Love them or hate them, WikiLeaks.org has had a massive impact on the world of whistleblowing. on investigative journalism and on some (Western) politicians and government agencies, which has been documented ad nauseum elsewhere by the mainstream media the blogosphere, the twitterverse and also in books, documentaries and forthcoming films.
For the best part of 2 years, they have effectively ceased to be a whistleblower website, as they no longer bother to accept and publish any new whistleblower leaks via their (broken) website submission system.
The promised new system has not been launched at the delayed press conference on 1st December 2011:
Nevertheless there are lessons for post-Wikileaks.org websites to learn from their strengths, weaknesses, triumphs and disasters:
Strengths and triumphs
- Their successful legal challenge to being censored through a Court Injunction in the USA, aimed at their Domain Name Registrar and DNS service providers, bolstered by the use of lots of volunteer contributed Cover Name domain name aliases, in multiple legal jurisdictions.
- Julian Assange's credibility with mainstream media organisations
- Various "scoops" picked up by the mainstream media
- Managing to get some of the US Diplomatic Cables leaks mirrored to lots of websites, making this information effectively uncensorable.
- Publishing the MD5 and SHA1 hashes and Expiry Date from their Digital Certificates on the WikiLeaks.org website (when they did bother to use them), potentially adding some confidence and trust, independent of the Public Key Infrastructure.
- Inspiration and consultancy helping to set in motion the forthcoming changes in media and censorship laws in Iceland - International Modern Media Institute
- Becoming, for a time, the Publisher Of Last Resort, allowing mainstream media journalists and political activists to debate scandals being hidden by the rich and powerful through the use and abuse of Court Injunctions or even Super Injunctions e.g. the Trafigura Super Injunction case, by indirectly mentioning that the background documents might be found on WikiLeaks.org, without having to directly link to them themselves.
- Delayed publication request feature (when the submission system still worked) - this added some extra comfort for whistleblowers aware of Communications Data Traffic Analysis.
- Magnet link URIs to published documents, to help with BitTorrent style Peer to Peer file distribution. Cryptographic hash checksums of published documents were /are available (but no explanation or links or tools to enable ordinary users of the website to verify these themselves)
- Removal of potentially incriminating meta-data from uploaded whistleblower documents and files and digital images, before publication (N.B. sometimes these are the only clues to the authenticity of the material)
Weaknesses and mistakes
- The abandonment of the "wiki" part of WikiLeaks.org - why did they stop allowing analysis and commentary on their back history of leaked documents, even if they were no longer publishing new ones ?
- The abandonment of the original WikiLeaks.org website (originally with PRQ internet in Sweden, but now using web hosting associated with Russian spammers and fraudsters) in favour of the PirateParty hosted WikiLeaks.ch
- Their unsuccessful struggles to use online financial payments systems like PayPal to raise funds.
- The attempts to use cryptic, easily misconstrued 140 character Twitter messages without any supporting, detailed full page Press Releases on the website, to try to communicate major issues or complicated arguments.
- Technical failures with SSL/TLS Digital Certificates (they let them expire, they swapped and changed to and from reasonably trustworthy commercially available certificates and totally untrustworthy self signed one, to the current website which no longer bothers with encryption at all, even though it solicits personal details from journalists and volunteers etc.
- The abandonment of PGP Encryption
- The abandonment of the use of Tor Hidden Service
- Email list blunder revealing the identities of some financial contributors
- Periodically "deep linking" to graphics or videos on external websites, thereby handing over website visitor IP address and browser details of almost all visitors to the WikiLeaks.org website, including potential whistleblowers or insider volunteer leak analysts, to other commercial and government organisations.
- Lack of financial transparency
- Julian Assange's dictatorial monomaniacal management style of what now looks like a cult.
- Julian Assange's threats of legal action against former mainstream media partners like The Guardian newspaper over, of all things "his" copyright of whisteleblower submitted material (which obviously actually belongs to say, the US Government)
- Julian Assange's arrest in the UK and extradition proceedings to Sweden on non-WikiLeaks related sexual allegations which obviously distracts from any whistleblowing.
- Actual deceit about claims to have "thousands" or "millions" of Chinese government documents ready for publication
- Multiple lies to the media and independent commentators, about the size of the WikiLeaks.org organisation and its technical computer infrastructure.
- False claims about being the spark or inspiration for the "Arab Spring" popular uprisings in 2011.
- Publishing leaked documents containing the identifiable personal data of thousands of innocent people, without any redaction or censorship
- Failure to register all of the "best" domain name variations of their chosen website domain name e.g. Wikileaks.com or WikiLeak.org - not acceptable for a global organisation / brand name.
- Lack of multiple offsite encrypted data backups leading to a Single Point of Failure
- The whole WiikiLeaks versus OpenLeaks media propaganda and potentially libelous accusations via Twitter and via third party websites and blogs, but still no relevant Press Releases on the "official" WikiLeaks.ch website at all.
- The incompetent re-use of the encryption password to a full unredacted copy of the whole US Embassy Cables file cables.csv and the failure to accept any blame for publishing this on peer to peer networks via BitTorrent themselves