The Century Foundation


MailVault is the safest way to make contact with journalists and fellows at The Century Foundation. Without revealing your identity, even to us, you may send confidential messages or files. All communications are routed to senior fellow Barton Gellman. No one else will have the keys to read them. At your direction, he will share what you send with a colleague.

MailVault keeps you anonymous by disguising your location and the IP address of your computer. Encryption scrambles the content of your message so that no one can read it in transit.

  • Read more about MailVault below, then take three simple steps.

  • Download the Tor Browser Bundle, a web browser that aims to protect the anonymity of users.
  • Launch Tor Browser and copy-paste this link into the Tor browser's address bar (not your usual browser's): bartongellman.securedrop.tor.onion. You can also use http://hxywmnvdz5f2l5gqwjfcejdpla7nhj35dn5cf5l6qevjb77wasnna3qd.onion/ .
  • Follow further instructions on screen about how to submit.
  • Note: the MailVault Onion URL changed on January 30, 2021.

    For security reasons, it is recommended that you do not use MailVault from your work or home, and instead use it from a public wifi network, such as at a coffee shop.

    A full list of Century Foundation fellows and staff is here. At present, only Barton Gellman will be able to see what you send through MailVault.


    is a Pulitzer Prize winning reporter and author, now writing about surveillance, privacy and the NSA with documents he received from Edward Snowden.


    When you enter MailVault, you will receive a unique code name and password. Step by step instructions will guide you after that.

    MailVault is based on SecureDrop, a communications system for whistleblowers and others who need to exchange information privately. It uses well-respected, open source tools for anonymity (Tor) and encryption (GPG, also known as OpenPGP). Outside experts have audited and improved the technology, but no system offers perfect security. For example, if someone installs spyware or a hardware key-logger on your computer, your communications with us may be compromised.

    If the stakes of anonymity are very high, you may increase your protection against surveillance by browsing to Mail Vault:

    (1) from a bootable thumb drive running TAILS, a portable operating system built for maximum privacy...

    (2) on a public computer or a computer you use for nothing else...

    (3) and connected to a wired or wireless network away from your home and workplace.


    When you visit the MailVault onion URL, the Century Foundation cannot see your computer's I.P. address. We will not record information about your browser, computer, or operating system, nor will we embed third-party content or deliver cookies to your browser. On this page,, we do not embed any third party content or log I.P. addresses either.

    If you send us messages or files, we will make no attempt to identify you without your consent.

    Our MailVault servers are kept under lock and key in the physical control of the Century Foundation, segregated from our other computers and networks. We host the system on a Tor "hidden service," which conceals your location and online identity as well as ours. We encrypt all communications from your computer to ours.

    All that said, the system is provided on an “as is” basis. We can make no warranty about its security, or yours, and in the end you must assess the risks for yourself.