1. Broadening the definition of a whistle-blower (and the importance of “public interest” justifications)
The first concern is to be found in the draft’s definition of whistle-blower. While the definition is very broad, it is nevertheless restricted to persons reporting illegal activities that are in some way connected to their work environment. The vast majority of cases of whistle-blowing fall into the category of employees. However there also are numerous examples where the wrongdoing is detected by a persons who have no working relationship with the body/persons committing the wrongdoing in question.
What is more, in X-net’s extensive experience working with whistle-blowers, at least 15% of the incidents do not involve any employment relationship. The whistle-blower may be someone who is personally affected by a crime, or a researcher, journalist or activist who uncovers evidence, as was the case with Ramsay Orta or the Flexispy whistle-blowers. In other cases, the whistle-blower may be in a personal relationship with those involved in the plot (e.g. the Pujol case in Spain).
It is X-net’s belief that it is absolutely necessary to ensure that all citizens are afforded the protection they deserve when reporting wrongdoing. This is particularly important when there is inadequate protection of journalists and other persons that ensure that information in the public interest reaches the public. (See point 4 on “intermediaries and facilitators”).
If it is true that “persons who report information about threats of harm to the public interest (…) make use of their right to freedom of expression… [which] encompasses media freedom and pluralism”(Par.21), then every citizen is entitled to equal whistleblower protections. Union citizenship offers substantive equal treatment rights, including the constitutionally protected liberty “to participate in the democratic life of the Union” (TEU, Title II, Article 10). If it exempts non-workplace whistleblowers from special protections, the Directive would fall short of respecting the rights and freedoms guaranteed by the EU treaties (Article 11 of the Charter of Fundamental Rights of the European Union and Article 10 of the European Convention on Human Rights).
Another position that X-net considers inappropriate is the attempt to link the effectiveness of the evidence obtained in reporting illicit acts to issues of morality. We believe that the aim of this Directive must be to facilitate the discovery of grave injustices, and that for the purpose of this objective, it is irrelevant whether the person who uncovers them does so with good or bad intentions, as long as their reports correspond to the facts. For this reason, we believe that requiring protection for the whistle-blower to be offered, “provided that the respondent acted for the purpose of protecting the general public interest” hinders and runs counter to the Directive’s objective.
Finally, and more generally, Article 14 (g) of the proposed Directive refers to “coercion, intimidation, harassment or ostracism at the workplace” when, in practice, such reprisals are not confined to the workplace environment. They can be exacted on workers and non-workers alike and, more often than not, occur outside this environment – in the private realm of the whistleblower. Thus, X-net strongly suggests that the “workplace” restriction be eliminated.
X-net understands the intention of the European Commission to limit the scope of the draft Directive so as not to encroach on Member State competencies or areas of law covered by existing legislation. However, X-net suggests that the scope of the Directive state explicitly in a new provision that the Directive covers wrongdoing that affects the public interest, otherwise we leave a considerable number of potential whistle-blowers unprotected.
2. Ensuring anonymity of the source
The confidentiality provisions in the draft Directive are insufficient. The ability to lodge a formal complaint anonymously must be ensured, as the European Parliament recommended in its Resolution of 24 October 2017 on legitimate measures to protect whistle-blowers, arguing that “…the option to report anonymously could encourage whistle-blowers to share information which they would not share otherwise; (…) stresses that the identity of the whistle-blower and any information allowing his or her identification should not be revealed without his or her consent; considers that any breach of anonymity should be subject to sanctions” (paragraph 49).
As X-net states in its model law, there is “a situation of asymmetry of forces between the public and institutions or corporations, making it impossible in practice for people to fulfil their duty as citizens to report any wrongdoing of which they may be aware, as well as to report improper behaviour, irregularities or illegal activities.”
The use of technological tools allows us to be more efficient in protecting the confidentiality and anonymity of those who provide relevant information. This makes it possible for us to correct this asymmetry. We must preserve the anonymity of private persons because they are vulnerable when they expose themselves to serve the common good.
The difference between anonymity and confidentiality resides in the fact that anonymity is the only way a source of information can wholly manage her or his own protection and the use that is made of the information. The weaknesses and porosity of reporting systems based solely on confidentiality have been amply demonstrated. Besides, there are additional and evident dangers in centralising all the power (information) in just a few hands, namely those of company directors and senior office holders in the public administration, leading to serious, massive abuses, as has already happened at other times in history.
