Think! , Globaleaks

21/11/2011  New innovation case on THINK!: Globaleaks

GlobaLeaks is the first Open Source Whistleblowing Framework. It empowers anyone to easily setup and maintain their own Whistleblowing platform. It is also a collection of what are the best practices for people receiveiving and submitting material. GlobaLeaks works in all environments: media, activism, corporations, public agencies.

GlobaLeaks strives to increase accountability and transparency in our society. They are interested in fulfilling the needs of diverse public interest use cases. From usage by media to public agencies, from corporations to activists. We use the term framework to emphasize the flexibility of the GlobaLeaks platform. For example, the whistleblower will be anonymous by default, but if the whistleblower chooses to disclose their identity, the framework allows them to do so. Our belief in the importance of transparency, is a fundamental value that applies to our framework’s different contexts.

In their vision, the public should demand governments and private companies to be more accountable. People will be held responsible for their actions and Governments and private companies should realize that it is better to embrace trancparency and openess. GlobaLeaks is a framework of tools and information for societies use in adopting our shared vision of trancparency and openness. “… which of two common types of character, for the general good of humanity, it is most desirable should predominate — the active, or the passive type; that which struggles against evils, or that which endures them; that which bends to circumstances, or that which endeavours to make circumstances bend to itself.” –John Stuart Mill

Whistleblowing is a complex problem that, in our opinion, has not been properly addressed in any solution that we analyzed. Coming from a strong information security background the platform is designed to be as secure and privacy-preserving as possible. During our research we discovered a large ecosystem of whistleblowing organizations and software to support them. There are people who have been active in this field for more than twenty years and are still active. A long term example is Public Concern At Work. Some of these organizations even have different views on whether or not WikiLeaks is whistleblowing or not. They believe in the value of a range of activities and believe that tools such as the GlobaLeaks suite of software will empower people to stand up anonymously while making a change in their local context.

When setting up a GlobaLeaks node the default should be that the WhistleBlower does remain anonymous (if you are anonymous you can always reveal your identity in a second stage, the opposite is impossible). This should not, however, be a limiting factor in adoption of the tool. The Node Administrator, the person actually running GlobaLeaks software, should be able to customize the platform to suit their needs. If those needs should require them to know the identity of the WB, that is fine. GlobaLeaks is designed with flexibility in mind, while enabling maximal privacy and security by default. The technologies we use to guarantee the security and anonymity of comunications are called Tor Hidden Services.

These technologies protect both the client and the server, so that even the GlobaLeaks node can choose to not expose themselves. Both the whistleblower and node processing the submission are immune to retaliation attacks as possible.


See the original article, slides and video here.
Read the abstract here.