Washington Post, By Craig Timberg & Lisa Rein, April 16
Got a hot tip about federal waste, fraud or corruption? You should think twice about using the government’s own online systems for collecting such complaints.
Many of them promise confidentiality but for years have sent sensitive data – including names, addresses and phone numbers of whistleblowers, as well as the details of their allegations – across the Internet in a way that could be intercepted by hackers or snoops. Or, perhaps worse still, by the agencies named in the complaints.
Twenty-nine of these sites, set up by inspectors generals who in many cases are required by federal law to protect the identities of whistleblowers, do not use encryption technology that has become a standard privacy protection across much of the Internet, according to a review by the ACLU. A State Department site offering up to $10 million rewards for terrorism tips has the same weakness, exposing the identities of tipsters to a range of potentially interested parties, including operators of cyber cafes or government spies in the countries where the tipsters live.
This post was read 131 times.