Overview of anonymous submission tools

Journalists

Overview of anonymous submission tools

Overview of anonymous submission tools: differences between SecureDrop, GlobaLeaks, and OnionShare

There are several kinds of tools for anonymously passing information and documents.

Names that often appear are SecureDrop, GlobaLeaks, and OnionShare.

These are sometimes discussed as if they have similar purposes, but they are not the same thing. Some are operated by news organizations as continuing submission channels, some are suited to temporary file sharing, and some are used for internal reporting or organizational reporting intake.

Before choosing a tool, organize "who receives what, from whom, and how."

Positioning of the main tools

First, separate the broad role of each one.

Tool	Main use	Reason to introduce it
SecureDrop	A mechanism for news organizations and others to receive anonymous submissions	You can learn intake operation based on source protection
GlobaLeaks	A foundation for organizations to create reporting and submission channels	You can learn continuing report intake and handler management
OnionShare	Temporary file sharing and receiving using	You can learn small-scale transfer that avoids real-name cloud services

SecureDrop is a foundation for news organizations and organizations to receive anonymous submissions. Because the receiving-side operation needs to be designed around source protection, it is important in journalism and high-risk submission contexts. URL : https://securedrop.org/

GlobaLeaks is an open source foundation for organizations to operate anonymous reporting and submission channels. It becomes a candidate when creating continuing intake flows, such as internal reporting, public-interest whistleblowing, and channels for NGOs or public institutions. URL : https://globaleaks.org/

OnionShare is a tool suited to temporary file sharing and receiving using Tor. It becomes an option when you want to pass files on a small scale with limited recipients without using a real-name cloud service. URL : https://onionshare.org/

All of them relate to anonymity and safer transfer.

However, their operational assumptions are different.

SecureDrop

SecureDrop is a mechanism for news organizations, NGOs, and others to receive anonymous submissions.

The submitter accesses it with Tor Browser and sends documents or messages. The receiving side prepares a dedicated operational structure and checks the submissions.

Item	Content
Suited use	Submission channel for news organizations
Strength	Designed with source protection as an assumption
Caution	Requires a receiving-side operational structure
Remaining issues	Document metadata, inference from contents, publication judgment

SecureDrop is covered in detail in another article.

GlobaLeaks

GlobaLeaks is an open source foundation for creating internal reporting and submission channels.

It is used not only in journalism, but also in NGO, corporate, public-institution, audit, and compliance contexts. It is a mechanism designed around operations such as people submitting reports, receiving handlers, and case management.

Item	Content
Suited use	Report intake, whistleblowing channels, organizational submissions
Strength	Makes it easier to manage reporting flows and receiving handlers
Caution	The operator's policy and reliability are important
Remaining issues	Receiving-side logs, document management, explanations to people submitting reports

Using GlobaLeaks does not automatically make something safe.

Which organization operates it, what it records, and who can access it are important.

OnionShare

OnionShare is a tool for file sharing and receiving using Tor.

It is relatively easy for individuals to use and is suited to temporary transfer. Rather than a permanent channel like SecureDrop or GlobaLeaks, it is suited to sharing with limited recipients.

Item	Content
Suited use	Temporary file sharing, receiving, individual transfer
Strength	Easier to share without a real-name cloud account
Caution	Requires a path for passing the onion address
Remaining issues	File metadata, device safety, recipient handling

OnionShare is covered in detail in another article.

Which one to choose

When choosing a tool, choose by use, not by name recognition.

Situation	Candidate	Reason
A news organization creates an anonymous submission channel	SecureDrop	Mechanism conscious of source protection
An organization operates report intake	GlobaLeaks	Suited to reporting flows and handler management
Temporarily sharing a file individually	OnionShare	Easier to pass without placing it in the cloud
Receiving high-risk whistleblowing	SecureDrop or a specialized channel	The receiving-side structure is important

With any tool, file metadata, contact paths, and inference from publication or article content remain.

Tools protect the entrance, but they do not automatically protect the whole operation.

Official information to check before choosing

For anonymous submission tools, it is important not to judge from old introductory articles alone. Features, recommended configurations, cautions, and operational assumptions can change.

Tool	Official site	What to check
SecureDrop	URL : https://securedrop.org/	Source-protection assumptions, operator-facing explanations
GlobaLeaks	URL : https://globaleaks.org/	Reporting-channel structure, deployment and operation information
OnionShare	URL : https://onionshare.org/	How to use file sharing, receiving, and publishing features

Do not judge safety by the tool name alone. Check who operates it, which version it uses, and what explanations it provides.

Users and operators need to look at different places

Submitters check their own devices, networks, documents, and behavior after sending. Operators check the receiving environment, access permissions, storage location, reply method, and source protection at publication.

Position	What to look at
Submitter	Device, connection path, document metadata, inference from content
Receiving side	Operating structure, storage, viewing permissions, replies, publication judgment
Reader	Check the operating entity, not only the tool name

Anonymous submission does not work through the sending side alone or the receiving side alone. Safety improves only when both sides' operations are aligned.

Questions before choosing a tool

Before deciding a specific tool name, check the following questions.

Question	Reason
Who does the submitter need to be protected from?	Decide the threat model
Does metadata remain in the documents?	Prevent leakage outside the entrance
Who on the receiving side will see it?	Check permission management and responsibility
How will replies be handled?	Reduce traces from continuing contact
Can the source be inferred at publication?	Look at the risk from turning it into an article or report

Choose the tool after answering these questions. If you introduce only the tool while unable to answer the questions, you will mistake what needs protection.

In anonymous submission, the entrance, documents, contact, storage, and post-publication effects form one flow.

Summary

SecureDrop, GlobaLeaks, and OnionShare are tools used for anonymous submissions and file transfer.

SecureDrop is suited to anonymous submission channels for news organizations and similar recipients.

GlobaLeaks is suited to report intake and organizational submission flows.

OnionShare is suited to temporary file sharing and receiving using Tor.

What matters is operation, not the tool name.

Check who operates it, what is recorded, who can access it, and how received documents are handled.

Related tools

Anonymous communication

Tor Project

An external resource related to this article. Open it only when it fits your situation and threat model.