Use PGP encryption to avoid disclosing the content of your message to third parties
When corresponding with our journalists there are times where anonymity is not a priority, but the aim is to keep the conversation private. In such situations it may be appropriate to use email, but with an additional layer of security.
Encrypting the contents of an email using public key cryptographic methods is a good way to avoid compromising the content.
The Guardian uses a third party cloud email solution. Mail and document encryption can also help stop a third party from reading the contents of a conversation.
This page contains public keys of Guardian staff. To send an encrypted message to a journalist you will need to create your own keys and then encrypt the message using both your keys and the journalist’s public key.
There are many different implementations of public key cryptography. At the Guardian we have opted for an open source implementation of the OpenPGP standard. As with any public key cryptography implementation, there may be software incompatibilities. We will do our best to resolve discrepancies, but some issues may be beyond the capabilities of our technological implementation. The Guardian does not endorse any particular PGP integration or application.
PGP best practice suggests that you should validate a public key against its fingerprint to ensure that it is genuine. Fingerprints are provided below for that purpose.
Use of The Guardian PGP public keys for encrypting email contents is at the user's own risk.
Guardian PGP Public keys may be found on third party key servers. We cannot vouch for those third parties key stores but can vouch for the validity of keys on this site