Safety First

Our journalist safety and security bot is live!

It’s called JESS — for Journalist Expert Safety Support (I’m sorry) — and it’s been more than a year in the making, a joint effort between the Journalism Protection Initiative here at the Newmark J-School at CUNY and the ACOS Alliance (and me.) It’s a great example — if I say so myself — of how we can deploy AI systems to help journalism.

And building it also offered useful insights into what we should build and how we build it — not least that we should lean into what new technologies allow us to do, rather than have it make a better version of what old technologies allowed us to do.

Please sign up to use it! (It’s optimized for US users right now, but we do plan to roll this out globally.)

But to back up: What’s JESS, and what does it do? At heart, it’s — as we say in the announcement — “an AI-powered tool designed to give journalists, editors and news organizations working across the United States greater access to essential safety information and guidance.” Which is to say, it’s basically a RAG-based system that draws its answers from a set of vetted documents, mostly created by former Reuters safety chief Mike Christie, but also from other partners. (I oversaw safety and security with Mike for close to a decade at Reuters, so I’m pretty familiar with this world, albeit at distance; the two of us cooked up this idea over a drink — where all good ideas come from — two years ago.)

Also, credit where credit is due: Nikita Roy, of Newsroom Robots, oversaw the build, and the project was supported by the Patrick J. McGovern Foundation.

And just being able to query vetted security advice would be nice. But wait! There’s more, and that’s where it gets interesting: The JESS data is also available via an MCP integration, so you can access it accurately through your own Claude or ChatGPT or other accounts, if you prefer their language handling capabilities or want to hook it up to other integrations you’ve built. And we’ve built a system that guides you through a series of structured questions — in effect, mimicking a security advisor — to help you build a security plan.

Those parts are in beta, although they point the way to how we might want to think about the tools we build and how people access them.

Do we need a front end that we control if we can offer the same information in a structured form to AI agents via an MCP integration? In JESS’ case, staying on the JESS platform will give you more privacy, but perhaps that’s less important to you than integrating it with other tools you have. Is the future in encoding behaviors and processes that systems follow, à la my deconstruction tool, rather than just in the provision of information? In other words, is the security advisor avatar a forerunner of us being in the service business as much as we are in the content business?

And that’s how we need to be increasingly thinking about what we build — less replicating what we’ve always done, albeit with better functionality, and more taking the technology on its own terms to brainstorm what’s newly possible. JESS is already an upgrade on a safety guidebook or website because it’s responsive to questions; but the MCP allows it to become a structured source of information to other agents. And the security avatar both allows for more thoughtful replies and serves to train users in the thinking that goes into security planning.

None of which would have been possible if we had simply thought: Let’s put an LLM as a front end to a security database.

Building JESS was theoretically simple — build a large RAG! make it accurate! — and more complicated in practice, especially if you don’t, for privacy reasons, want to hook it up to a commercial LLM and want to run it off a model you have more control over instead. But one of the core lessons I took away was the speed of technological development. MCPs weren’t common when we started; now it’s an obvious path to a faster deployment. Building that security avatar would have taken much more effort two years ago than it does now.

What’s the lesson? It’s not that you should wait for technology to catch up to what you want to do; that’s a recipe for doing nothing, since the tech will undoubtedly get better next week. But it is a reminder that you shouldn’t get too locked in to any single solution, and to be ready to pivot on short notice. The capabilities that exist when you start the project will not be the ones that exist when you finish.

And most importantly, to keep your eyes on the prize. Why are you building this, and what problem is it trying to solve?

In our case, all of us involved in the project have spent many years trying to keep journalists safe. We know that it’s risky out there, and getting riskier; and that far too few reporters have access to safety training, equipment and advice. JESS is our way of trying to help.

Please check it out.