Whistleblower Safety Guide
Protect your identity before, during, and after submitting sensitive documents. Follow these operational security steps.
Before You Submit
- Use a device that is not linked to your identity — a public library computer or a device purchased with cash is ideal.
- Use Tor Browser or a trusted VPN that does not log traffic.
- Disable cloud sync and any tools that might upload files automatically.
- Strip EXIF metadata from photos before submitting — Backroom Box does this client-side, but verify independently.
During Submission
- Do not submit from your employer's network or any monitored network.
- Do not use your personal phone, work laptop, or a device that is signed into your accounts.
- Copy your receipt code somewhere safe before closing the browser.
After Submission
- Do not discuss the submission on any monitored channel.
- Use the receipt code to check status from the same type of private setup.
- If you believe you are at risk, consult a lawyer familiar with whistleblower protections in your jurisdiction.