Wall Street Journal, Al-Jazeera endanger whistleblowers with misleading Wikileaks copycats
June 10, 2011 - Comments Off
Large media outlets including the Wall Street Journal and Al-Jazeera have created copycat anonymous disclosure programs modeled after the website Wikileaks, hoping to harness the website’s recent success in inspiring those with access to privileged information to anonymously blow the whistle on corporate and government misconduct. Shortly after their inception, however, these copycat programs have come under criticism by whistleblower advocates for lacking any substantive degree of technical or legal anonymity protections for their users, despite appearances, leaving them vulnerable to retaliation.
In May the Wall Street Journal launched their SafeHouse program, which similarly describes itself as a “secure uploading system” with “separate servers,” and two layers of encryption, so that users can “securely share documents with the Wall Street Journal,” and purports to discard of the users information “as quickly as possible.” Reviews of both the legal and technical dimensions of the program have found SafeHouse to fall far short of these promises. Third parties have already successfully extracted user information in order to demonstrate SafeHouse’s faulty security. Procedurally, SafeHouse users must explicitly request that their identity be kept confidential, and that can only be guaranteed by submitting a confidentiality request, which is not itself confidential. On the legal side, SafeHouse’s terms of service reserve the right “to disclose any information about you to law enforcement authorities,” and even to any “requesting third party,” not only to comply with the law, but also “to protect the property or rights of Dow Jones or any affiliated companies,” and to “safeguard the interests of others.” The Terms of Service further specify that, in uploading to SafeHouse, the user agrees that their actions “will not violate any law, or the rights of any person.”