Whistleblowers serve a critical function in our society. They are inside watchdogs who expose wrongdoing at their place of employment, most times at great personal risk to their jobs. Acknowledging the important, yet risky, role that whistleblowers play in policing the workforce, the law has historically afforded whistleblowers protection against retaliation in a variety of areas of employment, including employees of publicly traded companies, the aviation industry, the nuclear industry, the trucking industry and the federal government, to name of a few. While these anti-retaliation whistleblower protections are still in place, an ever-expanding federal Insider Threat Program (ITP) continues to undermine the strength of these protections for federal employees.
What Is the Insider Threat Program?
The ITP is a federal initiative implemented in 2011 amidst growing concerns about recent leaks of classified information. It requires virtually all federal agencies to implement insider threat programs, pursuant to certain minimum guidelines set forth in a 2011 Executive Order, designed to promptly identify and address “insider threats,” i.e., current or former employees of a federal agency who have access to classified information or networks who use or intend to use his or her authorized access to do harm to the security of the United States. Though the stated purpose of the ITP initiative – namely to deter, detect and mitigate insider threats – seems reasonable on its face, whistleblower advocates have long criticized the program’s potential chilling effect for federal whistleblowers.
Why Do People Criticize the ITP?
At the heart of the criticism about the ITP’s chilling effect for federal whistleblowers is that the whistleblower exception provided in the program is toothless. As originally conceived, the ITP provided for an explicit exemption for whistleblowers covered under the Whistleblower Protection Act (WPA), which protects federal government employees from retaliatory action for disclosing information about certain misconduct occurring in their agency. Although inclusion of this explicit exception was a step in the right direction toward ensuring continued protection of whistleblowers, in practice, ensuring protection for whistleblowers has taken a backseat to other concerns during the implementation of ITP.
For instance, the Federal Bureau of Investigation’s (FBI) insider threat program requires whistleblowers to register with the agency as a self-identified whistleblower in order to be protected as a whistleblower, instead of an insider threat. Whistleblower advocates and organizations strongly oppose such a requirement on the ground that requiring a whistleblower to self-report effectively puts a target on the whistleblower’s back and opens the door for retaliation.
Equally as alarming is the fact that government agencies are increasingly using the terms “whistleblower” and “insider threat” interchangeably. Less than a year ago, for example, an official from the Office of Director of National Intelligence broadly defined an insider threat as “employees and contractors who damage an entity’s reputation, be it government or business, by exposing inside information” – a definition that includes whistleblowers.
ITP Continues to Expand
Despite efforts from whistleblower advocates, organizations and attorneys to improve the protections for federal whistleblowers post enactment of the ITP, the ITP continues to expand with little attention paid to the plight of whistleblowers in this heightened age of government surveillance. For instance, less than two months ago, the Department of Defense (DoD) approved changes to its ITP, which will expand the program to require contractors holding facility clearances to establish and maintain an insider threat program that will “gather, integrate, and report relevant and available information indicative of a potential actual insider threat.” Again, while the ITP still technically contains an exception for whistleblowers covered under the WPA, the Government Accountability Project recently reported that the whistleblower exception has effectively vanished from official training materials on how agencies should implement the ITP. Stated differently, as the ITP expands, focus on whistleblowers shrinks.
Federal Employees Should Not Be Deterred
Even though insider threat programs have largely failed to ensure protection for whistleblowers in the federal government, federal employees should still not be deterred from coming forward. Even though the WPA is downplayed in discussions about the implementation of insider threat programs, it still exists as a critical layer of protection against retaliation for federal whistleblowers. To ensure the fullest protection of this law, federal employees should both become familiar with the contours of protection provided by the WPA, as well as any particular whistleblower protections provided under their agency’s ITP.