Skip to content
Chimera readability score 0.5793 out of 100, reading level.

You are here: Home > News and Commentary > How to Leak Under the Trump Administration
For Whistleblowers, Journalism and Democracy
Launched by the Institute for Public Accuracy in June 2014, ExposeFacts.org represents a new approach for encouraging whistleblowers to disclose information that citizens need in order to make truly informed decisions in a democracy. From the outset, our message is clear: “Whistleblowers Welcome at ExposeFacts.org.”
ExposeFacts aims to shed light on concealed activities that are relevant to human rights, corporate malfeasance, the environment, civil liberties and war. At a time when key provisions of the First, Fourth and Fifth Amendments are under assault, we are standing up for a free press, privacy, transparency and due process as we seek to reveal official information—whether governmental or corporate—that the public has a right to know. More information
Institute for Public Accuracy
1714 Franklin Street #100-133
Oakland, CA 94612
info@exposefacts.org
[Please note: not secure communication]
Site by redkitten.com & nigelparry.net
How to Leak Under the Trump Administration
By Nikita Mazurov: The Intercept
President Donald Trump doesn’t have fond feelings for whistleblowers.
During his first term, Trump’s Justice Department carried out a clandestine spying operation to try to catch leakers. On the campaign trail, Trump on multiple occasions threatened to arrest journalists who don’t reveal their sources — and suggested they should be raped in prison until they give up names.
For those who want to speak out against wrongdoing within the U.S. government, it has never been more critical to take steps to keep themselves safe. So we compiled these best practices for leaking information in public interest under the Trump administration.
Don’t Call or Text
Phone calls and text messages are convenient, but they aren’t safe for whistleblowers. As outlined in a December report from the Office of the Inspector General, the Justice Department in Trump’s first term repeatedly utilized “compulsory processes” — which include subpoenas, search warrants, and court orders — to request “non-content communications records” from phone carriers serving journalists at CNN, the New York Times, and the Washington Post. The requests were for both the reporters’ work numbers and their personal numbers.
Non-content records don’t include the communications themselves — such as copies of text messages or voicemails. Instead, government investigators were keen to gather metadata pertaining to the communications: for instance, who sent a message or made a call to a journalist’s phone and at what time.
Even if the contents of the conversation are not recorded, the metadata establishes clear links between parties.
If a metadata search turns up evidence of communication with journalists or rights groups, this alone could reveal who is behind a leak.
Don’t Email
Never use a work or personal email address when communicating with journalists.
In its attempt to root out leaks during Trump’s first term, the Justice Department also sought non-content information pertaining to reporters’ email communications from their email service providers. They wanted details such as the time an email was sent and received, as well as the sender’s email address.
While email encryption technology can encrypt the body of the email message and in some cases subject lines as well, the email addresses themselves and dates and times emails are sent and received are not encrypted.
This means it’s not hard for investigators to use email records to draw a clear line between a journalist and their source — even if they can’t determine what information specifically was exchanged.
Setting up a separate email account entirely for communicating with journalists or rights groups is an option, but there are a number of potential gotchas. For instance, care should be taken to not reveal any identifying information when setting up a burner email account: Don’t use your phone number for two-factor authentication, choose a throwaway username that is not linked to you in any way, and select a vetted VPN or the Tor network to mask your IP address. Considering all these obstacles, it’s often best to avoid email altogether.
Don’t Reach Out on Social Media
The owners of tech’s biggest social media platforms have shown varying degrees of fealty to the Trump administration. These genuflections include Mark Zuckerberg ending DEI programs at Meta, Andy Yen, the CEO of “privacy-first” email provider Proton, going on about how the Republican party today stands for “the little guys,” and Elon Musk, the owner of X, calling shots as a “special government employee.”
The fact that Trump’s richest fan also owns a popular social media platform should give pause about using X to share sensitive information. It doesn’t take an overactive imagination to see a scenario in which the companies that own communication channels are willing to provide user information to a government they’re eager to please.
