EFF has a report on the terms of service WSJ and AJ offer leakers using their WikiLeaks competitor sites. I had already heard that WSJ offered almost no technical security (which EFF describes), but it turns out neither offer much in the way of confidentiality guarantees.

Despite promising anonymity, security and confidentiality, [Al Jazeera Transparency Unit] can “share personally identifiable information in response to a law enforcement agency’s request, or where we believe it is necessary.” [WSJ's] SafeHouse’s terms of service reserve the right “to disclose any information about you to law enforcement authorities” without notice, then goes even further, reserving the right to disclose information to any “requesting third party,” not only to comply with the law but also to “protect the property or rights of Dow Jones or any affiliated companies” or to “safeguard the interests of others.” As one commentator put it bluntly, this is “insanely broad.” Neither SafeHouse or AJTU bother telling users how they determine when they’ll disclose information, or who’s in charge of the decision.

[snip]

By uploading to SafeHouse, you represent that your actions “will not violate any law, or the rights of any person.” By uploading to AJTU, you represent that you “have the full legal right, power and authority” to give them ownership of the material, and that the material doesn’t “infringe upon or violate the right of privacy or right of publicity of, or constitute a libel or slander against, or violate any common law or any other right of, any person or entity.”

[snip]

SafeHouse offers users three upload options: standard, anonymous, and confidential. The “standard” SafeHouse upload “makes no representations regarding confidentiality.” Neither does the “anonymous” upload which, as Appelbaum pointed out, couldn’t technically provide it anyway. For “confidential” submissions, a user must first send the WSJ a confidentiality request. The request itself, unsurprisingly, is neither confidential nor anonymous. And until the individual user works out a specific agreement with the paper, nothing is confidential.

Similarly, AJTU makes clear that “AJTU has no obligation to maintain the confidentiality of any information, in whatever form, contained in any submission.” Worse, AJTU’s website by default plants a trackable cookie on your web browser which allows them “to provide restricted information to third parties.” So much for anonymity!

I’m fascinated by this not just because they obviously won’t provide a real alternative to WL, but because of what they say about the evolving gatekeeper relationship of news outlets.

Keep in mind that both these outlets make curious candidates for a WL competitor.

For its part, WSJ would be unable to sustain its unique market position if it routinely offered corporate whistleblowers–particularly from the finance industry–a way to leak confidentially. Its demand that leakers represent that they have not violated the rights of any person, its warning that it might share information on leakers with requesting third parties, and its intent to safeguard the interests of others all sounds like WSJ is more interested in its corporate advertisers and the security of their information than protecting whistleblowers. Indeed, you might even say this is more of an ambivalent information service WSJ offers, potentially luring (say) Bank of America leakers who might otherwise leak to WL, possibly for stories, but possibly also to share with BoA.

Then there’s al Jazeera. Particularly since it is not US-based, and given its tie with the Qatari government, one would assume that they such a site would be closely monitored. The US has a long history of persecution of AJ, including imprisoning and killing journalists. Perhaps it’s not surprising how few protections it offers.

And all that’s before you consider the fact that the US government is trying to prosecute WL for espionage. Murdoch is in the middle of a spying scandal in the UK; AJ journalists have been treated, unfairly, as terrorists. That makes both somewhat vulnerable. And the USG has declared an entity that publishes anonymous leakers to be spy organizations, not something either WSJ or AJ need.

Which is why I find it so interesting that these two outlets, while claiming to do the same thing as WL did, fall so far short of attempting to offer true anonymity to their sources. Here, the protection accorded leakers is actually less than a traditional journalist would offer. It’s as if they’re ceding the US government argument that anonymous leaks are so much worse than the leaks from the powerful so often featured in outlets like WSJ.

Or perhaps they’re just trying to reinforce their traditional gatekeeper role while attempting to undercut the competition?

Updated for syntax and to fix WSJ/Murdoch conflation.