# Privacy stack for whistleblowers in 2026

> Source: https://fuckyc.org/guides/privacy-stack-for-whistleblowers/
> Published: 2026-05-12 · Last verified: 2026-05-12

A practical privacy stack for whistleblowers handling sensitive material in 2026 — device, network, intake, communication, document handling, and the legal-practical context.

## TL;DR

Use **Tails OS** on a USB key from a clean device for any session that touches whistleblowing material. Submit documents through the recipient's **SecureDrop** instance over Tor; never via email or messenger. Communicate with the journalist only through SecureDrop or **Signal** with a number unlinkable to your identity. Use **OnionShare** for ad-hoc transfers. Store any retained material in a **VeraCrypt** container with a strong passphrase you remember mentally. Keep a separate compartment from your day-to-day identity — different device, different network, different time. The most important practice is not the tools but the discipline of never mixing the whistleblowing compartment with your real-name life.

---

Whistleblowing carries some of the highest personal stakes of any privacy use case in this directory. The legal regime varies enormously by jurisdiction and sector; the technical posture has to assume a determined investigation. This guide describes the operational stack that newsrooms and whistleblower-support organizations converge on. It does not replace legal advice or operational training.

If you are about to act on something material, talk to a lawyer who specializes in whistleblower law in your jurisdiction *before* you take operational steps. The lawyer-client privilege gives you a confidential channel to think the decision through.

## Threat model

The whistleblower's adversary set is uniquely broad:

- **Your employer or the institution you're disclosing about** — has access to your work devices, work accounts, work network, and possibly your work-issued phone.
- **State investigators** with subpoena power over operators in your jurisdiction.
- **Pattern-of-life analysts** who can correlate your physical presence, your network activity, and your communications across compartments.
- **The publication's downstream adversaries** — anyone who can compel the publication itself to disclose source information.

The defensive posture is to give every one of these adversaries nothing to find. That means strict compartmentalization and a stack built so that no operator in the path holds anything that can identify you.

## The stack

### Device and operating system

The single most important choice. Options, from strongest to most convenient:

- **[Tails](https://tails.net/)** on a USB key, booted from a clean (personally-owned, never-work-attached) laptop. All traffic routed through Tor by default; nothing persists to disk; ships with the privacy stack pre-configured. The default for high-stakes whistleblowing.
- **[Qubes OS](https://www.qubes-os.org/)** on a dedicated machine, with strict VM compartmentalization. More convenient for ongoing work but requires you to maintain the discipline of never using the wrong VM for the wrong purpose.
- **A dedicated laptop** running a hardened Linux distribution (Debian, Fedora) with full-disk encryption. Acceptable when Tails is impractical and Qubes is too complex.

Never use work-issued devices. Never connect personal devices to work networks. Never log into your real-name accounts on the whistleblowing device.

### Network

- **[Tor Browser](/services/tor-browser/)** for any session on the whistleblowing compartment. Tails routes all traffic through Tor by default.
- **[Mullvad VPN](/services/mullvad/)** if Tor is too slow or blocked on the network you're on. Account-number signup, cash by mail.
- Public Wi-Fi (library, café) on the dedicated device adds a network-layer compartment but creates physical-presence risk; use sparingly.

### Document submission

- **[SecureDrop](https://securedrop.org/directory/)** is the gold standard. The Freedom of the Press Foundation maintains a directory of every publication running an instance. Tor-onion-service intake, multiple layers of cryptographic protection between the submitter and the journalist's identity. Used by The New York Times, The Guardian, ProPublica, The Washington Post, The Intercept, and dozens of others.
- **[OnionShare](/services/onionshare/)** for direct file transfer with an already-known journalist contact. Runs a temporary Tor onion service from your machine; no operator in the path.
- **Signal attachments** for small files via an already-established secure contact, with disappearing messages on.

Never submit via email. Never submit via Slack/Teams/Notion/Google Drive. Never use the publication's general contact form — those go to the marketing team, not the security desk.

### Communication

- **[Signal](/services/signal/)** with disappearing messages (1 day or less for active correspondence). Register from a number that is not bound to your real-name SIM — a no-KYC eSIM ([Silent.link](/services/silent-link/) for data, [JMP.chat](/services/jmp-chat/) for an inbound number), an [SMSActivator](/services/smsactivator/) leased number for one-shot Signal registration on a country you choose, or a cash-prepaid SIM in jurisdictions where that's still possible.
- **[SimpleX](/services/simplex-chat/)** for journalists who specifically request no-phone-number contact.
- Never communicate from your real-name accounts or your real-name phone, even encrypted.

### File handling

- **[VeraCrypt](/services/veracrypt/)** containers for any retained material. Strong passphrase you remember mentally; never written, never typed into a password manager that syncs to cloud.
- **[KeePassXC](/services/keepassxc/)** for credentials related to the whistleblowing compartment. Local-only vault file kept on the encrypted USB or VeraCrypt container.
- **Air-gapped photography** of physical documents — disable image cloud sync on the camera device, strip EXIF metadata before sharing (Tails has built-in tools for this).

Never email materials to yourself. Never save to cloud storage that isn't end-to-end encrypted with a key you hold. Never put materials on the same drive as your real-name life.

### Email (if needed)

If you have to maintain an email account for the compartment:

- **[Proton Mail](/services/proton-mail/)** with signup over Tor. Use a username chosen from random words, not any name from your real life.
- **[Tuta](/services/tuta/)** as an alternative with default-on encryption.
- Use **[SimpleLogin](/services/simplelogin/)** aliases when interacting with any service that asks for an email.

