arrives in theaters this weekend, offering an inside look at the Snowden leaks and the eight days Snowden spent in a hotel room in Hong Kong as the first stories were published. The leaks themselves required intense security measures, but editing and distributing the film has presented a challenge of its own. CitizenFour contains two separate stories which were held back until the film's carefully orchestrated premiere: one on industry infiltration in China and Germany and another on Snowden's girlfriend, Lindsay Mills, and her new residence in Moscow. Countless other secrets left behind in the editing room, and had to be protected throughout the process.
Encrypted hard drives are your friend
When we were finishing, we had a lot of people who were doing audio and we were a little bit careful about transferring anything just over the wire. We'd just drop it off. And everybody got on PGP to communicate, so we definitely trained a bunch of people on using encryption. We had to share cuts, so we had certain protocols, shared passwords that were decided in New York and then we'd move encrypted files using those shared passwords. It does add a level of complexity but the negative consequences are so bad that you have to do it.
Different levels of security means different computers
a Tails machine
that's been sort of…a lot of things have been removed from it, just soldered off. Microphones, all the extras. And then I have one that I actually use the internet on. And of course I use software like Tor for internet browsing. But I did that long before Snowden.
After I came back from meeting Snowden in Hong Kong, I went back to Berlin and I just put my cell phone away. I figured it just wasn't a good thing for me to have for a number of reasons. It's a microphone and it's also a tracking device and I just thought…I'm just not going to broadcast it. So I stopped using a cell phone while I was editing, but now I'm in here doing distribution and I need to talk to people so I've got a cell phone again.
Once you come to terms with the risks, then the choices are pretty simple. It's just safety, and any way you would approach safety in any other context. Just, "oh that's dangerous. Your cellphone is dangerous in this situation." It becomes kind of intuitive. If we were talking about a sensitive situation, I would just say, okay let's take the computers out of the room. It just becomes an obvious thing to do as a precaution.
Don't be afraid to upgrade when necessary
[When Snowden saw the film], he had a lot of operational security notes. There's some encrypted cyphertext in the film and he wanted to know, did I use new keys — and I did, actually. [Ed. note: With both encrypted text and the unencrypted message, an attacker could reverse-engineer the decryption key.] If he's typing his passphrase on-screen, we tried to change some of the audio so they couldn't figure out what he was typing. He had a lot of hardware notes too: "Did you know you could see that USB stick on that player?"