The problem faced was one of the most relevant in any whistleblowing platform: “how much a data receiver could trust the anonymously received data?”

We know that if an anonymous source send a block of data, it can either be:

• a person trying to hide his identity for security and privacy reasons.
• a person who is pretending to be someone else.

This is an issue that we can’t allow to damage the reliability of a service like Globaleaks, which is supposed to protect the identity of the submitter (and so keeping track of anonymous submissions has to be considered a feature and NOT a problem).

In fact, no technological solution exists: the only way to approve anonymous material is to check the effective correlation of the data. We need to verify if the anonymous data matches with the open source intelligence available, or matches with the previously collected information, in order to insert the new data into a larger picture. If the new data fit, it could be trusted. If not, it could be dangerous. This analysis could require a lot of time by the receiver, and time is a resource not always available: a technological solution can’t solve this problem, but some technical features could be helpful in speeding up the human process.

Let’s make some brainstorming. Having a notice dependent from a single source document could be a dangerous exposition for the journalist or for anyone that accept to believe an anonymous source “leaked” files. [note: leaked is intended for stolen or loss, submitted data mean normally handled by the whistleblower].

What can be the solution ? In the globaleaks point of view, that’s collaborative filtering.

Additionally, the amount of spam, invalid data, fake data, unbelievable data, incomplete data, could be high in an context [1] where whistleblowing could be in the hands of everyone.

How this collaborative filtering has been implemented ? Every receiver can express a single vote about the “pertinence” of a submitted data.

Globaleaks wants to be usable in every context: from “internal audit” of a corporation, to websites that complain about environmental abuse, to corrupted behavior in public agencies. The usage contexts are so different that maybe some features can be useful only in a specific implementation. Anyway, the collaborative filtering is something that we thought could be helpful in almost every usage. follow those example with us:

Corporate internal audit: the amount of notifications can be proportionally high based on how many employees works in the company, may increase if anonymous submission are available, may increase if no strong integrity check is performed in the submitted data. The result could bring the internal audit to be overwhelmed by not so useful submissions. How those features could be helpful ?

The feature of the feedbacks become helpful to give an answer at the whistleblower, explain if the case could be followed, in which time and steps. The (many ?) times the whistleblowing platform role has been misunderstood, the feature could be used to give a standard polite answer.

The collaborative filter could be useful to implement the escalation of the submission. Maybe the internal audit manager need to be updated only when a serious event is reported, and in the GlobaLeaks software is now possible to configure that a receiver will be notified only when a Tulip has reached a certain amount of positive votes from the first line reviewers.

Media relationship: in this context, verifying the source, collect all the possible proof before declaring a breaking news, and the possibility of exchanging information with the whistleblower are all extremely evaluable. the feedbacks mechanism, extremely similar to an anonymous comments interface, will permit to deeply explore the submitted material in order to finalize the truth.

In our opinion (but this is just an idea about journalism ethics with anonymous sources), the default point of view needs to be: “trust no one“.
Every submitted source could be an invalid, misleading and deceptive document forged by someone that wants to abuse your media power.  A journalist that aim to guarantee a precise and correct information service can use a “leaked” information only when that could fit in the previously collected and trusted intelligence, only when different sources can approve that document and by cross checking it expose the data consistency. A collaborative interface, where the reviewer and the whistleblower could (optionally) cooperate, remaining anonymous and gradually reach the truth, is an extremely important achievement.

From the globaleaks point of view, we aim to provide a software inclusive of all imaginable security, privacy and collaboration features. This software has to cover every usage in the whistleblowing context, and therefore your doubts, ideas and analysis are welcome! join
people@globaleaks.org mailing list to discuss (or cooperate, if you’re interested).

These features have been added in the last github commits. In these days, a lots of new code will be submitted, stay connected! ;)

[1] for who have no idea of what GlobaLeaks aim to be: a free software able to provide a multi purpose whistleblowing platform.