Emerging Issues in Whistleblower Law and Retaliation

Katz, Marshall & Banks partner Debra Katz published an article in the December, 2017 issue of ALI-CLE magazine, "The Practical Lawyer," entitled, "Emerging Issues in Whistleblower Law and Retaliation." Click here to view the article as a PDF, or read the full text below.

Reprinted from the December 2017 issue of ALI CLE’s The Practical Lawyer.


Over the past 15-plus years, the United States has seen a tremendous expansion in the number of employees and employers, and in the types of conduct, to which whistleblower protections apply at both the federal and the state level. The main reason for this trend has been the enactment of a large number of federal laws that prohibit retaliation against employees for raising concerns about what they reasonably perceive to be unlawful activities on the part of their employers or related entities.

Claims filed by employees under many of these federal whistleblower protections are investigated by the U.S. Occupational Safety and Health Administration (“OSHA”), which today administers some 22 whistleblower-protection laws in areas ranging from workplace safety to financial reporting.1 Over the past several years alone, Congress has enacted laws that protect employees who report perceived illegalities in a wide range of new areas, including consumer financial products (Consumer Financial Protection Act of 2010), food safety (FDA Food Safety Modernization Act of 2011), safety defects in automotive manufacturing and parts (Moving Ahead for Progress in the 21st Century Act of 2012), and waste, fraud and abuse in government contracts (National Defense Authorization Act of 2013).

The effect of this proliferation of new whistleblower-protection laws on businesses in the U.S. is amplified by the fact that the appellate tribunal that hears the most appeals arising under them—the Administrative Review Board of the U.S. Department of Labor—has handed down one pro-whistleblower decision after another since 2010. The resulting expansion and liberalization of whistleblower law in the United States has created a difficult terrain for today’s human resources, compliance and legal departments. The one thing that professionals working in these areas today can count on is this: if a supervisor disciplines an employee after a heated discussion about a company’s practices, products, or internal policies, there is a growing chance that the company has given the employee a colorable claim for retaliation under one or another whistleblower-protection law.

Many of the recent developments in whistleblower-retaliation law have grown out of cases arising under the anti-retaliation provisions of the Sarbanes-Oxley Act of 2002 (“SOX”), a sweeping overhaul of the regulatory framework for the governance of the nation’s public companies and financial markets. The employee-protection provisions of SOX and the related provisions of the newer Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010 protect a growing population of employees who work directly or indirectly for publicly traded companies or for entities involved in the nation’s financial markets, and who blow the whistle on corporate fraud and violations of federal securities laws.

How a company responds to these types of employee reports can be a critical factor in their impact on the organization’s finances, regulatory wellbeing, corporate culture, and employee morale. Attention to regular compliance training can ensure that frontline managers facilitate the flow of employee concerns up the chain of command and avoid reacting in a negative manner that exposes the company to a retaliation complaint. A functioning compliance program can see that serious employee concerns trigger a thorough internal investigation, allowing the company to assess and remedy violations internally while minimizing any ensuing actions from regulators, shareholders, counterparties or others affected by the conduct that is the subject of the concerns. For these reasons, it is important for in-house counsel, compliance personnel and human resources professionals to keep abreast of whistleblower-retaliation laws that affect their business.

As described below, the Dodd-Frank Act significantly expanded whistleblower protections for employees who face retaliation for raising concerns about fraud, securities violations and related wrongdoing by their employers. The Dodd-Frank Act amended the employee-protection provisions of SOX and also created a new cause of action that a whistleblowing employee can bring in federal court; and, as the U.S. Securities and Exchange Commission (“SEC”) stated in its final rules for the whistleblower program, empowered the SEC itself to use its enforcement efforts to hold employers accountable for retaliation. The SEC has invoked this authority on multiple occasions, including by bringing its first stand-alone retaliation case against an employer in September 2016.

In addition to focusing on the enforcement of employee protections afforded by these laws, the SEC has taken aim in recent years at employer-imposed agreements that might impede the flow of information from employees to the Commission. The agreements at issue, often signed by the employee as a condition of employment itself or as a condition of receiving severance payments, might require employees to certify that they have not shared confidential information with any third party, to alert the employer to any inquiries from government agencies, or to waive their right to the monetary awards that Dodd-Frank directed the SEC to provide to whistleblowers. The SEC has shown a willingness to invalidate such agreements for illegally deterring whistleblowers.

THE SARBANES-OXLEY ACT, 18 U.S.C. § 1514A (“SOX”)

One of the most widely discussed— and litigated— federal whistleblower statutes is the anti-retaliation provision contained in Section 806 of the Sarbanes-Oxley Act of 2002 (“SOX 806”), 18 U.S.C. § 1514A, which protects employees who report corporate fraud and violations of U.S. securities laws. SOX 806 provides a cause of action to employees of publicly traded companies and certain of their subsidiaries and contractors who allege that their employers retaliated against them because they provided information about, or participated in an investigation relating to, what they:

reasonably believe[d] constitute[d] a violation of section 1341 [mail fraud], 1343 [wire fraud], 1344 [bank fraud], or 1348 [securities fraud], any rule or regulation of the Securities and Exchange Commission, or any provision of Federal law relating to fraud against shareholders. 18 U.S.C. § 1514A(a)(1).

SOX 806 protects those who provide, or cause to be provided, information or otherwise participate in an investigation regarding any conduct that the employee reasonably believes constitutes a violation of these federal laws. 18 U.S.C. § 1514A(a)(1). The information must have been provided to, or the investigation must be conducted by: (1) a federal regulatory or law enforcement agency; (2) a member of Congress or any committee of Congress; (3) a person with supervisory authority over the employee; or (4) a person working for the employer who has the authority to investigate, discover, or terminate the misconduct. Id. The law also protects those who file, cause to be filed, testify, participate in, or otherwise assist in a proceeding filed, or about to be filed, relating to an alleged violation of federal securities and fraud laws. 18 U.S.C. § 1514A(a)(2). In order to prevail in a claim of retaliation brought under SOX 806, the complainant must show that his protected activity was a contributing factor in the adverse personnel action. Available remedies include reinstatement, back pay, compensatory damages, and attorneys’ fees and costs sustained as a result of the discharge or other retaliation.

Section 929A of the Dodd-Frank Act of 2010 amended SOX to clarify that the whistleblower protections of SOX 806 apply to certain subsidiary entities of publicly traded corporations. Specifically, the amendment extended coverage to “any subsidiary or affiliate whose financial information is included in the consolidated financial statements of [a publicly-traded company].” In addition to covering employees of publicly traded companies and such subsidiaries, the whistleblower protection provisions in SOX also cover “any officer, employee, contractor, subcontractor or agent” of a covered company. 18 U.S.C. § 1514A(a).

The terms “officer,” “employee,” “contractor,” “subcontractor,” and “agent” are not defined in the Act, and, until 2014, the question of whether employees of contractors of publicly traded companies were covered by the Act’s anti-retaliation provision was the subject of frequent litigation. Federal courts considering the question had generally found that SOX’s protections against retaliation did not extend to employees of agents or contractors of publicly traded companies, but the Department of Labor had interpreted the statute as protecting individuals employed by private companies that contracted with publicly traded companies. The United States Supreme Court resolved this disagreement in Lawson v. FMR LLC, 134 S. Ct. 1158 (2014). In a widely discussed decision, the Court concluded that the statutory language supported the broader construction of SOX’s coverage, and held that SOX’s anti-retaliation provisions applied employees of contractors of publicly traded companies. By declining to set limits on this extension of coverage, the Law-son decision left the lower courts to decide, at least for now, what types of contractors doing what types of work for publicly traded companies would be covered by SOX Section 806.

What follows are summaries of a few recent decisions regarding SOX’s coverage of certain employees and regarding two of the key, disputed elements of a claim of retaliation under SOX – protected activity and causation.

