FOR ORGANIZATIONS

Anonymous documentation you can cite confidently.

Parallax verifies that genuine devices were physically present at documented events, without requiring witness identity. When multiple people capture the same incident independently, verification establishes event occurrence through physics, not testimony.

The problem this addressesAnonymous footage without verification.

Organizations receive anonymous footage they can't verify, making it difficult to cite confidently in reports, investigations, or accountability work. Traditional verification depends on knowing who captured it—but the people most likely to document important events are often those most at risk from being identified.

Physics-based verification that doesn't depend on witness identity or credibility.

Parallax establishes that multiple devices were physically present at the claimed location and time through GPS clustering—when independent devices record the same GPS coordinates at the same time, the physics proves multiple witnesses were there. You cannot be in multiple places simultaneously. Each capture also preserves a sensor bundle (barometric pressure, compass bearing, accelerometer data, nearby networks) for potential forensic analysis.

Use casesWho this was built for.

Copwatch

Police encounter documentation

Members document encounters without revealing their identity. Each capture gets verification through sensor coherence and location checking. When multiple members document the same encounter independently, cluster verification provides stronger evidence than single-device footage.

Civil rights

Protest and assembly documentation

Anonymous documentation that organizations can cite confidently. Individual captures are verified through three-layer analysis. Multiple independent witnesses documenting the same event creates verification clusters that are significantly harder to fabricate.

High-stakes

High-risk witnessing contexts

Built for environments where being identified with footage would be dangerous. Verification comes from GPS clustering physics, never from witness identity. We removed device attestation APIs because persistent device identifiers are a liability for witnesses in adversarial environments. No persistent data stored on device after upload—verification continues server-side. Users can clear browser data for maximum operational security.

How it worksThree-layer verification.

Sensor Collection: Each capture records GPS coordinates, timestamp, barometric pressure, compass bearing, accelerometer data, and visible WiFi networks. This sensor bundle is preserved with the capture. Sensor data is checked for basic plausibility—complete and intact for later forensic review if needed.

Cluster Verification: When multiple independent devices record GPS coordinates at the same location within the same time window, the system forms a cluster. The physics constraint is the core: multiple devices cannot be at the same coordinates simultaneously without multiple people being present. Minimum three independent devices for Frontline classification.

Consequence Signals: The system checks whether the event left downstream marks—news coverage, incident reports, arrest records, and other institutional records that real events typically generate. This runs asynchronously and adds weight when positive, without penalizing events that structurally produce limited records.

What this establishes: Specific devices were physically present at claimed location and time. Sensor data is consistent with genuine physical presence, not artificially generated.

What this does not establish: Identity of device holders, significance of documented events, or legal admissibility in court proceedings.

SecurityWhat the architecture protects.

Designed for adversarial conditions where network monitoring and device seizure are realistic threats.

✓
No IP address logging.
Web server access logging is disabled—connection data is discarded before storage. A subpoena cannot produce records that were never retained.
✓
Anonymous by architecture.
No accounts, no user registration, no device tracking, no persistent identifiers. Each capture is evaluated independently on sensor data alone. No email, no phone number, no name required.
✓
Verification through physics, not biography.
Sensor corroboration across independent devices is the evidence—not witness credibility. Removing identity from the equation isn't a limitation; it's the architecture.
✓
No persistent device storage.
No data remains on device after uploading—verification continues server-side. Users can clear browser data after use for maximum operational security.
✓
Standard transport security.
HTTPS with proper certificate chain, Content Security Policy, HSTS, security headers. Standard web security implementation.

What the architecture does not protect against: Physical observation. If a witness is documented through other means—surveillance cameras, bystander footage, physical identification—the app's anonymization doesn't reach the physical layer.

The app removes the digital footprint; it doesn't replace operational security practices that organizations should already be using.

EvaluationHow to assess this for your organization.

Beta evaluation process

Read the technical specification. The technical documentation describes current capabilities and limitations honestly. A tool that doesn't know its gaps isn't suitable for high-risk use.
Two-device test. Minimum cluster size is two independent devices. Two people, same location, same event—that's enough to test cluster verification. iPhone + iPad works; two iPhones work.
Test independence verification. Try captures from devices sharing WiFi or synchronized movement. The system should detect coordination attempts and adjust verification accordingly.
Ask operational questions. What happens when a phone is seized? (No identity in server records.) What can be subpoenaed? (No access logs, no IP records.) What happens if the service stops? (Open architecture, exportable records.)
Identify gaps for your use case. This evaluation tells us what doesn't work for real documentation conditions—more useful than abstract validation.

Current status: Web beta testing

Not asking for endorsement or member deployment. Asking for evaluation by one or two people in your organization who can assess it against real documentation conditions and provide honest feedback about gaps and utility.

The tool is further along than concept demo, not yet ready for wide field deployment. Organizations that evaluate now help shape what it becomes.

For beta access or questions: orgs@witnyss.com

SustainabilityWhat happens if this stops.

Organizations reasonably ask this before evaluating any tool.

Technical answer: Built on open architecture. The codebase will be published publicly — another operator could run identical infrastructure from the code.

Practical answer: The service requires server infrastructure for verification processing. If it stopped, new verification would stop. Existing verification records need to be exported to persist independently.

For your organization: Use Parallax for creating verified documentation. For long-term archiving, export verification records to your own systems. Don't depend on any single service as sole archive—true for this tool and any other.

Common questionsFAQ.

What value does individual witness footage have?

Individual captures are verified through sensor collection, basic validation, and consequence checking—each capture gets a score across all layers. Solo documentation is immediately valuable and shareable. Frontline classification—the highest verification tier—requires a minimum of three independent devices at the same location, but individual captures still receive meaningful verification.
How does cluster verification work?

When multiple independent devices capture the same event, the system compares visual/audio similarity and verifies upload path independence. Devices that share networks or show coordinated movement patterns are weighted as single sources, not multiple. The verification reflects actual independence, not device count.
What if witnesses are on the same WiFi network?

Devices sharing network infrastructure are treated as potentially coordinated. Two phones on the same hotspot count as one source for independence verification. This prevents artificial inflation of corroboration from coordinated groups.
What can law enforcement obtain with a subpoena?

No IP address logs (discarded before storage). No user accounts, names, or identifying information. No persistent device identifiers. Verification records for specific events if requested by location and time—but these contain only sensor metadata and scores, not witness identities. The system was designed for this threat model.
How does this compare to uploading to YouTube or Signal?

Consumer platforms weren't designed for anonymous verification. They store identifying information, log IP addresses, provide no verification infrastructure. Parallax adds verification before footage goes anywhere—what gets distributed has verifiable sensor records attached.
How do you prevent coordinated fake clusters?

Independence verification analyzes motion patterns, network paths, timing synchronization, and sensor coherence. Coordinated groups sharing infrastructure or movement get weighted as single sources. The cost of faking independence is being genuinely independent—which means being physically present at different positions with real devices.
Does this work without Apple or Google infrastructure?

Web-based architecture doesn't use device attestation APIs. This avoids creating persistent device identifiers that could create identity tracking risks for high-risk witnesses—verification is based on GPS clustering physics and sensor collection. Standard web infrastructure only; no identity platform dependencies.