Protect Your Identity! Cybersecurity Whistleblower Best Practices

In the age of digital information, protecting one’s identity has become an essential concern, especially for whistleblowers. Those who take the bold step to expose unethical or illegal activities must take extra precautions to ensure their personal safety and privacy. This page provides an overview of cybersecurity best practices for whistleblowers.

Being a whistleblower is a brave act, but it also comes with risks. Here’s what you should keep in mind:

Use a Private Device
Avoid using devices owned by the government or your employer. Your personal devices may also be at risk. Ideally, use a device that isn’t linked to you in any way.

Stay Away from Work Internet Networks
Your work internet network might be monitored. It’s best to use a connection that can’t be traced back to you.

Create Alias Communication Accounts
Using fake names for email, social media, and messenger accounts can add an extra layer of protection.

Avoid Activities That Can Identify You
Stay clear of actions such as checking personal email or social media, online shopping, etc., while sharing sensitive information.

Consider Professional Assistance
If you’re unsure about reporting on your own, work with an NGO or attorney. You can submit an intake at the bottom of this page to get in touch with us.

Use Secure Communication Tools
Tools like Protonmail and its associated VPN are highly recommended for secure email communication.

In many cases, whistleblowers may need to use mobile devices. Here’s how to stay safe:

Choose the Right Mobile Phone
If possible, use a phone purchased only for whistleblowing purposes, devoid of personal information. Alternatively, use a publicly available phone unconnected to your identity.

Turn Off Tracking and Bluetooth Functions
Make sure to close all active applications and disable tracking functionalities.

Use Secure Browsers
Employ browsers like Tor or Orfox for secure reporting on your mobile device.

Employ Encrypted Text Messaging Apps
Applications such as Signal and Telegram can ensure your text messages remain confidential.

Internet cafés and public WiFi spots offer anonymity but also have their challenges:

No ID Requirement
Ensure that the location doesn’t require valid identification before using their services.

Utilize Secure Operating Systems or Browsers
Downloading Tails or the Tor browser bundle to a USB drive adds a layer of security.

Be Aware of Your Surroundings
Ensure no one can see your screen without your noticing.

Log Out Completely
Always log out of all accounts and remove all devices and software after use.

If you’re facing challenges in securing your identity as a whistleblower, professional assistance is available. You can submit an intake using the form below to request a free and confidential case evaluation from one of our whistleblower attorneys.