Runa Sandvik (previously) is a legendary security researcher who spent many years as a lead on the Tor Project; in 2016, the New York Times hired her as "senior director of information security" where she was charged with protecting the information security of the Times's newsroom, sources and reporters. Yesterday, the Times fired her, eliminating her role altogether, because "there is no need for a dedicated focus on newsroom and journalistic security."
This is a remarkably shortsighted move on the part of the Times; as state actors, political operatives, griefers, spies and guns-for-hire seek to dominate information landscapes, the integrity of the Times's information security is every bit as important as the fire-suppression systems in its shiny new building.
In her farewell tweets, Sandvik writes, "I'm grateful for the 3.5 years of collaboration and helping support brilliant journalists; it's been amazing and exciting; I remain a fierce advocate for the mission of protecting reporters & sources, and I'm very disappointed to see this chapter brought to a sudden close."
If you are a source contemplating going to the Times with a story that could land you in physical, economic, or legal jeopardy, this is really sobering news: can you trust a news entity with your safety when it has eliminated the only person charged with defending it?
Today the @nytimes chose to eliminate my role, stating that there is no need for a dedicated focus on newsroom and journalistic security. I strongly believe in what I do (and what we did), and to say I’m disappointed would be an understatement. (1/3)— Runa Sandvik (@runasand) October 22, 2019