How to (securely) contact me

If you have a story to tell or information you want to share with me, but are concerned about the sensitivity of this material and/or your security, there are some concrete steps you can take to stay safe.

If you want to send me an encrypted email that only I will be able to read, use PGP. My PGP public key can be found here (the fingerprint is 72D7 6D77 EFCF 7C5D C628 BAD2 5D7F 56C2 5811 B183). My email address is sam.biddle@theintercept.com—please keep in mind that PGP does *not* encrypt an email’s subject line, so don’t put anything sensitive in there.

If you use ProtonMail, an email service built with security in mind, you can contact me that way too: sambiddle@protonmail.com

If PGP sounds like too much of a pain in the ass—I don’t blame you!—you can use Signal, an encrypted IM and voice calling application available for your smartphone or computer. If you want my Signal number, ask me over email or Twitter DM and I’ll reply with my number, no questions asked. Please note that Twitter DMs are NOT encrypted, so don’t say anything sensitive there. If you don’t want to use your own email account to ask me for my Signal number, you can use a disposable email service like GuerillaMail or AnonBox—but like Twitter DMs, you should not use this to transmit anything sensitive.

The Intercept maintains a SecureDrop server, which you can use to send me sensitive materials. For more on using SecureDrop (and becoming a source in general), check out this guide.

If you have any questions at all about any of the above or anything else, let me know.