About this guide
How to Stay Healthy and Well When an AI Frontier Lab Doesn’t Like You
How do we protect those who speak up about serious problems at AI labs? As these labs grow more powerful, the stakes for accountability get higher. Yet sometimes those who try to address problems find themselves isolated and vulnerable.
I’m writing this guide because I’ve been there. After facing my own threat, I’ve gathered practical knowledge that I wish I’d had from the start.
Most of all, this guide is about ensuring our community does better than we did with Suchir Balaji, a whistleblower against OpenAI who died by either suicide or “suicide”. He should have had so much support that his death would have been unthinkable. The AI safety and governance community has a responsibility to support its frontline champions. Let’s do better.
If you’re not personally at risk and want to learn how to help, you can skip to the final section. For everyone else, what follows is a practical handbook for navigating difficult situations more safely and effectively.
This guide provides practical strategies for:
Protecting yourself when holding sensitive information about AI labs
Responding to threats from well-resourced organizations
Building reliable support networks while maintaining security
Implementing basic but effective digital security measures
Navigating legal and law enforcement channels effectively
Preserving mental health under sustained pressure
Most researchers and professionals in AI never need this guide. But for those who find themselves holding sensitive information, considering whistleblowing, or facing threats from powerful organizations, this guide offers crucial insights for protecting yourself. When dealing with organizations and their overseas shareholders that have billions at stake and a demonstrated willingness to coordinate in covering up misconduct, reasonable caution is rational.
This work is being done in tandem with the development of More Light, a new organization that makes it easier, safer, and more meaningful to do what’s right in AI. More on how to support us at the end.
Important Disclaimer
I’m not a lawyer, doctor, mental health professional, or trained operative. I’m just someone who has been credibly threatened, sharing what I know so far to potentially help others.
The guidance here comes from multiple sources: A cybersecurity firm for AI safety and governance professionals; a specialized ops firm doing private intelligence; various folks in AI governance and cybersecurity; a whistleblower I’ve been coordinating with; and my own trial and error.
This guide is not a substitute for professional help. Each situation is unique and may require different approaches.
Threat Modeling
What we’re up against
When dealing with powerful AI organizations, understanding the threat landscape is about making rational decisions under uncertainty.
When thinking about AI lab threats, most people imagine direct action from well-known figures like prominent CEOs. But the reality is more complex and concerning. The threat landscape has multiple layers, each with different motivations and methods.
First, there are the AI labs themselves, with their vast resources, sophisticated tech capabilities, and coordinated teams. But beyond the labs’ official channels lies a more opaque network of actors.
Consider the sovereign wealth funds and private investors who have billions locked into AGI development. These aren’t just Silicon Valley figures bound by U.S. corporate norms—they’re often international players operating under different rules and cultural assumptions about acceptable methods. They may view threats to their AGI investments as threats to national strategic interests, bringing an entirely different playbook to bear.
Available to them are the private contractors—security firms, intelligence agencies, and consultants who operate in legal gray zones. These groups can be engaged through complex chains of deniability, making it nearly impossible to trace actions back to their source.
Perhaps most unpredictable are the “true believers”—individuals who have convinced themselves that AGI development must be protected at any cost. These could be employees, investors, or even unaffiliated third parties who might act independently to “protect” the acceleration of what they see as humanity’s most important project.
This creates a complex web where threats might come from multiple directions simultaneously, with varying degrees of coordination and deniability. A legal threat from the lab itself might be accompanied by unofficial pressure from powerful shareholders, while independent actors pursue their own agendas in the background.
These actors can leverage multiple pressure points simultaneously. They might deploy sophisticated surveillance while pursuing legal harassment, coordinate professional blacklisting while controlling media narratives, and apply financial pressure through various channels. The multi-faceted nature of these capabilities makes traditional single-vector defense strategies insufficient.
For whistleblowers and critics, this means protecting multiple fronts: physical safety, digital security, legal evidence, professional standing, and support networks. Your counterplay needs to match their sophistication—ranging from physical relocation to evidence archives to building resilient support networks of trusted contacts.
Action Under Uncertainty
“Just because you’re paranoid doesn’t mean they aren’t after you.”—Joseph Heller
When facing potential threats from well-resourced organizations, waiting for definitive proof can be dangerous. The absence of evidence isn’t evidence of absence, what might seem like paranoia to others could be reasonable caution given the stakes, and prevention is far less costly than crisis response. “Show us the knife in your back, and then we might investigate” isn’t a viable security strategy to rely on.
Your precautions should scale with your specific situation. Consider the sensitivity of information you possess, any previous conflicts or interactions with the organization, your public visibility and statements, and the strategic importance of your work to them. These factors together create a risk profile that should inform your security decisions.
