Recently in Human issues Category

In a front page editorial, Julian Assange gives some more details of the surveillance and harassment of himself and other people in Iceland and on the way to a conference about investigative journalism Norway.


We have discovered half a dozen attempts at covert surveillance in Reykjavik both by native English speakers and Icelanders. On the occasions where these individuals were approached, they ran away. One had marked police equipment and the license plates for another suspicious vehicle track back to the Icelandic private VIP bodyguard firm Terr. What does that mean? We don't know. But as you will see, other events are clear.

Perhaps it means that Iceland will not become quite the transparent and publicly accountable "investigative journalism publishing data haven", which and the Icelandic Modern Media Initiative hope for.

U.S. sources told Icelandic state media's deputy head of news, that the State Department was aggressively investigating a leak from the U.S. Embassy in Reykjavik. I was seen at a private U.S Embassy party at the Ambassador's residence, late last year and it is known I had contact with Embassy staff, after.

On Thursday March 18, 2010, I took the 2.15 PM flight out of Reykjavik to Copenhagen--on the way to speak at the SKUP investigative journalism conference in Norway. After receiving a tip, we obtained airline records for the flight concerned. Two individuals, recorded as brandishing diplomatic credentials checked in for my flight at 12:03 and 12:06 under the name of "US State Department". The two are not recorded as having any luggage.

Iceland doesn't have a separate security service. It folds its intelligence function into its police forces, leading to an uneasy overlap of policing and intelligence functions and values.

On Monday 22, March, at approximately 8.30pm, a WikiLeaks volunteer, a minor, was detained by Icelandic police on a wholly insignificant matter. Police then took the opportunity to hold the youth over night, without charge--a highly unusual act in Iceland. The next day, during the course of interrogation, the volunteer was shown covert photos of me outside the Reykjavik restaurant "Icelandic Fish & Chips", where a WikiLeaks production meeting took place on Wednesday March 17--the day before individuals operating under the name of the U.S. State Department boarded my flight to Copenhagen.

Our production meeting used a discreet, closed, backroom, because we were working on the analysis of a classified U.S. military video showing civilian kills by U.S. pilots. During the interrogation, a specific reference was made by police to the video---which could not have been understood from that day's exterior surveillance alone. Another specific reference was made to "important", but unnamed Icelandic figures. References were also made to the names of two senior journalists at the production meeting.


How many volunteers are willing or unwilling (e.g. through coercion after having been arrested), agents or informers ("Covert Human Intelligence Sources" in UK legal parlance), for various police, intelligence agencies and private sector interested parties ?

This blog has had the expected surge in traffic, as failed to cope with the demand for the second alleged "BNP Membership list".

People from organisations such as the UK Ministry of Defence, from Boldon James a Qinetiq subsidiary specialising in secure messaging systems for the military and intelligence agencies, Grampian Fire Service, several UK Universities. Gloucestershire County Council, the University of Oxford, University College London, University of York, Leeds Metropolitan University etc (a sad reflection on the poor internet research skills of some university students, academics or administrators), have all attempted to search for this "BNP Membership List" here on this blog (obviously without success), presumably whilst the website has been overwhelmed by demand There have been multiple attempts to search for this from Pakistan.

As with the previous list, there will be several fake or erroneous entries, which the armchair "anti-fascism" campaigners will abuse to besmirch innocent people as "racists". Why should innocent people's personal details be spread over the internet like this ?

There were plenty of reports about such abuses after published the first leaked list, but they have persisted in doing so again, and have hyped up mainstream media interest in the "story".

What happens when other alleged lists of political or religious groups are published on , in contravention of the principles of Data Protection as applied to Sensitive Personal Data ?

What happens when such lists are used by extremists or the mentally unstable to target people for harassment or death threats ?

Will publish lists of political opponents and dissidents in other countries apart from in the United Kingdom ?

How would publishing the name, address, telephone and other details of say Chinese, Burmese, Iranian, Cuban, Kenyan or Zimbabwean etc.political opponents to the ruling regimes be any morally different to publishing these BNP lists ?

This "collateral damage" against innocent, law abiding people, destroys any kudos which may have merited through its publication of the Trafigura / Carter-Ruck "super injunctions" and the the Minton report.

