How to share information with us safely — what to send, how to reach us, and how to protect yourself while you do.
If you know something the public has a right to know, we want to hear from you. Meridian is reader-funded and beholden to no proprietor, advertiser or party, which means we can pursue a story wherever it leads. This page explains the practical steps for getting information to us, the methods that keep your identity protected, and what turns a tip into a story we can stand behind.
You do not need to be certain, technical, or a whistleblower in any formal sense. A document, a screenshot, a contract, a pattern you have noticed at work — any of these can be a starting point. Reach out first if you are unsure; we are happy to talk through how to send something safely before you send anything at all.
Before you send
Use a personal device on a personal network, never a work computer or phone. Employers can monitor company hardware, email and building Wi-Fi, and access logs may reveal that you contacted us. Leave files where they are; do not forward them through work systems. If in doubt, contact us first with no details and we will agree a safe route together.
How to reach us
We offer several channels so you can choose the one that fits your situation and your comfort with technology. Each protects you in a different way. If you are weighing real risk, the anonymous upload and Signal are the strongest options; ordinary email is the weakest.
Most private
Anonymous upload
A SecureDrop-style submission system that lets you send documents and messages without revealing who you are. We see the files, not you. Open it in the Tor Browser for the strongest protection, and keep the codename it gives you so you can return to read our replies.
Encrypted chat
Signal
Message or call a reporter on Signal, a free app with end-to-end encryption. Turn on disappearing messages, and add us as a contact rather than texting from a number tied to your name. Ask us for the current number on our contact page.
Encrypted email
PGP email
If you already use PGP, you can encrypt a message to our published public key so that only our newsroom can read it. Note that email — even encrypted — still reveals who is writing to whom, so it suits documents more than sensitive first contact.
You can also reach the newsroom through ordinary channels on our contact page. Plain email and web forms are convenient and fine for non-sensitive tips, but they are not anonymous: they record your address, and they can be read in transit or subpoenaed later. Match the channel to the risk you are taking.
The safest message is the one that never had to travel through a system someone else controls.Meridian security desk
What makes a useful tip
The strongest tips give us something we can verify independently. We publish a claim only when a document or a reproducible trail supports it, so the more you can point us toward evidence — rather than conclusions alone — the further a story can go. Helpful detail includes:
- What happened, who was involved, and roughly when — as specifically as you can manage.
- Documents, records, emails, contracts, photographs or data that show it, rather than describe it.
- How you came to know it, so we can judge how to corroborate it without exposing you.
- Other people or records that might confirm the account, even if you cannot reach them yourself.
- What you are worried about — legal exposure, your job, your safety — so we can plan around it.
Do not feel you must build the case for us. Partial information is welcome; assembling and checking it is our job. We will never publish your name or any identifying detail without your explicit agreement, and we will tell you honestly if we cannot protect a particular piece of information.
Protecting yourself
A few habits sharply reduce the trail you leave. None of this is alarmist — it is simply how careful sources work, and we would rather you take a quiet, deliberate first step than a hasty one.
- Use your own device and network. Avoid work laptops, work phones, work email and office Wi-Fi entirely. Personal hardware on a home or mobile connection is far harder to monitor.
- Contact us before gathering anything. Searching internal systems, printing or downloading files can itself be logged. We can advise on what is worth the risk and what is not.
- Keep records where they already are. Photographing a screen with a personal phone often leaves less of a trail than forwarding or exporting a file through work systems.
- Tell no one. The fewer people who know you have spoken to a journalist, the safer you are. Colleagues, friends and family are the most common way a source is identified.
- Mind the metadata. Photos and documents can carry hidden information about who made them and where. If that worries you, send the file and let us strip it, or ask us how.
Our promise to you
We protect our sources. We do not reveal who you are, we do not hand over unpublished material, and we resist legal demands to identify confidential sources. We are reader-funded and carry no advertising, so no commercial or political interest sits between your information and what we publish.
Handling sensitive information is a responsibility we take seriously, and it is governed by our editorial standards and privacy policies. If we get something wrong, we say so in public on our corrections page. When you are ready, reach out through any of the methods above — or simply open our contact page and we will take it from there.