Why source cultivation is a long-term discipline
Sources are the lifeblood of investigative journalism. Public records and OSINT techniques can establish what is on the official record — but sources give you what is not: the context behind a decision, the document that was never filed, the meeting that has no official record, the person who was in the room.
Building a source network is not transactional — it is a long-term investment in relationships built on trust, honesty about what you can and cannot do for a source, and consistency in protecting confidentiality. Sources talk to journalists they trust. Trust takes years to build and can be destroyed in a single careless moment.
This guide covers the practical mechanics of source development, the ethical framework governing source relationships under the NUJ Code and IPSO Editors' Code, the digital security considerations for source protection, and how to manage a network over the long term without creating dependencies or ethical problems.
When source network management is most critical
- 1Starting out on a new beat where you have no existing contacts in the sector or institution.
- 2An investigation requires information from inside an organisation that has no press office or actively hostiles media contact.
- 3You need to verify a claim from one source against an independent source in the same area.
- 4A source relationship has become complicated — a source is asking for something in return, attempting to control your coverage, or their reliability has come into question.
- 5A source faces legal jeopardy and asks what you can do to protect them.
- 6You are handing over a beat to a colleague and need to manage source introductions responsibly.
Red flags to watch for
- Payment for information: offering money in exchange for tips or documents risks distortion, entrapment, and breaching IPSO Clause 15.
- Single dependency: relying on one source for an entire beat creates a conflict of interest and a vulnerability — if that source is compromised, so is your coverage.
- Source coercion: implicitly or explicitly threatening to expose or embarrass a source to obtain information is a serious ethical breach and may be unlawful.
- A source who consistently offers exclusives in exchange for favourable coverage: this is a transactional relationship that compromises your independence.
- A source who appears to be running an agenda — selectively leaking information to damage particular targets while protecting others.
- Over-contact: repeatedly contacting a source who has expressed reluctance risks harassment under the Protection from Harassment Act 1997.
- Storing source contact details in an unencrypted or cloud-based system accessible to third parties or susceptible to a production order.
Source network development checklist
- I have mapped the beat I am covering and identified the key institutional and individual contacts I need to develop over the coming year.
- I have established a routine contact schedule for my most important sources — periodic contact even when there is no immediate story keeps relationships active.
- I have been honest with each source about what I can and cannot offer in terms of confidentiality and source protection.
- I have established a clear ground-rules conversation with each confidential source before receiving sensitive information.
- I have reviewed my expenses and gifts policy in line with my outlet's editorial standards and the NUJ Code.
- I have a secure means of communicating with sensitive sources (Signal, SecureDrop, or an equivalent).
- I am maintaining source diversity — I do not rely on any single source for more than one story at a time without independent corroboration.
- I have reviewed which sources I have used in the last three months and identified any dependency patterns.
- I understand the legal framework under the Police and Criminal Evidence Act 1984 and the Investigatory Powers Act 2016 for compelled source disclosure, and have briefed my editor.
- I have a plan for what I would do if I received a production order or phone tap disclosure relating to a source.
Tools for source protection and secure communications
Use our Source Protection Guide for step-by-step protocols, and our Digital Security hub for encrypted communications setup for sensitive source contacts.
Common mistakes
- Treating source relationships as purely instrumental — sources who feel used rather than respected will eventually stop talking to you.
- Not having an explicit conversation about ground rules before receiving sensitive information.
- Storing source names and contact details in a phone, email, or cloud service that is not encrypted and could be subject to compelled disclosure.
- Failing to tell a source upfront that you cannot guarantee their anonymity in the event of a legal challenge.
- Allowing a long-standing source relationship to blur into friendship in ways that compromise your editorial independence.
- Not rotating sources: over-reliance on one person for a beat creates both a dependency and a conflict of interest.
- Using a source's name in copy when the story could be published without identifying them — always ask whether identification is necessary.
Related guides
Primary sources
- NUJ Code of Conduct — Clause 7 Source Protection— NUJ
- IPSO Editors' Code — Clause 15 Witness Payments— IPSO
- CPJ Journalist Security Guide— Committee to Protect Journalists
- Dart Center for Journalism and Trauma— Columbia Journalism School
- Rory Peck Trust — Safety Resources— Rory Peck Trust
- Police and Criminal Evidence Act 1984— legislation.gov.uk