3. Freedom to determine the most appropriate channel for disclosure
The third problem encountered is that the proposed Directive does not encourage the whistleblower to choose the most appropriate reporting channel. This will undermine much of the usefulness of the Directive, if left unamended.
In cases where whistle-blowers have used the internal channels of the entity they wished to report for abuses, X-net has observed that this usually resulted in destruction of evidence and personal suffering.
The extensive obligation included in the draft Directive requiring complaints be lodged internally first, forcing the whistle-blower to prove that she or he has good reasons for not doing so, would prevent many of the worthy objectives of this Directive from being realised. These “good reasons” are not defined and would lead in some cases to arbitrary decisions by the state or the courts, discouraging action. In fact, in the vast majority of cases, the whistle-blower would not be protected under such circumstances (see the cases of Snowden or Luxleaks, among countless others).
It is entirely legitimate to discourage the infliction of needless harm to an entity’s reputation. However, the use of internal complaint mechanisms are not necessarily appropriate and whistle-blowers need to be able to choose the most effective course of action. In the case of Snowden or in the case of Luxleaks, for example, such a mechanism would not have led to any effective reforms.
Any obligation to first make use of internal channels should be both circumscribed and linked to evidence of their demonstrated effectiveness. Along these lines, X-net suggests the inclusion of provisions that would help to guarantee the effectiveness of internal channels (e.g. independent reviewer, the mechanism allows for anonymity). This would encourage entities to establish more effective internal mechanisms.
4. The Protection of intermediaries and facilitators also be assured
In X-net’s model law on the Protection of Whistle-blowers the facilitator is defined as “a person or legal entity that contributes, facilitates or aids the whistle-blower in revealing or making public information constituting reason to blow the whistle/disclose of wrongdoing.”
In the vast majority of cases, citizen platforms, NGOs, journalists and trade unionists are indispensable in helping the whistleblower, and they also suffer serious retaliations. The case of Luxleaks in which the journalist has been sentenced as the whistle-blower, is just one example.
While the role of intermediaries and facilitators is valued in the introduction to the Directive, this should be reflected in explicit protections for the entitites taking on such roles in the text of the Directive. It is essential they receive the same protection consistently throughout the provisions of the Directive.
Specifically, and by way of example, Article 15.7 of the draft Directive covers only the ‘worker’ and not the person that publishes it. Moreover, the definition of ‘report’ and ‘reporting person’ (Art.3 “Definition) should include whoever facilitates or publishes the information, if we really wish to protect the freedom of the press and information.
5. Addressing the misuse of data protection (and other rights and freedoms)
One of the purposes of protecting whistle-blowers is to redress the asymmetrical power dynamic between powerful entities and citizens. We have long observed that powerful interests initiate lawsuits for slander or violation of “intellectual property” rights or trade secrets (the cause of the long battle during the adoption of the 2016 Trade Secrets Directive ). A clear provision is needed in the Directive in order that these elements cannot be used as an excuse to undermine and inhibit public interest reporting and freedom of information.
In recent years, we have witnessed a surge in the misuse data protection rights to challenge whistle-blower protections. X-net works to actively promote and protect the fundamental rights to privacy and data protection. It equally promotes the importance of transparency in public institutions and large corporations, and believe that society benefits when power asymmetry between the citizen and powerful entities is reduced.
Data protection cannot and should not be used to dissuade people from reporting illegal activity (this is clear in the GDPR, articles 85-86). X-net does not believe that such protections should be equally applied to members of the public and public servants or heads of companies whose activities can have an impact the majority of the population. Whistle-blowers are neither saints nor devils. Their personal reasons are their own. The romantic aura surrounding whistle-blowers must be corrected, so the practice of denouncing abuses becomes the norm in a democratic society, and not a heroic act. This must be the ultimate goal of the Directive.
This the shorter version of the original Xnet’s article you can read here.
(Contribution by X-net, EDRi member, Spain)
The European Parliament calls for protection of whistleblowers (31.10.2017)
The EU must take action to protect whistleblowers (31.05.2017)
Protecting whistleblowers – protecting democracy (31.01.2017)