It looks as if the core team journalists and activists might perhaps have succeeded in getting their first mainstream media customer, for the method of funding which Julian Assange proposed i.e. "exclusive" access to a leaked document, ahead of its publication on

BNP hit by second leak of 'members database'

Robert Booth, Helen Pidd and Paul Lewis, Monday 19 October 2009 21.36 BST

The BNP is bracing itself for potentially fresh embarrassment tomorrow when details of the party's rank and file UK membership are expected to be posted on the internet.

The list, which purports to be a snapshot of the party's support in April this year, includes the names, addresses, postcodes and telephone numbers of people who have signed up to the far-right group, including the grade of membership assigned by the party - standard, family, family plus, gold, OAP, and unwaged.

This list was leaked to a website, which insisted today that it was genuine, and that it intended to publish the information tomorrow.

Not how this article does not mention, even though:

The Guardian has seen the list, but could not verify its authenticity.

As Julian has rightly pointed out, giving stuff for free to the lazy or heavily under resourced or legally gagged mainstream media, by simply publishing it online does not get it reported or analysed or discussed by the mainstream media or the blogosphere or the twitterverse. or most probably Julian himself, in fact have to hawk the "story" around various mainstream "News" outlets, who are extremely reluctant to ever mention as the indirect source, and almost never report the URL, let alone a specific link to the actual article or leaked document itself.

The mainstream media do pay for stories, but only for "exclusives", which theeir commercial rivals then happily steal of each other, often without attribution, so this is , in one sense, entirely logical and predictable.

However, usually, a mainstream media organisation is dealing directly with a whistleblower or with an agent or middleman, who, although they might not know, or might claim not to know who the actual whistleblower is, has been empowered by the whistleblower to negotiate financially or otherwise with the mainstream media organisation.

This is not the case with

Nowhere during the document submission work-flow is there any mention that the leak which you are proving for free, is going to be arbitrarily delayed from online publication by financial reasons, or for their own political agenda.

The ability to set a delay or a random delay between actual leaked document submission and online publication is an important optional feature of the technology. Used properly, it can add "Plausible Deniability", or strengthen the alibi of a whistleblower at risk of exposure. Obviously not every whistleblower needs or uses this feature.

However, it is not morally right, for to arbitrarily take over the timing and release of a whistleblower document, simply to give itself "exclusives", which it has not itself paid for, but which it hopes to get money from a mainstream media partner, or which suit the political activists' own hidden agendas.

At the very least, they should obtain the prior, informed consent from the whistleblower specifically allowing to act as more than just politically neutral technology assisted publishers, and more as a Public Relations agency on their behalf.

Since there is no longer any private and secure method of communicating with the team, after they abandoned their use of PGP Encryption for email privacy or for digital signatures, there is no way for a whistleblower to negotiate the terms of how intends to promote the story to the mainstream media.

Wikileaks is overloaded by readers

Judging by the media coverage in the United Kingdom, and by the large number of fruitless searches of this blog, the most popular "leak" is currently that of about 12,800 names and addresses, and quite a few phone numbers, and email addresses of members of the British National Party.

This is a political party, which has various extremist left wing / right wing and xenophobic and racist policies, but which is not an illegal proscribed organisation.

Some public sector organisations e.g. the Police and Local Councils, discriminate politically against BNP members, simply on the basis of membership, rather than because of any actual racist or intolerant behavior during working hours.

The list was apparently leaked by a former senior official of the party, thereby breaking a High Court Injunction. The BNP have, it seems, been careful, in the past, to ensure that local copies of their membership list have been properly encrypted, something which many other organisations still do not bother to do. - see - Encryption and the BNP membership list - does your political party or campaign group protect your personal details with encryption ?

The list (which may contain some fake entries, and sneaky omissions) can be found on the website, when it is working again, but not here on this blog.N.B. this list may contain details of thousands of former members, as there have been lots of splits and scandals in the last year or so.

Will other "hate lists" also appear on ?

In the United Kingdom, as well as in many other parts of the world, lists of actual or alleged political opponents have been used for discrimination and political violence, so by publishing this data, are morally complicit in any such crimes.

At the same time, they are also giving the BNP the "oxygen of publicity", and the chance to play the innocent.

