I'm a coder, journalist, and author

Micah Lee

I'm an information security engineer, a software engineer, an investigative data journalist, and an author. I run an app called Cyd that helps people delete claw back their data from Big Tech.

I worked for The Intercept for a decade, where I was director of information security. I also used to work as a staff technologist at Electronic Frontier Foundation, and I helped co-found Freedom of the Press Foundation. I did opsec for journalists while Edward Snowden was leaking NSA docs to them.

I'm the author of Hacks, Leaks, and Revelations: The Art of Analyzing Hacked and Leaked Data, a hands-on book that teaches journalists, researchers, and activists how download, research, analyze, and report on datasets. (No prior experience required.)

I develop open source security tools like OnionShare and Dangerzone. You can check out my GitHub activity here.

To get in touch, contact me.


Books

Hacks, Leaks, and Revelations: The Art of Analyzing Hacked and Leaked Data

In 2024, I published a book (with No Starch Press) to help teach journalists, researchers, and activists the technical skills required for 21st century data journalism.

"As a journalist who has been working with data breaches for close to ten years, actually getting to grips with that data is often the hardest part of any reporting project. Lee's clear and concise book will be an invaluable resource for reporters or researchers just dipping into this sort of data, or those looking for new techniques."
- Joseph Cox, Co-founder of 404 Media

"Micah’s book is a fantastic and friendly introduction for journalists, activists, and anyone else who is interested in learning to analyze large data sets but has been too intimidated by the technical details. I hope this book will inspire more people to find the stories inside the data."
- Eva Galperin, Director of Cybersecurity, Electronic Frontier Foundation


Select Projects

Semiphemeral

In the golden days of Twitter — before the reactionary billionaire took it over and sunk it — I developed an open source tool, along with a hosted service, called Semiphemeral that allowed users to delete their old tweets, likes, and DMs, except for the ones they wanted to keep. After Elon Musk closed down Twitter's API, I was forced to shut down the project. My code helped delete over 71 million tweets, 69 million likes, and 24 million DMs.

I'm bringing Semiphemeral back! See semiphemeral.com for more information.

OnionShare

In 2014, I developed OnionShare, an open source tool that lets you securely and anonymously share files using the Tor network — ideal for transferring secret documents around the world without the NSA knowing. I still work on OnionShare today alongside a vibrant community. It's available for Windows, macOS, Linux, as well as Android and iPhone, and it also allows you to make your computer an anonymous dropbox, host Tor onion sites, and spin up anonymous chatrooms.

Dangerzone

In 2020, I developed Dangerzone, an open source tool that lets anyone take potentially dangerous PDFs, office documents, or images and convert them to safe PDFs that won't hack you. For a lot of people, like journalists and activists, it your job to open random attachments from strangers, but these documents might hack your computer. Dangerzone, inspired by the Qubes operating system, solves that problem for people who use Windows, macOS, or Linux. In 2022, Freedom of the Press Foundation took over development of the project.

Tor Browser Launcher

Tor Browser has never been packaged in Linux repositories. In 2013, I developed Tor Browser Launcher in order to solve that problem: a simple Linux program that you can install using your package manager that downloads Tor Browser, verifies its PGP signatures, installs it, and opens it for you.


Select Publications

ADL Maps Jewish Peace Rallies with Antisemitic Attacks

A month after Hamas's October 2023 attack on Israel and Israel's brutal response, the Anti-Defamation League published an interactive map showing a massive uptick in "antisemitic incidents and anti-Israel rallies" in the US since the war broke out. After extracting and analyzing the data from the map, I discovered that a large portion of the protests that ADL framed as "antisemitic" were actually organized by American Jews, including rabbis and children of Holocaust survivors, protesting genocide.

Elon Musk Is Taking Aim at Journalists. I’m One of Them.

After Elon Musk purchased Twitter and started restoring the accounts of people banned for hate speech, harassment, and misinformation, he also starting banning the accounts of his critics. I'm one of the journalists that he suspended in December 2022, shortly after I had published several articles critical of the billionaire's handling of Twitter. (My account is back, but I no longer use it.)

