Individual FAQ
Our anonymous whistle-blowing portal is a platform where sources can create anonymous accounts, submit files and messages, and check back for replies.
Get the Tor Browser
Our anonymous whistle-blowing website is available as a Tor Hidden Service, which is a special type of website with a web address that ends in “.onion” and that is only accessible through Tor.
If there is a chance that downloading the Tor Browser raises suspicion, you have a few alternatives.
Tor is an anonymizing network that makes it difficult for anybody observing the network to associate a user’s identity (e.g. their computer’s IP address) with their activity (e.g. uploading information to our whistleblowing website).
The Tor Browser is a modified version of the Firefox web browser designed to protect your security and anonymity while using Tor.
- The easiest and most secure way to use Tor is to download the Tor Browser from the Tor Project website https://www.torproject.org/download/.
- If you have email that is less likely to be monitored, you can send a mail to gettor@torproject.org and a bot will answer with instructions
- If you routinely use GitHub, you can use it to download the Tor Browser
Choosing the Right Location
We suggest you buy a new USB key and install Tor Browser on the USB Key. There are two main benefits to installing Tor to a USB drive.
First, since it runs off of the USB and not the computer itself, there is literally no trace of Tor or your browsing history present anywhere on the PC.
Secondly, this makes your Tor browser completely portable: simply take it with you and launch from any Windows machine.
Guides on how to install Tor Browser are available online – for example, at the following:
https://www.maketecheasier.com/install-tor-browser-usb-drive/
https://www.youtube.com/watch?v=-0knaUdsO3s
Find a busy co-working place or cyber cafe you don’t regularly go to and sit at a place with your back to a wall to avoid cameras capturing information on your screen or keystrokes.
Once you have the Tor Browser, launch it and enter the “.onion” address for the Source Interface of the organization that you wish to submit to. You can find this address on the organization’s Landing Page.
While using the Tor Browser on your personal computer helps hide your activity on the network, it leaves traces (of its own installation) on your local machine.
Open the Tor Browser and navigate to the .onion address for our anonymous whistle-blowing interface.
Follow the prompts. In some cases, some information is required to enable you to submit a report. These should not expose you if you do not submit unique information that is accessible to only you or a small closed group of employees.
When your submission is ready, click Submit. After clicking Submit, a confirmation page should appear, showing that your message and/or documents have been sent successfully. On this page you can make another submission or view responses to your previous messages.
You will then be passed to a page with a passcode on it.
- The best way to protect your passcode is to memorize it.
- If you cannot memorize it right away, we recommend writing it down and keeping it in a safe place at first, and gradually working to memorize it over time.
- Once you have memorized it, you should destroy the written copy.
- It is extremely important that you both remember this code and keep it secret.
After submitting your report, you will need to provide this code to log back in and check for responses and see the progress of actions relating to your report.
You need to be aware about and protect yourself from the following ways in which you anonymity could be compromised.
Environmental factors – physical location and/or his social relationships
If you the office or a cyber which you frequent, you may be exposing yourself to those who know or understand what you actions may mean:
- Access the Tor browser website;
- Down-load the Tor browser; or
- Access the whistle-blowing portal.
If you tell your friends or colleagues about what you intend to do or have done, you will not be able to remain anonymous.
Human negligence
The System Administrator continually fine tunes the security related configurations but cannot protect against any major security threats coming from human negligence.
Even though we provide a HTTPS website, whenever you submit a report on the whistle-blower portal through a normal commercial or open-source browser, you compromise your anonymity.
The way in which you submit your information and the uniqueness of the information you hold may cause you to be identifiable. As much as a possible, use information that is publicly available.
Any information you hold outside of the whistle-blower portal must be encrypted and properly secured. Being found in possession of your reported data may compromise your anonymity.
The dangers of traditional whistle-blowing are many and varied as shall be discussed below. Traditionally, Whistle-blowers are often ostracized in their companies and face the dilemma of protecting their employer or stepping forward when something inappropriate is going on.
Traditional Whistle-blowing Challenges Trust
Whistle-blowing can lead to a breakdown of trust. Companies typically prefer that employees use internal communication systems if they are uncomfortable with activities going on in their departments or the company. This gives the company a chance to monitor itself internally before the employee decides to go elsewhere. If trust breaks down between managers and employees, tension and effective working relationships among employees become challenging.
At Wise & Kell, we have provided a means for our employees, Associates, Contractors, Suppliers, Clients and the General Public to blow-the-whistle anonymously as part of our internal communication systems.
Traditional Whistle-blowing prompts Retaliation
Whistle-blowers may face hostility and resentment from peers and superiors. A whistle-blower may get the cold shoulder or be treated like a “rat” or “snitch.” This culture of retaliation creates a hostile workplace for the whistle-blower and distracts employees from their tasks.
At Whistleblower Services, we encourage our clients to not tolerate isolation, retaliation and / or ostracizing of whistle-blowers because we want to be unscrupulous in our dealings. We encourage the use of an internal whistle-blowing mechanism.
Traditional Whistle-blowing breaks the Chain of Command
Whistle-blowing may take place because the employee feels like his supervisor or other company leaders do not his message seriously. Other whistle-blowers bypass the chain of command because they fear repercussions for going against the company. The hazard if employees routinely ignore the chain of command in communicating issues or concerns is that it negatively affect this important system of management and authority.
At Whistleblower Services, we encourage a culture that encourages employees to communicate concerns internally and anonymously to avoid potential degradation of respect for management.
Whistle-blowing behavior has tended to bring legal or market-related consequences for the organization. If the organization and its leaders knowingly participate in or endorse illegal or unethical activities, they might expect to face fallout if word gets out. Employees in an organization that do not participate in or have no awareness of inappropriate activities are typically affected if the company faces legal claims or public backlash.
The custodians of the whistle-blower portal are usually include the senior-most executive in our client companies. The list of Whistleblower reports and status update of all submitted whistle-blower reports is usually reviewed quarterly at the Chief Executive level.
In the event that the senior-most executive or other executive is a subject of the whistle-blower report, we ask and encourage our client boards to discuss the matter in the absence of the chief executive or respective executive.
As mentioned before, Whistleblower Services are committed to assisting clients to investigate whistle-blower reports, communicating the findings to the submitter and taking action over any identified infractions of the Company policies or Laws of the jurisdictions where we operate.
Should our client fail to effectively and expeditiously investigate and communicate findings of whistle-blower reports, you the whistle-blower is not restricted from going public out of dissatisfaction with the client whistle-blowing process.
We hope to demonstrate our commitment to the process and therefore exceed your expectations through this process.
Whistleblower Services encourages our clients to protect you if you are identified as a whistle-blower that is facing harassment, hostility, resentment and or retaliation.
We advocate for a Policy on Violence and Aggression at Work also applies in this instance and anyone found acting contrary to this policy shall face disciplinary action in line with the policy.
If, for example, the whistle-blower portal options force you to blow your anonymity, STOP your submission and “go back” to clear the information you had already typed in.
You can then submit a complaint directly through the whistle-blower portal. We discourage the submission of positive feedback on the whistle-blower portal because every access you make of the system is a potential exposure.
The recipient of the report is encouraged to always get back to you within the initial 48 hours of your report submission and continually update you on the road-map and expected timelines to completion of the next few phases of the process.
If you are not receiving adequate or expected feedback on the report you submitted, you may also raise a complaint. Please also note that the specific feedback provided may be subject to legal review that may limit direct mention of specifics.
Our typical response time on your complaints is between 24 and 72 hours depending on the nature and technical complexity of the problem.
