GlobaLeaks 4.0.51

whistleblowing software

Open-Source Whistleblowing Software

Technical detail

Vitality:

95%

i

The vitality index, as explicited in the guidelines for the acquisition and reuse of software for Italian PA, is calculated according to the following four main categories:

  • Code activity: the daily number of commits and merges;
  • Release history: the daily number of releases;
  • User community: the number of unique authors;
  • Longevity: the age of the project.

The ranges of every measure can be found in the vitality-ranges.yml file.

Development status: stable


Software functionality

Multi-user system with customizable user roles (whistleblower, recipient, administrator)

Entirely manageable from a web administration interface

Support for more than 40 languages with Right-to-Left (RTL)

Support for customization of advanced questionnaires

Receive reports from whistleblower through structured multi-step questionnaire

Let whistleblowers decide if and when to confidentially declare their identity

Exchange multimedia files with whistleblower

Chat with whistleblower to discuss the report

Unique 16-digit receipt for the whistleblower to log back in anonymously

Simple recipient interface for receiving and analyzing reports

Support to the categorization of the reports with labels

Support to the user search of reports

Support for assigning and creating case management statuses

Customizable look and feel (logo, colour, styles, font, text)

Define multiple reporting channels/contexts (e.g. per-topic, per-department)

Manage multiple whistleblowing sites from a single dashboard

Advanced questionnaire builder

Whistleblowing system statistics

Ready-made questionnaires for compliance law

Bidirectional anonymous communication (comments/messages)

Customizable case management workflow (statuses/sub-statuses)

Whistleblower identity conditional reporting workflow

Manage conflict of interest in the reporting workflow

Custodian functionality to authorize access to whistleblower identity

GDPR privacy by design

GDPR configurable data retention policies

GDPR compliant subscriber module for new users of SaaS services

No logs of IP addresses

Integratable with existing enterprise case management platform

Free Software OSI Approved AGPL 3.0 License

Full data encryption of whistleblower reports and recipient communication

Digital anonymity support with Tor integration

Built-in HTTPS support with TLS 1.3 standard (SSLabs A+ rating)

Automatic free digital certificate enrollment (Let’s Encrypt)

Multiple penetration tests with full public reports

Conform to industry standards and best practices for application security (OWASP)

Two-Factor authentication (2FA) support compliant to standard TOTP RFC 6238

Integrated network sandboxing with iptables

Integrated application sandboxing with AppArmor

Complete protection against automated submissions (spam prevention)

Subject to continuous peer-review and periodic security audits

PGP support for encrypted email notifications

Does not leave traces on browser cache

Multi-site support enabling to run multiple virtual site on the same setup

Responsive UX made with Boostrap CSS Framework

Built-in Accessibility Support with WAI-ARIA compliance

Automated Software Quality Measurement and Continuous Integration Testing

Long-Term Support plan (LTS)

Built with lightweight framework technologies (AngularJS and Python Twisted)

Embedded Database - SQLite (optional support for other Databases)

Automatic setup of Tor Onion Services Version 3

Integrated backup support

Support for self-service signup for whistleblowing SaaS service setup

Support for Linux operating system (Debian/Ubuntu)

Deb Packaging with repository for update/upgrades

Fully self-contained application (no web or application servers needed)

Integrate collaborative translation/localization (Transifex)

Easy integration of the platform with existing websites and intranets

HTTP/2 support

REST API

Provisioning API

detailed information

GlobaLeaks 4.0.51

whistleblowing software

Last release 2020-08-09 (4.0.51)

Type of maintenance community

Technical contact

Giovanni Pellerano +390287186005

Supported languages Arabic
Azerbaijani
Bulgarian
Bosnian
Catalan
Czech
Danish
German
Divehi
Greek, Modern (1453-)

English
Spanish
Persian
Finnish
French
Galician
Hebrew
hr-HR
hu-HU
Indonesian
Italian
Japanese
Lithuanian
Georgian
Korean
Malagasy
nb-NO
Dutch
Polish
pt-BR
pt-PT
Romanian
Russian
Slovak
sl-SI
Albanian
Swedish
Tamil
Thai
Turkish
Ukrainian
Urdu
Vietnamese
zh-CN
zh-TW

Extended description

GlobaLeaks is open-source / free software intended to enable secure and anonymous whistleblowing initiatives developed by the Hermes Center for Transparency and Digital Human Rights. Thanks to GlobaLeaks even non-technical people are be able to setup their own anonymous whistleblowing project. Designed to be user-friendly the software is customizable up to own needs and protects the whistleblower’s privacy and submissions. GlobaLeaks targets many use cases and therefore it has been designed as a framework. Designed with flexibility in mind, GlobaLeaks is nowadays adopted worldwide by more than 2000 projects. The vast range of adopters includes independent media, activists, public agencies, corporations and more.

back to contents