SecureDrop

The Daily Beast is dedicated to independent journalism, pursued without fear or favor.

But to do it right, we need your help. We need your tips. We need documents that you may come across.

That’s why The Daily Beast now uses the SecureDrop system to allow anonymous sources to send sensitive information and documents to our journalists.

Once a tip has been submitted to The Beast’s reporters, we will work on our end to verify the claim or documentation.

Please do not use this secure channel for standard editorial story pitches or general website feedback. The SecureDrop system is intended for use for sources in high-risk situations. SecureDrop is designed to protect the anonymity of our sources—although no system is 100% foolproof.

To send a standard tip to The Daily Beast, you can email us at [email protected] or send it via snail mail to:

The Daily Beast

ATTN: Noah Shachtman, executive editor

555 W. 18TH ST., 5th floor

New York, NY 10011

Additionally, email addresses for individual writers and editors are listed on their author pages.

To contact The Daily Beast for other purposes, please see our Contact Us page.

How to use SecureDrop:

  1. Use a personal computer on a public wifi network. Be aware of your screen being filmed/overlooked by others.
  2. Don’t use your home or work Internet to connect to SecureDrop.
  3. Go to TorProject.org and follow the instructions to download the Tor browser.
  4. Open the Tor browser and type this URL into the address bar: bcwyjiwj25t44it6.onion
  5. Do NOT copy and paste it from here.
  6. Follow the instructions to send us files or messages.
  7. You will get a unique code name when you first use the site. This is your login for SecureDrop. Memorize this code name or save it in a secure place. Do not share this code name with others.
  8. You can then submit information and send us messages. Use your code name to check back for replies.

It may help you to review this step-by-step video for sources, created by The Globe and Mail.

The Daily Beast’s SecureDrop Privacy Policy

[updated February 1, 2018]

SecureDrop strives to create a more secure environment for whistleblowers to give information to journalists. It was installed at The Daily Beast with the help of Freedom of the Press Foundation.

Please read this privacy policy carefully. It explains what information what type of information SecureDrop does and does not collect, and why.

Collection of Information From Sources:

  • We don’t ask or require you to provide any personally identifying information when you submit materials through SecureDrop.
  • The system does not record your IP address, information about your browser, computer, or operating system. Furthermore, the SecureDrop pages do not embed third-party content or deliver persistent cookies to your browser.
  • The server will only store the date and time of the newest message sent from each source. Once you send a new message, the time and date of your previous message is automatically deleted.
  • Journalists decrypt and read each message offline. They are encouraged to delete messages from the server on a regular basis. The date and time of any message will be securely deleted from the server when the message is deleted.
  • Please keep in mind that the actual messages you send and receive through SecureDrop may include personally identifying information. For this reason, once you read a journalist’s message, we recommend you delete it. It will then be securely deleted from the file system.

Also please note that when you submit certain types of files through SecureDrop, you may be sending us metadata associated with that file.

For example, if you submit a photo through SecureDrop in JPEG format, the file may include information about the date, time, and the GPS location of where it was taken, and the type of device used to take the photo. Similarly, if you submit a Word file (.doc or .docx) through SecureDrop, it may include the identity of the document’s author, the author’s operating system, GPS data about the author’s location, and the date and time when the document was created.

Our policy is to scrub metadata from the files we receive through SecureDrop before publication. If you don’t want to send us metadata, please use the Metadata Anonymization Toolkit to scrub the file before you submit it.

Collection of Information About Journalists’ Use of SecureDrop

The Daily Beast collects information about journalists’ use of SecureDrop for security monitoring and to make sure the system works properly.

This information we collect about journalists includes details about the device, browser, and operating system journalists use when accessing the system, and the date and time of each session.

Data Security

SecureDrop servers are under the physical control of The Daily Beast and our parent company IAC, and they do not share common elements of the The Daily Beast’s other infrastructure.

However, no one can truly guarantee 100% security of any system. Like all software, SecureDrop may contain bugs. Ultimately, you use the SecureDrop service at your own risk.

Children Under 13

The Children’s Online Privacy Protection Act restricts our ability to collect personal information from children under 13. This site is not directed to children 12 or younger.