New Tools to Reduce the Risks for Whistleblowers

Imagine you’re an employee at a tech company or governmental agency and you’ve noticed practices that you suspect are illegal or dangerous to the public. Personal reasons to not share the evidence with a journalist might include: “I only have pieces of evidence;” “Maybe I’m the only employee concerned;” “I could be harassed if my identity is revealed;” “My Non Disclosure Agreement could be a problem,”  and “My employer’s internal surveillance system could track me down.”

All these concerns contribute to what experts say is an evergreen barrier to whistleblowing: the “first-mover” problem. Even the most courageous whistleblowers — such as former Uber executive Mark MacGann — admit that they waited many months to disclose their evidence of malfeasance because they were waiting for other concerned colleagues to step forward first.

But new employer AI and surveillance protocols — and the additional risk of losing lucrative tech salaries — have now raised the stakes for potential leakers. As a result, journalists and civil society groups must provide insiders with comprehensive solutions to lowering the bar for reaching out, and, ideally, demonstrate to the person that they’re not alone.

One innovative new service to address all these issues is a UK-based nonprofit called Psst.org, which is entirely designed with the real-world needs of potential whistleblowers. Indeed, it states: “Psst lets you deposit the information and get help without having to go full ‘whistleblower.’” It offers a secure digital safe for even small disclosures, flexible or immediate pro bono legal support, and — in an innovative twist — it can eliminate both the first-mover and the vulnerability problems by patiently matching an individual’s initial concerns with those of other employees at the same organization, all while respecting the wishes of information-sharers.

Jennifer Gibson, co-founder of Psst.org, told GIJN that the service has already received roughly 100 whistleblower support requests in its first year, including submissions by 55 concerned employees to a beta version of its encrypted safe.

One of these disclosures was from the former head of security for WhatsApp, Attaullah Baig, who recently filed a lawsuit against Meta for allegedly ignoring major security flaws in its messaging service. In addition to disclosure advice and forging an attorney-client relationship, Psst also helped Baig find an employment lawyer to litigate the case without personal cost.

In its first case, the organization helped a Microsoft whistleblower expose that company’s “Big Oil” AI contracts, as described in The Atlantic by tech investigator Karen Hao, the best-selling author of “Empire of AI: Inside the Reckless Race For Total Domination.”

Two New AI Problems with Leaks

This nonprofit service was highlighted in a Journalist’s Resource webinar panel this year on Dealing with Leaks in the Age of AI and Disinformation, featuring Mark MacGann, Paul Radu, co-founder of the Organized Crime and Corruption Reporting Project (OCCRP,) and former Forbidden Stories editor-in-chief Sandrine Rigaud. (Full disclosure: Rigaud has since been appointed Program Director at GIJN.)

Rigaud noted that leaks from two primary sources — hackers (including civic-minded hacktivists and ransomware criminals) and concerned employees with privileged access to data — have both been affected by AI. For instance, while the volume of leaks from hacked data has increased dramatically, she said hacked or supposedly hacked evidence can be more easily and convincingly forged by AI systems; a problem requiring greater verification through traditional reporting methods.

In January 2022, MacGann carried two suitcases full of hard drives, phones, and documents relating to Uber’s lobbying and safety practices to a Geneva hotel room for a first meeting with a Guardian reporter. The more than 100,000 records he disclosed led to the collaborative Uber Files investigative series.

However, in the webinar, MacGann cautioned: “Cases like me schlepping up suitcases full of hard drives and hard-copy documents — that’s just not going to happen anymore because of the intense digital and physical surveillance of employees, and the increased hostility toward people speaking out in favor of democratic principles.”

He added: “We need to make it easier for whistleblowers to remain anonymous, by providing the technical solutions for the delivery, the matching [with other whistleblowers / journalists], and the verification of leaks.”

MacGann said that promising technical solutions to promote anonymity and safe disclosure included an initiative to repurpose a hyper-secure survey tool, MyPrivacyPolls, as a whistleblower portal, called MyPrivacyPolls Gray. While still in development, the tool — created by the Public Interest Tech Lab at Harvard — leaves no digital breadcrumbs, and can deliver leaks directly to a registered journalist’s email inbox with zero data storage on any server, and which requires no login or identity disclosure from the whistleblower. This project was inspired by Dr. Latanya Sweeney, a public interest technologist at Harvard Kennedy School, who told GIJN that whistleblowers had noted to her team that the MyPrivacyPolls survey form architecture offered some security advantages over existing whistleblower channels.

“We were talking specifically about what Frances Haugen had done in leaking the Facebook documents — taking these photographs, uploading them to Google Drive, and seeking to provide them to a reporter,” said Sweeney. “The way she did that involved a lot of trust in Google, and we were, like: ‘I don’t know if that’s a good idea!’”

