Over the past few years, Gawker and other outlets have detailed how to leak documents and information without getting caught by your employer’s I.T. department—or government investigators with subpoena powers. Here’s a refresher course with the most up-to-date details.
If You’re Leaking Tips or Information
Say you want to provide Gawker with information about a politician, celebrity, or other public figure. Or you want to talk about your company’s unethical practices. Or you have access to sensitive documents or revealing photos and just want to discuss their publication. Before you get in touch, this is what you want to do.
Step 1: Get on Tor
Tor is an “anonymity network” that attempts to mask an individual user’s Internet Protocol address, thereby greatly minimizing the ability of a third party to trace any online activity to that user. Tor isn’t perfect—no network can be completely anonymous—but in most cases it will make your real-world identity very difficult to ascertain. You can download the software for using it here.
Step 2: Get a Burner Kinja account
If you’re reading this, you’re already using Kinja, Gawker Media’s discussion platform. And if you click or tap “Reply” at the bottom of this post, you’ll have the opportunity to create a Burner account, which enables a user to comment and post on Kinja without being associated with a third party such as Google, Facebook, or Twitter.
Burner accounts are designed to supply sufficient anonymity to a person seeking to leak sensitive information to the public. Gawker Media immediately deletes logs of IP addresses that visit websites in its network, which in theory would prevent law enforcement officials from subpoenaing Gawker for those addresses—after all, we wouldn’t have them. Gawker Media websites are, however, connected to third-party servers operated by several companies that provide Gawker with banner advertisements and traffic analytics. Meaning, it’s still a good idea to use Tor, especially if you’re trying to provide us with information that could, later on, result in legal action.
Step 3: Sign up for an anonymous email account
Another way of contacting Gawker is via an email account registered under a fake name. Gmail, Yahoo, and Outlook are all sufficient for this purpose. If you go this route, though, you’ll want to register that account on either your own computer (less safe), or on a terminal at a public library or Internet café (more safe). In any case, don’t register or even login to the account on your work computer, or on any network where you’re being actively monitored. The same advice applies, of course, to registering a Burner account.
Step 4: Get our PGP key
PGP (Pretty Good Privacy) is a method of encrypting data to protect its contents from surveillance while being transmitted over the Internet. If you’re contacting Gawker via email, you can now use PGP to encrypt any emails sent to our main email address, email@example.com. To do so, you’ll need to download and familiarize yourself with free software that generates a pair of PGP “keys”—one private, one public—and hooks into the email program of your choosing. We recommend Mailvelope, a cross-platform browser extension that augments Gmail’s browser interface.
Gawker’s current public PGP key can be viewed here; you’ll need it to contact us using PGP. As time goes on, we may change our public key, so make sure you have the most recent one when sending anything our way.
If You’re Leaking Photos or Documents
If you want to anonymously send us photographs or documents, it’s wise to consider an additional set of precautions.
Remove Metadata: Before sending them to us, make sure you completely remove any identifying information from the actual electronic file. Known as metadata, this information often indicates who took or created a photo or document, the software used to create or edit it, the date and time of its creation, even GPS coordinates—any of which could be used to trace the leak back to you.
Use a public computer terminal: You can remove metadata using desktop software, but as we’ve noted before, the best way to send us photos or documents is to print them out at home, scan them into a public computer at a local Kinko’s or copy center, and email the file from there. (Pay in cash only.) If you use this method, be sure to shred—or discreetly burn—the pages you printed out. Modern printers embed a microscopic pattern of dots on every page they process, which are believed to reveal the make of the printer, its unique serial number, and the exact time of printing. Of course, Gawker separately ensures that anything we publish does not identify a source—but again, it’s best to be safe on your end, too.
Use the U.S. Mail: You can always send us photos, documents, or DVDs via U.S Mail, which is a (surprisingly) secure method of communication. Assuming you use an out-of-the-way U.S.P.S. mailbox and don’t include anything that identifies you, physical mail is in many cases safer than the Internet.
Our address is:
210 Elizabeth St.
New York, NY 10012
If you’re a little lost or need us to clarify anything above, jump in the comments below. Otherwise you can email us at firstname.lastname@example.org or leave a message at 646-470-4295.