Covered Employees

Weighing in on the reach of the Lawson decision, the U.S. District Court for the Southern District of New York recently denied a defendant’s motion to dismiss a SOX retaliation claim on the basis that the defendant was not a publicly traded company. See Tellez v. OTG Interactive, LLC, No. 15 CV 8984-LTS, 2016 WL 5376214 (S.D.N.Y. Sept. 26, 2016). The court found that the defendant was a contractor of a publicly traded company, and further found that the plaintiff’s protected activity involved fraud that the defendant contractor had allegedly committed in providing services to clients of the publicly-traded company. The court cited Gibney v. Evolution Marketing Research, LLC, 25 F. Supp. 3d 741 (E.D. Pa. 2014), and Anthony v. Northwestern Mutual Life Ins. Co., 130 F. Supp. 3d 644, 652 (N.D.N.Y. 2015), for their interpretations of Lawson requiring that a relationship exist between the fraud committed by the contractor and the underlying contract with the publicly traded company.

In Trusz v. UBS Realty, No. 3:09-CV-00268 (JAM), 2016 WL 1559563 (D. Conn. Apr. 18, 2016), the court held that the Dodd-Frank amendment extending SOX protections to employees of subsidiaries of publicly traded companies was merely a clarification of the statute’s coverage and therefore applied retroactively. In so deciding, the court sided with the majority of other courts that had addressed the question to date.

Protected Activity

Recent decisions of the ARB have reinforced a several-year trend of expanding the scope of protected activity under the statute, a trend that began in 2011 when the ARB rejecting the narrow standard that it had earlier articulated in Platone v. FLYi, Inc., ARB No. 04-154, ALJ No. 2003-SOX-27 (ARB Sept. 29, 2006). The Platone standard required that the employee’s complaints “definitively and specifically” relate to a violation of one of the statutes enumerated in SOX Section 806 in order to be protected. In Sylvester v. Parexel Int’l LLC, ARB No. 07-123, ALJ Nos. 2007-SOX-039, -042 (ARB May 23, 2011), the ARB adopted a more employee-friendly standard for determining whether an employee’s activity was protected by SOX, requiring that and employee demonstrate only a “reasonable belief” that the conduct he or she complained about violated one of the enumerated provisions in SOX.

The ARB has consistently applied this more lenient standard in the years since its Sylvester decision. In a recent such application in Dietz v. Cypress Semiconductor Corp., ARB No. 15-017, ALJ No. 2014-SOX-2 (ARB Mar. 30, 2016),2 the ARB held that the complainant had engaged in protected activity under SOX because his complaints that his company had misrepresented the terms of a new bonus plan to its employees amounted to complaints of fraud. The ARB noted that employee complaints about most any form of fraud could constitute protected activity under SOX as long as use of the mail or the wires was necessary to perpetrate that fraud, which would almost always be the case. The ARB also made clear that a whistleblower could claim constructive discharge if he resigned because an employer acted in a way that would put a reasonable employee on notice that he or she stood to be terminated.

Recent court decisions illustrate the ongoing impact of the ARB’s Sylvester decision and subsequent rulings on protected activity. In Erhart v. Bofi Holding, Inc., No. 15-CV-02287-BAS(NLS), 2016 WL 5369470 (S.D. Cal. Sept. 26, 2016), for example, the court was faced with the question whether to follow Sylvester or to apply the stricter Platone standard, which the Ninth Circuit had previously endorsed. The court concluded that applying the Sylvester standard was appropriate in light of the Ninth Circuit’s pre-Sylvester reliance on a since-abrogated ARB decision. In Trusz, supra, the court rejected the defendant’s arguments that SOX’s protections extended only to complaints that focused on shareholder fraud, and not to complaints that targeted other violations of the statutes and regulations listed in SOX Section 806. The court based its interpretation on the plain text of the statute as well as on decisions from the ARB and other courts in the Second Circuit. The court ultimately rejected the defendant’s motion for summary judgment, finding that the plaintiff engaged in protected activity when he raised concerns internally and externally about the defendant’s valuation procedures, and that a reasonable jury could find that his protected activity had led to the defendant’s decision to terminate him.

The “reasonable belief” standard has greatly broadened the scope of protected activity under SOX, but courts will still scrutinize the employee’s opposition to employer practices to ensure that his or her belief was a reasonable one. In Beacom v. Oracle Am., Inc., 825 F.3d 376 (8th Cir. 2016),3 in which the Eighth Circuit for the first time explicitly adopted the “reasonable belief” standard and rejected the “definitively and specifically” standard, the court nonetheless affirmed a district court decision granting summary judgment to the employer. The court found that the plaintiff’s belief that the company was defrauding its shareholders by falsely projecting sales revenues was not reasonable when the multi-billion dollar company missed its projections by less than $10 million. Because the plaintiff’s belief was not reasonable, the court held that his com-plaints did not constitute protected activity. In addition to the reasonable belief standard, the ARB recently outlined the standards for plaintiffs to establish retaliation. In the Leaks v. Arctic Glacier decision, the Board ruled that because the plaintiff, who filed an STAA claim, only provided general safety complaints in his claim, his actions did not constitute protected activity. The decision offers keys insight into the types of evidence plaintiffs are required to provide to establish protected activities.4

Causation

The ARB issued a number of important decisions in 2016 that clarified the standard for proving causation in whistleblower-retaliation cases filed with the Department of Labor. The most important such decision was issued in a case brought under the Federal Railroad Safety Act (“FRSA”), which, like SOX, requires the application of a two-stage causation standard: the complainant must demonstrate by a preponderance of the evidence that his or her protected activity was a “contributing factor” in the employer’s decision to take adverse action, and the employer can then avoid liability only if it proves by clear and convincing evidence that it would have taken the same action even in the absence of protected activity. In Palmer v. Canadian Nat’l Ry., ARB No. 16-035, ALJ No. 2014-FRS-154 (ARB Sept. 30, 2016),5 the ARB reversed a ruling by an administrative law judge (“ALJ”) in favor of an employee and remanded the case to the ALJ. The ARB so ruled because the ALJ had relied on the ARB’s earlier decision in Fordham v. Fannie Mae, ARB No. 12-061, ALJ No. 2010-SOX-051 (ARB Oct. 9, 2014), and the ARB in Palmer decided to overturn Fordham. In Fordham, the ARB had held that when a factfinder is determining whether the employee had met the contributing factor standard, the factfinder could not consider the employer’s evidence that it had taken action against the employee for a legitimate, non-retaliatory reason.

In overturning this holding, the ARB noted that “the statute contains no limitations on the evidence the factfinder may consider at all.” The ARB cautioned, however, that the ALJ should not weigh the relative importance of the employee’s protected activity and the employer’s purported basis for the adverse action in determining whether the employee had met the contributing factor standard, as that standard requires only that the employee show that the protected activity played some role, even if small, in the decision to take adverse action. The Palmer decision thus makes clear that the employee’s burden in establishing a “contributing factor” should be easy to meet, and that the employer faces a separate and much higher burden of establishing by clear and convincing evidence that it would have taken the same action regardless. The ARB explained:

We have said it many a time before, but we cannot say it enough: “A contributing factor is ‘any factor, which alone or in combination with other factors, tends to affect in any way the outcome of the decision.’” We want to reemphasize how low the standard is for the employee to meet, how “broad and forgiving” it is. “Any” factor really means any factor. It need not be “significant, motivating, substantial or predominant”—it just needs to be a factor. The protected activity need only play some role, and even an “[in]significant” or “[in]substantial” role suffices.

