You want to join our mission? Here are some ideas to get on board.
Are you a whistleblower?
If you want to blow the whistle yourself, consider your options wisely.
Learn more on how to stay safe.
How to stay anonymous when blowing the whistle
Exposing wrongdoing is always associated with personal risks. Therefore, many whistleblowers decide to submit information anonymously. No form of communication can fully guarantee security. However, you can increase the likelihood of remaining anonymous by taking appropriate technical precautions and by behaving accordingly.
Continue
No use of personal end devices
Everyone leaves numerous traces when using end devices and can be spied on using cookies, tracking tools, spyware, state trojans, data retention and spy chips. This makes it easier for authorities and employers to find out who the whistleblower is and what confidential information has been passed on. A visit to our website or that of other whistleblowers (media etc.) may be sufficient to raise suspicions.
The use of personal (business or private) end devices should therefore be avoided when whistleblowing. Instead, use different and changing public libraries and internet cafés for research, the submission of reports and further communication in connection with whistleblowing. Never access sites or services (email, social media, customer accounts, etc.) from there that are personally connected to you. Make sure that the respective location (especially the screen) is not visible from security cameras and is not in the immediate vicinity of one of your frequent places of residence (home, workplace, sports club, etc.).
Encryption techniques and software
Below you will find an overview of the technical solutions you can use to make it particularly difficult to track you. Most of these are open source solutions. Not only are they free of charge, they are also maintained by a large community, meaning that potential vulnerabilities are usually discovered early on and permanently rectified.
Continue with encryption techniques and software
Tor browser
We unintentionally leave behind countless clues to our identity on the Internet. You can minimize these traces by using the free Tor Browser. After starting the Tor Browser, click on “connect” to connect to the Tor network. When surfing with the Tor browser, your data stream is initially encrypted (and undetectable to you) and routed via various servers instead of directly to the actual destination. This disguises your IP address and thus the location of your computer. Internet pages load a little slower as a result. The Tor browser also blocks browser plug-ins such as Flash, RealPlayer and QuickTime, which are easy for hackers to manipulate. You should therefore refrain from installing plug-ins or extensions for the Tor browser.
But even when using the Tor Browser, the following applies: If you want to surf anonymously, you must behave accordingly. Anyone who logs into social networks or registers with real data in the Tor browser loses their anonymity.
Encrypted data carriers (pen drive, external hard disk)
You should not store sensitive documents and files on your business or private devices, but download them directly to an encrypted external drive (e.g. pen drive). The safest way to do this is to buy a new pen drive from a retailer, pay cash for it and only use it in connection with whistleblowing.
The open source software Veracrypt offers very good encryption. Files are stored inconspicuously in a so-called “container” with professional 256-bit encryption. To gain access, you need to know the password and which encryption software was used. Optionally, Veracrypt creates a so-called key file in addition to the password, which is stored separately (e.g. token or smartcard). Even more security is provided by so-called “hidden” containers, whose files are invisible even after decryption and can only be opened by entering another password.
You can find a good tutorial for setting up Veracrypt here. Alternatively, you can purchase a pen drive with encryption software already installed on it. If you no longer need your data and documents, you can permanently delete them and all traces of them by using special deletion software. The German computer specialists at heise.de recommend the open-source software Eraser and File Shredder, among others. You can achieve maximum security by physically destroying the external drive afterwards. With SSD hard disks or pen drives, you have to damage the individual memory chips.
Removal of metadata
Every digital file contains somewhat hidden so-called metadata, which can reveal, for example, when, where, by whom and with which software a file was created and which fonts were used. Information that may allow conclusions to be drawn about your identity and should therefore be removed as far as possible.
Some media whistleblowing portals do this automatically. However, you do not have to rely on this, but can use special software to remove much, if not all, metadata yourself. The Linux-based operating system Tails (see below), for example, includes the Metadata Cleaner. Printing out documents is another method of preventing metadata from being passed on. However, even this does not offer unlimited security: secret services sometimes create several almost identical copies of the same document, differing only by tiny typing errors. If a sensitive document is published, the whistleblower can be identified on the basis of these typos. You can find more information on the removal of metadata here.
Tails – the complete package for whistleblowers
The Linux-based operating system Tails offers the complete package for whistleblowers and other people who want to leave as few digital traces as possible. By default, all data and documents are automatically and permanently deleted when Tails is shut down. If you want to save individual files, you can set up an encrypted and password-protected “persistent storage”. Tails also includes many useful programs and components for whistleblowers, e.g. the Tor browser and the Metadata Cleaner for removing metadata. Tails also offers programs for editing texts, tables and pdfs.
Tails is Linux-based and can be started via a pen drive or DVD on any PC or laptop – regardless of which operating system is normally used there. To set it up, you need a pen drive with at least eight gigabytes of storage space. When Tails is installed, all data on the pen drive is automatically deleted. For security reasons, it is not recommended to use the pen drive for purposes other than Tails. First download Tails and “verify” it online. You can then install it on the stick using the balenaEtcher program. Detailed information on setting up and using Tails can be found here in English, here (paywall) and here in German.
After installing Tails, you must start your end device from the pen drive. How this works depends on the device and operating system. For most Windows-based devices, you must restart by holding down the SHIFT key and then select “Use a device” and then “USB Storage” in the options when booting up. With Apple devices, you usually have to insert the USB stick before starting and press the alt key immediately when switching on. In the following menu, select “EFI Boot from” (source).
