[mindslight]

Tangential and more applicable to a different style of leak, but I'd be interested in seeing the development of some protocol ideas for authenticating leaks to gain confidence the leaker is actually within a given organization. Otherwise we're left not knowing if a casual leaker is for real or just entertainment twitting.

One rough idea is that large organizations make specific press releases or announcements, that a precommitment could demonstrate privileged access to.

Another idea would be inclusion of some internal communication, which other members of the organization could confirm. This would require those other members to be sympathetic to the leaking, and also not worried about reprisals for speaking publicly like so. This probably isn't useful on its own, but the basic mechanism could be combined with other means to derive utility without public attestation.

The biggest issue is (of course) an adversarial organization subtly changing to-be-published information, to sniff out the actual leaker. Which is why I'm envisioning the need for some formality that could quantify and mitigate such leakage.