The ARB’s reversal of Fordham and clear direction for determining causation in Palmer, a case arising under the FRSA, is particularly important for whistleblowers because at least a dozen other DOL-administered federal statutes have identical burden-of-proof provisions.6 The ARB views its decisions interpreting the whistleblower-protection provisions of these statutes as persuasive authority in whistleblower cases arising under other OSHA-enforced statutes that contain similar or nearly identical provisions that protect employees in a wide range of industries. See, e.g., Sylvester v. Paraxel Int’l, LLC, ARB No. 07-123, ALJ Nos. 2007-SOX-039, -042, slip op. at 35 (ARB May 25, 2011) (noting that the ARB interprets whistleblower statutes in a parallel manner).

The ARB issued another important decision in 2016 relating to causation in Folger v. SimplexGrinnell, LLC, ARB No. 15-021, ALJ No. 2013-SOX-42 (ARB Feb. 18, 2016). In that case, the ARB affirmed the ALJ’s decision to dis-miss a SOX whistleblower complaint. The ARB found that “the record contains sufficient evidence for the ALJ to have believed Simplex’s non-retaliatory reasons for the termination” and that “the full timeline of all relevant facts undermined, rather than supported, any causal connection between [complainant’s] protected activity and [respondent’s] actions.” However, the decision is noteworthy in that the ARB makes clear in a footnote that the decision-maker’s knowledge is not an element of a SOX whistleblower claim, as some courts have stated. The ARB explained that “the statute does not include any explicit knowledge requirement” and “there are times when the complainant need not show that the ultimate decision maker in fact had knowledge of the protected activity.” For this latter proposition, the ARB cited an example from an ERA case in which “knowledge of the protected activity on the part of an individual who has some influence on the ultimate decision maker can suffice to satisfy the complainant’s burden to show the protected activity was ‘a contributing factor’ in the adverse personnel action.”

THE DODD-FRANK ACT’S ANTI-RETALIATION PROVISION AND PROTECTION OF INTERNAL WHISTLEBLOWERS

Section 922 of the Dodd-Frank Act created a new cause of action, set forth in Section 21F(h)(1)(A), which allows “whistleblowers” to sue in federal court if their employers retaliate against them because they pro-vided information about potential securities violations to the SEC; initiated, testified, or assisted in any investigation related to the program; or made disclosures “required or protected” under the Sarbanes-Oxley Act, the Securities Exchange Act of 1934, or any other law, rule, or regulation under the jurisdiction of the SEC. 15 U.S.C. § 78u-6(h)(1)(A).

A Dodd-Frank retaliation claim may be filed directly in federal court within three years “after the date when facts material to the right of action are known or reasonably should have been known to the employee” (but subject to a maximum of six years). Section 21F(h)(1)(B)(iii). A whistleblower’s remedies include reinstatement, double back pay with interest, attorneys’ fees, and reimbursement of other related litigation expenses. Section 21F(h)(1)(C). Punitive damages are not recoverable under the statute. See Rosenblum v. Thomson Reuters (Markets) LLC, 13 CIV. 2219 SAS, 2013 WL 5780775, at *5 (S.D.N.Y. Oct. 25, 2013).

Even though the statute by its terms provides a cause of action only to “whistleblowers,” which Section 21F(a)(6) of the Act defines as individuals who provide information to the SEC, there is a growing circuit split as to whether the third category of the anti-retaliation section extends the statute’s protections to individuals whose disclosures are “required or protected” by certain laws within the SEC’s jurisdiction, and who have reported internally but not reported their information to the SEC. The SEC’s June 13, 2011, interpretive guidance, provided in its comments to the final rule, stated, “[T]he statutory anti-retaliation protections apply to three different categories of whistleblowers, and the third category includes individuals who report to persons or governmental authorities other than the [SEC].” Securities and Exchange Commission, Securities Whistleblower Incentives and Protections, 76 Fed. Reg. 34,300–01 (June 13, 2011) (codified at 17 C.F.R. §§ 240–49). The federal courts, however, are currently split on the validity of this SEC interpretation and disagree as to whether Dodd-Frank protects whistleblowers who only report internally.

The first Court of Appeals to review the question rejected the SEC’s interpretation, holding that “[u]nder Dodd-Frank’s plain language and structure, there is only one category of whistleblowers: individuals who provide information relating to a securities law violation to the SEC.” Asadi v. G.E. Energy (USA), L.L.C., 720 F.3d 620, 625 (5th Cir. 2013). The court held that the third category of protected activity does not broaden the definition of “whistleblower” to include those who make internal reports, that it is unambiguous, and that it does not create a conflict or ambiguity in the law. The court stated that any other construction of the provision would render moot SOX’s anti-retaliation provision and the accompanying administrative scheme.

Two years later, the Second Circuit disagreed with Asadi, creating a circuit split and increasing the likelihood of eventual Supreme Court review. In Berman v. Neo@Ogilvy LLC, 801 F.3d 145, 147 (2d Cir. 2015), the court held that Dodd-Frank protects whistleblowers who report securities violations internally but had not reported to the SEC. The court explained its reasons for deferring to the SEC:

[T]he tension between the definition in subsection 21F(a)(6) [defining a whistleblower as someone who reports to the SEC] and the limited protection provided by subdivision (iii) of subsection 21F(h)(1)(A) if it is subject to that definition renders section 21F as a whole sufficiently ambiguous to oblige us to give Chevron deference to the reasonable interpretation of the agency charged with administering the statute.

On March 8, 2017, the Ninth Circuit became the third U.S. Court of Appeals to address the question whether the Dodd-Frank Act protects internal reporting. In Somers v. Digital Realty Trust Inc., 850 F.3d 1045 (9th Cir. 2017), the court joined the Second Circuit in deferring to the SEC’s interpretation, and held that internal reporting is protected under the Dodd-Frank Act. The court explained its reasoning with reference to 15 U.S.C. § 78u-6(h)(1)(A)(iii), the provision granting protection to those who, inter alia, make disclosures that are “required or protected” under SOX, and states:

Subdivision (iii) was added after the bill went through Committee. There is no legislative history explaining its purpose, but its language illuminates congressional intent. By broadly incorporating, through subdivision (iii), Sarbanes-Oxley’s disclosure requirements and protections, DFA necessarily bars retaliation against an employee of a public company who reports violations to the boss, i.e., one who “provide[s] information” regarding a securities law violation to “a person with supervisory authority over the employee.” 18 U.S.C. § 1514A(a). Provisions of Sarbanes-Oxley and the Exchange Act mandate internal reporting before external reporting. Auditors, for example, must “as soon as practicable, inform the appropriate level of management” of illegal acts, and only after such internal reporting may auditors bring their concerns to the SEC. 15 U.S.C. § 78j-1(b). Leaving employees without protection for that required preliminary step would result in early retaliation before the information could reach the regulators. As the Second Circuit noted, “[I]f subdivision (iii) requires reporting to the [SEC], its express cross-reference to the provisions of Sarbanes-Oxley would afford an auditor almost no Dodd-Frank protection for retaliation because the auditor must await a company response to internal reporting before reporting to the Commission, and any retaliation would almost always precede Commission reporting.” Berman, 801 F.3d at 151. Sarbanes-Oxley likewise requires lawyers to report internally, 15 U.S.C. § 7245, and the SEC’s Standards of Professional Conduct set forth only limited instances in which an attorney may reveal client confidences to the SEC, 17 C.F.R. § 205.3(d)(2). The attorney would be left with little DFA protection. Id. at 1049.

Like the Berman court, the Ninth Circuit also cites the Supreme Court’s decision in King v. Burwell for the proposition that while the term “whistleblower” is defined in the statute as someone that reports “to the Commission,” “[t]erms can have different operative consequences in different contexts.” Id. The court also found that applying the limited definition of the term would narrow 15 U.S.C. § 78u-6(h)(1)(A)(iii) “to the point of absurdity,” protecting only those “who had reported possible securities violations both internally and to the SEC, when the employer—unaware of the report to the SEC—fires the employee solely on the basis of the employee’s internal report.” Id. Finally, the court held that the SEC’s implementing regulations interpreting the ambiguous language were entitled to deference. Accordingly, the court sided with the Second Circuit and found that internal whistleblowers were protected under Dodd-Frank.

