How to Securely Share Information About Scientific Integrity Abuses
Since 2003, the Union of Concerned Scientists has exposed political interference in science, both publicly and behind the scenes. Federal government employees and their associates can play a vital role in bringing to light the suppression or distortion of science in the policymaking process by reporting any problems they see.
But those who are aware of potential abuses need a safe way to report them. To this end, we've set up several methods for you to communicate with UCS. This includes an encrypted email account through a service that allows you to stay anonymous:
This page explains how you can share information with UCS in ways that reduce your personal risk, including through Protonmail, PGP, Signal, and the postal service. Please read this entire page before sharing information with UCS or members of our staff.
What you should share
We invite you to share any evidence of actions that impede the ability of science or scientists to protect public health and the environment. With your help, we can expose this behavior and stand up for the appropriate use of science in governmental policymaking.
You can share memos, emails, directives, or any other documents. You can share datasets or other information that has been altered or removed from public view. You can also describe anything that has been communicated orally or even rumors that you have heard, and we will investigate. We understand that some parts of the Trump administration are being careful not to leave a written record; a story can still be told without documents.
What UCS can do
UCS has extensive expertise in the process by which science informs policy making and how the science and scientists who contribute to that process can be manipulated or censored. We believe that policy decisions should be fully informed by the best available science, recognizing that there are often many considerations other than science at play.
We work with trusted reporters, attorneys, and congressional staff to bring corruption to light and hold officials accountable. Our first priority is to protect our sources, and we have a variety of ways of getting access to information without putting sources at risk.
It’s also okay if you want advice on whether your situation is normal or problematic. We’ll help you think through what constitutes political interference in science and how best to rectify the situation.
What our vulnerabilities are
Attorneys can protect much of their communication under attorney-client privilege laws. Journalists have a source shield. UCS does not enjoy any such privileges. What that means is that if UCS is subject to a congressional or judicial subpoena, it is possible that we would have to turn over communications with sources. We would only do so if compelled by a court, but the possibility exists.
As has become obvious in recent times, anyone can be hacked, and unencrypted data can be intercepted. UCS employs state-of-the-art Internet and email security systems, but no system is foolproof. Therefore, we encourage you to initiate your communication with UCS in the encrypted ways described below.
How to communicate with UCS
First, never communicate with us using a work computer or telephone. Do not use agency resources or electronically-generated postage to send us paper documents. If you can, use public WiFi networks. Here are ways you can get in touch:
Anonymous reports are more challenging to confirm, but can be a useful option, especially for time-sensitive developments. You can send us anonymous email using Protonmail to ScientificIntegrity@protonmail.com. Protonmail is an encrypted email service developed by MIT and CERN scientists with servers in Switzerland. Because Protonmail does not require authentication, you can remain anonymous. If you prefer this option, do not connect the account to a cell phone or email account when you sign up for Protonmail.
Encrypt communication through PGP or Signal
Some of our staff use an encryption tool called PGP (which stands for Pretty Good Privacy) to communicate via email. All you need is your own private and public PGP key and knowledge of the public PGP keys for your recipient. You only need to set up PGP once. See instructions on Windows or on a Mac.
Important: PGP only protects the contents of the message. Anyone with access to your computer or email account can find out with whom you have communicated and when. With this in mind, if your privacy is a concern, consider setting up a new, anonymous email address to share information with UCS.
Some of our staff use Signal for encrypted texting and phone conversations. Signal requires you to use a phone number to communicate with us and to have the recipient in your address book. As such, consider putting UCS contacts into your address book using a fake name, and do not sync your phone with a work computer. You can also consider using a different “burner” phone with pre-paid service that you purchase anonymously using cash.
Michael Halpern (PGP KeyID 5271F13C), deputy director of the UCS Center for Science and Democracy, can be reached on Signal at 202.378.8618.
Gretchen Goldman (PGP KeyID D953E0DC), research director of the UCS Center for Science and Democracy, can be reached on Signal at 607.351.9145.
Andrew Rosenberg (PGP KeyID 0F3C4A20), director of the UCS Center for Science and Democracy, can be reached on Signal at 603.767.9501.
We also accept information via postal mail. Here again, exercise caution: please do not send us information using the postage meter in your agency’s mail room or from a post office. Instead, it is best to use stamps and to send your documents in an envelope without a return address to:
Center for Science and Democracy
Union of Concerned Scientists
1825 K Street NW, Suite 800
Washington, DC 20006
Please note: We are unable to accept thumb drives over postal mail due to hacking and virus concerns.
Resources for protecting your privacy
The Electronic Frontier Foundation has great information about how you can and should protect your privacy—even if you don’t have anything to share that could get you in trouble. The more people who take steps to encrypt their communications, the safer it is for those who really need to do so. Learn more about how to protect yourself here, and how to ensure that your contacts do the same here.