European directive to protect whistleblowers


Bonjour @veronika,

I’m glad the European directive you worked on in the past years has been voted :slight_smile: Congratulations for your had work! I’d like to read the final text and will surely have a few questions. Do you know where can I find it? I found an online version but I’m not sure this is the final text. It reads TEXT HAS NOT YET UNDERGONE LEGAL-LINGUISTIC FINALISATION. but the content itself won’t be modified except for cosmetic things, right?



Regarding national security the directive states:

Article 3

Relationship with other Union acts and national provisions

  1. Where specific rules on the reporting of breaches are provided for in sector-specific Union acts listed in Part II of the Annex, those rules shall apply. The provisions of this Directive shall be applicable to the extent that a matter is not mandatorily regulated in those sector-specific Union acts.

  2. This Directive shall not affect the responsibility of Member States to ensure national security and their power to protect their essential security interests. In particular, it shall not apply to reports on breaches of the procurement rules involving defence or security aspects unless they are covered by the relevant instruments of the Union.

  3. This Directive shall not affect the application of Union or national law on:
    (a) the protection of classified information;

This is expected because the Union mandate does not extend to national security. The SecureDrop community answer to the EU consultation on the directive recommended in July 2018:

Under the current Directive proposal, a European Edward Snowden would not be protected. At the same time, an increasing number of laws introduced in the name of terror prevention and national security contribute in fact to the unnecessary and undesirable clipping of citizens’ rights. While we understand that the European Union does not have a mandate to regulate matters of national security, we still suggest to introduce an recommendation for Member States to regulate this area. Alternatively, the Directive could foresee the reporting of consequences of activities, which are classified (instead of the classified information itself).

However, the Whereas part of the directive states:

(24) National security remains the sole responsibility of each Member State. This Directive should not apply to reports on breaches related to procurement involving defence or security aspects if those are covered by Article 346 TFEU, in accordance with the case law of the Court of Justice of the European Union. If Member States decide to extend the protection provided by the Directive to further areas or acts, which are not within the scope, those Member States may adopt specific provisions to protect essential interests of national security in that regard .

The conclusion is that whistleblowers reporting on matters involving national security are not protected by this directive (which is expected) and the Union does not encourage member states to protect them although it could have.


Yes, the status is as follows: Parliament has agreed on a final text, but before Council can rubberstamp it, the legal and linguistic departments have to run the text through their procedures. That can happen anytime between July and October. So yah, content will not be modified anymore, at least this isn’t foreseen.

Re: National Security, yes, that was to be expected. We tried to get an obligation for special rules on national security whistleblowing, but it’s been one of the darkest red flags. Especially since the treaties provide specific wording on national security scrutiny, which was just copy-pasted into the Directive. This has to be adressed on national level :slight_smile: