Press "Enter" to skip to content

Launch: Our Open Source PGP Whistleblower Tool Is Now Public on GitHub

Strength in solidarity. The iconic handshake from Predator (1987) reimagined as a symbol of mutual trust and unity for whistleblowers and their allies. Credit: 20th Century Fox / 20th Century Studios.

Today we are proud to launch the source code for our encrypted submission tool. You no longer need to take our word for it. You can see exactly how it works, host your own version, or fork it for your organisation.

Why We Opened It

Transparency is a principle, not a marketing gimmick. By publishing whistleblower-pgp-tool on GitHub, we invite scrutiny, adoption, and evolution. We want to make this tool available to any person, newsroom, campaign or NGO who needs secure, private tip submission.

What You Get

  • Browser-side encryption using your public PGP key (no server decryption)
  • A simple HTML and JavaScript template you can drop into any static site
  • Clear instructions to swap in your own PGP public key and email, never your private key
  • No logins, no tracking, no analytics, just pure privacy

How to Use It

  1. Go to the GitHub repo: ReasonableMedia/whistleblower-pgp-tool
  2. Clone or fork it to your own project or site
  3. Replace the placeholder email and public key with yours
  4. Deploy the HTML and JS page on your host (GitHub Pages, Netlify, your server, etc.)
  5. Test by encrypting a sample message and decrypting it yourself

Security Note: Essential

Do not ever include the private key in your code. Only public keys belong in the repository. If you ever expose your private key, everything encrypted with it becomes readable by anyone who has it.

Who This Is For

Journalists, small NGOs, independent researchers, internal teams, anyone who wants to accept encrypted tips without relying on third party services. This is not just theoretical. We use this tool ourselves on trsa.org.uk/whistleblower.html.

Get Started

Visit the repo: ReasonableMedia/whistleblower-pgp-tool
Read the README. Follow the steps. Fork it. Make it your own. Help build a safer, more transparent web.

Be First to Comment

Leave a Reply

Your email address will not be published. Required fields are marked *