How to send tips and information securely to The Eye
For general inquiries, contact us here:
or for tips and leaks, read below!
What makes a good tip
Good tips can take a number of forms, but often involve information that would not be readily available to a journalist or an outside observer. This includes more traditional leaks involving proof of illegal activity by an individual, such as a businessperson, elected official, law enforcement head, political action group, medical professional, influential faith leader, celebrity, or public figure. But leaks and tips can also include proof of systemic malpractice, wrongdoing, or unethical behavior by larger entities, such as companies, government agencies, nonprofit organizations, hospitals, prisons, or public works systems, among many groups.
What’s more, sometimes good tips just point to stories or policy concerns that other news outlets might miss or ignore but deserve attention and scrutiny.
A note about anonymity
Leaks and tips are rooted in trust. As such, reporters frequently agree to protect the identity of sources when they request it. We understand individuals leaking sensitive information may be putting themselves or their jobs at risk, so if we agree to keep you anonymous, we will strive to protect you and will work to prevent our organization or our reporters from being forced to disclose the identity of any sources.
If you choose to remain completely anonymous from the start, however, we suggest sending us information via physical mail.
Basic suggestions for protecting your identity
When sending The Eye sensitive information over the internet, we recommend using public WiFi, such as a coffee shop or cafe. Even more secure is the use of the Tor Browser, which makes it difficult to track your location, as well as booting off a USB/thumb drive that contains TAILS, an operating system that leaves no trace of your actions on your computer.
Other best practices include creating a throwaway email account and avoiding locations with security cameras. We encourage you not to use your work email or phone. If mailing information or documents, do not use a post office near your employer.
Also, if you are attempting to share internal documents from a government agency or another organization, be aware that some intranets track when certain documents are accessed or downloaded, and by whom. In addition, many laser printers include hard-to-see yellow “tracking dots” that indicate when a color document was printed or the serial number of the printer itself.
Other methods include taking screenshots of a document instead of printing it, or taking a photograph with another device.
Ways to send information securely to The Eye
One of the most secure options for sending information is snail mail. Officials would require a warrant to intercept and open it in transit.
When mailing to us, we recommend using a sidewalk postal box away from home or work, not including a return address, and avoiding licking any stamps or envelopes you use.
Send paper documents, or digital files (on a thumb drive or other physical media) to: email us for our address.
Signal is a free, open source messaging app with “end-to-end encryption,” meaning only the sender and the recipient can read messages, photos, videos, voice messages, documents, and calls — all of which can be sent by the app. The program logs no metadata on the communications themselves, and retains only three pieces of information: your phone number, when you registered with the service, and the last time you were active. Signal messages can also be set to “self-destruct”: after the recipient sees the message, the program can delete it after a set period of time. It does not provide voicemail, however, so it can be used for texts, attachments, and live calls.
WhatsApp is a free messaging app owned by Facebook that, like Signal, allows full end-to-end encryption when sending messages, photos, videos, voicemails (unlike Signal), documents, and calls. You can limit some account information, but WhatsApp does record phone numbers involved messages, as well as other metadata, such as message timestamps.
You can send encrypted email using Pretty Good Privacy (PGP) software. There are number of popular services that help you encrypt your emails, such as the Mailvelope Chrome/Firefox browser extension and GPGTools.
Although PGP encrypts the contents of any email you send, it does not encrypt additional metadata such as the sender, recipient, subject or information about when the email was sent (this information will be available to your email provider).
Good luck and we hope to hear from you by whatever method.