Congress Should Lay Out the Welcome Mat for Whistleblowers

Senate Hallway

Why Protecting Whistleblowers is Important

Like any large organization, the United States government is susceptible to waste, fraud, and abuse. In order to help combat these inefficiencies, Congress has instituted a series of whistleblower protection laws to encourage employees to report such instances. However, these laws do not offer blanket protection to any and all whistleblowers. Legal protections for intelligence community (IC) whistleblowers are limited. But broadly, Congress benefits when whistleblowers are protected.

The Whistleblower Protection Act (WPA), signed into law in 1989, protects government employees against retaliation for protected disclosures to specified entities. These disclosures include “the release of information that the employee reasonably believes demonstrates illegality, gross mismanagement, gross waste, abuse of authority, or a substantial and specific danger to public health or safety.”1 The definition of specified entities depends on the nature of the information disclosed. While non-classified information can be disclosed to anyone, classified information must be disclosed only to the United States Office of Special Counsel or the appropriate agency’s Inspector General.

Intelligence community whistleblowers are not covered by the WPA but have alternative avenues to report their concerns. The Intelligence Community Whistleblower Protection Act (ICWPA), signed into law in 1998, permits IC employees to report classified information of “urgent concern” to the agency’s Inspector General and congressional intelligence committees.2 Though the ICWPA does not explicitly protect employees against retaliation, Presidential Policy Directive 19, issued by President Obama in 2012, provides such protections for disclosures made to supervisors within the agency, the agency Inspector General, or the Director of National Intelligence. However, if the agency is ultimately unwilling to address the employee’s concerns, that employee is without additional recourse.

In several well-known instances, IC employees turned to the media to promulgate their concerns. This violation of whistleblowing protocol is a dangerous precedent to set. Congress must provide an avenue for IC employees to come to them in order protect classified information and fulfill its executive oversight responsibility.

Whistleblower Failures

Doing it the right way with the wrong result

While the intelligence agencies and congressional committees offer statutory legal protections to whistleblowers, their track record in practice tells a different story. In 2010, former NSA senior executive Thomas Drake was charged with violating the Espionage Act for disclosing NSA documents to a Baltimore Sun reporter. Drake had expressed concern with the cost, effectiveness, and legality of an NSA surveillance and data collection program, Trailblazer. Drake followed the proper procedures established in the ICWPA by reporting his concerns to his supervisors, the NSA’s Inspector General, the Department of Defense Inspector General, and the Congressional intelligence committees.3 Ultimately, when his concerns fell on deaf ears, he shared unclassified information with the Baltimore Sun that inspired a series of articles on the NSA.

"Drake followed the Intelligence Community Whistleblower law to a ‘T’," said Kathleen McClellan, the national security and human rights counsel for the Government Accountability Project.4 His efforts to follow proper procedure did not shield him from criminal prosecution, and though the government eventually dropped most of its charges, the episode surely did not inspire confidence in future whistleblowers to come forward. 

The national discussion over the structure and efficacy of IC whistleblowing reached an apex in 2013 when IC subcontractor Edward Snowden leaked thousands of NSA documents concerning U.S. surveillance programs directly to the media.

Why did Snowden ignore whistleblowing procedures? Thomas Drake may provide context: "Snowden carefully saw what happened to me and others, and it was clear there was no other recourse.”5

Doing it the wrong way with a worse result

While the debate regarding U.S. surveillance programs and data privacy at large remains unresolved, both Democratic and Republican leaders have condemned Snowden’s actions. In 2016, the Obama Administration refused to entertain the proposal that Snowden be pardoned, explaining:


“I don’t think it makes sense, because Edward Snowden is not a whistleblower. There actually is a specific process that is well-established and well-protected that allows whistleblowers to raise concerns that they have, particularly when it relates to confidential or classified information, to do so in a way that protects the national security secrets of the United States. That is not what Mr. Snowden did.”6

—Obama Administration Press Secretary Josh Earnest

2016 Democratic Presidential nominee Hillary Clinton echoed those sentiments during a Democratic primary debate, saying Snowden broke the law by not taking his concerns through the proper channels, as detailed in the ICWPA. The Republican-led House Intelligence Committee released its summary report in 2016 denying Snowden whistleblower status:

“Snowden was not a whistleblower. Under the law, publicly revealing classified information does not qualify someone as a whistleblower. However, disclosing classified information that shows fraud, waste, abuse, or other illegal activity to the appropriate law enforcement or oversight personnel – including to Congress – does make someone a whistleblower and affords them with critical protections.”7

—House Intelligence Committee Review of the Unauthorized Disclosures of Former National Security Agency Contractor Edward Snowden

While President Trump has not commented on Snowden directly since taking office, he referred to him as a traitor in 2013, and his Administration has been advocating for the permanent renewal of the same surveillance capabilities Snowden sought to end by exposing them to the public.8 It is unlikely that he is sympathetic to Snowden’s request to be treated as a whistleblower and pardoned.

