what is it?

Corporate or official corruption and malfeasance can be difficult to uncover without information provided by insiders, so-called whistleblowers.

However, the proliferation of surveillance technology and the retention of Internet protocol data records has a chilling effect on potential whistleblowers. The mere act of connecting to an online whistleblowing Website may suffice to raise suspicion, leading to cautionary advice for potential whistleblowers.

The current best practice for online submissions is to use an SSL connection over an anonymizing network such as Tor. This hides the end points of the connection and it protects against malicious exit nodes and Internet Service Providers (ISPs) who may otherwise eavesdrop on or tamper with the connection. However, this does not protect against an adversary who can see most of the traffic in a network, such as national intelligence agencies with a global reach and view.

We suggest a novel type of submission system for online whistleblowing platforms that we call AdLeaks. The objective of the AdLeaks system is to make whistleblower submissions unobservable even if the adversary sees the entire network traffic. A crucial aspect of the AdLeaks design is that it eliminates any signal of intent that could be interpreted as the desire to contact an online whistleblowing platform.

For technical details, please take a look at our paper on arXiv.org. For the source code of our research prototype, please take a look at our GitHub repository.