Discernment
The frontier lab leader who threatened me demonstrated a classic tactic: he thought he was cleverly complying with his lawyers’ advice to not overtly threaten me. So instead he said that other people will do unpredictable things to me, not him of course, and he cannot control what other people might do to me out of love for his company. He just wants me and everyone else to be safe because he cares so much about everyone’s wellbeing. Like a mafia boss. This is their standard playbook: doing something while telling you and everyone else that they’re definitely not doing that thing.
When a frontier lab tells you that you broke the law or that you’re otherwise in trouble, keep in mind that they’re not your lawyer or advisor. They’re the opposing party. Think carefully about why they want you to believe this. Get proper legal counsel to understand your actual position; don’t take any advice from those working against you. Remember: you’re the good guy/gal here. Don’t let them manipulate you to think otherwise.
The key is to stop engaging with them at the object level. Always elevate to the meta. Look at what they’re doing in the abstraction.
Taking Action
Basic Digital Hardening
There are some basic things you can do to make it a little bit more difficult to get hacked. Put your iPhone in lockdown mode. Enable advanced data protection on iCloud, and advanced protection mode in Google.
Use encrypted messaging apps like Signal for sensitive communications. Enable two-factor authentication everywhere, ideally using hardware security keys rather than SMS. Keep your devices updated; security patches can render an exploit ineffective. Use strong, unique passwords with a password manager. Consider using a separate secure device with a hardened operating system for your most sensitive work. While no security is perfect, these basic steps significantly raise the bar for attackers.
Back up important data securely. Consider compartmentalizing your digital life; separate devices or accounts for different purposes. Be wary of installing new apps or browser extensions, as these can be vectors for compromise.
A note on privacy and complexity: Well-meaning people from all walks of life, especially cybersecurity enthusiasts, will urge you to keep everything super private. They’ll propose elaborate schemes involving complex, laborious and brittle encryption systems. But if nobody knows except the company and you, then that information is easiest to remove with a targeted attack on you. When you think about it carefully, you might find that working too hard on your own privacy and disappearance isn’t actually what you want. Listen to your lawyer on what your obligations are regarding data protection (more on lawyers below), and beyond that use your discernment to reject knee-jerk cryptography advice.
Trust Networks and Operational Security
When you don’t feel safe, you might want to hide from everyone. Fight this instinct. Instead, build your support network thoughtfully. The key is distinguishing between different levels of trust and information sharing.
Your most trusted allies should be people with a long track record, like friends who knew you before the current situation and have proven their loyalty over years. These relationships have withstood time and aren’t opportunistic. You can also consider professionals with track records in AI governance whose alignment and integrity you can verify through their work and public positions.
Sometimes the most practical security is simply not being alone. I’ve paid for people’s Ubers, meals, and shared hotel rooms; having others around is worth the cost. Share your general whereabouts with multiple trusted people at all times, but be selective about detailed movement plans. For social media, share about your travels only after you’ve returned, never before or during.
Be wary of anyone who shows sudden, intense interest in your situation, no matter how sympathetic they seem. Watch for red flags like excessive questions about your next actions. Some may be gathering intelligence, either because they’re on a direct mission or because they want to curry favor with the lab. Even well-meaning new contacts can unintentionally compromise you by sharing information with the wrong people.
The goal, again, isn’t perfect secrecy—it’s creating a resilient network that supports your safety while minimizing vulnerabilities. Build your circle carefully and maintain enough transparency with trusted allies to ensure your security without compromising it.
Strategic Relocation
When facing credible threats, staying in your regular apartment or familiar locations makes you an easy target. Recent history has shown that tragic “accidents” can happen in predictable places—like when a potential Peter Thiel accuser fell from his balcony in 2023. Even without an established predictable routine, San Francisco’s tech-industry power dynamics can make it a dangerous place for AI whistleblowers.
Consider strategic temporary relocation. Look for places where you have existing support networks and where the AI lab has less influence over local authorities. In my case, returning to my hometown proved valuable because my close childhood friend’s dad is the retired Chief of Police. They have known my family for years and trust me. Everything has been reported, and anything more happening will be investigated. I’ve also found temporary refuge at an AI research institute in another country. Be careful though: if considering overseas options, be wary of jurisdictions where the lab has strong government ties. Pass on opportunities that could make you vulnerable. I’ve declined a speaking engagement in a middle eastern country where the lab’s more dubious shareholders have significant influence.
Even simple changes help: vary your routine, keep moving, and stay with trusted companions. It’s an introvert’s nightmare, but the cost of shared spaces and transportation is minimal compared to the security it provides. A moving target with trusted allies is inherently harder to hit.
You likely don’t need permanent exile, just strategic positioning while you navigate the situation. Your safety often depends more on human connections and unpredictability than on any particular location.
