Some of the most important stories in journalism begin with a single tip. Whether it is a whistleblower uncovering corporate malfeasance, a government insider revealing regulatory failures, or an ordinary citizen documenting a defective product, these firsthand accounts often provide the evidence needed to hold powerful institutions accountable. The Verge, a leading publication covering technology, science, and culture, relies on such tips to expose stories that shape the way we live. If you have encountered something the public should know about—be it a hidden data breach, an unethical business practice, or a transformative innovation that has not yet made headlines—the publication wants to hear from you. But the key to effective tipping is not just the information itself; it is also the method of delivery. In an age of digital surveillance, corporate retaliation, and government overreach, protecting your identity is paramount.
Why Secure Tipping Matters
The relationship between journalists and their sources has always been built on trust. But in the 21st century, that trust must be fortified by technology. Leaks and tips can expose wrongdoing, but they also put sources at risk. Employers monitor email servers, internet service providers log browsing activity, and intelligence agencies can intercept unencrypted communications. Without proper precautions, a tip can lead directly back to the person who provided it. This is why The Verge, like many reputable news organizations, has established clear protocols for submitting information safely. The guiding principle is simple: if you are at risk of reprisals—whether from a private company, a government agency, or a hostile actor—you should take every possible step to minimize your digital footprint.
Email: The Most Accessible Option
Email remains the simplest way to reach The Verge’s editorial team. The general tip line is tips@theverge.com, and messages sent to this address are read by editors who evaluate the credibility and newsworthiness of each submission. However, email is not inherently secure. Standard email protocols like SMTP transmit messages in plain text unless encrypted with PGP (Pretty Good Privacy) or S/MIME. Even then, metadata—such as the sender’s IP address, the timestamps, and the subject line—can be exposed. The Verge advises tipsters to avoid using work email accounts, work Wi-Fi, or work devices when sending tips. These resources are often owned by an employer and subject to monitoring. Instead, use a personal email account created with a pseudonym, accessed through a secure network such as a home connection or a VPN. For maximum anonymity, consider a burner email service that does not require personal information, such as ProtonMail or Tutanota, which use end-to-end encryption by default.
Signal: Encrypted and Ephemeral
For those who require stronger protection, Signal is the gold standard for encrypted communication. Signal is an open-source messaging app that encrypts text messages, voice calls, and file transfers so that only the intended recipient can decrypt them. Unlike many other apps, Signal stores only your phone number and the last time you accessed the app; it does not log who you communicate with or the content of your messages. This makes it an ideal tool for journalists and sources alike. To use Signal to tip The Verge, download the app on a smartphone (iOS or Android) and create an account using a phone number. Note that Signal requires a phone number for registration, but you can use a burner number from a service like Google Voice or a prepaid SIM card to reduce traceability. Once installed, add the recipient’s Signal number as a contact. The Verge’s staff members often list their Signal numbers on their author pages, which can be accessed via the publication’s staff list. After adding the contact, you can initiate an encrypted conversation. A crucial step: delete the contact from your phone once the conversation has begun. Signal does not require the contact to remain saved for the chat to continue, and removing it reduces the amount of identifying information on your device.
Advanced Security Settings on Signal
The Freedom of the Press Foundation offers additional guidelines for locking down security on Signal. These include enabling disappearing messages, which automatically delete messages after a set period (e.g., one hour, one day, or one week). This ensures that even if your phone is confiscated, sensitive communications are no longer available. Disable read receipts and typing indicators to further limit metadata. Verify safety numbers with your contact to confirm that no man-in-the-middle attack is intercepting the conversation. Finally, use Signal’s screen security option to prevent previews of messages from appearing in your phone’s notification shade. For whistleblowers dealing with highly sensitive information, the Foundation also recommends using a separate device solely for Signal communication, ideally one that is not connected to your regular cellular network or home Wi-Fi.
The Importance of Evidence and Context
While the method of delivery is important, the content of your tip matters just as much. The Verge’s editorial team evaluates tips based on their credibility, relevance, and potential impact. Evidence is key: firsthand experience or revealing documents are far more valuable than hunches or speculation. If you have access to internal memos, leaked emails, photographs, video recordings, or datasets, include them in your communication. However, be mindful of the size limitations of email attachments or Signal file transfers. For very large files, consider using an encrypted upload service like SecureDrop (if the publication uses it) or a one-time download link generated by services that support end-to-end encryption. Always avoid uploading files to unsecured cloud storage that could be traced back to you.