In contrast, MyPrivacyPolls Gray offers a more secure alternative, Sweeney explained. “A journalist goes to MyPrivacyPolls and makes an account, and a form, and they publish the URL — the form ID. Whistleblowers out in the world can then go to that URL, and we guarantee [their leaks] will show up in the email inbox of the journalists who created it,” she said. “And neither we nor anyone else would know about the submissions.” Sweeney did concede that more work needed to be done in connecting concerned employees with specific journalists.

However, MacGann said Psst’s system was already addressing many of those very same technical challenges, while also solving the first-mover problem, by matching potential whistleblowers with like-minded colleagues they might not even know about, perhaps a few office cubicles away.

On the so-called demand — journalists’ — side of the leak relationship, Rigaud noted that being open about leak sources remains crucial in establishing trust with your audience. “Its important to be transparent and invite readers to assess what we’re sharing with them,” she said. “A few years ago, when a journalist got a leak from a hacker, they’d often describe it as coming from an ‘anonymous source.’ That’s less and less the case now.”

She added: “The fact checking element is easier with a source like Mark MacGann, who is ready to help you understand and verify the documents. Unfortunately, this is the exception.”

Pros and Cons of a Collectivized Whistleblower Channel

Currently, Psst has some notable limitations. It is only offered in English, and, for now, is limited to disclosures from the tech industry and governmental agencies.

However, its website represents an explanatory masterclass in understanding personal employee concerns, with statements such as: “Remember, this isn’t solely on you. Other people are also coming forward… If their info matches yours in any way, it organically brings a picture into view, and takes the onus off you. You’re no longer alone at your desk,” and “We do a triage of sorts — finding you the support you need on the legal, media and psycho-social side of things.”

Neither does Psst push  a “hard-sell” approach for disclosure. Prospective whistleblowers are offered several options: they can be wholly anonymous; can passively deposit information while waiting for a “match” with a similarly concerned anonymous colleague; can get free advice; or connect with a journalist if they choose.

A planned archiving option to allow people to anonymously and securely park pieces of information in a virtual “safe” — and decide what to do later — is not yet operational.

“Of the options available, the majority or people so far have been wanting to speak to a lawyer right away,” Gibson revealed.

Meanwhile, a GIJN test of the safe deposit process reveals that employees are relentlessly reminded to never use a work-provided device to engage with Psst resources, and instead use a personal device with supplied security conditions. Likewise, they are also advised to consider avoiding HR hotlines for their complaints. Concern for every scenario of whistleblower risk defines the service, and potential clients are offered a Signal number to call for urgent support.

“At the moment, the term ‘whistleblower’ has so many negative connotations; you say it, and so many people get scared,” noted Gibson, who previously served as legal director at The Signals Network, another whistleblower protection group. “We’ve kind of asked these individuals to out themselves on a sacrificial altar for all of us, in order to tell us information we should already know about the harm a company or government is doing. The trend we’re seeing is that people have fewer and fewer big pieces of the puzzle.”

“Unfortunately, I think the lesson the tech industry learned from the Frances Haugen [Facebook whistleblower] case was not, ‘Maybe we need to do better,’ but rather ‘We need to lock down our information better and surveil our employees better,’” she added.  “We saw people coming for help who had important information, but not enough to risk everything.”

Gibson believes the new environment described by MacGann and Rigaud requires more collective disclosures, rather than individual heroism, to achieve both safety and accountability.

She said the Psst safe was loosely modelled on the encrypted Callisto Vault tool within Project Callisto, which was designed to collectivize reporting of sexual assaults by college students by matching unique identifiers of serial perpetrators.

“What we’re hoping is that, one, collectivizing will make people safer, and two, it should increase the number of people who speak up,” she explained “We decided: let’s put a lawyer in every room with a whistleblower, and help them figure out how to move forward. Raising red flags should not have to be a heroic act.”

Although she cannot disclose details, Gibson said the matching system has already found at least one employee with similar concerns and information as an anonymous colleague — but that Psst needs to raise awareness about this feature.

“My hope is that by the end of year two, we’d have a couple of hundred requests coming in, and more people using the matching function in the safe,” she said.

Notably, the vast majority of new clients to the service wish to remain anonymous.

Said MacGann: “My advice [to potential whistleblowers] is to preserve your anonymity. Once you’re a named whistleblower, that completely transforms your life. But if we can get this technology to a place where it’s a completely discreet app, and it’s not wasting the journalist’s time or the lawyer’s time, that’s what we all aspire to.”

Rowan Philp is GIJN’s global reporter and impact editor. A former chief reporter for South Africa’s Sunday Times, he has reported on news, politics, corruption, and conflict from more than two dozen countries around the world, and has also served as an assignments editor for newsrooms in the UK, US, and Africa.