Will other political party and organisation membership lists also now be leaked and published on ?

Somewhat naively, claim that

Most documents come in from journalists. Frauds are extremely rare, but possible.

How can they possibly make that assumption ?

It appears that the editors have had second thoughts and now doubt the authenticity of some allegations of tax evasion by a German Architect Juergen Grossman, amongst the documents uploaded and published in the Bank Julius Baer section

This document, its description below as well as comments posted to it are false or falsified according to different sources and investigation into them. Wikileaks is investigating as to why false documents in context to Bank Julius Baer have been put up

The reason why "false documents... have been put up" should be obvious - it is because have created a channel which allows this to be done.

It is also a bit simplistic to think that even reliable sources always provide truthful, accurate and complete information.

Similarly, untested or previously unreliable sources can provide good information, sometimes.

Perhaps need to tag the leaked / published documents like, for example, UK Police Forces do under under the National Intelligence Model, and their 5x5x5 Intelligence Grading form system:

For example:

Intel Source or Intel Source Ref. No:

Police Intelligence databases usually try to keep this secret

See also the previous blog article:

Does linking "Peryton" to several leaks partially betray the promise of anonymity ?

They give an A to F rating for the reliability of the source

Source Evaluation:

  • A = Always Reliable
  • B = Mostly Reliable
  • C = Sometimes Reliable
  • D = Unreliable
  • E = Untested Source

Then there is a 1 to 5 rating for the accuracy of the information

Intelligence Evaluation:

  • 1 = Known to be true without reservation (usually technical forensic information or database records, which is not, of course, always strictly the case))
  • 2 = Known personally to the source but not to the officer
  • 3 = Not known personally to the source but corroborated
  • 4 = Cannot be judged
  • 5 = Suspected to be false

The third "x 5" in the UK Police Intelligence Grading scheme is the level Protective Marking and handling restrictions applied to the intelligence data, something which might, perhaps, be of use internally within, but which is redundant for published material.

Handling Code - To be completed at time of entry into an intelligence system and reviewed on dissemination.

  • 1 = May be disseminated to other law enforcement and prosecuting agencies, including law enforcement with the EEA and EU compatible (no Code or Conditions)
  • 2 = May be disseminated to UK non-prosecuting parties (Code 3.7 conditions apply)
  • 3 = May be disseminated to non-EEA law enforcement agencies (Code 4.7 and/or conditions apply, specify below)
  • 4 = Only disseminate within originating agency / force. Specify internal recipient(s)
  • 5 = Disseminate: Intelligence Receiving agency to observe conditions as specified below.

The European Economic Area (EEA) and the European Union (EU), are covered by similar Data Protection laws, other countries, generally have weaker protections in law, like the USA.

Other Intelligence Agencies and mainstream media organisations presumably do something similar, although they never seem to bother to publish these reliability assessments, and tend to just quote "Government" or "Police" or "Security" sources anonymously.

Another similar model is used by the website, as caveats and disclaimers on its Terrorist suspect profiles:

Key to bullets

greenbullet.gif - High confidence

yellowbullet.gif - Some confidence

redbullet.gif - Low confidence

blackbullet.gif - No confidence

More explanation of the classifications:

The latest selective leak of US Military classified documents by the publishers raises another couple of important questions, to add to the list of unanswered questions about the ethics and the security of the whole project:

Classified SECRET consolidated US Forces Rules of Engagement (ROE) for Iraq.


The ROE comes from 'Peryton' a national security whistleblower who has supplied a number of other classified or For Official Use Only documents, two of which have been publicly verified by the US military:

  • Camp Delta Standard Operating Procedure (2003)
  • Camp Delta Standard Operating Procedure (2004)

and one of which attracted a "no comment", but was subsequently privately verified by UPI's national security correspondent Shaun Waterman:

  • U.S lost Fallujah's info war (and associated links)


On motivation, Peryton has shown that they are primarily motivated by ethical concerns...


The mere fact of leaking such documents gives no clue as to what the real motivations or agenda of the whistleblower or document leaker actually is.

A couple of obvious questions:

  1. Was the public linking by the publishers, of several separate leaked documents, to a single supposedly anonymous source "Peryton", done with that source's prior permission ?

