Can you support cross border investigations?

Static sites and Cloudflare work well across jurisdictions. Ki-Ki can support the technical side, but you will need local legal advice wherever your work has consequences.

What if our existing site is already complex?

Ki-Ki can review your current setup and recommend whether to harden it, simplify it, or move critical elements to a static foundation. The goal is an attack surface that matches your capacity to manage it.

Ki-Ki | Anti corruption and systemic failure sites

Q: Will you sign NDAs or confidentiality agreements?

Ki-Ki can work under sensible NDAs for sensitive projects, provided they do not attempt to restrict lawful reporting of crime or regulatory breaches. Confidentiality is treated seriously, but it does not override legal obligations.

Q: Can you help us decide what to publish and when?

Publication strategy and timing remain your responsibility. Ki-Ki explains technical implications and risks of different options, but legal and editorial decisions sit with you and your advisers.

Q: Can you help if we expect legal threats?

Ki-Ki can help ensure your infrastructure is stable, logging is in order, and your technical position is clear. Legal threats themselves should be handled with independent legal counsel.

Anti corruption and systemic failure sites that hold up

Serious corruption and systemic failure work is not about viral moments. It is about evidence, timelines, and patterns that stay online and hold up when powerful people start asking questions.

I build neutral, resilient infrastructure for anti corruption projects, investigative teams, and public interest researchers who need their work to be technically clean, defensible, and very difficult to bully offline.

Anti corruption focus Evidence heavy work Cloudflare hardening Evidence grade logs Lawful fingerprinting

Talk to Kieron Who this fits Common problems How I help Boundaries

For the wider context of advocacy and public interest projects, see Advocacy, campaign, and public interest sites.

Who this fits

This is for people who deal in receipts, not rumours, and who expect their work to be picked apart by people with resources.

Anti corruption researchers

Individuals or small teams mapping relationships, contracts, and decisions across public and private sectors.
Systemic failure projects

Work that documents how policies or practices repeatedly harm people, using case evidence and timelines.
Investigative journalists and collectives

Independent reporters who need somewhere more stable than a social media thread for serious investigations.
Watchdogs with a national or regional scope

Projects that track patterns across multiple organisations, departments, or local authorities over time.

If your work is lawful, evidence based, and likely to be unpopular with powerful organisations, this is what it was designed for.

Common failure points in anti corruption sites

When serious money, careers, or reputations are involved, infrastructure gets tested in aggressive and frustrating ways.

Complex CMS with no security capacity

Sophisticated investigations served through a generic content platform, with no one maintaining plugins, logins, or updates properly.

Hosting that is quick to fold

Providers that panic at the first legal sounding email or threat, even where your work is careful, lawful, and clearly in the public interest.

No reliable logging or monitoring

You know your work is being watched by firms, lobbyists, or public bodies, but you cannot show patterns when it matters.

No clear chain of custody for evidence

Documents, screenshots, and exports move across devices and apps with no simple technical story of where they came from and how they were handled.

Unclear separation between content and infrastructure

Agencies that blend technical support with editorial involvement, which blurs accountability when material is challenged.

Attack surface bigger than the team

Complex, interactive features that nobody has time to maintain, with more moving parts than the project can safely support.

The aim here is the opposite. Fewer moving parts, more resilience, better visibility, and a clear separation between your investigation and my infrastructure work.

How I support anti corruption work

I treat your infrastructure like part of the case file. It should be robust, predictable, and able to speak for itself when questioned.

Static builds that remove databases and fragile admin panels from the firing line. See Secure static sites.
Cloudflare configured for aggressive scanning, scraper activity, and targeted nuisance traffic.
Evidence grade logging designed so you can show who accessed what, when, and how often, within lawful limits. See Evidence grade logging once live.
Lawful fingerprinting that surfaces repeat devices and evasive patterns, including institutional ASNs. See Fingerprinting and Edge Tracker.
Secure contact routes, including PGP based contact if you expect sensitive material or insider information. See Secure PGP contact.

Why static, neutral infrastructure fits this work

Anti corruption investigations already involve complex stories, contested facts, and people who would like your work to vanish. The technical side should be the simple part. Static sites on hardened foundations reduce the ways you can be attacked, pressured, or undermined.

Neutral infrastructure keeps roles clean. You control your allegations, findings, and narrative. I control the plumbing and give you information about how it is being used and tested.

Building for discovery and challenge

If your work gains traction, you should expect people to look for technical weak points as much as they look for narrative ones.

Clean logging, simple architectures, and clear separation of duties make it easier to withstand that scrutiny. When someone says your site is unsafe, misleading, or fabricated, you want to be able to answer those claims with calm technical facts.

Evidence that survives contact with lawyers and regulators is not an accident. It is a design choice.

Boundaries for anti corruption work

Corruption and systemic failure work carries serious consequences for everyone involved. These boundaries are here to protect both sides.

Ki-Ki provides technical services only. I do not act as your lawyer, investigator, or strategic adviser in disputes.
I do not draft, edit, or upload allegations about identifiable individuals or entities. You are responsible for the content and legal position of your work.
Any copy I assist with will be limited to neutral onboarding content, and will only be published after your written approval.
You must not imply that Ki-Ki endorses your findings, allegations, or public statements.
If a project appears to cross into unlawful activity or unmanaged serious risk, I will decline or terminate the engagement.

Full details are in the Neutral infrastructure policy, alongside the Terms of use and Privacy policy.

Questions people doing anti corruption work ask

Will you sign NDAs or confidentiality agreements?

Yes, within reason. I expect appropriate confidentiality for sensitive work and I am comfortable with NDAs that reflect that, as long as they do not attempt to restrict lawful reporting of crime or regulatory breaches.

Can you help us decide what to publish and when?

No. Publication strategy and timing are outside my role. I can explain technical implications and risks of different approaches, but legal and editorial decisions belong with you and your advisers.

Can you help if we expect legal threats?

I can help make sure your infrastructure is stable, your logging is in order, and your technical story is clear. I cannot act as your legal representative. You should involve independent legal counsel for serious disputes.

Will fingerprinting identify hostile actors by name?

No. Fingerprinting identifies devices, sessions, and networks on your own site so that patterns are visible. It does not reveal real world identities.

Can you support projects that span more than one country?

Yes, within reason. Static sites and Cloudflare work well across jurisdictions, but you will need local legal advice in each relevant region.

What if we already have a complex site with lots of features?

We can review it and decide whether to harden what you have, simplify it, or rebuild the most sensitive parts on a static foundation. The priority is reducing your attack surface to something your team can realistically manage.

Start the conversation

Give a concise outline of the work you are doing, who is likely to be unhappy about it, and what you already have in place technically. I will tell you plainly whether I am a good fit and what a realistic first step looks like.

[email protected] Consulting overview Public interest overview