Dead Man’s Switch: Information Insurance
If you have relevant information about wrongdoing by an AI frontier lab, don’t sit on it. Many have underestimated the importance of proper information backup until it was too late.
Start with legal protection. Share complete, unencrypted information with your lawyer’s firm. This falls under attorney-client privilege, which protects your communication even if you’re under an NDA. (More on finding a lawyer below.)
Beyond legal protection, you need a distributed backup system. Share sensitive information strategically so you’re never the only person holding critical details. Nothing should disappear with you alone.
I made a simple encrypted archive which I’ve shared with some, and the decryption password I’ve shared with others. My solution was intentionally low-tech because I was already under threat and limited to mobile devices, and also the system is robust because it has no single point of failure. It only needs one successful person with the password and one with the encrypted file for the system to work. Human trust networks are often more reliable than complex technical solutions.
I built this network mostly through in-person interaction at events, avoiding digital traces that could be monitored or compromised. While the technical aspects are straightforward, the human element requires careful consideration, such as choosing trustees, establishing clear protocols, and ensuring everyone understands their role.
When you announce a dead man’s switch, don’t disclose the exact target(s) or hints about its content, only its existence. Otherwise, the target’s enemies might jump on the opportunity and act against you to force information release. While this may seem extreme, when dealing with organizations that have billions at stake, it’s prudent to consider all scenarios.
Staying Healthy Under Pressure
High-stakes situations bring intense psychological pressure. Frontier lab leaders have teams of coaches, trainers, therapists, and other support staff attending to their every need. Don’t hesitate to get support for yourself, too.
When looking for mental health support, go for licensed mental health professionals if possible, not community coaches, because therapists are legally bound by confidentiality requirements. However, not every therapist is equipped to handle situations involving corporate threats, whistleblowing, or high-stakes AI safety issues. Take time to find someone who understands the gravity of your situation and is genuinely helpful to you.
It’s tempting to isolate when you’re intimidated, but resist this urge. My friends vaguely know that I’ve been under some stress lately, but they keep including me in activities I enjoy. This normalcy is crucial. Unless it’s a particularly vulnerable activity like hiking alone in the wilderness, hobbies and social gatherings are generally safe. It’s much harder for anything to happen with witnesses around. Staying socially active also counters potential false narratives about your mental state, while isolation makes you both an easier target and more vulnerable to mischaracterization.
Build a strong mental immune system. One effective way to handle mental health challenges is to engage other people who can help you process difficult situations and infohazards as additional cognitive resources. When discussing infohazards with friends, get their explicit consent to analyze the situation with you first.
Stay physically and mentally sharp. Continue to look put together, it signals to yourself and others that you’re stable and in control. Drink water, exercise, go outside, get proper rest. Stay away from party drugs or dissociatives; you need peak mental clarity now. Cultivate genuine gratitude for those supporting you. Find what helps you process the stress, whether it’s death metal or prayer. Everyone copes differently with extreme situations.
Find secure spaces where you can temporarily switch off hypervigilance, either through physical security measures, a place with 24⁄7 front desk security, a group house, or by staying with trusted others who can be around while you rest. Create periods of normalcy where you can decompress. Your mental resilience is as crucial as any other security measure.
Your Professional Defense Network
Involving Authorities
When you notice signs of digital or physical security compromise, don’t hesitate to involve law enforcement. Your first interaction with authorities sets the tone for the investigation, so approach it thoughtfully. After I noticed attempts to compromise my digital and physical security, I asked police to send officers to my home for a report, with a security expert witnessing the report. The cops then involved another three-letter authority.
Law enforcement may want to gather evidence of ongoing interference, but your safety comes first. When investigators contacted me about sending questions via postal mail to avoid potentially compromised email, I requested open digital communication instead. While this might make it harder to catch someone in the act, it sends a clear message that authorities are watching.
Various agencies may become involved; local police might escalate to federal authorities depending on the nature of the threats. Be prepared to work with multiple agencies and share information appropriately. Many cyber crimes and corporate malfeasance fall under federal jurisdiction.
The key is being proactive and professional in your interactions with authorities. Document patterns of suspicious activity, maintain clear records, listen to experts, and stay responsive to investigator requests. Make it clear that you’re a credible witness who’s following proper channels while taking reasonable precautions for your safety.
Legal Representation
Getting the right legal representation is crucial, but frontier labs may try to preemptively block you from accessing top law firms. When I searched for representation, large, reputable firms kept turning me down for an oddly similar reason. Before I contacted them, a senior executive from the lab had apparently called each firm for a consultation and shared just enough confidential information to create a technical conflict of interest. This is a common tactic. By strategically “tainting” major firms with conflicts, they limit your access to experienced legal counsel.
