Whistle-blowing Scientists (Trying To Prevent Dangerous Products From Reaching The Market) Sue FDA For Snooping On Their Personal Email Accounts

from the shameful-suppression dept

Last year, we wrote about the federal whistle-blowing act, which was designed to give protections to federal employees who blow the whistle on federal fraud and abuse. For reasons that still aren't clear, that bill was killed by a secret hold by either Senators Jon Kyl or Jeff Sessions. That fact only came out due to an amazing effort by the folks at On The Media, who kept hounding all 100 Senators to find out who would possibly kill such a bill. Recently, On The Media revisited the topic, noting that there was a new version of the bill. The report also talks about just how vindictive the government has been against whistleblowers. Even as President Obama has insisted that whistleblowers are important and should be protected, that's not what's happening in real life, with many getting stripped of their responsibility and demoted -- all for daring to point out waste, fraud and abuse. The worst example to date, remains the horrifying story of Thomas Drake, who was threatened with 35 years in jail in a bogus vindictive lawsuit against him, due to his blowing the whistle on a bogus NSA project.

More evidence of the insane lengths the federal government will go to against whistleblowers has been revealed in the form of a lawsuit from a group of FDA scientists and doctors. The group had been trying to blow the whistle on fraud and abuse in the FDA, in the form of approvals for medical devices that didn't actually meet health and safety standards. The scientists reached out to Congress to blow the whistle... and in response, the FDA started spying on their personal emails. Yes, it does appear that these scientists were accessing their personal Gmail accounts from work computers, and using them to work with Congressional staffers to craft their whistleblowing complaint, but does that give the FDA the right to spy on their personal communications? The doctors, via their lawsuit, believe the answer is no.

The FDA is defending its actions by claiming that this whistleblowing involved "improperly disclosed confidential business information about the devices," and it wanted an investigation of the doctors involved. That sounds ridiculous. Or, perhaps, all too typical. It seems clear that the FDA bosses just didn't like the fact that some folks there blew the whistle on what they were doing and took vindictive actions. This is exactly the kind of thing that a Whistle Blower Act should protect. That it doesn't do so already is really a shame.

Filed Under: email, fda, free speech, privacy, safety, whistleblowing

Reader Comments

Subscribe: RSS

View by: Time | Thread

  1. identicon
    New Mexico Mark, 2 Feb 2012 @ 8:34am

    Re: Re:

    It is pretty straightforward to monitor SSL (https) using man-in-the-middle with a local organizational cert. Basically any 443 connection is encrypted to/from the workstation and the trusted monitoring device, then encrypted to/from the monitoring device and the originally requested site. This is done by having a local trusted cert on the workstations.

    Since the organization owns/administers the local workstations, this isn't considered a broken chain of trust. The ethics of what is done with that information are an entirely different matter, and here there be dragons.

    Are employees specifically aware of this capability? (I would suggest the standard "we can monitor anything" message is insufficient given the expectation that https connections are encrypted and reasonably secure.) Are exceptions made for banking sites and such? If not, how will the information gathered be secured? Tons of other issues are raised to the point that some organizations find it easier to just block https and be done with it.

    If the organization somehow obtained and was using the employee's gmail password without the employee's knowledge, that violates plenty of laws, and any organization taking that approach could (rightly) be in deep doo-doo.

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here

Subscribe to the Techdirt Daily newsletter

Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Techdirt Gear
Shop Now: Copying Is Not Theft
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Report this ad  |  Hide Techdirt ads
Recent Stories
Report this ad  |  Hide Techdirt ads


Email This

This feature is only available to registered users. Register or sign in to use it.