The Ninth Circuit’s decision has tipped the balance of federal appellate jurisprudence on this subject towards the protection of internal reporting.7 A significant number of federal district courts have ruled for8 and against9 such protection.

RETALIATION-RELATED ACTIONS BY THE U.S. SECURITIES AND EXCHANGE COMMISSION

Section 922 of the Dodd-Frank Act amended the Securities Exchange Act of 1934, 15 U.S.C. § 78a et seq., to create a new federal program by which the U.S. Securities and Exchange Commission (“SEC”) rewards whistle-blowers who voluntarily provide original information to the SEC regarding securities violations that result in the imposition of monetary sanctions greater than $1 million. Section 922 states that the whistleblower’s financial reward for the provision of such original information shall be not less than 10 percent and not more than 30 percent of the total collected monetary sanctions from the offending party.

According to the SEC’s most recent report to Congress, 2016 marked the fifth straight fiscal year in which the number of tips submitted to the SEC was larger than the previous year.10 As of November 2016, the SEC had received a total of 18,334 whistleblower tips. Of these, 4,218 tips were received during the 2016 fiscal year, a seven percent increase from the previous fiscal year. The SEC issued also awarded more than $57 million to 13 whistleblowers in FY2016, a substantial increase over the $37 million it paid out in 2015. In addition to issuing these awards, the SEC had taken a number of noteworthy enforcement actions in support of whistleblowers. The Commission has issued several more large awards in 2017.

Enforcement Actions Targeting Unlawful Retaliation

The SEC is empowered to bring an action against a company for unlawful retaliation in violation of the Dodd-Frank Act pursuant to 17 C.F.R. § 240.21F-2(b)(2). The SEC brought its first such enforcement action against Paradigm Capital Management in 2014 for engaging in prohibited principal transactions and for retaliating against the trader who reported the transactions.11

On September 29, 2016, the SEC for the first time issued a penalty against a company for retaliating against a whistleblower in a case in which the Commission did not impose a penalty for substantive securities violations.12 According to the SEC, a casino-gaming company known as International Game Technology (IGT) agreed to pay $500,000 “for firing an employee with several years of positive performance reviews because he reported to senior management and the SEC that the company’s financial statements might be distorted.” The employee had been “removed from significant work assignments within weeks of raising concerns about the company’s cost accounting model” and terminated just three months later.

Enforcement Actions Targeting Employer Agreements

The SEC has been more active than ever over the past year in penalizing companies that seek to muzzle whistleblowers through the use of restrictive agreements. SEC Rule 21F-17(a) provides:

No person may take any action to impede an individual from communicating directly with the Commission staff about a possible securities law violation, including enforcing, or threatening to enforce, a confidentiality agreement (other than agreements dealing with information covered by § 240.21 F-4(b)(4)(i) and § 240.2 1F-4(b)(4)(ii) of this chapter related to the legal representation of a client) with respect to such communications.

17 C.F.R. § 240.21F-l7(a). Attorneys representing whistleblowers before the SEC started bringing employers’ widespread use of such impediments to the SEC’s attention as early as mid-2013.13

In April 2015, the SEC brought its first enforcement action based on Rule 21F-17, ordering technology and engineering firm KBR Inc. to pay $130,000 to “for using improperly restrictive language in confidentiality agreements with the potential to stifle the whistle-blowing process.”14 Over the past year, the SEC has brought seven additional enforcement actions under Rule 21F-17:

On August 10, 2016, the SEC ordered BlueLinx Holdings Inc. to pay a $265,000 penalty for “using severance agreements that required outgoing employees to waive their rights to monetary recovery should they file a charge or complaint with the SEC or other federal agencies.” See the SEC’s press release and a link to the underlying order here: https://www.sec.gov/news/pressrelease/2016-157.html.

           • On August 16, 2016, Health Net Inc. agreed to pay a $340,000 penalty for “illegally using sever-ance agreements requiring outgoing employees to waive their ability to obtain monetary awards from the SEC’s whistleblower program.” See https://www.sec.gov/news/pressrelease/2016-164.html.

           • On September 28, 2016, the SEC ordered Anheuser-Busch InBev to pay $6 million to resolve charges that it violated the Foreign Corrupt Practices Act (FCPA) and “entered into a separation agreement that stopped an employee from continuing to voluntarily communicate with the SEC about potential FCPA violations due to a substantial financial penalty that would be imposed for violating strict non-disclosure terms.” See https://www.sec.gov/news/pressrelease/2016-196.html.

           • On December 19, 2016, the SEC ordered NeuStar Inc. to pay $180,000 to settle charges that its severance agreements “impeded at least one former employee from communicating information to the SEC.” See https://www.sec.gov/news/pressrelease/2016-268.html.

           • On December 20, 2016, the SEC ordered SandRidge Energy Inc. to pay a penalty of $1.4 million to resolve charges that it retaliated against an internal whistleblower and “continued to regularly use restrictive language that prohibited outgoing employees from participating in any government investigation or disclosing information potentially harmful or embarrassing to the company.” See https://www.sec.gov/news/pressrelease/2016-270.html.

           • On January 17, 2017, the SEC ordered BlackRock Inc. to pay a $340,000 penalty to resolve charges that it “improperly used separation agreements in which exiting employees were forced to waive their ability to obtain whistleblower awards.” See https://www.sec.gov/news/pressrelease/2017-14.html.

           • On January 19, 2017, the SEC ordered HomeStreet Inc. to pay $500,000 to settle charges that it con-ducted improper hedge accounting and “required former employees to sign severance agreements waiving potential whistleblower awards or risk losing their severance payments and other post-employment benefits.” See https://www.sec.gov/news/pressrelease/2017-24.html.

REPRESENTATION OF EXECUTIVE LEVEL WHISTLEBLOWERS: ISSUES THAT COMMONLY ARISE

Nearly all employees who face retaliation after blowing the whistle on unlawful conduct in the workplace also face a variety of challenges in bringing legal claims against their employers. There are, however, certain issues that are unique to executive-level whistleblowers that require particular attention by both client and counsel. In contrast to a line worker at a manufacturing plant, for example, who has personal knowledge about specific conditions in a particular workplace, executive-level whistleblowers often have access to information about company-wide policies and practices and unlawful activity by upper management. In addition to their bird’s-eye view of corporate activity, executive-level whistleblowers often handle highly confidential documents and engage with and seek advice from the highest levels of management, including corporate legal counsel. They may also be subject to legal duties that do not attach to employees in non-managerial positions. As a result, attorneys for executive-level whistleblowers must be cognizant of a number of issues that can impact retaliation claims, and clients’ eligibility for federal whistleblower rewards programs.

Gatekeepers: In-House Counsel and Compliance Officers

Protected Activity

Representing executive-level whistleblowers, such as in-house counsel and corporate compliance officers, presents unique issues due to the nature of their function within an organization. Employees in these roles often have access to the most sensitive, confidential corporate information, some of which relates directly to whether certain conduct is lawful. As a result, in-house counsel and compliance officers are ideally situated to identify and report instances when management has deliberately (or negligently) engaged in unlawful activity. Employees in these roles also have unique duties, however, under state and federal law and rules of professional conduct, as well as under the norms of corporate culture. Due to their involvement with sensitive information, in-house attorneys and compliance personnel are held to high standards of confidentiality and discretion that can have a significant impact on their rights as whistleblowers.