Despite the clear bipartisan consensus to prosecute Snowden for violations of the Espionage Act – which prohibits the sharing of classified information relating to the national defense – the extent to which Snowden would have been protected under the ICWPA is less clear. The ICWPA does not protect IC whistleblowers from retaliation, and President Obama’s 2012 directive that sought to implement such protections does not explicitly address the rights of contractors such as Snowden.9

Both the NSA Inspector General, George Ellard, and the House Intelligence Committee have stated that Snowden would have been provided legal protections had he followed procedure and come to them. By not keeping this sensitive information within the U.S. intelligence community, he exposed classified operations to the world, causing substantial strategic and financial damage to the U.S.

What Congress Should Do to Protect Whistleblowers

In order to encourage IC whistleblowers while concurrently safeguarding sensitive intelligence information, Congress must establish a clear channel for whistleblowers to share their urgent concerns. Beyond clarifying that blowing the whistle to Congress affords legal protections, Congress must also provide a secure avenue in which to do so.

Third Way searched nearly 200 relevant congressional office websites and found only eight email addresses soliciting whistleblower concerns.10 We chose these offices based on their assignment to one of six committees with national security or government oversight responsibilities: Senate Armed Services, House Armed Services, Senate Intelligence, House Intelligence, Senate Homeland Security and Government Reform, and House Oversight and Government Reform committees.

Given these members’ proximity to national security and government oversight issues, as well as their clearance to receive classified government information, we identified this pool of members as the likeliest to solicit whistleblower concerns. However, only a small percentage offers a public channel for whistleblower communication. Eight of the offices or committee websites in this pool provide an email address or online form to report waste, fraud, or abuse. Several others address the issue of whistleblowing without explicitly providing a channel for communication. These offices include: 

  1. Senate Homeland Security and Government Reform Committee website provides two email address of the Committee Chairman and Ranking Member on its contact page: and
  2. Senate Homeland Security and Government Reform Committee Chairman Ron Johnson (R-WI) provides an email address for whistleblowers on his contact page:
  3. Senate Homeland Security and Government Reform Committee Ranking Member Claire McCaskill (D-MO) touts the importance of whistleblowers on her issues page and provides an email address:
  4. House Oversight and Government Reform Committee majority website provides a prominently placed online form:
  5. House Oversight and Government Reform and House Armed Services Committee member Steve Russell (R-OK) provides an email address for whistleblowers on his contact page:
  6. House Oversight and Government Reform Committee minority website provides a prominently placed online form:
  7. House Armed Services and Intelligence Committee member Jackie Speier (D-CA) touts the importance of whistleblowers on her issues page, is co-chair of the House Whistleblower Protection Caucus, and provides a link to the House Oversight Committee form:
  8. Senate Armed Services Committee member Elizabeth Warren (D-MA) provides an online form, though it is aimed specifically at Department of Education oversight and not prominently placed:

Some members of the six surveyed committees highlight the importance of whistleblower protections on their websites but do not offer an explicit communication channel to solicit concerns. These offices include:

  1. House Armed Services Committee member Mike Coffman (R-CO) is co-chair of the House Whistleblower Protection Caucus.
  2. House Oversight and Government Reform Committee member Rod Blum (R-IA) is co-chair of the House Whistleblower Protection Caucus.
  3. Senate Armed Services Committee member Thom Tillis (R-NC) is a member of the Senate Whistleblower Protection Caucus.
  4. Senate Armed Services Committee member Deb Fischer (R-NE) is a member of the Senate Whistleblower Protection Caucus.
  5. Senate Intelligence Committee member Ron Wyden (D-OR) is vice-chair of the Senate Whistleblower Protection Caucus. 

In addition, despite the formation of Whistleblower Protection Caucuses in the Senate and House in the 114th Congress, neither has its own website or communication channel. However, we found examples of caucus members do solicit whistleblower input through their website but do not sit on any of the six committees we surveyed. These offices include:

  1. Senate Judiciary Committee Chairman and Senate Whistleblower Caucus Chairman Chuck Grassley (R-IA) provides an email address for whistleblowers on his contact page:
  2. House Homeland Security Committee member Kathleen Rice (D-NY) provides an email address for whistleblowers on her contact page:

Further, no website offers an encrypted communication channel, unlike most major journalism outlets.11 Commonly used messaging apps like Signal allow users to send and receive encrypted text messages and phone calls, and SecureDrop allows whistleblowers to anonymously submit documentation while shielding their identity. 

Given the general lack of faith in cyber privacy, Congress must offer a secure communication channel that IC whistleblowers can utilize to keep their communication truly confidential. Further, an encrypted communication channel protects against external breaches and keeps potentially sensitive information from leaking to the public or to adversarial governments. 

Whistleblowers are an essential component of any large bureaucracy, as they can offer tangible insight to senior level officials who may otherwise be unaware of a program’s inefficiency. However, given the sensitive nature of work in the intelligence community, there must be clear guidelines for encouraging employees to report their concerns while simultaneously protecting the information from general publication. Congress is uniquely suited to provide an additional avenue for whistleblowers to voice their concerns, hold the intelligence community accountable, and safeguard classified information. The safety of our national security programs and personnel could face additional – and avoidable – risk if whistleblowers follow Snowden’s lead and leak proprietary intelligence to the media.