We can all lie, but the METADATA never lies
INK Centre | Friday July 28, 2017 16:07
In a fit of excitement and perhaps impetuousness, the journalists approached NSA officials with the document to verify that indeed they had obtained an authentic document. Few hours after the scoop was published in June, NSA zeroed in on the leaker. Without any hubbub, the leaker was uncovered and immediately arrested.
The 25-year-old NSA contractor, Reality Leigh Winner was identified as the woman behind the leak to The Intercept. How did this happen? Did The Intercept reveal her identity to NSA? The simple answer is metadata. Yes metadata.
This is what happened: when The Intercept handed the document to NSA, the team led by experienced editor, Glenn Greenwald inadvertently exposed their source because the very document they handed included almost invisible encoded watermarks that revealed exactly when the document was printed, and the serial number of the printer used. NSA zeroed in on Winner .
This is how Winner was uncovered. The metadata left in the printed document burnt her. Winner, who confessed to leaking the document remains in detention and faces 10 years in jail under the US Espionage Act. Metadata is a set of data that describes and gives information about other data. It is critical in preserving digital history. One thing about metadata is that it never lies.
Talking to The Guardian in 2013, Snowden alluded to the amazing precision of metadata, “…metadata does not lie. People lie on phone calls when they’re involved in real criminal activity. They use code words, they talk around it. You can’t trust what you’re hearing, but you can trust the metadata. That’s the reason metadata’s often more intrusive.”
In the case of Tholwana Borethe, INK Centre for Investigative Journalism was able to establish the report was false and produced by persons other than the intelligence through the metadata hidden in the report. The metadata did the talking. The author failed to cover his tracks and clearly underestimated the power of metadata.
This was a work of amateurs. The analysis of the report showed the exact dates in which the report was created, the number of minutes taken to compile it, the last day it was saved, the computer used to create the document, the Word and PDF versions that were used and the time and dates it was transmitted. And this is how the Tholwana Borethe author was uncovered and the veracity established.
Matthew Caruana Galizia, a software engineer and journalist with ICIJ has a warning to news organisations. Evidence should always be scrutinised both in the courtroom and newsroom. “That includes evidence derived from file metadata. While it is possible to forge it, that doesn’t mean that it’s generally likely that metadata is forged,” he says.
In case of Tholwana Borethe, Galizia advises that journalists should work on the principle of reasonable doubt. He advised that journalists should consider whether the people providing the documents have the technical ability to tamper with the metadata embedded in the file. “In this case it doesn’t: the file creation date extracted from the metadata seems to contradict the claimed production date of the document.
Lastly, we consider whether the file we’ve received is a copy derived from the original - in that case it could contain new metadata that isn’t a reflection of the original. If the source is unable to explain any inconsistencies, then you have a reliability problem,” advised Galizia.
DIS lacks sophistication, but not stupid
The leader of the opposition, Boko has poured cold water on the so-called intelligence report code named Tholwana Borethe saying it is fake. The report, which alleged that the DIS had rolled out a plan to destabilise the UDC by targeting the leader of BMD, Gaolathe caused an uproar after the party’s chaotic elective congress in Bobonong recently.
Speaking at a press conference, Boko said the report is fraught with errors and presented fake account of events. He said the report missed accurate dates of the death of his father. “My old man did not die on the year that the document claims he died. What kind of intelligence organisation would get such basic public information wrong and how does a DIS operative have their national identity on the document?” asked Boko.
In dismissing the report, the UDC leader emphasised that even though the public has less regard for the DIS on account of their level of sophistication, the DIS agents would not produce a shoddy job that is Tholwana Borethe. The report, he says was poorly crafted both in “structure and in language”.
Boko said as much as he has never doubted the involvement of the DIS in opposition politics, the Tholwana Borethe report does not pass the DIS calculability. Without pointing fingers, Boko alleged that the document was crafted by individuals with clear motives of destabilising the UDC.