Make it possible for recipients to exchange messages between each others

[evilaliv3]

Currently the platform enable whistleblowers and recipients to exchange a private message between each other.

It has been suggested as well, as a valuable feature, to make it possible for recipients to exchange messages between each other.

[evilaliv3]

This feature requires database structure change because currently a Message is always attached to a single receiver tip indicating that it has sent/received by the recipient owner of the tip.

Many are the possibility of new messages to be added:

• one recipient to one recipient
• one recipient to all recipients
• one recipient to some recipients

In my opinion a simple addition could be to make it possible for Recipients to comment one-to-all to other recipients just extending the Comment feature and not requireiing any other structural change.

I suggest to postpone this addition and collect more feedback for the use case in order to decide which alternatives are best.

[pale75]

my idea of exchanging messages between recipients is a little different, because in our production environment we already use globaleaks whistleblowing and we have a recipent inside our corporation and another external. both of them will receive a whistleblow and before arriving at any initiative, they needs to exchange some messages in a complete anonymous and secure environment (The messages should be hidden to the whistleblower until the recipients will take a decision).

[evilaliv3]

Probably it would be nice to do a change like the following:

• Merge comments and messages calling them just Comments.
• Make it possible for comments to be sent to: -- Every user -- To every recipient -- To a single recipient or whistleblower

[evilaliv3]

What do you think: @giorgiofraschini @maxmois @schris-dk @larrykind @elbill @cyberflaneuse @SylvainFPU ?

[schris-dk]

In my opinion, the private messages should be shown to all the recipients, as they all are part onf the discussion in the matter. Any discussion in between further sub-contractors like lawyers can be done outside the portal.

One of the reasons behind this is, that it should be transparent to the recipient group what has been agreed upon.

I think this feature could be dealt with in the simple matter, that the private message window not is visible to whistleblowers

[giorgiofraschini]

I think this could be a useful feature but it should be included in a more general development towards to the use of globaleaks as a management system, which is not now. And I don't know if this would be one of the first feature to develop if the project decides to develop in that direction.

[evilaliv3]

Thank you both for your feedback

@schris-dk: Actually private messages currently works one-to-one so they could not be directly used like you say.

[larrykind]

Hi everyone. Basically I agree with @schris-dk, but after the report sharing feature release, I suggest to rethink private messages in a new flavour: like "group messages". In this context i find that this feature could be very useful to manage reports within a team of receivers (the report sharers), even if they're phisically far from each other. In any case the comments could be restricted to report managers, newly added receivers shoud be able to read all the chat history for that report.

[maxmois]

Hi everyone, Very insightful comments and I agree, that this functionality will be a further step towards developing case management capabilities. As for now recipients are forced to have these private conversations outside the GL, often using much less secure communication means risking exposure of reports and WB data. Bringing some basic but essential case management functionalities to GL might make a WB process more secure as a whole and provide users (recipients) with essential capabilities right within the GlobaLeaks.

If the functionality is being considered I believe that first step could be to make it possible to have a private conversation/file sharing within all the recipients and if/when proved useful second step could be creating more sophisticated version of it including 1 to 1 conversations between recipients. The ability for newly added recipients to be able to see the chat/file history previously added is also essential in my opinion.

[elbill]

Hi all. Great discussion here. I agree with @schris-dk . A simple implementation where all recipients will see all messages and files would be great. 1 to 1 recipient communication I do not believe is essential for my workflow but I agree with 2 phase approach proposed by @maxmois . A mentioning system with @xxxxuser would be nice for phase 2. "group messages" proposed by @larrykind is a nice idea, but would leave them for phase 2, as it may have development challenges. This simple feature is essential in my opinion and should be implemented soon. @giorgiofraschini I would prioritise this feature for GlobaLeaks to become a CMS. I'm not sure if you propose any other approach for CMS functionality. thanks!

[SylvainFPU]

I agree with the comments above from @schris-dk and @maxmois . We don't really have this use case in our flow at PubleaksNL, but have no objection with the process and idea.

[giorgiofraschini]

@elbill I am not sure that the day Globaleaks decides to become a CMS this should happen by adding one feature at the time to the current software. In that case I would prefer to think to an overall re-tool if possible. If it has to happen step-by-step, this is definitely important but I am not sure in this development approach if the software has to change its nature from an interaction tool to a mangement one.

[schris-dk]

Thank you both for your feedback

@schris-dk: Actually private messages currently works one-to-one so they could not be directly used like you say.

Currently, the whistleblower can see the private messages (at least when I test it)

[elbill]

@giorgiofraschini I see your point and would agree with you under different circumstances. However let me give you my personal (probably egoistic) view based on my business case offering free and payed whistleblowing services. The way I see it is that Globaleaks (wanting it or not) is a CMS system. By adding a "simple" feature such as private recipient messages and files it will be a more complete CMS and will give me 80% of the functionality I would like (where now it is 60%). Creating a masterplan to crate a sophisticated and well thought of system (that will take 6 months to be implemented with existing resources) does not help me as with such a fast simple feature on the table right now I will get most of the functionality I want and will help Globaleaks (and myself) keep up with competition (that has this capability). I wish I had this feature yesterday as we are one month away from directive being implemented. If I'm loosing business because of one feature that my clients or potential clients require that would be detrimental or would have to diversify. Apologies if some of my comments are irrelevant to the technical aspect we are discussing here.

Let me also add that sophisticated CMS systems such as MS dynamics 365 customer portal that I have studied do not function much more effectively for our case. May be hard to believe however the feature by feature approach would be very efficient considering the constraints.

[zangels]

hello all hello @evilaliv3

Are there any developments in this issue expected?

This would be very useful to us also.

In our implementation (public entity, local government), the recipient often needs internal support from a technical expert on the subject of the complaint.

For example: a complaint about an environmental crime is submitted. The recipient needs technical support from an environmental engineer in order to properly analyze the complaint.

From my point of view, it must be able to communicate with this "other recipient" (or other profile) within the platform, ensuring that the process and information workflow remains complete and all components can be part of a final report.

As a matter of transparency and trust, I am not shocked that the whistleblower is aware of these internal interactions.

[evilaliv3]

Thank you for your question @zangels

At the moment there is no active development on new features because we are more focused on regular maintenance and hardening and there is no active funding for father development. This said time to time we will continue as we do implementing new features like this.

This said this feature is in line with the project goals and overall reoadmap and we could expect that some day someone could contribute to the software and develop it.

If you want to contribute to the project and you have the capability please feel free to propose a pull request.

[zangels]

Thanks for your quick response!

I would if I could ... realy But i don't know much about coding

[evilaliv3]

ehehe, you are welcome.

developing a feature is not the only way to contribute to the software. of corse i could simply say "help us fundraising for this feature to happen", but also fundraising for a feature is not the only alternative to contribute to the software.

what we would like users to understand while using a software like GlobaLeaks, is that a free an open source software is public good of public domain and this means that they have FULL control over it if they just want to.

interested and motivated users could just dedicate time to the community, supporting the creation of a roadmap, designing interfaces on paper, do technical research and technical writing to prepare for the development that is actually a minor final stage of a more complicated process where everyone could contribute with their own skils.

[evariitta]

Hi @evilaliv3 , I would like to ask about this feature's possible development - has there been any further discussions or does the situation remain the same?

[evilaliv3]

Thank you @evariitta for your question. No there has been no update at the moment. In general any advancement is document on this ticketing system.