As whistleblower protections expand, lawmakers and courts are more clearly articulating the way in which in-house counsel and compliance officers can avail themselves of whistleblower protections, but much remains unsettled in this area. These issues have been addressed most directly in the context of the Sarbanes-Oxley Act of 2002 (“SOX”), 10 U.S.C. § 1514A, and the Dodd-Frank Wall Street Reform and Consumer Protection Act (“Dodd-Frank”), 15 U.S.C. § 78u-6, and accompanying regulations promulgated by the Securities and Exchange Commission (“SEC”).15 As regulators have developed a keener understanding of how attorneys and compliance personnel can facilitate the exposure of wrongdoing, corporate interests have responded by decrying any move to incentivize whistleblowing by the very people upon whom they rely for open discussion of regulatory matters.16 Current regulations attempt to balance the benefits of whistle-blowing by these employees (particularly when it protects investors from significant harm) with the benefit of protecting internal procedures that encourage voluntary compliance with the law.

For in-house counsel, a major issue is whether privileged communications can be used to report unlawful conduct and/or to show that the attorney was retaliated against after making such a report, whether internally or externally. The SEC’s rules for attorneys practicing before the Commission, widely known as “Part 205,” provide guidelines that are balanced in favor of disclosure, but their authority is contested and unclear. Part 205 requires in-house counsel to first report “material violations” of SEC regulations to a corporation’s Chief Legal Officer (CLO), for example. 17 C.F.R. § 205.3(b). If the CLO does not make an “appropriate response in a reasonable amount of time,” the in-house attorney is then required to report the violation to the board of directors or a board committee. 17 C.F.R. § 205.3(b)(3). The SEC does not mandate that in-house attorneys must then, or at any time, report violations to the Com-mission itself, but the Commission does provide that attorneys may disclose confidential information with-out permission from their employer, i.e. “report out,” in the following circumstances: (1) to prevent a material violation that will cause “substantial injury to the financial interests or property of the [company] or investors”; (2) to prevent the company from engaging in perjury or fraud on the Commission; or (3) to rectify a material violation causing substantial injury to the financial interests of the company or investors that involved the use of the attorney’s services. 17 C.F.R. § 205.3(d)(2).

While Part 205 allows for disclosure of confidential information by in-house attorneys to federal regulators, there is debate over whether the SEC has the legal authority to override local legal ethics rules about disclosure of privileged and/or confidential client information. The SEC has attempted a kind of self-executing protective rule for attorneys by declaring: “Where the standards of a state or other United States jurisdiction where an attorney is admitted or practices conflict with this part, [Part 205] shall govern.” 17 C.F.R. § 205.1.17 This declaration simply begs the question of whether a federal agency can preempt local rules, however. The New York County Lawyers’ Association issued a formal opinion in 2013 stating that disclosures in violation of state ethics rules would be subject to discipline, regardless of the SEC’s attempt to carve out exceptions, and California Bar Association committees have also disputed the SEC’s authority overrides its local rules.18 There has been no formal challenge to the SEC’s Part 205 to date and no Supreme Court determination of whether federal or state rules govern attorney disclosures to the Commission; in-house counsel and their employment attorneys must therefore navigate these waters with some uncertainty.

Regarding the use of privileged communications in the course of retaliation claims, the Department of Labor’s Administrative Review Board (ARB) has held that attorneys may introduce these communications as evidence to the degree necessary for their claim. Jordan v. Spring Nextel Corp., ARB No. 2005-SOX-41 (ARB Sept. 30, 2009). The Ninth Circuit also took this position in Van Asdale v. Int’l Game Tech., 577 F.3d 989, 995–96 (9th Cir. 2009), holding that the “appropriate remedy” for confidentiality concerns in attorney-plaintiff retaliation claims “is for the district court to use the many equitable measures at its disposal to minimize the possibility of harmful disclosures, not to dismiss the suit altogether.” A recent California district court case, Wadler v. Bio-Rad Labs., Inc., 212 F. Supp. 3d 829 (N.D. Cal. 2016), confirms that Ninth Circuit courts are com-mitted to robust protections for attorney whistleblowers. Wadler expanded on the relatively brief analysis in Van Asdale, ruling that in addition to the protections provided by federal common law for attorney-plaintiff retaliation claims, Part 205 preempts any state ethics rules as a general matter under SOX.19 Even within the protective doctrine developed by the ARB and the Ninth Circuit, it is clear that attorney-litigants must limit disclosures to protect client information as much as possible. To avoid discipline by state ethics authorities and to preserve claims to the greatest extent, it is therefore advisable that in-house attorneys and their representatives use careful judgment in determining the volume and scope of disclosures.

In addition to these privilege issues relevant to in-house counsel whistleblowers, there is also the more general question of whether in-house counsel or compliance personnel may engage in protected activity in the course of fulfilling their duties, and therefore come within the retaliation protections of any number of federal whistleblower statutes. Some courts have held that litigants whose job includes a reporting or compliance-related function engage in protected activity only when they have “stepped outside” from their normal duties and made a report of unlawful activity in a manner that is above and beyond what is required by the nature of their positions. See, e.g., Lukov v. Schindler Elevator Corp., 594 F. App’x 357, 358 (9th Cir. 2015) (noting “the federal ‘step outside of his role’ rule”); U.S. ex rel. Brown v. Aramark Corp., 591 F. Supp. 2d 68, 77 (D.D.C. 2008) (holding in an FCA case that “notice [of fraud to the employer] stemming from the performance of one’s normal job responsibilities is typically inadequate [to establish protected activity]”). This “step outside” doctrine (also known as the “manager rule”), which originally developed in the context of Fair Labor Standards Act,20 can potentially impose significant restrictions on protected activity by in-house attorneys and compliance officers because their positions require them to review and evaluate the legality of corporate activity. As such, they would nearly always have to show that they did more than simply fulfill the duties of their role in order to come within the protections of anti-retaliation provisions. See Weeks v. Kansas, 503 F. App’x 640, 642 (10th Cir. 2012) (holding that an attorney is not engaged in protected activity under Title VII when she is “acting within her role as counsel . . . and simply seeking to assist [her employer] in fulfilling its legal obligations”).

The step outside doctrine has sway in some jurisdictions under a variety of federal statutes, such as Title VII, the FCA, and the Fair Labor Standards Act (“FLSA”).21 See, e.g., Coleman v. G4S Secure Sols. (USA), Inc., No. 16-10250, 2016 WL 7439197, at *5–6 (E.D. Mich. Dec. 27, 2016) (discussing the step outside doctrine as it applies to human resources personnel); Lasater v. Texas A & M Univ.-Commerce, 495 F. App’x 458, 461–62 (5th Cir. 2012). While there is little case law regarding the doctrine under SOX, the Administrative Review Board has ruled that it does not generally apply to such claims and at least one federal court has deferred to this position. See Yang v. Navigators Grp., Inc., 18 F. Supp. 3d 519, 530 (S.D.N.Y. 2014) (noting that the ARB “has made clear that an employee may engage in protected activity even where the employee is discharging her duties,” and deferring to the agency’s determination); Robinson v. Morgan-Stanley, ARB Case No. 07–070, 2010 WL 2148577 (ARB Jan. 10, 2010). In addition, at least one DOL administrative law judge has ruled that the doctrine is not appropriate for SOX retaliation claims brought by in-house counsel, because the SEC has expressly authorized (and sometimes requires) these attorneys to make reports to management about unlawful activity. See Leznik v. Nektar Therapeutics, Inc., 2006-SOX-00093 (Dep’t of Labor Nov. 16, 2007).

