Paper 2026/950

Beyond the Anonymous Inbox: Secure Whistleblowing for All

Gabriel Wechta, NASK National Research Institute
Mirosław Kutyłowski, NASK National Research Institute
Tomasz Lizurej, NASK National Research Institute
Ewa Syta, Trinity College
Abstract

Directive (EU) 2019/1937 mandates reporting channels that do substantially more than accept a one-shot anonymous report submission. A compliant system must protect the confidentiality of the report and the reporting person, restrict submission to entitled persons, enforce prescribed workflows under statutory deadlines, and maintain auditable records of the reporting process. Existing whistleblowing tools typically address only fragments of these requirements, often reducing the problem to an anonymous inbox or web form. To our knowledge, no existing system addresses whistleblowing's full procedural and security requirements within a single integrated design. We adopt a compliance-driven approach in which the Directive is treated as a normative source of system requirements rather than as background motivation. From Directive-mandated procedures, assets, and threats we derive, we propose a threat model, a set of security goals tailored to directive-compliant whistleblowing, and formalize the whistleblowing process. We then propose a concrete Whistleblowing System architecture that separates enrollment from reporting and builds on an Auditable Log Service (ALS) with an Identity Management Component (IMC). Our design supports report pseudonyms tied to entitled persons, controlled identity disclosure, and confidential yet accountable communication. It enforces an auditable workflow that separates procedural handling from merits-based processing and enables a practical deployment model deployable at both state and organization level that distributes trust across multiple entities, lowers adoption barriers through shared infrastructure, and supports two-level auditing of both procedural compliance and merits-based handling for dispute resolution.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Preprint.
Keywords
WhistleblowingIdentity ProtectionAuditability
Contact author(s)
gabriel wechta @ nask pl
miroslaw kutylowski @ nask pl
tomasz lizurej @ nask pl
ewa syta @ trincoll edu
History
2026-05-16: approved
2026-05-13: received
See all versions
Short URL
https://ia.cr/2026/950
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2026/950,
      author = {Gabriel Wechta and Mirosław Kutyłowski and Tomasz Lizurej and Ewa Syta},
      title = {Beyond the Anonymous Inbox: Secure Whistleblowing for All},
      howpublished = {Cryptology {ePrint} Archive, Paper 2026/950},
      year = {2026},
      url = {https://eprint.iacr.org/2026/950}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.