I don't think that's very clear in the article. The law allows companies to provide incentives for internal reports but the employee/reporter is the one who can chose to do an internal and an external report.
> Personen, die beabsichtigen, Informationen über einen Verstoß zu melden, können wählen, ob sie sich an eine interne Meldestelle (§ 12) oder eine externe Meldestelle (§§ 19 bis 24) wenden. Wenn einem intern gemeldeten Verstoß nicht abgeholfen wurde, bleibt es der hinweisgebenden Person unbenommen, sich an eine externe Meldestelle zu wenden.
DeepL translation:
> Persons intending to report information about a violation may choose whether to contact an internal reporting office (Section 12) or an external reporting office (Sections 19 to 24). If an internally reported violation has not been remedied, the whistleblower is free to contact an external reporting office.
Thanks, the article made it sound like you have to use internal channels but the line "können wählen, ob sie sich an eine interne Meldestelle (§ 12) oder eine externe Meldestelle (§§ 19 bis 24) wenden." indicates you can do either internal or external report.
Otherwise I am not sure, if money is the solution to everything, as it could create incentive to create problems or make them worse, only to eventually receive a bigger part of the fines.
Googling "largest whistleblower reward" turns up a $114 million reward and a $200 million reward.
> create problems or make them worse
Personally, I'd hope that the sophistication of the regulators involved, and the liable parties' lawyers---if you're doing something bad enough to be liable for billions of dollars in fines, you can afford good lawyers---would be a good guard against whistleblowers' trying to game the system.
I'm afraid I can't cite them to you, but as I recall, some whistleblowers have received gigantic sums of money, and some have been denied. You really can't count on a windfall, and if it comes, it might be years later.
Whether the denials were justified or not -- can't say.
There is the False Claims Act[1] and it has been used to fight corruption in the hospice care industry but it does not seem to have really stopped it[2].
I only know of this in securities violations and maybe one aspect of the medical field? Can you elaborate most? Most employees and stakeholders are just lucky if they aren't ostracized from their field forever.
Idea: extend the act to provide full protection for US Americans who expose espionage, sabotage (and possibly worse things) carried out in EU countries.
I don't follow. Why would an EU country punish a US citizen for reporting espionage/sabotage directed against the EU country? Or do you mean something else?
They would need guaranteed non-extradition and possibly a lot of protection so they don't get abducted by the US, but that sort of legislation would never sail under the current German government.
Treason is a crime in Germany, too, and whether the result is politically opportune for Germany couldn't officially play a role in front of a Oberlandesgericht court when ruling on an extradition request by the US. Disclosure of spy activities certainly would be a crime if committed in Germany against Germany, so extradition for such a whistleblower would have to be stopped at the political level, which is possible, but that's not something I would want to depend on. The US could exert a lot of very painful pressure on a German government, and as the Snowden affair shows, broad public support is far from given. Might be easier to weather the scandal from giving in than the consequences of sticking to principles.
Maybe my wording is bad; the EU should offer protection to US citizens who expose crimes committed by the US government in the EU. And preferably committed elsewhere in the world, since it's in the world's best interest to know.
What did he expose exactly? As far as I know - according to the US government - foreigners have no rights whatsoever so they could spy on everyone else completely legally. For example - they could install spyware/keylogger on my computer completely legally, because the 4th amendment doesn't apply to non-Americans.
Maybe... they haven't told me. I am also not sure if the EU is running large scale wiretapping operations in the U.S. and I think that the U.S. would react in a drastic way if they learned about it - as opposed to the EU.
What I do know: U.S. citizens are protected by GDPR when they are in the EU.
Not sure about large scale operations, but it would be stupid for them not to gather any intelligence in the USA. Especially when their security depends on the US.
Foreign intelligence agencies could not do much if they had to follow all the foreign laws. It's their job to gather intelligence abroad. What do you expect them to do? "Oh shit - this Russian law forbids us from gathering intelligence in Russia - we'd better stop and go home"?
Snowden's revelations didn't surprise me in the slightest. I already knew that US intelligence agencies could spy on me if they wanted to.
And I don't give a crap if they spy on US citizens, because I'm not an American.
Honestly sort of depressing how everything follows US policy: NDAA contained whistleblower-protection language--and we have to be proud of it. Couldn't other "western liberal democracies" just initiate their own policy initiatives--sounds like I'm denigrating US--I'm not--but couldn't other countries initiate their own first, why have to wait and play second fiddle? Always like this. US passes some law, then you see, like the dominoes fall elsewhere--depressing as it gives the impression they were too scared to pass before US...ugh. Progress controlled from one source is not diverse enough to succeed. We need more :)
It's a feeling built up over years, from a gestalt experience... I wasn't keeping notes. I don't know...some places I might look to research that further are: copyright law / DMCA, encryption law and export regulation, COVID policies, country / company blacklists, crypto law -- but without finding all the little moments in my past where I saw such and such a news happen in USA, then later on such and such similar legislation / policy happen in EU, in East Asian democracies, in Indo Pacific...I couldn't provide you who is exactly on that list for sure. Just a feeling it's there tho. I'm sure it seems probably not very convincing to you...that's OK, you have your own experience and memory. This is mine.
Thanks for the link. Interesting. Cross-pollination maybe? :) Have a good one!
I don't see how this works if it is usually companies that are corrupt to the top that have stuff that the public should know.
Just look at Boeing, there were countless internal issues raised about the corner cutting and it was just ignored over and over.
Won't this also allow a company to internally fix the issues and then sweep it under the rug?