  2. Since this could make it easier for any investigation to track down a particular whistleblower, then is this a partial betrayal of the promise of anonymity ?

The BBC's online and broadcast news technology programme Click has a report by David Reid: - Bloggers' search for anonymity

This examines some of the reasons for the need for anonymity and some of ways to get around some of repressive Government censorship of the internet.

It shows some peaceful direct action at an international tourism promotion show by Reporters Sans Frontièrs (Reporters Without Borders), who pointed out that some of the countries trying to attract Western tourists were also busy locking up and torturing journalists and bloggers, simply for publishing even mild or implied criticisms of the regime.

The programme also mentioned RSF's Handbook for bloggers and cyber-dissidents


This should read in conjunction with the more recent and complementary
hints and tips for whistleblowers, journalists and bloggers by Spy Blog, and the Digital Security and Privacy for Human Rights Defenders manual by Front Line.

The programme mentioned the use of proxy servers to help overcome some of the Government internet censorship , which led on to a simple (cookery based) illustration of TOR, The Onion Routing scheme, which is apparently going to be used, together with other software, by the WikiLeak.orgproject.

The programme contributors give some obvious but important advice i.e. not to actually write blog articles under your real name.

There is some low tech advice about circumventing some internet censorship the inseration of extra punctuation around and between keywords like Tiananmen Square, e.g. perhaps +Tiananmen+Square+, which are still readable by humans, in much the same way as various spam emails attempt to overcome Bayesian heuristic anti-spam filter censorship

For a mainstream media programme, aimed at a worldwide audience, this is quite a good flavour of what this blog and the project is about.

If a few more people out of the BBC Click programme's large online and broadcast audience are encouraged to try out say TOR, then that will be a good thing.

What effect, if any, will the promises made by Google, Microsoft, Vodafone and Yahoo! etc., regarding world wide human rights, privacy and censorship laws and policies, have on the project ?

Press Release from Business for Social Responsibility:

01/18/2007: Press Release from Business for Social Responsibility

Companies, Human Rights Groups, Investors, Academics and Technology Leaders to Address International Free Expression and Privacy Challenges

(CSRwire) January 18, 2007--A diverse group of companies, academics, investors, technology leaders and human rights organizations announced today its intention to seek solutions to the free expression and privacy challenges faced by technology and communications companies doing business internationally.

The process “ which aims to produce a set of principles guiding company behavior when faced with laws, regulations and policies that interfere with the achievement of human rights“ marks a new phase in efforts that these groups began in 2006.

Last year, Google, Microsoft, Vodafone and Yahoo!, with the facilitation of Business for Social Responsibility (BSR) and advice from the Berkman Center for Internet & Society at Harvard Law School, initiated a series of dialogues to gain a fuller understanding of free expression and privacy as they relate to the use of technology worldwide.

For some reason, John Young has "leaked" a second tranche of emails from the supposedly internal developer email list for the project on his website.

This time, he has not obscured most of the names and email addresses etc., which he did for the first lot.

This is inconsistent, and seems a bit spiteful. It is something to bear in mind if you ever correspond with him regarding his Cryptome website.

John Young's name no longer seems to appear on the Domain Name registration details for, and Who is John Shipton ?

Domain ID:D130035267-LROR
Created On:04-Oct-2006 05:54:19 UTC
Last Updated On:09-Jan-2007 18:51:22 UTC
Expiration Date:04-Oct-2007 05:54:19 UTC
Sponsoring Registrar:Dynadot, LLC (R1266-LROR)
Registrant ID:CP-13000
Registrant Name:John Shipton c/o Dynadot Privacy
Registrant Street1:PO Box 1072
Registrant Street2:
Registrant Street3:
Registrant City:Belmont
Registrant State/Province:CA
Registrant Postal Code:94002
Registrant Country:US
Registrant Phone:+1.6505851961
Registrant Phone Ext.:
Registrant FAX:
Registrant FAX Ext.:

Whoever is charge of the DNS now, might do well to create an entry for the shorter

link, which some of the news reports about the project are using, as the URL instead of

The shorter URL works in some but web browser software i.e. the ones which take a guess and prepend the "http://www. " prefix as required.

Initial thoughts on


Like other people, I am both intrigued and worried about the project.

