Within the first week of the administration of President Trump, often-conflicting reports trickled out from government agencies about explicit or tacit requests to withhold information from the public. A memo at the Department of Agriculture halting the release of documents. A shutdown of a government Twitter account for over an embarrassing retweet. A report from Reuters (denied by the administration) that the Environmental Protection Agency was told to remove a page about climate change.
Much of this is murky. Coupled with the administration’s unwillingness to accept demonstrated points of data and with the government’s existing efforts to tamp down on leakers, however, it seems very possible that the next four years could be marked by critical information being kept under lock and key in executive branch offices.
This is precisely why The Washington Post and other news outlets created systems to allow government employees to leak information as securely as possible. We reached out to Trevor Timm of the Freedom of the Press Foundation, which helped set up The Post’s system to explain how it works.
The tool is called SecureDrop, and can be accessed here. Or, rather, that page includes instructions on how to use it. The system takes advantage of something called The Onion Router, or Tor. Tor is a system by which Internet traffic is routed through a number of servers on its way to a destination, akin to driving to various safe houses and switching cars and outfits before getting to your final destination. Except that thousands of other cars and people in thousands of other outfits are doing so at the same time, making tracking any one of you that much more difficult. Tor encrypts information and passes it through this system so that it’s very difficult to connect a user to a destination.
Using a special browser (which you can download here), you navigate to a URL that won’t work in a regular browser. There, you are presented with the SecureDrop homepage.
If you don’t already have a code name, you’re given one. This allows you to maintain contact with a reporter at The Post if you wish to do so. All of the other information about you is lost through the Tor-SecureDrop system: No IP address, no browser information — no nothing.
Once you have a code name, you can send messages and files to reporters.
The connection is solely between you and The Post. “There are no third parties involved in SecureDrop,” Timm explained, “so the government can’t secretly subpoena Google for the news organization’s information, or they can’t secretly go to AT&T and get any information on SecureDrop. They would have to subpoena the news organization directly, who can fight it and refuse to comply.” (News organizations routinely fight such subpoenas, citing the First Amendment protections of the free press.)
Those are the basic mechanics. But it’s not that easy.
You can’t — or shouldn’t — simply fire up the Tor browser from your Department of Energy computer and start shipping files to The Post. Timm recommends a bit more surreptitiousness.
“The first thing you’re going to want to do is not use a government computer and take a personal computer — or even a new computer — and go to a public WiFi spot, like a Starbucks or at a hotel or anywhere where the Internet is open for public use.” Once there, install the Tor browser and make the connection. That raises the question of how you get the files from your office to that Starbucks, should you want to leak files. Timm pointed out that every government agency has different protections and systems that would make this more or less hard to do. As is probably obvious, sending the documents over email is not recommended. Things like thumb drives can be helpful here. (Update: An emailer notes that thumb drive use can also be tracked; usb-er beware.)
Timm was quick to note that leaking government documents is extremely risky.
“I think the first thing that anybody should do is be very aware of the government’s powers to figure out who you are and try to retaliate,” he said. “Part of the reason that we develop and maintain SecureDrop is because we’ve seen the government over the past six or eight years use their surveillance capabilities to root out sources who are using email and phone calls.”
There exists a program within the government called Insider Threat. The FBI even has a pamphlet explaining how to detect and track possible spies within the government. But the program isn’t meant only to track and unearth spies — it also aims to curtail the sort of leaking that allows news organizations to detail the inner-workings of the government.
It’s not only tracking Internet behavior that would allow the government to figure out who leaked a document. If you have one of three copies of a file that ends up on our front page, it won’t take long for the government to reach out.
“There is no such thing as perfect security,” Timm said. “We try to make SecureDrop as safe as possible, and we certainly think it’s safer than phone calls or emails. But the government has billions of dollars of intelligence agency resources.”
“It’s important that people realize that whistleblowers are really doing a very brave and courageous thing,” he added, “and there’s never a guarantee that they won’t get caught.”
Sometimes, though, the need to ensure public awareness of information makes that risk worth taking. Coupling the SecureDrop system with The Post’s willingness to defend our sources, we do the best we can to provide the best protection available.