30 November, 2013
TI Ireland's John Devitt was invited to give a presentation to the European Parliament's civil liberties, justice and home affairs (LIBE) committee as part of an expert consultation with civil society organisations and former intelligence analysts and officers. The LIBE committee is investigating how states conduct surveillance on their citizens and how abuses by intelligence agencies might be prevented and exposed in the wake of the Snowden revelations. John shared his thoughts on the abuse of citizen data, why it should matter for the anti-corruption community, and what legislators should consider when preparing legislation that could protect whistleblowers in exposing abuse. You can also view the video with contributions from former NSA and MI5 officers, as well from privacy and whistleblower advocates (including TI Ireland) on the European Parliament website (best viewed in Internet Explorer). John's contribution can be viewed at 18.13 in the recording.
Introduction
As a former public servant I count myself very lucky that I never had my conscience and courage tested in the way that Kirk [Wiebe], Tom [Drake], Annie [Machon] and others have. Like any whistleblower, they could be described as people of conscience who find themselves in the wrong place at the wrong time.
My role as an advocate of transparency and accountability, is to help create workplaces and legal frameworks that embrace rather than isolate those who find themselves confronted with the choice between remaining silent and serving themselves or speaking up, and serving the public interest.
Equally, my job is to help remove the burden on individuals to defend the public interest and place more responsibility on public institutions to protect fundamental rights and the common good.
To that end, TI chapters have been campaigning for institutional reform & legal protection for whistleblowers for 20 years this year.
More recently, we published principles for whistleblower legislation and we are due to report on whistleblower legal safeguards in the European Union next month. We are also operating helplines in 50 countries and have supported some 140,000 people to date. TI Ireland launched Western Europe’s first TI Advocacy and Legal Advice Centre in 2011. And we have helplines in the Czech Republic, Romania, Hungary and Luxembourg. I should also mention that outstanding work that Public Concern at Work have done in the UK in both setting the agenda for dialogue on whistleblowing and shaping whistleblower legislation in Britain and worldwide.
Whistleblowing and Intelligence Agencies
We assume rightly that intelligence agencies are responsible for protecting us from attack and upholding democratic principles. But I believe that the anti-corruption community has largely underestimated the potential for abuse by members of the intelligence and security services.
This may be because we have seen comparatively few well-publicised cases involving whistleblowers from the intelligence community in the EU. You are no doubt familiar with the case of Frank Grevil (who blew the whistle on Denmark’s fabricated case for the invasion of Iraq); as well as Annie Machon and David Shayler’s cases in the UK. In Ireland, we have not had a public controversy surrounding intelligence services in more than 40 years – not since allegations of support for the IRA by Irish military intelligence surfaced in 1970.
That said, we have seen patterns of behaviour elsewhere in the public service that might be familiar to intelligence community whistleblowers.
In 2010, officials of the Irish Department of Social Welfare were found to be passing on personal data of Irish citizens to insurance companies and private investigators. Earlier this year, two police whistleblowers reported that Irish police were unlawfully manipulating and cancelling police traffic records for family members of police officers and other police officers.
We have noted how those same police whistleblowers have fallen victim to reprisal by their colleagues and management. We have also recently seen how a journalist, Gemma O’Doherty, was recently fired after she investigated reports that the Irish Chief of Police had his own traffic offence cancelled.
The message this sends to whistleblowers and journalists is that the reporting of abuse is worse than the abuse itself.
Why this matters
Information can be as valuable as any commodity or asset. And these cases demonstrate the risk of affording public servants discretion over the control of public or private property including data, with weak systems to hold them to account.
They also demonstrate the need to protect whistleblowers in the intelligence community who might expose similar abuses of data and citizen privacy.
Whistleblower Protection in the EU
Intelligence whistleblowers are not afforded the legal right to blow the whistle on wrongdoing in intelligence agencies in most jurisdictions in the EU.
But intelligence whistleblowers are not alone. Most workers have few formal legal safeguards in the EU.
This is in spite of the fact that:
- 40 per cent of all cases of fraud are exposed by whistleblowers according to the Association of Certified Fraud Examiners.
- While whistleblowing helps detect wrongdoing, it also help us prevent corruption – workers who might be inclined to engage in wrongdoing know that there is a higher chance of being detected if their colleagues are likely to blow the whistle and are therefore less likely to engage in wrongdoing in the first place.
- Whistleblowing also helps prevent many other forms of harm to the public interest. For example, the UK introduced whistleblower protection in 1998 after a series of disasters including the capsizing of the Herald of Free Enterprise Ferry in 1987 and the Clapham Rail Junction crash in 1988 which resulted in a combined death toll over 200 deaths and 500 injuries. The UK Government clearly recognised that whistleblower protection and promotion could have helped in communicating the risk of dangerous practices that were not being addressed by employers.
As it stands, only the UK provides comprehensive and consistent measures aimed at protecting whistleblowers in both the public and private sectors in the EU. But even the UK does not provide legal protection to intelligence whistleblowers.
Most EU jurisdictions only allow whistleblowers from certain sectors (such as healthcare or childcare) to report concerns or allow whistleblowers to report certain types of offences such as fraud or child abuse.
Legislation is also often written to define offences in restrictive way, so while someone might be able to report corruption for example, corruption may be strictly defined in law as the bribery of a public official.
Whistleblowers therefore, might not be protected if they blow the whistle on the abuse of personal information or data – even where that abuse is for personal gain. This is particularly the case where that information is being abused by members of the security or intelligence services.
Most EU jurisdictions also restrict the channels through which whistleblowers can report and only allow for whistleblowers to report to designated persons such as their employer or to the police – a whistleblower might not be protected even if they accidentally report their concern to the wrong person or public agency.
These restrictions, I would suggest, are having a chilling effect on whistleblowers and the right of citizens to hold their public servants to account.
Recommendations
TI as well the Council of Europe have developed key Principles of Legislation which we would urge you to consider when formulating any position on whistleblower law in the EU: I’ll highlight three:
- Whistleblower law needs to provide protection for all workers – including those working in defence and intelligence services; as well as contractors, trainees, against formal reprisal such as dismissal or demotion; and informal sanctions such as harassment or bullying.
- It should afford whistleblowers the opportunity not just to expose corruption and fraud but also waste, gross negligence and failure to perform a legal duty such as to protect the privacy or confidentiality of citizens’ data;
- And it should also provide safe but multiple channels through which they can report their concerns. While encouraging whistleblowers to go internally, they need to be able to report externally if the public interest demands it.
I’m glad to say that in Ireland, parliament is now debating a comprehensive bill that draws from these principles and which are to large degree, based on the experience of whistleblowers around the world. It will, for the first time, also allow intelligence officers to an opportunity to report internally, and to a government minister.
However, I should note that legislation cannot fix what is essentially a failure of democratic institutions to uphold the values and principles upon which they were founded. National Integrity Systems research conducted by TI chapters, shows the need for our public institutions to be routinely assessed and their commitment to the rule of law and transparency held up to public scrutiny. The public have a right to information they need to hold governments to account and our media needs to be afforded the freedom to bring that information to public attention.
As the plight of whistleblowers and journalists in my own country and elsewhere in Europe show, there is much to be done to create environments in which people feel safe to speak truth to power.