Perhaps some people will choose to discuss the ethical and technical issues on this blog , in public.

As the leaking of the internal development list, by John Young at Cryptome, shows, all the PGP and Tor, and Freenet etc. technology which the project seems to be planning to use, is not, in itself, sufficient to guarantee to protect anonymous sources.

One has to ask why the team chose to register the domain names, .cn and .info, but not the shorter wikileak domain names.

It would also help if their DNS resolved "" to point to the same web page as "" - the shorter URL does not seem to go anywhere at all, at present.

Is this no longer under the control of the wikileaks,org team now that John Young, the Registrant, seems to have withdrawn his participation in the scheme.

Will he re-route any web or email traffic to these domain names elsewhere, or to /dev/null ?

SInce what they are trying to establish is a global trusted brandname, this could have done with some more thought and advice.

Once their software is available and is actually seen to work as intended, I may decide to participate in the project, in a small way, and will then point to the project home page or to one of the planned network of distributed node servers.

However, currently, there are still many unanswered questions about this project, some of which will be discussed in future blog posts.

About this blog

This blog here at (no "S") discusses the ethical and technical issues raised by the project, which is trying to be a resource for whistleblower leaks, by providing "untraceable mass document leaking and analysis".

These are bold and controversial aims and claims, with both pros and cons, especially for something which crosses international boundaries and legal jurisdictions.

This blog is not part of the project, and there really are no copies of leaked documents or files being mirrored here.

Email Contact

Please feel free to email us your views about this website or news about the issues it tries to comment on:

email: blog@WikiLeak[dot]org

Before you send an email to this address, remember that this blog is independent of the project.

If you have confidential information that you want to share with us, please make use of our PGP public encryption key or an email account based overseas e.g. Hushmail

Now that the project is defunct, so far as new whistleblower are concerned, what are the alternatives ?

The wiki page lists links and anonymity analyses of some of the many post-wikileaks projects.

There are also links to better funded "official" whistlblowing crime or national security reporting tip off websites or mainstream media websites. These should, in theory, be even better at protecting the anonymity and security of their informants, than wikileaks, but that is not always so.

New whistleblower website operators or new potential whistleblowers should carefully evaluate the best techniques (or common mistakes) from around the world and make their personal risk assessments accordingly.

Hints and Tips for Whistleblowers and Political Dissidents

The Submissions web page provides some methods for sending them leaked documents, with varying degrees of anonymity and security. Anybody planning to do this for real, should also read some of the other guides and advice to political activists and dissidents:

Please take the appropriate precautions if you are planning to blow the whistle on shadowy and powerful people in Government or commerce, and their dubious policies. The mainstream media and bloggers also need to take simple precautions to help preserve the anonymity of their sources e.g. see Spy Blog's Hints and Tips for Whistleblowers - or use this easier to remember link:

BlogSafer - wiki with multilingual guides to anonymous blogging

Digital Security & Privacy for Human Rights Defenders manual, by Irish NGO Frontline Defenders.

Everyone’s Guide to By-Passing Internet Censorship for Citizens Worldwide (.pdf - 31 pages), by the Citizenlab at the University of Toronto.

Handbook for Bloggers and Cyber-Dissidents - March 2008 version - (2.2 Mb - 80 pages .pdf) by Reporters Without Borders

Reporters Guide to Covering the Beijing Olympics by Human Rights Watch.

A Practical Security Handbook for Activists and Campaigns (v 2.6) (.doc - 62 pages), by experienced UK direct action political activists

Anonymous Blogging with Wordpress & Tor - useful step by step guide with software configuration screenshots by Ethan Zuckerman at Global Voices Advocacy. (updated March 10th 2009 with the latest Tor / Vidalia bundle details)

WikiLeakS Links

The Frequently Asked Questions (FAQ) page.

WikiLeakS Twitter feeds

The website does not stay online all of the time, especially when there is a surge of traffic caused by mainstream media coverage of a particularly newsworthy leak.

Recently, they have been using their new Twitter feeds, to selectively publicise leaked documents to the media, and also to report on the status of routing or traffic congestion problems affecting the main website in Stockholm, Sweden.

