Who does the Whistleblower Directive protect?
The EU Whistleblower Directive includes certain groups who can invoke the legislation and thus claim protection when reporting breaches:
Employees (both current and former, plus applicants)
Civil servants and other public sector employees
Self-employed people and contractors
Members of the administrative, management or supervisory body of a company
Supporters and relatives of whistleblowers
New employers of whistleblowers or persons otherwise connected to whistleblowers in a work-related context
The Directive therefore protects salaried employees as well as people otherwise related to the company in question. An exception applies to doctors and lawyers, who are not covered by the safeguards as reporting a breach, would violate their duty of confidentiality.
In addition, whistleblowers can still be prosecuted if they commit crimes such as trespassing or engage in cyber criminality (e.g. hacking computer systems and accessing data without authorization). This does not apply to breaches of other standards or contractual agreements. If, for example, an employee enters their manager’s office to make copies of documents – even though they would not usually be allowed to do so – this breach is protected by the Whistleblower Directive. Whistleblowers can file reports using internal reporting systems or by contacting the relevant authorities. For instance, where there is significant public interest, whistleblowers are protected if they decide to go public straight away.