The Supreme Court’s decision in Crawford v. Metro. Gov’t of Nashville, 555 U.S. 271 (2009), suggests that the Court might reject the “step outside” doctrine if given the opportunity to rule on the question directly. In Crawford, an employee brought a retaliation claim under Title VII when she suffered adverse actions after recounting harassment during an internal investigation of her supervisor. The employee had not initiated the complaint leading to the investigation, nor had she reported the harassment independently outside of responding to questions. The employer argued that in merely answering questions posed by an investigator, the employee had not “opposed” the discriminatory conduct, as required for protected activity under Title VII. The Court rejected this argument, holding that any account of harassing conduct comprised opposition for the purposes of retaliation; the employee did not have to more to qualify for protection. The decision suggests that the Court is generally supportive of finding protected activity where employees bring unlawful conduct to light, even without taking exceptionally active steps to do so. In a case where in-house counsel or a compliance officer has been subjected to an adverse action following her efforts to address such conduct, Crawford provides a strong foundation for finding protected activity.22

Eligibility for Whistleblower Rewards Programs

In addition to the protections against retaliation set out in SOX, Dodd-Frank, and other federal statutes, there are also a number of whistleblower rewards programs that provide sizeable payments to individuals who assist in bringing enforcement actions against corporate lawbreakers. The SEC Office of the Whistle-blower administers one of the highest-profile reward programs, established by Dodd-Frank. The statute provides that whistleblowers who voluntarily provide original information leading to a successful enforcement action that results in sanctions of $1 million or more are eligible to receive awards of 10-30% of the total amount collected by the Commission.23 Similar rewards programs are administered by the Commodities Futures Trading Commission (“CFTC”)24 and the Internal Revenue Service (IRS).25 While retaliation claims raise the question of whether in-house attorneys and compliance officers should be protected for blowing the whistle on illegal conduct, whether within or out-side of their normal job duties, whistleblower rewards programs raise the even more difficult question of whether these employees should be actively incentivized to reach out to regulators.

The SEC has acknowledged that its reward program creates potential conflicts of interest for in-house attorneys in particular, who might prefer to go to regulators with concerns in order to qualify for a significant monetary award rather than report internally and facilitate compliance from within their companies.26 To maintain access to information that might otherwise go undetected, while still encouraging voluntary compliance with regulations, the SEC has established general exclusions for reward eligibility and a number of relatively narrow exceptions to these exclusions. With respect to attorneys, there is no eligibility for an award if information provided to the Commission is obtained through (1) communications subject to attorney-client privilege, unless those communications may be disclosed under Part 205 or state ethical rules, or (2) legal representation of a client, unless disclosure is permit-ted under Part 205, state ethical rules, or otherwise.27 17 C.F.R. § 205.3(d)(2); 17 C.F.R. §§ 240.21F-4(b)(i)-(ii). As discussed above, it is not at all clear how Part 205 interacts with state ethics rules, many of which explicitly prohibit disclosures that are permitted by the SEC; as a result, the exceptions and exclusions for attorneys pro-vide little clear guidance.

With regards to compliance officers, the SEC program has also established general exclusions, with narrow exceptions, that significantly narrow their eligibility for rewards. Among the people who are ineligible for whistleblower awards are: (a) an officer, director, trustee, or partner of an organization who was informed of misconduct by another person, or the employee learned of the information from the organization’s processes for reporting violations; (b) an employee with principal duties related to compliance or internal auditing, or an employee of a firm carrying out those functions; (c) an employee of a firm con-ducting an inquiry or investigation of unlawful conduct; or (d) an employee of a public accounting firm who has learned the information through an audit required under federal law. 17 C.F.R. § 240.21F-4(b)(iii).28 Notably, pending legislation in the House of Representatives known as the Financial CHOICE Act would ban any co-conspirators in wrongdoing from collecting an award from the SEC. If enacted, the legislation could discourage those employees with knowledge and access to information about securities violations from reporting.29 However, notwithstanding these exclusions, compliance personnel can be eligible to receive an award if the employee reasonably believes that disclosure is necessary to prevent conduct resulting in substantial injury to the financial interest or property of the company or investors; that the company is engaging in conduct that will impede investigation of wrongdoing; or at least 120 days have passed since the employee provided the information to the audit committee, Chief Legal Officer, or other executive or supervisory officers, or the information was received in a way to suggest that these personnel were already aware of its content. 17 C.F.R. § 240.21F-4(b)(v). At least two compliance officers have received whistleblower awards under these exceptions, totaling $300,000 and $1.4 million-plus, proving that they are not merely theoretical paths to a reward.30

While the FCA is not technically a “rewards” program, it also authorizes individuals to receive between 15-25 percent of the proceeds from successful actions brought against companies that defraud the government. 31 U.S.C. § 3730. Just as the SEC has acknowledged the need to balance whistleblower incentives with confidential access to legal counsel, courts have been careful to take ethical obligations into account when evaluating FCA claims by attorneys. Stopping short of an outright categorical bar on attorneys acting as FCA “relators” (i.e. individuals litigating on behalf of the government), courts have generally refused to release attorney-relators from their ethical obligations. See, e.g., U.S. ex rel. Holmes v. Northrop Grumman Corp., No. 1:13CV85-HSO-RHW, 2015 WL 3504525 (S.D. Miss. June 3, 2015), aff’d, 642 F. App’x 373 (5th Cir. 2016), cert. denied sub nom. Holmes v. Northrop Grumman Corp., 137 S. Ct. 310 (2016); U.S. ex rel. Doe v. X Corp., 862 F. Supp. 1502, 1506–07 (E.D. Va. 1994). Courts have not been tolerant of FCA claims that involve violations of ethics rules by attorneys, and representation of attorney-clients with such claims requires a thorough analysis of how to survive fairly high judiciary scrutiny.

Retaining and Disclosing Corporate Documents

Most attorneys who represent whistleblowers have encountered the issue of their clients having accessed, retained, and/or disclosed confidential documents in the course of reporting unlawful conduct or pursuing a legal claim following subsequent retaliation. In the case of executive-level clients, it is almost certain that confidential documents will be involved due to the reliance on written communication such as email, intraoffice messaging, memoranda, and reports by upper management. Confidential documents raise a variety of concerns for both clients and their legal representatives, including potential counterclaims related to confidentiality agreements and fiduciary duties (discussed in more detail below), for-cause termination due to violations of employer policies, discipline from professional ethics authorities, and even criminal liability.

While many courts recognize that whistleblowing will almost always require the disclosure of confidential information, and that whistleblower protections passed by state and federal legislators establish a public policy in favor of protecting such disclosures, courts have rejected indiscriminate use of employer information by whistleblower employees. See, e.g., U.S. ex rel. Cafasso v. Gen. Dynamics C4 Sys., Inc., No. CV06-1381PHXNVW, 2009 WL 1457036 (D. Ariz. May 21, 2009), aff’d 637 F.3d 1047 (9th Cir. 2011). Tribunals have been most willing to find that the use of confidential employer information is protected activity where the employee has been able to show that she did not obtain the documents through nefarious means and disclosed them in a limited way that was related to her report of wrongdoing. See, e.g., Erhart v. BofI Holding, Inc., No. 15-CV-02287-BAS-NLS, 2017 WL 588390 (S.D. Cal. Feb. 14, 2017) (retention of narrowly selected confidential documents, including on employee’s personal computer and personal email account, constituted protected activity); Vannoy v. Celanese Corp., 2008-SOX-00064 (Dep’t of Labor July 24, 2013). Use of confidential or privileged documents to prove retaliation is also generally limited to information that is “reasonably necessary” to the legal action. See, e.g., Wadler, 212 F. Supp. 3d at 849.

