, or work cloud accounts.
Separation is an operation, not a setting.
Related tools
Whistleblower submission
SecureDrop
An external resource related to this article. Open it only when it fits your situation and threat model.
Why it is listed: It can help with the article topic, but it is outside Anonymity Sense and should be checked before use.