Although social media direct messages are generally unencrypted by default, some social media platforms now offer optional end-to-end encrypted messaging, though this feature needs to be enabled manually. For instance, X direct messages can be encrypted if both parties are verified users, and Facebook Messenger can also be used to send encrypted DMs. But the metadata, or non-content information, would still reveal that your account was in contact with a reporter’s account.
Selectively Use Encrypted Communication Tools
Similar metadata risks apply to messaging platforms such as Telegram and WhatsApp. Telegram offers encryption, but it is not enabled by default and comes with a number of limitations. WhatsApp encrypts messages by default, but nonetheless reveals a variety of metadata about communications themselves.
Given the way government investigators typically demand non-content communication records, end-to-end encryption alone does not mask whether or not someone is talking to journalists or other entities.
Secure communication tools such as Signal and Session minimize the amount of metadata and user information that platform operators themselves can access.
Signal can identify the date a particular account was created, as well as when the account last accessed the service. It can also identify a phone number associated with an active username, which is vastly less metadata than other messaging platforms collect.
If you’re concerned about your username being linked to your phone number, change your username at regular intervals, which would prevent past usernames from being tied to your phone number.
Signal routinely posts copies of the requests for user information it receives from the government. These disclosures show that Signal tends to share merely when a particular account was last accessed and first created. Government requests for information from service providers, however, may come with non-disclosure orders that could legally prevent operators from posting notice of these demands on their transparency pages and potentially bar them from notifying the affected users themselves.
Session, a messenger whose tagline is “send messages, not metadata” reduces the amount of information it stores about its users by, for instance, not using centralized servers to relay messages.
Nothing Is a Substitute for OPSEC
But the best end-to-end encryption and metadata minimization won’t keep you safe without basic operational security.
Digital access logs may reveal who viewed, printed, or downloaded a copy of the file, and when. The more files you access, the more likely it is that you may be the one common individual who accessed all those files.
Avoid whistleblower communications while physically present at work. Aside from someone seeing your screen, your employer may also be able to identify that you accessed a particular communication service while on a company network.
Under no circumstances should you also use work devices when communicating with or transferring data to reporters or rights groups.
Equally risky are personal devices with any work-assigned device management apps installed. It might seem old-fashioned, but rather than taking a screenshot of a specific document or chat record on a work device, take a photo of the screen with a separate one-time use phone, or at least a personal device.
Make clear to anyone you might alert of wrongdoing that leaked photos or documents generally should not be published in their entirety. That’s because source material can potentially be linked to the specific device with which it was captured.
A photo showing a file on your computer monitor, for instance, might include a blemish or a smudge of dirt on the screen. More sophisticated forensic techniques, such as watermarking, can be used to trace the origins of a leaked email or video conference.
Even emails seemingly sent to a large number of recipients may be individually watermarked, with each message containing some unique change that can be traced to a single recipient. That’s why it’s safest for journalists not to reproduce emails verbatim and instead rely on selective quotes or summarizations.
After communicating with outside parties, ensure that no records of sensitive communications persist. Be sure to delete not just specific messages, but entire chat histories from all linked devices on which your messaging app of choice is installed. Request that anyone with whom you share sensitive information does the same. Remember to not save each other in your contacts lists, either.
Blowing the whistle can have a real impact in the world, but it also comes with risks — the threat of prosecution or losing your job among them. Although leak investigations may again become a priority in the Trump administration, these dos and don’ts can help reduce the chances of exposing yourself when you’re shining light on wrongdoing.
https://theintercept.com/2025/02/26/how-to-leak-whistleblower-trump/

