A federal agency has to keep tabs on its employees’ action.   But a federal agency can’t prohibit agency employees from contacting Congress with concerns in the public interest.  The Food and Drug Administration recently crossed the line in a damaging way by spying on whistleblowers.  

Top House committee chairman Darrell Issa and I just released the results of a detailed investigation of the FDA’s treatment of a group of scientists who expressed concerns about the safety of certain devices under review by the agency.

The whistleblowers expressed their concerns to the President’s transition team and to Congress. They also contacted the Office of Special Counsel, an agency created by Congress to receive whistleblower complaints and protect whistleblowers from retaliation.

The FDA knew that contacts between whistleblowers and the Office of Special Counsel are confidential and protected by law.  However, the FDA was intently spying on the whistleblowers.  There was no effort to avoid snooping on legally protected communications. This surveillance was much more intense than the routine monitoring of government employees on government computers.  It was far more invasive than what would be necessary to detect inappropriate use of the computer systems.  The agency captured a picture of whatever was on the screen every five seconds and recorded every keystroke typed.

It took the FDA more than six months to begin to answer my questions about the surveillance of its own employees.   The agency was evasive about who authorized the operation and misleading in its denials about intentionally intercepting communications with Congress.

There can be legitimate reasons to monitor the use of government computers by government employees.

However, FDA officials gave little, if any, thought to the legal limits that might restrict their power to monitor employees.  No one at the FDA made any attempt to limit the collection of legally protected communications with attorneys, with the Office of Special Counsel, or with Congress.  The FDA trampled on the privacy of its employees and their right to make legally protected disclosures of waste, fraud, or abuse.

These whistleblowers thought the FDA was caving to pressure from the companies that were applying for FDA approval.  I don’t know whether they were right, but they have a legal right to express those concerns.

After expressing their safety concerns, two whistleblowers were fired.  Two more were forced to leave the FDA.  And five of them were subjected to an intense spying campaign.  This treatment is in direct contradiction of the FDA commissioner’s vow to create a culture that values whistleblowers.

The FDA has failed to accept responsibility for its actions or impose accountability.  These actions are disappointing.

But it would be even worse if the agency fails to learn from its mistakes.  All agencies need to learn from these mistakes.

There need to be more comprehensive policies on employee computer monitoring across the entire government.  These policies need to ensure that any monitoring is limited to achieve only a legitimate purpose.  Watching an employee’s every move leads to a culture of intimidation and fear.  That’s no way to encourage whistleblowers or value their concerns.