Security for the Whistleblower
Acting as an anonymous source throughout the whistleblowing process is a good way to protect yourself and others from external threats. This document looks at the threats associated with submitting information to the public media and ways to address and minimize those risks.
Before submitting any information you should consider what will happen after the information has been given to journalists and what will happen when the leak becomes public.
Ask yourself the following questions to assess your risk:
- Are you acting in the public interest or with spiteful intent?
- Will your actions evoke a violent or legal response from some group?
- Do people other than you have access to the information you are going to submit?
- If this information reaches the public, will someone question you about it?
- Can you cope with the stress of an internal or external investigation?
You should only consider blowing the whistle after giving serious consideration to these kinds of questions.
You may leave computer traces while:
- Researching the information to be submitted
- Acquiring the information to be submitted
- Reading this web page
- Submitting the information to us
- Exchanging data with recipients of your submission
With the right tools and knowledge you can minimize the risk of leaving digital traces and compromising your anonymity.
- Before you make a submission, do not share your intentions with anyone.
- Try to be certain that there are no surveillance systems or observers in the place where you acquire and submit information.
- Try to be certain that the information you submit does not identify you if someone other than intended recipient gains access to it.
- After you make a submission, do not share your actions with anyone.
- After the news about the submission gets to the public, be careful about expressing your opinion about the news with anyone.
However, if you strictly follow the guidelines below, you should be safe enough.
- While acquiring the information to submit, be sure that there are no traces left on the IT systems leading back to your identity (eg: collect files with a USB stick. When you have completed the submission destroy and dispose of the USB stick)
- Realize that “deleting a file” on almost all computers does not remove traces of the files presence from that computer.
- Be aware that “meta data information” may be present in some of the data you are submitting.
- Consider cleaning up the Metadata by using tools such as MAT bundled with the TAILS linux live CD.
- Consider converting all the data that you send us into a standard format like PDF.
- Submit information using Anonymous Web Browsing software Tor Browser Bundle
- Do not keep any copies of the information you submitted.
- Do not submit information from the computer provided to you by your employer (use a spare one)
- Keep the Submission’s receipt you receive secret and destroy it once you no longer need it.
- Do not look around on search engines or news media website for the information you submitted.
Safe enough does not mean your anonymity is guaranteed. It means that even computer experts should not be able to determine that you were the source of the leak after the fact.
If you wish to better understand how to safely proceed in this digital environment, consider reading the excellent guides produced as part of the Security in a Box project.
Security of the Submission System
WBS is an open source, secure whistleblowing platform designed by the Hermes Center for Transparency and Digital Human Rights. The platform enforces strict policies that protects the identities of its users and information submitted to the system.
When these two software tools are used together a whistleblower’s anonymity while submitting information receives strong protection. This setup lets us manage the process of safe communication with sources.
The Difference Between Anonymity and Confidentiality
This means that no one, not even the recipients of the information knows that you are the person blowing the whistle. By default, WBS used with Tor provides strong protection for your anonymity.
However, there are many whistleblowing scenarios where anonymity of a whistleblower is only temporary. Imagine a whistleblower coming forward as a plaintiff in a civil suit in the United States. In a case like that the whistleblower may have significant monetary incentives to reveal who they are.
When a source reveals their identity to a recipient, then their identity becomes confidential. All it takes for a whistleblower to go from an anonymous source to a confidential one is a first and last name.
Why Trust WBS
This is the best way to ensure that the application is truly secure. We do not ask you to blindly trust our security decisions: we have received various independent security analyses from third parties.
Moreover, the source code of GlobaLeaks is open, so anybody can inspect it and make sure that it does what we say it does.
For more in-depth analysis of the security of GlobaLeaks, see GlobaLeaks Application Security Design and Details.