Hacker News new | ask | show | jobs
by gamblor956 2660 days ago
Whistleblower protection laws generally do not require that the "appropriate regulatory agency" be the only person to whom disclosure is made...

Publishing internal documents is the last resort after everything else has failed.

No, that's usually the first and best option once the company has been made aware of the problem and chooses not to correct it...as is what is alleged happened here. Why make vague statements that Company X ignored Problem Y when you can just provide documents proving your claims?
1 comments
AnthonyMouse 2660 days ago
> Whistleblower protection laws generally do not require that the "appropriate regulatory agency" be the only person to whom disclosure is made...

Whistleblower protection laws in some cases don't even exist and even where they do you're typically not going to have a fun time if you have to use them. When it comes down to it you do what you've got to do, but going there first rather than last is not a really great idea.

> No, that's usually the first and best option once the company has been made aware of the problem and chooses not to correct it...as is what is alleged happened here. Why make vague statements that Company X ignored Problem Y when you can just provide documents proving your claims?

For one thing, documents rarely prove anything on their own (how do you even know they're not forgeries?) without the investigatory powers needed to verify the information in them. Which the government has and Twitter doesn't.

link
gamblor956 2660 days ago
For one thing, documents rarely prove anything on their own (how do you even know they're not forgeries?) without the investigatory powers needed to verify the information in them. Which the government has and Twitter doesn't.

We don't. The government is also not the only entity that can perform forensics on purported documents. News companies do it all the time, and their are hundreds of e-forensics firms in the US and EU that could happily do it for a fee. There's also thousands of people with access to Twitter and the spare time to dig into any purported document leaks to verify them for accuracy. In fact, Twitter is a good (but not even remotely the best) way to get all the interested/competent parties aware of the documents.

link
AnthonyMouse 2660 days ago
Forensics on digital documents can be a lot of pseudo-science, especially when you're talking about text documents and spreadsheets. Legitimate documents can have as many anomalies as a half decent forgery.

Confirmation is having somebody to go to the place and see if the materials alleged to be there are actually there. Unless you're lucky enough for them to be clearly and unambiguously visible from public space, that means you need some kind of authorization to go in and have a look. A picture of an unknown container is not very helpful.

> In fact, Twitter is a good (but not even remotely the best) way to get all the interested/competent parties aware of the documents.

What's wrong with bringing them privately to the subset of the parties whose interest is in fixing the problem?

link