|
|
|
|
|
|
by wyck
4800 days ago
|
|
|
Protect your sources by all means necessary if you want to built trust, the technology is in place to do this, the legal footing on the other hand can be tricky. You should host your servers in a country that has a solid legal framework in place to protect your data, Iceland for example. Honestly consult a lawyer who specializes in this, it is a legal issue and not a tech one. The real problem is vetting your material, you will need to analyse and verify submissions before posting using real people, there is really no alternative when lives are at stake. This is the reason wikileaks collaborates with researchers and journalists, and there is an entire approval process. I must stress this point, you MUST have due diligence on your sources or else don't even bother. Also keep in mind that several countries make anonymous services very difficult to use and even so they still might be monitored, you need to enable multiple avenues of submission and do a really good job at informing your user base on which is best. You should have a very solid and dynamic server setup that can withstand attacks/DDos and domain name/ISP related takedowns. tl;dr Learn from all the issues wikileaks had with tech and submissions and how they overcame these challenges. |
|
|
Vetting a leak is easy. Vetting an accusation of bribery is next to impossible unless you're an undercover policeman and catch the bribed person red-handed (or, the building/exchange place is under CCTV surveillance).