Best Practices for Anonymity
Beyond the initial tip, maintain operational security throughout the process. Use Tor Browser or a trusted VPN to hide your IP address when accessing websites related to the story. Do not discuss your tip with anyone, even friends or family, as loose talk can compromise your anonymity. Consider creating a dedicated email address or Signal account that you use solely for journalistic correspondence. After the tip is sent, avoid revisiting the same story on public networks. If you must communicate further with the journalist, use the same secure channel. Remember that good journalists will never pressure you to reveal your identity; they understand the risks and will respect your anonymity.
Historical Context: The Role of Tips in Tech Journalism
The tradition of tipping journalists dates back centuries, but the digital age has transformed both the speed and the risk involved. In the tech sector alone, tips have led to landmark investigations: the exposure of Facebook’s data-sharing practices with Cambridge Analytica, the revelation of Apple’s hidden battery-throttling features, the uncovering of Google’s worker retaliation policies, and the reporting on Amazon’s warehouse working conditions. Each of these stories started with an insider who decided to speak out. The tools for secure communication have evolved in parallel. In the early 2000s, journalists relied on encrypted emails like Hushmail; by the 2010s, apps like Signal and Telegram became the norm. The Verge, by offering multiple secure channels, positions itself as a trusted recipient of such information. Its commitment to serving this page over HTTPS without third-party analytics or ad trackers—in accordance with Freedom of the Press Foundation best practices—demonstrates that it prioritizes source protection over corporate data collection.
Common Mistakes and How to Avoid Them
Even well-intentioned tipsters can make errors that expose their identity. One common mistake is using a work computer or phone to research the tip or to access the journalist’s contact page. Work devices are often equipped with monitoring software, keyloggers, or proxy logs that record every keystroke and mouse click. Another mistake is reusing a personal phone number that is already linked to your real identity on social media. If your Signal number can be reverse-searched, your anonymity is compromised. Also, be cautious about the time of day you send the tip. Sending it during your regular work hours from a network that your IT department can trace may raise red flags. Instead, send tips from a location and time that do not align with your known routine. Finally, never include your full name, address, or other identifying details in the body of the message, even if you intend to remain anonymous. Let the journalist ask for additional information if needed.
The Editorial Process After a Tip
Once a tip is received, The Verge’s editorial team evaluates its veracity. Editors will look for corroborating evidence, check the source’s background (if known), and assess the legal risks of publishing. They may reach back out to you through the same secure channel if they need clarification or additional documents. It is important to be responsive but patient. Good journalism takes time, especially when dealing with sensitive information that could affect people’s lives or company stock prices. You are under no obligation to continue communication if you feel uncomfortable, but remember that incomplete tips are less likely to be pursued. For particularly explosive stories, the publication may also involve its legal team to review potential defamation or national security issues. Throughout this process, your anonymity is protected by ethical guidelines and, in some jurisdictions, by shield laws that protect reporters from being forced to reveal sources.
Other Secure Methods and Future Considerations
While email and Signal are the primary methods highlighted, The Verge’s staff may also be reached through other encrypted channels, such as Wire or WhatsApp (though WhatsApp is owned by Meta, so privacy-conscious sources might avoid it). SecureDrop is another option used by many newsrooms, though not explicitly mentioned in the original article. The landscape of secure communication is constantly changing. As encryption becomes more robust, governments and companies develop new ways to break it. End-to-end encryption is currently the strongest protection widely available, but it can be undermined by device vulnerabilities, phishing attacks, or legal compulsion. Sources should stay informed about the latest security recommendations from organizations like the Freedom of the Press Foundation, the Electronic Frontier Foundation, and the Tor Project.
Why This Matters for Democracy
At its core, the ability to tip journalists securely is a cornerstone of a functioning democracy. Whistleblowers take enormous personal risks to bring information to light, and the public depends on that information to make informed decisions about the products they use, the companies they support, and the policies that govern them. The Verge’s commitment to providing secure, privacy-respecting channels is part of a broader journalistic ethos that values transparency and accountability. By following the guidelines laid out here, you can help ensure that your tip reaches the right people without endangering yourself. Every major story begins with a single act of courage—and the right technical preparation can make that courage easier to act upon.
Note: this page is served over HTTPS without third-party analytics or ad trackers, in accordance with Freedom of the Press Foundation best practices. For advertising, technical support, and other inquiries, please refer to The Verge’s contact page.
Source: The Verge News