FOGHORN — Why a Whistleblowing Platform for the Internet Industry Matters

Why a foghorn

A foghorn doesn’t care about the weather. It doesn’t wait for permission. When visibility drops to zero and ships are heading blind into rocks, it sounds. Loud, low, impossible to ignore. That’s the entire job. Not to fix the fog. Not to steer the ship. Just to make sure nobody can say they didn’t hear the warning.

The internet industry has fog. Thick, quiet fog. The kind where things happen behind closed doors — in Slack channels nobody screenshots, in 1-on-1s with no witnesses, in performance reviews that punish the person who raised the concern instead of the person who caused it. People see it. People know. But the fog makes it easy to pretend you don’t.

A foghorn cuts through that. It doesn’t need to know who you are. It doesn’t need your LinkedIn profile or your employee ID. It just needs the signal: something is wrong here, and someone needs to hear it.

That’s what FOGHORN is. A maritime safety system, repurposed for an industry that has plenty of monitoring for its networks but none for its people.

There are things in our industry that people talk about in hallways. At hotel bars after the last session. In DMs that disappear. But never on a mailing list. Never on stage. Never where it actually counts.

Harassment. Discrimination. Toxic leadership. Retaliation against people who spoke up.

We all know it happens. We just pretend we don’t because nobody built a place to put it.

So I built one.

What FOGHORN is

FOGHORN is an anonymous whistleblowing platform for the IT, tech, and internet industry. It runs at foghorn.report.

Here’s what it does: you describe what happened, pick a category, hit transmit. You get a tracking token. That’s it. No account. No email. No IP logging. No identity. That token is the only way to follow up on your report — and the only thing connecting you to it. There’s a two-way anonymous chat so a review team can ask follow-up questions without ever knowing who you are.

The whole thing is protected by EU Directive 2019/1937 and the German Hinweisgeberschutzgesetz. That’s not marketing. That’s the law.

The categories cover what I’ve seen and heard about over the years working in and around this industry: AI bias, data abuse, surveillance overreach, labor rights violations, sexual harassment, mobbing, racism, discrimination, retaliation. And “other” — because people are endlessly creative in finding ways to hurt each other.

Why

In 2019, Erik Bais stood on stage at NLNOG Day and gave a talk called “Working in a Toxic Environment.”

If you were there, you remember. If you weren’t — go watch it.

It was the first time someone in our community said out loud what a lot of us knew but never dared to put into words. The room went quiet in a way that doesn’t happen during a BGP talk. People recognized themselves. People recognized their workplaces. That talk changed lives. Not in a motivational-poster kind of way. People actually left jobs they should have left years ago. People finally understood that what they were going through had a name.

Erik didn’t stop at the talk. He followed up. Personally. He sat down with people, gave advice, listened. He championed mental health in a community that would rather spend three hours debugging a route leak than spend three minutes talking about how they’re actually doing. During COVID, when isolation was grinding people down, he was one of the few who kept asking the uncomfortable question: “How are you really?”

Erik died on May 28, 2024. He was 51.

The RIPE community called him a pillar. NLNOG wrote that his talk was “an eye-opener that gave people the push they needed to start improving their working conditions.” His family asked for donations to the Dutch Suicide Prevention Fund instead of flowers. That tells you everything about what he cared about.

I lost a friend who showed me something that should be obvious but apparently isn’t: caring about the people behind the networks is not a side project. It is the project.

I believe Erik would have supported FOGHORN. Not because the tech is clever. Because it gives people a voice when they feel they don’t have one. That was always his thing.

What I need

I’m not going to pretend I can pull this off alone. The platform is live. The tech works. But here’s the thing about a whistleblowing platform: it’s worthless without trust. And trust doesn’t come from encryption badges or legal disclaimers. Trust comes from governance. From real people standing behind it.

Here’s what I’m trying to build:

A board of trusted people from across the NOG community. Not a corporate advisory panel where people collect LinkedIn badges. Actual humans who understand this industry, who can review reports with context and empathy, and who have the spine to act on what they read.

Trusted contacts at individual NOGs — local people on the ground who can be a first point of contact. Someone you can talk to before you file a formal report. Someone who knows the local context.

A governance structure that answers the hard questions: Who sees what? How are reports escalated? What happens when someone files a report about a board member? How do we protect reporters from retaliation — not just legally, but practically?

Legal guidance. The EU whistleblower directive is clear in principle. Implementation details are where it gets messy.

If you have experience with any of this — ombudsperson work, Code of Conduct enforcement, HR mediation, legal frameworks — I want to hear from you. Seriously. This doesn’t have to be perfect on day one. It has to be honest and it has to be real.

How it works

For those who care about the plumbing:

FOGHORN runs as part of the NOGnet platform on its own domain. Next.js frontend with a custom design that I deliberately made look nothing like a SaaS landing page. 12 incident categories with bilingual labels, extensible. File attachments for evidence. Anonymous two-way chat via tracking token. SLA tracking: 48 hours for first contact, 7-day escalation. No accounts, no tracking cookies, no analytics on the reporting page.

The design is dark, restrained, editorial. No gradients. No blob illustrations. No “trusted by 10,000 companies” nonsense. A foghorn cuts through noise. That’s the whole metaphor.

What’s next

I need help shaping the governance. The tech is a means to an end. If you want to get involved — as a board member, as a trusted contact at your local NOG, as someone who reviews the legal framework, or just as someone who says “this matters” — reach out. You know where to find me.

This is for Erik. And for everyone who ever sat in a conference hallway wondering if they were the only one.

#Whistleblowing #FOGHORN #NOGnet #NetworkOperators #NOG #InternetIndustry #CommunityGovernance #ErikBais #MentalHealth #ToxicWorkplace #EUWhistleblowerDirective #HinSchG #CodeOfConduct #RIPE #NLNOG #Peering #TechEthics #SpeakUp #WorkplaceSafety #OpenSource