How to blow the whistle to us without blowing your cover

Holding powerful people accountable for corruption, waste, abuses of power, fraud, and other illegal or unethical acts – in Washington and outside it – is what we do. But we don't do it alone.

We want to know if you see or hear something wrong. With SecureDrop, you can blow the whistle – by sending us information, messages and tips as well as evidence including copies of e-mails and other official communications, videos, files, and documents —while shielding your identity.

What is SecureDrop?

Using The Center for Public Integrity's SecureDrop, whistleblowers can communicate with our reporters and send them documents and messages more securely than with traditional electronic methods. It's easy to use, but less public than regular e-mail, phone calls, web or other electronic communications. Information is encrypted and even we won't know your real identity, unless you want to tell us.

How do I use SecureDrop?

1. Download and install software to access the Tor network.

Visit a location with public WiFi, such as a coffeeshop, preferably one you don't frequent. Download and install Tor from

For higher security, don't:

  • bring your cell phone or any other devices with wireless internet or cellular service.
  • use your home or work networks to download the Tor software or upload information to us.
  • use a work or government computer.
  • download or link to files, including video/audio, streaming services and documents; any of these may reveal information about your computer or your connection to eavesdroppers.

For even more security, you can use the Tails operating system, which is designed to run from a DVD or USB drive without leaving traces on your computer and includes the Tor browser.

2. Use the Tor browser to navigate to our SecureDrop site v2d6nf2nsvvbgaqe.onion, which is similar to a normal web page.

Follow the instructions on the page to submit information.

3. If this is your first time submitting to us, the system will randomly assign you a code name.

Save your assigned code name so you can keep communicating with us. You'll need it to log back in to SecureDrop to submit more information under the same identity and to see our responses. It's our only way to stay in contact with you. We recommend copying your code name on paper, rather than storing it electronically.

Other ways to securely contact The Center for Public Integrity:

1. Send an encrypted email to one of our reporters using their PGP key.

2. Send us a package or letter with no forwarding address via U.S. mail. Use a mailbox located away from your regular routine, not a post office.

Our address (don't add anything extra here to the label; it may call unwanted attention to your package):

The Center for Public Integrity
910 17th Street NW
7th floor
Washington, DC 20006

Why use SecureDrop?

Surfing the web, sending emails or text messages, and phone conversations all leave traces that could expose your identity and reveal who you're communicating with. Regular email and other electronic messages aren't protected;  they can be captured, monitored and even altered by anyone with moderate-level technical know-how, including governments, corporations and individuals.

All connections to SecureDrop are encrypted using the Tor network. Tor helps shield what you're doing and your identity from anyone who may be monitoring your internet connection or ours.

Messages, files and other content you send through SecureDrop are all saved in encrypted form. To decrypt whatever you've sent, our reporters will  transfer it via USB keys to computers that aren't connected to the internet. These computers will also be used to encrypt our replies before being transferred back to SecureDrop, again via USB key. Even if someone hacks into our SecureDrop system or the computer hardware is seized, messages or files you send should still be protected.


The Center for Public Integrity's SecureDrop system is under our physical control and separate from the rest of our office network and our website. Neither The Center for Public Integrity nor any third parties will be able to record your IP address or information about your browser, computer or operating system.

We want to keep your identity safe, so we recommend you follow the safeguards we've outlined. However, no system is completely secure.  Among other things, if your computer is compromised, through a virus or other means, your communications may be compromised as well. The system is provided on an “as is” basis, with no warranties or representations, and any use of it is at the user's own risk.

About SecureDrop

The SecureDrop software we use is an open-source project, maintained by the Freedom of the Press Foundation.