N.B.the words "security" or "anonymity" and "Twitter" are mutually exclusive: Twitter feed via SSL encrypted session: unencrypted Twitter feed

Internet Censorship

OpenNet Initiative - researches and measures the extent of actual state level censorship of the internet. Features a blocked web URL checker and censorship map.

Temporary Autonomous Zone

Temporary Autonomous Zones (TAZ) by Hakim Bey (Peter Lambourn Wilson)

Cyberpunk author William Gibson

Campaign Button Links

Watching Them, Watching Us, UK Public CCTV Surveillance Regulation Campaign
UK Public CCTV Surveillance Regulation Campaign

NO2ID Campaign - cross party opposition to the NuLabour Compulsory Biometric ID Card
NO2ID Campaign - cross party opposition to the NuLabour Compulsory Biometric ID Card and National Identity Register centralised database.

Gary McKinnon is facing extradition to the USA under the controversial Extradition Act 2003, without any prima facie evidence or charges brought against him in a UK court. Try him here in the UK, under UK law.
Gary McKinnon is facing extradition to the USA under the controversial Extradition Act 2003, without any prima facie evidence or charges brought against him in a UK court. Try him here in the UK, under UK law.

FreeFarid_150.jpg - Kafkaesque extradition of Farid Hilali under the European Arrest Warrant to Spain

Peaceful resistance to the curtailment of our rights to Free Assembly and Free Speech in the SOCPA Designated Area around Parliament Square and beyond

Parliament Protest blog - resistance to the Designated Area restricting peaceful demonstrations or lobbying in the vicinity of Parliament.

Petition to the European Commission and European Parliament against their vague Data Retention plans
Data Retention is No Solution Petition to the European Commission and European Parliament against their vague Data Retention plans.

Save Parliament: Legislative and Regulatory Reform Bill (and other issues)
Save Parliament - Legislative and Regulatory Reform Bill (and other issues)

Open Rights Group

The Big Opt Out Campaign - opt out of having your NHS Care Record medical records and personal details stored insecurely on a massive national centralised database.

Tor - the onion routing network
Tor - the onion routing network - "Tor aims to defend against traffic analysis, a form of network surveillance that threatens personal anonymity and privacy, confidential business activities and relationships, and state security. Communications are bounced around a distributed network of servers called onion routers, protecting you from websites that build profiles of your interests, local eavesdroppers that read your data or learn what sites you visit, and even the onion routers themselves."

Tor - the onion routing network
Anonymous Blogging with Wordpress and Tor - useful Guide published by Global Voices Advocacy with step by step software configuration screenshots (updated March 10th 2009).

Amnesty International's campaign

BlogSafer - wiki with multilingual guides to anonymous blogging

NGO in a box - Security Edition privacy and security software tools

Home Office Watch blog, "a single repository of all the shambolic errors and mistakes made by the British Home Office compiled from Parliamentary Questions, news reports, and tip-offs by the Liberal Democrat Home Affairs team."

Reporters Without Borders - Reporters Sans Frontières - campaign for journalists 'and bloggers' freedom in repressive countries and war zones.

Committee to Protect Bloggers - "devoted to the protection of bloggers worldwide with a focus on highlighting the plight of bloggers threatened and imprisoned by their government."

wikileaks_logo_low.jpg - the controversial "uncensorable, anonymous whistleblowing" website based currently in Sweden.

Syndicate this site (XML):

Recent Comments

  • James Hyams: I'm writing a thesis on Public Trust in WikiLeaks, the read more
  • rich kaplan: Hello Wikeleaks vrew. In Turkey , the islamist goverment just read more
  • wikileak: Cryptome have a few more extracts from this book read more
  • wikileak: have now launched their website with some details of read more
  • wikileak: Bahnhof Internet seem to be hosting two Wikileaks servers in read more
  • wikileak: Clay Shirky has posted a rough transcript of Daniel Domscheit-Berg's read more
  • wikileak: @ N - you can still see the "1.2 million read more
  • N: @wikileak - Exactly, these cables are _from_ the United States, read more
  • wikileak: is now displaying this meassage: Coming soon! While we read more

November 2018

Sun Mon Tue Wed Thu Fri Sat
        1 2 3
4 5 6 7 8 9 10
11 12 13 14 15 16 17
18 19 20 21 22 23 24
25 26 27 28 29 30