The unauthorized use of corporate documents is often expressly prohibited by confidentiality clauses included in employment agreements, or under employer policies, and can therefore constitute lawful grounds for termination that preclude a retaliation claim. While this entire area of law is somewhat unsettled, False Claims Act precedent is arguably the most protective of employees’ use of confidential information. See, e.g., Shmushkovich v. Home Bound Healthcare, Inc., No. 12 C 2924, 2015 WL 3896947, at *2 (N.D. Ill. June 23, 2015) (noting that the “Seventh Circuit has . . . recognized a broad policy interest in fostering employee actions under the False Claims Act”) (internal quotation marks and citation omitted). Even within FCA cases, however, courts have been careful to stress that indiscriminate collection and retention of confidential information is not protected activity. See U.S. ex rel. Rector v. Bon Secours Richmond Health Corp., No. 3:11-CV-38, 2014 WL 66714, at *6 (E.D. Va. Jan. 6, 2014) (“It is true that the FCA contemplates whistleblower possession of documents obtained from employers that evidence fraud upon the government. However, the FCA does not permit whistleblowers to have carte blanche to acquire such information in any way they deem necessary.”) (internal citation omitted); Cafasso, 2009 WL 1457036, at *14–15 (holding that accessing and retaining large amounts of employer data, including proprietary information and patents, was not protected activity under the FCA). In retaliation cases under Title VII, the Age Discrimination in Employment Act (ADEA), and SOX, courts have also held that employees who retain or disseminate confidential documents in an unreasonable manner that goes beyond what is necessary to report wrongdoing or prove retaliation will not be protected from discipline or termination when such prohibitions are in place.31 See, e.g., Smith v. Chicago Transit Auth., No. 12 C 8716, 2014 WL 3892233, at *9 (N.D. Ill. Aug. 5, 2014) (citing the five-factor balancing test for “reasonable” disclosure in Title VII retaliation claims set forth in Niswander v. Cincinnati Insurance Co., 529 F.3d 714, 722 (6th Cir. 2008)); Aldrich v. Rural Health Servs. Consortium, Inc., 579 F. App’x 335, 337 (6th Cir. 2014) (holding that an employee did not engage in protected activity under the ADEA when she “indiscriminately” sent confidential employer documents to her personal email account and refused to delete them); JDS Uniphase Corp. v. Jennings, 473 F. Supp.2d 697 (E.D. Va. 2007) (holding that a former accountant was not protected by SOX for retaining documents that he was otherwise prohibited to disclose under the terms of his confidentiality agreement).

Some plaintiffs have successfully argued that enforcement of a confidentiality policy was mere pretext for their retaliatory termination, particularly where the temporal proximity of protected activity and termination was unusually close, or where violation of the policy was in dispute. See, e.g., Gibson v. Reliant Renal Care-Alabama, LLC, No. 7:14-CV-02002-LSC, 2016 WL 1212611, at *6–7 (N.D. Ala. Mar. 29, 2016) (noting that one month proximity between activity and adverse action raised issued of fact regarding pretext); O’Donnell v. Caine Weiner Co., LLC, No. 14 C 6839, 2016 WL 693204, at *4 (N.D. Ill. Feb. 22, 2016) (denying summary judgment where, inter alia, plaintiff asserted that she obtained confidential documents inadvertently); Boddy v. Astec, Inc., No. 1:11-CV-123, 2012 WL 5507298, at *12 (E.D. Tenn. Nov. 13, 2012) (noting that a plaintiff may show pretext by establishing that a confidentiality policy was selectively enforced). The balance of cases, however, indicates that courts are unwilling to condone generalized retention and dissemination of confidential employer information. Attorneys should therefore warn executive-level whistleblower clients of the risks associated with the possession and use of such information and should determine whether it is appropriate to review confidential documents for use in legal action. As a general rule, courts have been most amenable to excusing employees from confidentiality restrictions where dissemination has been made in the most limited manner possible (i.e., to legal counsel and/or government officials as required to establish a cognizable legal claim, and in no event released in a public forum or on social media).

Counterclaims Against Executives

Employers facing retaliation claims frequently threaten, and occasionally file, counterclaims against employees to deter legal action and signal to current employees that such action holds significant risks. Because executives are charged with greater legal duties towards their employers, whether implied or expressly provided in employment contracts, they are typically more susceptible to counterclaims than lower level employees. Representation of executive-level whistleblowers should therefore include an assessment of counterclaim exposure for the most accurate assessment of the case and realistic expectations for litigation.32

Nearly all executives are subject to employment contracts that contain confidentiality provisions for proprietary and sensitive corporate information. These terms typically prohibit an employee from disseminating such information outside of the company and from retaining documents after their separation from the company. As discussed above, these agreements can potentially restrict an employee’s use of documents in reporting wrongdoing and bringing a retaliation claim. They can also provide grounds for a breach of contract counterclaim should the employee move forward with litigation. In such cases, whistleblowers have had some success arguing that enforcement of these contract provisions would violate public policy. See, e.g., Erhart, 2017 WL 588390, at *6–13 (“reasonably necessary” protected activity can provide an affirmative defense against enforcement of a confidentiality agreement); Saini v. Int’l Game Tech., 434 F. Supp. 2d 913, 923 (D. Nev. 2006) (confidentiality agreements may be unenforceable where an employee has acted as a whistle-blower for illegal or “wrongful” behavior). Courts have not been willing, however, to provide blanket protection to breaches of contract for use of confidential information, particularly where some of the information is unrelated to protected activity. See Erhart, 2017 WL 588390, at *15–16 (disclosures to press would not provide exception to enforcement of confidentiality agreement); Cafasso, 2009 WL 1457036, at *14 (ruling that confidentiality agreements are enforceable even where an employee purports to use employer information to report wrongdoing); Zody v. Microsoft Corp., No. C-12-00942-YGR, 2013 WL 2468250, at *5 (N.D. Cal. June 7, 2013) (denying a motion to dismiss breach of contract counterclaim related to plaintiff’s use of confidential documents for wrongful termination action). In situations where an employee’s disclosures related to criminal activity, there is also a strong public policy argument established by the criminal code itself that disfavors breach of contract claims.

Another potential counterclaim that is more likely to arise for executive-level whistleblowers than other employees is breach of fiduciary duty. General agency principles require that an employee not use or communicate information obtained through employment unless the information is already generally known. Restatement (Second) of Agency § 395. There are few reported decisions addressing breach of fiduciary duty claims against whistleblowers, but unfortunately most of this small sample indicates that courts are willing to allow these claims to move forward. See, e.g., Nesselrotte v. Allegheny Energy, Inc., 615 F. Supp. 2d 397, 410 (W.D. Pa. 2009) (finding a breach of fiduciary duty where an employee retained confidential information to support an age discrimination claim); but see Erhart, 2017 WL 588390, at *17 (“It is implicit in the various whistleblower protection provisions that if an employee is permitted to provide information regarding believed wrongdoing to the government, including  documents, the employer cannot then seek to impose tort liability on the employee for the same conduct.”). The paucity of case law in this area suggests that fiduciary duty counterclaims are uncommon, but whistleblowers and their counsel should be cognizant of potential liability related to the dissemination of company information in the course of their activities.

Even less likely than the foregoing counterclaims, but more serious in its potential for lifealtering con-sequences, is the possibility of criminal liability for conduct related to blowing the whistle on unlawful activity. In a small number of high-profile cases, former employees have faced criminal prosecution for accessing and providing to the press company documents related to aviation safety, accessing and releasing information related to voter machine fraud, and reporting fraudulent medical practices to a state regulatory authority.33 In one exceptionally unusual case, a whistleblower who brought massive tax fraud to the attention of the IRS and eventually earned a $104 million reward for his assistance was sentenced to 40 months in prison for his role in the scheme.34 Charging decisions by prosecutors are highly discretionary and often difficult to predict. Legal counsel for executive whistleblowers should familiarize themselves with all potentially relevant criminal offenses, applicable statutes of limitations, and, to the extent possible, charging priorities in the relevant jurisdictions.

