Most Government Whistleblower Hotlines Don’t Even Use HTTPS 

Most Government Whistleblower Hotlines Don’t Even Use HTTPS 

The US government is failing to adequately protect its whistleblowers, with dozens of its agencies’ whistleblowing channels — including the Department of Homeland Security and the Department of Justice — leaving sensitive information vulnerable to attacks.

According to a report from the American Civil Liberties Union, at least 29 inspectors general hotlines fail to use HTTPS, the secure hypertext protocol used to protect against hackers:

When individuals use these official whistleblowing channels to report waste, fraud or abuse, the information they submit is transmitted insecurely over the internet where it can be intercepted by others. This not only puts the identity of whistleblowers at risk, but also the confidentiality of the information they provide to inspectors general.

In addition to recommending that all 29 inspectors general hotlines upgrade to HTTPS as soon as possible, the ACLU recommended a number of other ways to ramp up security for whistleblowers, including use of SecureDrop, a software designed to help people share sensitive information.

SecureDrop is already used by a number of news organisations to provide a safe way for people to report fraud, abuse, and crime without risking exposure — outlets like The Washington Post, The Guardian, and, yep, Gawker Media.


The Cheapest NBN 50 Plans

It’s the most popular NBN speed in Australia for a reason. Here are the cheapest plans available.

At Gizmodo, we independently select and write about stuff we love and think you'll like too. We have affiliate and advertising partnerships, which means we may collect a share of sales or other compensation from the links on this page. BTW – prices are accurate and items in stock at the time of posting.