The European Commission announced yesterday a proposal for legal protection for whistleblowers who report breaches of EU. Recent scandals such as the “Dieselgate,” “Luxleaks,” “Panama Papers,” or ongoing disclosures about Cambridge Analytica, have shown the necessity to improve whistleblower protection, several of them having been threatened, or prosecuted, or having lost their job.
Whistleblowing is usually defined as unauthorised disclosure or reporting of corporate information to people and media outside the organisation (external disclosure). Whistleblowing can also take place inside the organisation when for example an employee reports to his manager that wrong-doing or malpractice has occurred (internal disclosure).
The need to regulate whistleblowing and to protect whistleblowing in the EU has been a hot topic since 1999 when all commissioners were forced to resign following the disclosure of irregularities.
A single person, an internal auditor, “blowed the whistle” and alarmed the European Parliament, which in its turn expressed its non-confidence in the entire College of Commissioners.
Since then there is growing awareness that employees, both in the public and private sector, need an external supervisory body to protect them against negative consequences if they have acted in good faith and used accepted and authorised channels for reporting on wrong-doing and irregularities.
Whistleblowing protection is not only an issue in the EU institutions but even more so in the Member States where most corruption occurs. A study in 2012 by Transparency International (“Money, politics, power – corruption risks in Europe”) showed that the vast majority of EU member states have not introduced whistle-blower protection legislation.
Legislation, where is exists, reflects a piecemeal approach and is often inadequate. Currently, only ten EU countries (France, Hungary, Ireland, Italy, Lithuania, Malta, Netherlands, Slovakia, Sweden and United Kingdom) have a comprehensive law protecting whistleblowers, according to the Commission.
“We owe [these new proposals by the Commission] to reporters who lost their lives, such as Daphne Caruana Galizia and Jan Kuciak,” stated Justice, Consumers and Gender Equality Commissioner Věra Jourová, referring to Maltese and Slovakian investigation reporters who were assassinated in the last months.
The Commission’s proposal aims at guaranteeing protection in the entire EU in case of information concerning a violation of EU legislation in a wide range of areas (public procurement, financial services, money laundering, financing of terrorism, product security, transportation, protection of the environment, nuclear safety, data protection, etc.).
The Commission encourages the Member States to go beyond this minimum standard, and to put in place a general framework of protection for whistleblowers on the basis of the same principles, said the Commission’s First Vice-President Frans Timmermans.
To ensure that the scope of the directive remains up to date, the Commission will consider its future extension when proposing legislation in areas where whistleblower protection would be relevant.
As a general rule, all private companies of more than 50 employees or with an annual turnover of more than €10 million; all public authorities on central and regional level; and all local municipalities of more than 10,000 inhabitants will be obliged to establish internal reporting channels, ensuring the confidentiality of the identity of the whistleblower.
A whistleblower should first report wrongdoing to his/her employer using the internal reporting channels. However, a whistleblower can also choose to go directly to the central state authorities responsible and, where relevant, to EU bodies, in cases where the internal channels do not exist or did not function properly.
The new directive obliges Member States to prohibit any form of retaliation and to provide for effective, proportionate and dissuasive penalties against those who take retaliatory measures against whistleblowers. Member States must identify the authorities who will be charged with receiving and following up on reports about breaches under the new law.
The directive will be discussed by the European Parliament and the national governments. The Commission hopes for an enactment before the May 2019 European elections.