One prestigious firm even completed my full intake process before discovering a previous call with a lab executive that had created a conflict. While frustrating, this taught me to always get written confirmation of no conflicts before sharing case details.
Don’t let this discourage you. Smaller, mission-driven firms often make excellent advocates. Look for attorneys who are passionate about civil rights and corporate accountability. The firm I ultimately retained took the case because they care about the cause. They work late, research related cases, and go beyond the basics. They even brought in dedicated security counsel to protect my digital and physical safety, and agreed to get my permission if costs exceed a certain monthly amount so that I can cover the expenses with my savings.
When interviewing lawyers, ask trusted friends for recommendations, even in different practice areas. Lawyers often know who’s good in other fields. Remember that your search for representation is legally protected, meaning conversations with potential lawyers remain confidential even if you don’t hire them.
The key is finding counsel who understands the bigger picture and can cut through intimidation tactics. A good sign is when they recognize and contextualize your situation.
Professional Security Services
While many security measures can be implemented personally or through support networks, some extreme situations warrant professional protection. I’ve found professional bodyguards typically cost in the lower four figures per 24 hours of coverage. This cost, while significant, provides trained protection during especially vulnerable periods or when specific threats are identified. Like hiring specialized legal counsel, professional security is an investment in your safety that’s worth considering based on your threat assessment.
Working with Journalists
When holding sensitive information about an AI lab, media engagement can be a strategic move. While some journalists may suggest their coverage can protect you through public visibility, be skeptical of any promises about guaranteed safety. Explicitly agree on attribution terms in writing.
When journalists say they “protect their sources”, this only means keeping your name private if agreed. They may go to court to protect your identity even under subpoenas. But they cannot prevent others from identifying you through context or process of elimination, and once your identity becomes known, journalists cannot protect you from physical threats, digital surveillance, or professional retaliation. Your security needs will likely continue long after any story is published.
More Light is working on a separate comprehensive guide for effectively navigating working with the media.
How You Can Help
Direct Support
One of the most effective weapons against accountability is financial pressure. Legal representation, secure housing, and rapid relocation all require labor and resources. Financial stability is fundamental to maintaining safety and continuing the work.
In my case, I’m funding this work out of pocket, running down my personal savings, without equity to liquidate or current income.
For those interested in supporting this work, I’ve established a structured way to help immediately. A California lawyer can discuss the case without compromising my identity. They’re set up with a fiscal sponsor to accept tax-deductible donations, ensuring funds go directly to paying for third parties like security providers. DM me to get introduced to the lawyer.
Introducing More Light
When a whistleblower like Suchir B. goes against an AI lab, they shouldn’t have to figure it all out alone. Having faced a threat myself, I co-founded More Light to address this gap. We’re a nonprofit focused on making accountability in AGI development less personally catastrophic.
More Light is building a vetted network of professionals to support those holding AI labs accountable. This includes specialized attorneys, cybersecurity experts, physical security specialists, mental health professionals equipped for high-stakes situations, and media experts and journalists familiar with complex tech narratives.
Beyond connecting people with professionals, we provide strategic guidance and coordination. This means helping assess situations and model threats, planning responses, connecting people with others who have navigated similar challenges, and ensuring proper documentation and evidence preservation.
This is different and more long term than the direct support for my own security. We’re working on establishing fiscal sponsorship that allows tax-deductible donations independently of the lawyer helping in my case. More Light is currently open to early supporters and potential co-founders. If you’re interested in getting involved, reach out to me with a vouching reference from someone who has an established track record in AI governance. This helps ensure we maintain strong security and alignment while building our team.
The future of AI governance partially depends on insiders being able to speak up about problems. More Light exists to ensure they have the backing to do so safely and effectively.
Executive summary: This guide provides practical strategies for protecting oneself when facing potential retaliation from AI labs, drawing from personal experience to help whistleblowers and critics maintain their safety, security, and well-being while holding powerful organizations accountable.
Key points:
Threat landscape includes multiple actors: AI labs, international investors, private contractors, and “true believers” who may coordinate sophisticated pressure campaigns through various channels.
Essential security measures include basic digital hardening (encrypted messaging, two-factor authentication), building trusted support networks, and strategic temporary relocation away from predictable locations.
Create information insurance through legal protection and distributed backup systems (“dead man’s switch”) to ensure critical information isn’t lost.
Maintain mental and physical health through professional support, social connections, and creating secure spaces for decompression.
Secure proper legal representation early (watching for conflict-of-interest tactics), engage law enforcement when needed, and work carefully with journalists.
More Light organization being established to provide systematic support for AI whistleblowers through vetted professional networks and strategic guidance.
This comment was auto-generated by the EA Forum Team. Feel free to point out issues with this summary by replying to the comment, and contact us if you have feedback.