Russia is Losing a War Against Hackers Stealing Huge Amounts of Data

After Russia illegally invaded Ukraine in 2022, dozens of Russian organizations — including government agencies, oil and gas companies, and financial institutions — were hacked, with terabytes of stolen data leaked onto the internet.

Network of Right-Wing Health Care Providers is Making Millions of Hydroxychloroquine and Ivermectin, Hacked Data Reveals

A year and a half into the COVID-19 pandemic, I received hacked data about the anti-vax group America's Frontline Doctors. The data also revealed that 72,000 people paid at least $6.7 million (but probably much more) for fake health care promoted by vaccine conspiracist and January 6 insurrectionist Simone Gold. This reporting led to a Congressional investigation into the pandemic profiteers.

Hack of 251 Law Enforcement Websites Exposes Personal Data of 700,000 Cops

During the 2020 Black Lives Matter uprising, hundreds of law enforcement websites were hacked. The BlueLeaks archive contains over 16 million rows of data, including emails, descriptions of alleged crimes, and detailed personal information.

Zoom Meetings Aren't End-to-End Encrypted, Despite Misleading Marketing

As the COVID-19 pandemic began to ravage the world and businesses were forced to shift to remote work, Yael Grauer and I discovered that Zoom had been lying to its users about end-to-end encryption. Our reporting led to an FTC settlement that forced Zoom to implement real end-to-end encryption, and an $85 million class action lawsuit against the company.

Snowden Archive: The SIDtoday Files

From 2016 through 2019, I led an ambitious project at The Intercept to comprehensively, and responsibly, report on documents from the NSA Signals Intelligence Directorate's internal classified blog called SIDtoday. We published and reported on over 2,000 Snowden documents, by far more than any other newsroom with access to the archive.

In Leaked Chats, WikiLeaks Discusses Preference for GOP Over Clinton, Russia, Trolling, and Feminists They Don't Like

In 2018, a source sent me an internal leak of direct messages from a WikiLeaks Twitter group. I, along with Cora Currier, reported on years of private messages — containing misogyny, transphobia, and antisemitism — between Julian Assange and his most loyal supporters on Twitter.


Select Speaking Engagements

Hacks, Leaks and Revelations: The Art of Analyzing Hacked and Leaked Data
Workshop: BlueLeaks Explorer: Learn to Analyze Hacked Police Documents
2024, Queens, New York | HOPE XV -- upcoming

We Are Drowning in Data and Barely Anyone is Looking at It
2024, Vancouver, Canada | BSides Vancouver (Keynote)

Hacks, Leaks and Revelations: The Art of Analyzing Hacked and Leaked Data
2023, Portland, Oregon | BSides PDX

Pandemic Profiteers and COVID-19 Misinformation
2023, Las Vegas, Nevada | DEF CON 31 Misinformation Village

Workshop: Reading Other People's Email
2023, Philadelphia, Pennslyvania | Online News Association (ONA23)

Qubes OS: The OS That Can Protect You Even If You Get Hacked
2018, New York, New York | The Circle of HOPE

Privacy Tricks for Activist Web Developers
2012, New York, New York | HOPE Number 9


Employment History

Independent Consultant (2024 to present)

The Intercept, Director of Information Security (2023 to 2024)

  • Defended computer systems and staff from nation states, APTs and other cyber threats
  • Protected confidential sources and their communication with journalists
  • Produced investigative journalism related to tech and leaked datasets

First Look Media, Director of Information Security (2020 to 2023)

  • Defended computer systems and staff from nation states, APTs and other cyber threats
  • Led a team of 5 security and IT staff
  • Protected confidential sources and their communication with journalists
  • Produced investigative journalism related to tech and leaked datasets

First Look Media, Technology Analyst for The Intercept (2013 to 2020)

  • Computer security engineering for The Intercept
  • Produced investigative journalism (much of which based on the Snowden archive)

Electronic Frontier Foundation, Staff Technologist (2012 to 2013)

  • Developed open source security and privacy tools for EFF
  • Explained technical topics like encryption to journalists

Electronic Frontier Foundation, Web Developer (2011 to 2012)

  • Maintained EFF's web infrastructure

Miscellaneous Web Developer (teenager to 2011)

  • A whole lot of WordPress, Drupal, and custom PHP/MySQL

Professional Affiliations