How to leak to The Center for Investigative Reporting
Whistleblowers have been an integral part of our organization’s 40-year history of exposing wrongdoing. While we don’t base our stories solely on anonymous information, a tip or document can be the key that opens the door to more reporting.
From the former Uber engineer who told us how employees at the company used the ride-hailing app’s data to spy on former romantic partners to a package of documents sent anonymously to our office that led to a groundbreaking investigation into how Jehovah’s Witnesses officials covered up widespread sexual abuse, whistleblowers have been indispensable to our work as investigative journalists.
None of the communication tools we suggest are entirely foolproof. Each has its own set of advantages and risks. If you’re unsure about the best method for leaking information, contact us using the encrypted messaging app Signal, which is explained in more detail below. In this initial conversation, give a broad outline of your situation and we can provide guidance regarding the best way to move forward.
The simplest way is to send as an email at firstname.lastname@example.org. We monitor this account on a regular basis and will get in touch with you if we are interested in pursuing your tip. Standard email can be traced and hacked, however, and it can be discoverable in lawsuits. For information about more secure email options, see “By encrypted email” below.
Our staff phone numbers are listed on this page and, if you click through on each name, you can see what that person is covering.
For more secure smartphone communication with us, the encrypted messaging app Signal currently is the best bet. To increase your personal security on Signal, purchase a cheap “burner” smartphone with a prepaid plan and pay for it with cash, so it’s not in any way connected to your identity.
To get in touch with us using Signal, send us a message at 510-207-5229.
It’s old school, but mailing documents can be a largely undetectable way of getting information to us. The key is not writing your name or any return address on the packaging. In addition, don't mail the documents from your home, place of business or a location near those locations. Sidewalk post boxes are preferable to post offices, which often have video cameras.
Our mailing address:
The Center for Investigative Reporting
1400 65th St., Suite 200
Emeryville, CA 94608
To reach a specific reporter or editor, put “Attn: PERSON’S NAME” somewhere on the outside of the packaging.
SecureDrop, which allows for fully encrypted communication between journalists and sources, now is used by more than two dozen media organizations from The New York Times to Vice. SecureDrop provides the greatest degree of safety if it is implemented correctly, which begins with downloading the Tor browser.
To access our SecureDrop server, paste this link into the Tor browser: http://k4jn3q4ob77nefhv.onion
By encrypted email
For more secure email, first set up a Tor browser.
is a fully encrypted email service based in Switzerland, and it works as smoothly as a Swiss Army knife. If you can set up a Gmail account, you can get ProtonMail working. The best part is that it fully encrypts all messages going from one ProtonMail account to another automatically. ProtonMail also has a special version of its site set up to operate over Tor
Our ProtonMail account: RevealNews@protonmail.com.
Setting up PGP encryption on your email can be a little confusing, but the browser extension Mailvelope< (and this step-by-step guide) can help. Here’s a video that also provides a useful tutorial.
The email@example.com email address is configured to accept messages encrypted with PGP. The public encryption key for that email address is below and on the MIT public key server. To contact a reporter or editor directly, use the PGP keys on the individual profiles linked from our staff page.
-----BEGIN PGP PUBLIC KEY BLOCK-----
Comment: GPGTools - https://gpgtools.org
-----END PGP PUBLIC KEY BLOCK-----