### Compensation and travel (advanced)

In rare cases where compensation or relocation is part of the disclosure plan:

- Crypto via [Monero](/services/monero/) is the only practical privacy-preserving payment route. Receive into [Feather Wallet](/services/feather-wallet/) on the whistleblowing device. Do not convert to local-currency cash from an exchange you have ever passed KYC at.
- Travel by routes that don't create immutable identity records — train rather than plane where feasible; cash for accommodation rather than card.

## Operational hygiene

The single most important practice is **compartmentalization discipline**. Every time the whistleblowing compartment touches the real-name compartment — same Wi-Fi, same device, same time-of-day pattern, same writing style — the protection weakens. The cryptographic posture only works if the operational posture is intact.

A few practical rules:

- Do whistleblowing work at unusual hours on the dedicated device.
- Don't carry the dedicated phone with your real-name phone — co-location across multiple sessions is identifying.
- Don't sign into your real-name accounts (any of them) on the dedicated device. Ever.
- Don't reuse usernames, writing tics, or interests across compartments — stylometry and pattern matching are routine.
- If you have to take notes for yourself about the disclosure plan, write them by hand on paper that doesn't go home.
- Have a destruction-and-walk-away plan. If the worst happens, the dedicated device should be physically destroyable and not contain the only copy of anything you need.

## What this stack defeats

- Subpoenas to the publication's SecureDrop operator — there is no identifying record to surrender.
- Subpoenas to Signal, Proton, or Mullvad — the operators do not have content (Signal), have only what you let them have (Proton with E2E), or have no customer data (Mullvad).
- Network-level observation of your activity — Tor defeats the network adversary for the whistleblowing compartment.
- Forensic examination of the dedicated device — Tails leaves nothing on disk.

## What this stack does NOT defeat

- Co-worker accusations or internal-investigation pattern matching. The strongest opsec cannot fix human-source attribution.
- Coercion or physical surveillance.
- Endpoint compromise of the dedicated device. Sandboxing and air-gapping are bounded.
- A nation-state adversary with global-passive-collection capability and the political will to use it. Tor's threat model includes this caveat.
- The legal regime in your jurisdiction. Privacy posture is not legal armor. Whistleblower protections vary; some disclosures are protected and some are crimes.

## Before you act

- Talk to a lawyer who specializes in whistleblower law in your jurisdiction, under attorney-client privilege, *before* taking operational steps.
- Read the publication's SecureDrop instructions in full from the dedicated device before submitting anything.
- Have a destruction-and-walk-away plan for the dedicated device.
- Decide what you are and are not willing to disclose, in advance. Reconsidering mid-leak is risky.

## See also

- [SecureDrop directory](https://securedrop.org/directory/) — every publication running an instance.
- [Freedom of the Press Foundation — training](https://freedom.press/training/) — operational training resources.
- [Privacy stack for journalists](/guides/privacy-stack-for-journalists/) — the other side of the same channel.
- [Privacy stack for activists](/guides/privacy-stack-for-activists/) — adjacent threat model.
- [Operational privacy — combining tools](/guides/operational-privacy-combining-tools/) — the layered model.


## FAQ

**Q: What's the single highest-value practice?**

Compartmentalization. The whistleblowing compartment — device, network, accounts, contact methods — should never overlap with your real-name compartment. The most common way whistleblowers are identified is mixing the two, not breaking the cryptography.

**Q: Should I contact the journalist directly?**

No, not initially. Use the publication's SecureDrop instance (or equivalent secure submission system) as the first contact. SecureDrop runs on Tor with multiple layers of cryptographic protection between you and the recipient's identity. Direct contact (email, Signal, social) is fine after a secure channel is established for routine follow-up, but the first hop should be SecureDrop.

**Q: Can my employer detect me reading whistleblower-related content?**

At work or on work devices, assume yes. Network DPI, endpoint management, and web filtering are routine in corporate environments. Do whistleblowing research and document handling on a separate device on a separate network. Never on the work laptop, never on the work Wi-Fi.

**Q: How do I document something without leaving a trail?**

Photograph with a phone whose images don't sync to a cloud you don't control. Use a clean USB drive (VeraCrypt-encrypted) for files. Do not email materials to yourself. Do not save to corporate OneDrive/Google Drive/Dropbox. Air-gap as much as your situation permits.

**Q: What about legal protection?**

This guide is operational, not legal. Whistleblower legal protections vary by jurisdiction, sector, and type of disclosure. The Government Accountability Project (US), Whistleblowing International Network, and country-specific bodies provide legal guidance. The Freedom of the Press Foundation maintains a list of publications with secure submission systems.

**Q: What if I'm already in contact with a journalist via insecure channels?**

Treat that channel as compromised. Switch to a secure channel as soon as possible — SecureDrop if the publication has one, otherwise Signal with a freshly-registered number on a clean device. Do not refer to the prior insecure conversation in the new channel.

## Sources

- [SecureDrop — directory of publications](https://securedrop.org/directory/) — accessed 2026-05-12
- [Freedom of the Press Foundation — training](https://freedom.press/training/) — accessed 2026-05-12
- [Government Accountability Project](https://www.whistleblower.org/) — accessed 2026-05-12
- [Tails OS](https://tails.net/) — accessed 2026-05-12