On Wednesday 21 January, IBIL hosted its first event of 2026: the Annual Privacy Lecture. This year, the Annual Privacy Lecture was delivered by Micah Lee, a software engineer, investigative data journalist, and author, who spoke on the topic of ‘Authenticating Hacked and Leaked Data’. The event was chaired by Amanda Harcourt, Hon. Professor of Practice at UCL Faculty of Law, who is the driving force behind the IBIL annual two-day, cross-disciplinary course, Privacy, Data and Surveillance: Law and Practice, this year celebrating its tenth anniversary. 

At the start of this fascinating lecture, Micah explained how important authenticating data is generally. Ensuring that data and documents are genuine has long been of import to journalists breaking stories, lawyers managing the disputes arising from them, and to the general public interest. However, in the digital age, many sources which would have historically been physical now come in the form of digital copies and large quantities of data, making the struggle for authenticity and transparency much harder.

Drawing on his expertise in computer science and journalism, Micah then talked through several important case studies from his home country, America, to provide a digestible summary of how, from a technical perspective, these corpuses of leaked or hacked data can be verified as genuine. The various studies shed light on the thought-provoking work information security engineers are engaged in: the case of a series of leaked emails pertaining to the Epstein scandal showed how different digital signatures can be used to verify emails; the US Government’s use of TeleMessage and Signal could be verified through cross-referencing hacked data with press photographs of Cabinet members; and how, in the cases of a WikiLeaks X/Twitter group chat and a network of anti-vaccine doctors, sometimes the simplest method of verifying data is to just ask the parties involved.

Data that has been leaked or hacked can prove invaluable to the investigation of all manner of issues; Micah Lee’s lecture thus provided an important chance to learn how to ensure the data’s authenticity to make sure that it can have real value. After the talk, the audience were invited to ask the speaker questions, with contributions ranging from the technical means of verifying emails to the use of these techniques in espionage, and from the liability of journalists using this data to how best to keep our personal information safe. To conclude, Micah kindly signed copies of his recent book, ‘Hacks, Leaks, and Revelations The Art of Analysing Hacked and Leaked Data’.

You can find out more about this event here.

Book your place on Privacy, Data and Surveillance: Law and Practice 2026 here.