Facts Only

* The Justice Department under Trump’s administration engaged in surveillance of journalists.
* The surveillance focused on “non-content communication records,” specifically metadata.
* Phone calls and text messages were deemed unsafe due to potential metadata collection.
* Email communication was also risky due to potential metadata collection from email service providers.
* Social media platforms were identified as potential channels for government information gathering.
* End-to-end encryption was acknowledged but not considered foolproof due to metadata risks.
* Operational security measures, such as avoiding work devices and deleting records, were recommended.
* The Institute for Public Accuracy launched ExposeFacts.org to support whistleblowers.
* The article was published by The Intercept in February 2025.
* The article’s author is Nikita Mazurov.
* The address of the Institute for Public Accuracy is 1714 Franklin Street #100-133, Oakland, CA 94612.

Executive Summary

The article details advice for whistleblowers seeking to expose wrongdoing under the Trump administration, focusing on mitigating risks associated with government surveillance. It highlights the Justice Department's tactics of collecting non-content communication records—metadata—to track journalists and activists, even without capturing the actual content of communications. The article advises against using phones, email, or social media for sensitive exchanges, recommending instead encrypted communication tools like Signal and Session. It emphasizes operational security measures, such as avoiding work devices and deleting records, to minimize the risk of exposing oneself to government scrutiny. The article underscores the vulnerability of journalists and activists to surveillance and the need for proactive steps to protect their communications. It’s a cautionary guide for those attempting to reveal government malfeasance.

Full Take

Patterns detected: ARC-0012 Information Asymmetry – the article highlights a fundamental power imbalance where the government possesses significantly greater access to and control over communication data than individuals attempting to expose wrongdoing. This mirrors a classic struggle for control of information, a central theme across political and historical contexts. (Red Team – factual reporting of the power dynamic). The article’s emphasis on metadata—information *about* communication—reveals a sophisticated surveillance strategy designed to anticipate and preempt dissent, rather than simply reacting to overt disclosures. This aligns with ARC-0043 Motte-and-Bailey – the article subtly shifts the focus from the core issue of government surveillance to the potential for metadata collection, creating a superficially “reasonable” concern while avoiding a direct confrontation with the government’s broader power. (Blue Team – recognizing the framing tactic). The systemic driver here isn't simply the Trump administration; it’s a broader trend of state-sponsored surveillance, enabled by technological advancements and a weakening of privacy protections. This echoes ARC-0019 Technological Disruption, where rapidly evolving communication technologies outpace the legal and ethical frameworks governing their use. The constant shifting of communication channels – email, then social media – represents ARC-0027 Strategic Displacement, a tactic used to avoid detection and maintain operational security.
Furthermore, the article’s advice – particularly the recommendations around burner accounts and VPNs – underscores a defensive posture, implicitly acknowledging a pre-existing, highly sophisticated surveillance apparatus. This aligns with ARC-0051 Shadow Government – the narrative suggests a clandestine, proactive intelligence operation designed to identify and neutralize dissent before it gains traction. It’s a disturbing illustration of what happens when the lines between law enforcement and intelligence agencies blur. The implicit framing also subtly normalizes the kind of actions typically associated with espionage, which may be used to induce anxiety and further the fear narrative. The entire document operates as a sophisticated smokescreen for the fundamental question: how can individuals resist a surveillance state? What agency, what level of resilience, can be built amidst such systemic pressure?
The advice to ‘counterstrike scan’ – evaluating the hypothetical playbook of a bad actor – hints at a deeper concern: that the current situation isn’t merely a temporary anomaly, but part of a sustained, coordinated campaign to suppress dissent. This reflects ARC-0068 Counter-Intelligence – the entire piece is essentially a tactical briefing for resistance. It's not just about protecting oneself; it’s about recognizing that one’s actions are being observed, analyzed, and potentially manipulated.

Sentinel — Uncertain

Confidence

This article provides a checklist of precautions for whistleblowers seeking to leak information under the Trump administration. While well-organized and practical, its reliance on summarizing existing reports and the repetitive emphasis on metadata risks suggest a degree of AI-assisted production.

Signals Detected
medium severity: Frequent use of hedging phrases (‘it’s worth noting,’ ‘one could argue’) and a generally uniform sentence length, typical of text processed by AI models, though less pronounced than some other synthetic texts.
high severity: The advice is relentlessly pragmatic and focused on minimizing metadata exposure, lacking any demonstrably unique insights or a clear voice. The ‘both sides’ framing, while relevant, feels excessively cautious and doesn’t reflect typical journalistic presentation.
medium severity: The article relies heavily on summarizing existing investigations and reports (OIG report, CNN/NYT/WP investigations) without offering original analysis or new sources, creating a template argument.
low severity: While the claims about Trump’s threats and DOJ surveillance are plausibly documented, the constant reiteration of metadata risks, without deeper discussion of the evolving tactics of surveillance, feels like a pattern-matching exercise rather than genuine insight.
Human Indicators
Detailed descriptions of specific surveillance techniques used by the DOJ, referencing existing reports and investigations. The article’s persistent focus on metadata minimization—while prudent—is amplified by the extensive detail provided.
The inclusion of nuanced advice regarding OPSEC, such as the risks of screenshots and digital access logs, suggests a human understanding of practical vulnerabilities.