It should be possible to hide submissions from specific sources

[nathandyer]

Description

For newsrooms that continually receive low-quality or abusive submissions from a particular source, it should be possible to configure the system to hide submissions from that specific source, and automatically flag/delete future submissions coming from the same source.

How will this impact SecureDrop users?

This would reduce the amount of time that journalists spend reviewing content from problematic sources, and could be a beneficial change to reduce abuse and improve mental health.

How would this affect SecureDrop's threat model?

This should not really change the threat model, but would potentially reduce harm.

User Stories

As a journalist, I want to hide content from problematic sources, so that I don't have to interact with disturbing content or waste my time reviewing materials that are not of interest.

[zenmonkeykstop]

IMO this should be a securedrop-client issue. This would involve some non-trivial JI changes and also require additional source metadata if done server-side, which we should avoid on principle. If it's done in SecureDrop Workstation, the source metadata can be stored there and there's no need to involve the server at all. The downside of a client-only approach would be if you wanted to have the source metadata synced between clients, tho. Then you would need to sync something back to the server. (See https://github.com/freedomofpress/securedrop/issues/7106 for one possible approach.)

[hoyla]

My tuppence on this: installations running multiple SecureDrop Workstations for a single SecureDrop instance are likely to expect consistent behaviour across those devices. Having some sources 'show' on one device and not on another may lead to confusion. Similarly, when provisioning a replacement device we might expect it to behave similarly to the user's previous device.

These observations don't presuppose how they might be tackled, or where, of course :-)

Thanks