The International Consortium of Investigative Journalists encourages whistleblowers everywhere to securely submit all forms of content that might be of public concern - documents, photos, video clips as well as story tips.
We accept all information that relates to potential wrongdoing by corporate, government or public service entities in any country, anywhere in the world. We do our utmost to guarantee the confidentiality of our sources.
Our motives are squarely aimed at uncovering important government and corporate activities that might otherwise go unreported, from corruption involving public officials to systemic failure to protect the rights of individuals. Journalists from the relevant countries will evaluate and pursue all leads and content submitted and, if merited, report on these issues.
ICIJ currently uses version 0.3.5 of the secure whistleblower submission system supported by the Freedom of the Press Foundation.
Contacting ICIJ through our encrypted SecureDrop server is a way to share documents and messages with ICIJ that allows you to protect your identity, even from us.
There are a number of precautions you can and should take to protect yourself before using our SecureDrop system. For example, you should not use it directly after viewing this page. Instead, you should write down the instructions and onion URL below, then move to a different network to the ones you usually use (a public wifi network with no password is best) to begin the process. The below instructions represent the minimum requirements in order to access our SecureDrop service:
ICIJ takes source protection very seriously. When you use our SecureDrop service, we will not collect any identifying information from you (like your IP address, location, or browser details), nor will we deliver persistent cookies to your browser or embed any third-party services on our SecureDrop pages. All information you provide will be stored encrypted, and will only be decrypted on an air-gapped machine that never connects to any networks.
Despite these security measures, no online system is perfect, and use of the service is at your own risk.
ICIJ also uses PGP encryption: our public key can be found on the MIT Public Key Server (fingerprint:
986A 572D 3B95 BD42 331E 839A B532 F18C 2A17 696B); our email address is email@example.com.
There are a number of basic safety measures you can take to protect yourself when providing sensitive or confidential information. For instance, details of phone calls made from a large building are often recorded on the building's electronic systems; details of mobile phone calls are routinely collected by providers and government authorities; and details of network access and internet use can be recorded and stored at a number of junctions along the way. It is safer to use a public phone when contacting a reporter, just as it is safer to use an internet cafe when sending files.
Ultimately, we feel that no electronic form of communication is entirely secure - sometimes the safest ways are the old-fashioned ways. You can post printed documents, or electronic files on a portable storage device (a thumb drive, hard drive, memory card, DVD, CD, etc.) directly to ICIJ at the below address.
910 17th Street NW,
Washington, DC 20006, USA