For news organizations
Capture in chaos. Deliver to the desk. Control who sees what.
Built for high-stress field capture with fast start and low cognitive load. Designed so footage can survive seizure scenarios (best-effort). Designed for newsroom governance: routing, roles, auditability.
Deployable program. Guided onboarding. Available to qualified news organizations.
The moment that breaks your workflow
When the phone is taken, the newsroom still gets what matters.
Protest, border, hostile crowd, equipment confiscation, network drop. The incident is captured, preserved, and reaches the desk in time to act. The U.S. Press Freedom Tracker documents equipment search and seizure as a recurring risk category. Anchor is designed so that uploaded segments can continue to reach your desk even when the field device is lost or confiscated (best-effort, not guaranteed).
Anchor Desk
Incident-to-newsroom pipeline
Three components, aligned with how newsrooms already work: central management and desktop ingest.
Mobile capture (field)
Fast start, low cognitive load. Encrypted recording with optional live backup to the vault.
Recording • Encrypted • Vault backup
Browser-based admin (desk)
Desk overview, routing, policy, roles. See who is in the field, what has been uploaded, and escalation state.
Active incidents • Upload queue • Roles
Desktop receiver (macOS / Windows)
Decryption, review, export. Bulk media operations where your workflow lives.
Decrypt • Review • Export
What the desk gets in the first 60 seconds
Alert, status, and escalation in one place.
- Incident alert received as soon as field capture starts or an escalation is triggered.
- Live status: recording state, connectivity, upload queue. Uploaded segments preserved so far.
- Acknowledgements and escalation state so desk leads can see check-in and duty-of-care at a glance.
Safety best practice emphasizes check-in procedures and emergency contacts. Anchor Desk surfaces this without monitoring reporters.
Roles, permissions, and least access by default
Governance as source protection and liability reduction.
Role-based access (Editor, Security lead, Legal) and incident-scoped access options. Access logs and audit trails so you know who saw what, when. Not monitoring reporters: controlling who inside the organization can access which incidents.
Switch role to see what each sees (least privilege)
Editor view
- Assigned incidents only
- Ingest queue and review
- Export and share (within policy)
- No access to device or escalation policy
Integrity package and provenance-ready exports
Tamper-evident integrity logs and optional provenance export.
Integrity logs record hashes, timestamps, and access events. Optional provenance-ready export is conceptually compatible with Content Credentials (C2PA) principles: tamper-evident provenance infrastructure, not a truth judgment. We do not promise universal platform compatibility or that it prevents misinformation.
Integrity log artifacts (example)
Hashes
chunk_001 sha256:a3f2b… chunk_002 sha256:8c1d… chunk_003 sha256:2e9a…
Timestamps
created 2024-03-13T14:02:00Z last_modified 2024-03-13T14:05:22Z
Access entries
view incident_xyz role=editor 2024-03-13T14:06Z export incident_xyz role=editor 2024-03-13T14:07Z
Network stress: upload pauses and resumes (store-and-forward)
Resilience without claiming perfection. Queued segments upload when connectivity returns.
Provenance helps verify integrity and origin where supported; it does not prove that an event happened exactly as it appears.
Deployment: IT-ready without turning into surveillance
Enrollment, privacy boundaries, and retention.
- Enrollment and device rollout: many enterprises already use MDM for app deployment; Anchor can fit into that model.
- Privacy boundaries: no default location tracking, no covert monitoring. Any location feature is explicit and incident-scoped.
- Clear retention and legal hold posture: configurable retention; legal hold handled per your policy.
Real-world context
- Reuters reported Israeli authorities confiscating Associated Press equipment in 2024; the equipment was later returned. Confiscation happens to major outlets.
- The Washington Post has faced device seizure and search disputes in high-profile cases. Governance and escalation workflows matter when it does.
Frequently asked questions
Can you guarantee footage survives seizure?
No. We cannot guarantee it. Anchor is designed to improve the odds: encrypted segments can upload to the vault while recording and while connectivity allows. If the device is confiscated or destroyed before upload completes, we cannot recover what was never transmitted. Best-effort, not guaranteed.
What if connectivity drops?
Recordings continue on device. Upload queues and resumes when connectivity returns (store-and-forward). This aligns with the reality of the field: networks drop. Anchor does not require a live connection for capture or for the desk to eventually receive what was uploaded.
Do you track reporter location?
By default, no. We do not track reporter location by default. If any location feature is used, it is explicit and incident-scoped, not continuous or covert.
Can the vendor read our recordings?
Anchor is designed so that we do not hold the decryption key for your recordings. Recordings are encrypted on device and in transit; the vault stores ciphertext. For a full technical overview, request our security brief.
Who can access what?
Least privilege by default. Role-based access (Editor, Security lead, Legal) and incident-scoped access. Only people you assign can see the incidents they are allowed to see. Access is logged for audit.
Can this replace our existing transfer tools?
Anchor Desk complements existing workflows. It is not positioned as a drop-in replacement for every transfer tool. The wedge is confiscation resilience and newsroom governance: when devices are at risk and when you need roles, audit, and escalation in one place.
Ready to evaluate Anchor for your newsroom?
Request a demo or talk to us about a pilot deployment. We will walk you through the pipeline, governance, and security model.
No commitment. We do not share your information with third parties for marketing.