Booting with Tails usually takes a little longer than with your conventional operating system. The user interface may take some getting used to at first. You can find out how to set up the above-mentioned “Persistent Storage” for saving documents here. How to use the pre-installed Metadata Cleaner to remove treacherous metadata here.
Tails is considered a very secure operating system. However, if the BIOS, firmware or hardware of your computer is compromised or you leave traitorous traces on the Internet when using Tails (see explanations on the Tor browser), it reaches its limits.
Protected communication
Electronic messages can be spied on and read relatively easily, as we know thanks to one of the best-known whistleblowers, Edward Snowden. This can be made considerably more difficult by using encryption techniques. Messages can only be read or understood if the recipient has a special “key”. This type of encryption is standard with some email and messenger services, while others can be set up with reasonable effort. This does not entail any significant restrictions in terms of ease of use. We explain more about this in the following sections.
Continue with protected communication
Emails
The encryption software GnuPG (open source) or PGP is a free and cross-platform software for encrypting emails. The only requirement is that the other person also uses PGP and that you know their “public” key. Before sending the email, encrypt the email with the recipient’s public key and send your public key as an attachment. The recipient then uses their “private” key to decrypt your email and their “public” key if they are also to reply to you in encrypted form. You should never pass on your private key.
PGP is pre-installed as standard in the Thunderbird email program and only needs to be set up. However, PGP can also be used without Thunderbird using the Mailvelope browser extension. The BSI has compiled a list (German) of other tools for Windows and Apple OS. You can find out more about PGP and how to set it up with various providers and email programs in this article from netzpolitk.org.
Some journalists use email accounts from the Swiss provider Proton. Private users can also set up an email address there relatively easily. Emails between Proton users are automatically encrypted with PGP; the same applies to email accounts with Tutanota. If you do not wish to have any further contact with the addressee after submitting the notification, you can set up so-called “one-time or disposable email addresses”, e.g. at https://www.nervmich.net/ or https://10minutemail.com/. Email addresses can be set up there quickly and without disclosing personal data. The email account is deleted a few hours after opening.
But even if the content is encrypted or you use anonymous email accounts, your path through the Internet can be logged and traced back to you through this metadata. You can significantly reduce this risk by using the aforementioned Tor browser.
Messenger services (Signal, Threema)
Most popular messenger services now advertise the ability to send encrypted messages (“end-to-end encryption”) so that they can only be read by the communication partner. However, security experts have doubts about the validity of this assurance for messenger services such as WhatsApp.
Edward Snowden recommends the messenger service Signal. As an open source project, any vulnerabilities that may arise can be quickly rectified by independent experts. As Signal is always linked to a cell phone number, intelligence services can use the metadata to track who is using the app – but not with whom they are communicating and what content has been shared.
The messenger service Threema can be used without providing any personal data. In contrast to Signal, this is subject to a fee (one-off payment of around 4 euros) and is much less widespread. Both messenger services offer apps for Android, iOS, PC and Mac and can be used to send messages and files as well as for encrypted video calls.
Whistleblower portals and electronic anonymous mailboxes
Contact points for whistleblowers in the media, public authorities and companies are increasingly relying on whistleblower portals or special electronic mailboxes to receive reports. Some of these whistleblower portals have a so-called feedback channel. When you submit a report, you receive a code or password with which you can log into a mailbox set up especially for you. You can continue to communicate anonymously with the addressee via this mailbox after submitting the report. This enables the addressee to keep you up to date on the status of the matter and to ask you for additional information if necessary.
How well these whistleblowing portals actually protect your anonymity depends, among other things, on the software used. Open source solutions such as SecureDrop and GlobaLeaks stand for high security standards. Most commercial providers also advertise that the data is encrypted during upload and download and that no IP data is stored. Nevertheless, it is recommended that you only access these portals using the Tor browser. If you do not use the Tor browser, at least delete the browser history or cache after uploading the files.
Post
The postal service is considered comparatively secure. If you want to remain anonymous, do not enter your real sender details and do not hand in the post near your home, work or other places you visit frequently. You can avoid leaving fingerprints by wearing cotton or latex gloves.
Telephone
If you do not know the addressee, initial contact by telephone is often easier. Some contact points for whistleblowers take this into account and offer telephone contact options.
Telephone calls can be traced via the number, even if they are not monitored. If possible, use a prepaid SIM card that was not purchased by you or a person connected to you. Since 2017, ID must be presented when purchasing prepaid SIM cards in Germany. It is best to call from a landline that is not registered in your name and cannot be traced back to you by third parties.
If possible, refrain from giving your name in the telephone call and only provide the most necessary information. If necessary, you can arrange a personal meeting with the person you are calling or another way of providing detailed information.
Crypto cell phones offer a high level of protection, but only if the other person uses the same device. This usually does not justify the high purchase price
Behavior after submitting the report
Only a small group of people usually have access to particularly sensitive or confidential information. Even if you submit your report anonymously, it is therefore easy to identify you as a whistleblower if you draw attention to yourself with conspicuous behavior. Therefore, do not change your behavior after submitting the report.
It is understandable if you feel the need to talk to someone about your report. Even well-meaning people can, whether intentionally or unintentionally, jeopardize the protection of your anonymity, especially if they are put under pressure. Inform as few people as possible and make sure that they have a legal right to refuse to testify (e.g. lawyers, journalists).