Over the past weekend, the New York Times broke the story about electronic surveillance of Food and Drug Administration (FDA) whistleblowers by the agency itself. The Washington Post followed up todaywith the news that FDA lawyers approved the surveillance, which included:

…confidential letters to at least a half-dozen Congressional offices and oversight committees, drafts of legal filings and grievances, and personal e-mails…

At GAP, we’ve been defending John Kim, a World Bank whistleblower who exposed the details of debates internal to the Bank about weakening anti-corruption measures to be put in place. As part of their pursuit of Kim, World Bank investigators hacked his personal email account and read hundreds of non-Bank messages, including those  between Kim and his family’s attorney that were written five years before the incident  purportedly under investigation. In any credible legal environment, these communications are protected by attorney client privilege … but that did not stop the World Bank’s “Vice Presidency for Institutional Integrity” (INT).

Kim’s attorney repeatedly requested the internal authorizations INT claimed to have secured from senior management to launch such invasive surveillance, but investigators never produced them. GAP could not determine whether the authorizations even existed, never mind whether they were at all limited in time and scope. The depth of the privacy invasion strongly suggested they were not.

The process was simple. INT deployed an off-the-shelf program – Encase – that costs a couple of hundred dollars and overrides passwords.

So, while “investigating” a 2008 leak, INT found that Kim had also leaked the information about the Bank’s anti-corruption measures during the period when the press focused on Paul Wolfowitz’s delinquent behavior as World Bank president. At the time, hundreds of Bank employees were leaking information about the Bank’s internal debates to blogs, press, and GAP. Because the investigation didn’t establish that Kim was the source of the 2008 leak, the Bank fired him in 2009 for whistleblowing about Wolfowitz years before.

Two points. One, electronic surveillance is now widespread. It’s cheap, user-friendly and effective. Two, employers feel free to use it without constraint. At the World Bank, investigators were reading personal messages, emails protected by attorney-client privilege, and communications that were written years before the suspect incident used to justify a privacy invasion took place.

So both free speech and privacy are under attack by the very institutions that claim frequently to protect good governance and human rights: the World Bank and the United States government.

 

Bea Edwards is International and Executive Director for the Government Accountability Project, the nation’s leading whistleblower protection and advocacy orgaznation.