In light of the reliance on computer-based communications in almost every workplace, representatives for executive-level whistleblowers should pay particular attention to statutes such as the Computer Fraud and Abuse Act of 1986 (“CFAA”), 18 U.S.C. §1030 et seq., which can be an especially potent source of liability for whistleblowers. The CFAA includes a criminal provision for the unauthorized access of computers in interstate commerce, and a civil action for various acts of computer access “without authorization or exceeding authorized access.” 18 U.S.C. § 1030(a). There is a significant split among federal circuits over how to construe “authorization” for computer access in the workplace under the CFAA. The most draconian construction, adopted by the Fifth, Seventh, and Eleventh Circuits, holds that an employee acts without authorization whenever she acts against interests of her employer or in breach of her duty to her employer.35 Other courts, such as the Fourth and Ninth Circuits, have held that employees do not violate the CFAA so long as they were authorized to access the employer’s computer system at the time they did so, notwithstanding their subsequent use of the information obtained.36 Criminal liability is an unlikely outcome for most whistle-blowers, but it is not without precedent. Whistleblowers and their representatives should review relevant state and federal criminal laws related to documents and underlying conduct to assess these risks and minimize them where possible.

Disclosures to Government Officials

For many whistleblowers, full-blown litigation is an intensely disruptive, stressful, and uncertain path to recovery. In most cases, if not all, the former employee is better served by entering into a voluntary settlement agreement that sets out mutually agreeable terms of departure. In addition to the standard release of claims, confidentiality, and non-disparagement clauses that nearly all such agreements contain, representatives for whistleblowers should be on guard against attempts to secure the employee’s agreement to refrain from communications with government officials about matters related to their employment, and/or to decline any recovery that might flow from regulatory enforcement. Such provisions are contrary to public policy and the equitable interests of the whistleblower.

On the first issue of reports to government agencies, there is a clear public interest in the disclosure of wrongdoing to those charged with the protection of civil rights, health and safety, and consumer protection. Despite this clear and self-evident principle, only the SEC has promulgated a rule expressly providing that confidentiality agreements cannot be enforced where they would prevent an employee from providing information to the Commission related to a securities violation. 17 C.F.R. § 240.41f-17(a). In April 2015, the SEC brought its first enforcement action against an employer for requiring employees to sign confidentiality agreements during internal investigations that authorized access.” 18 U.S.C. § 1030(a). There is a significant split among federal circuits over how to construe “authorization” for computer access in the workplace under the CFAA. The most draconian construction, adopted by the Fifth, Seventh, and Eleventh Circuits, holds that an employee acts without authorization whenever she acts against interests of her employer or in breach of her duty to her employer.35 Other courts, such as the Fourth and Ninth Circuits, have held that employees do not violate the CFAA so long as they were authorized to access the employer’s computer system at the time they did so, notwithstanding their subsequent use of the information obtained.36 Criminal liability is an unlikely outcome for most whistleblowers, but it is not without precedent. Whistleblowers and their representatives should review relevant state and federal criminal laws related to documents and underlying conduct to assess these risks and minimize them where possible.

Disclosures to Government Officials

For many whistleblowers, full-blown litigation is an intensely disruptive, stressful, and uncertain path to recovery. In most cases, if not all, the former employee is better served by entering into a voluntary settlement agreement that sets out mutually agreeable terms of departure. In addition to the standard release of claims, confidentiality, and non-disparagement clauses that nearly all such agreements contain, representatives for whistleblowers should be on guard against attempts to secure the employee’s agreement to refrain from communications with government officials about matters related to their employment, and/or to decline any recovery that might flow from regulatory enforcement. Such provisions are contrary to public policy and the equitable interests of the whistleblower.

On the first issue of reports to government agencies, there is a clear public interest in the disclosure of wrongdoing to those charged with the protection of civil rights, health and safety, and consumer protection. Despite this clear and self-evident principle, only the SEC has promulgated a rule expressly providing that confidentiality agreements cannot be enforced where they would prevent an employee from providing information to the Commission related to a securities violation. 17 C.F.R. § 240.41f-17(a). In April 2015, the SEC brought its first enforcement action against an employer for requiring employees to sign confidentiality agreements during internal investigations that recovery by the employee from the employer, nor additional liability that is created through operation of the rewards programs.

CONCLUSION

Representing executive-level whistleblowers requires attorneys to be aware of many nuanced issues for which clear guidance is often sparse. An executive’s broad access to confidential corporate information can provide strong evidence of unlawful conduct and retaliation, but this access is often accompanied by implied and express duties that can also significantly constrain that executive’s legal position. On the employer’s side, the stakes are high when facing the potential claims of an executive-level whistleblower; settlement will be more expensive than in the case of a lower-level employee, yet litigation also has substantial economic and reputational risks. Employers therefore have increased incentives to find effective ways to thwart retaliation claims by executives and stifle reports to regulators. Attorneys for executive whistleblowers must therefore be aware of and consider all of the unique issues that may arise in order to most effectively represent their clients.

From federal employees to private sector executives, the current body of whistleblower law provides an array of retaliation protections and monetary incentives for individuals who report wrongdoing. For those brave employees who step forward, and the attorneys who represent them, the risks and rewards alike can be high. While whistleblower protections may face challenges ahead, current events continue to demonstrate a commitment to protecting whistleblowers from facing retaliation for reporting violations of the law. Recently, Wells Fargo was forced to pay out $5.4 million to a former executive turned whistleblower and rehire him after he reported the company for fraud.39 In addition, pending legislation aimed at closing gaps in anti-retaliation protections for federal contractors may serve to strengthen whistleblower protections.40 While whistleblower law will continue to evolve in the coming years, whistleblowers will continue to enjoy a host of protections from several government bodies.

 

 

Notes

1 See Whistleblower Statutes Desk Aid, Occupational Safety and Health Admin., https://www.whistleblowers.gov/whistleblower_acts-desk_reference.pdf (last updated Jan. 24, 2017).

2 For more analysis of this decision, see Debra Katz and Matthew LaGarde, A Victory For SOX Whistleblowers In Recent DOL Decision, Law360 (Apr. 27, 2016), https://www.law360.com/employment/articles/787650/a-victory-for-sox-whistleblowers-in-recent-dol-decision

3 For more analysis of this decision, see Aaron D. Blacksberg, 8th Circuit Relies on ‹Sylvester› Standard in Recent Whistleblower Case (June 23, 2016), http://www.kmblegal.com/whistleblower-blog/8th-circuit-relies-sylvester-standard-recent-whistleblower-case.

4 For more information on this matter, see Matthew LaGarde, Vague Complaints Fail to Add Up to STAA Violation, According to ARB (Apr. 11, 2017), www.kmblegal.com/whistleblower-blog/vague-complaints-fail-add-staa-violation-according-arb.

5 For more analysis of this decision, see Matthew LaGarde, FRSA Case Could Have Big Impact on Future Whistleblower Claims (Nov. 15, 2016), http://www.kmblegal.com/whistleblower-blog/frsa-case-could-have-big-impact-future-whistleblower-claims.

6 See, e.g., Energy Reorganization Act of 1974, 42 U.S.C. § 5851 (protecting nuclear whistleblowers); the Sarbanes-Oxley Act of 2002, 18 U.S.C. § 1514A (protecting whistleblowers who report fraud and securities violations at publicly-traded companies); Surface Transportation Assistance Act, 49 U.S.C. § 31105 (protecting whistleblowers in the trucking industry); Pipeline Safety Improvement Act of 2002, 49 U.S.C. § 60129 (protection of employees providing pipeline safety information); National Transit Systems Security Act of 2007, 6 U.S.C. §1142 (public transportation employee protections); Consumer Product Safety Act, 15 U.S.C. §2087 (protection for whistleblowers who report consumer product safety issues); Consumer Financial Protection Act of 2010 12 U.S.C. § 5567 (protecting employees in the consumer finance industry); Food Safety Modernization Act, 21 U.S.C. § 399d (protecting food industry employees); and Moving Ahead for Progress in the 21st Century Act, 49 U.S.C. § 30171 (protection of employees providing motor vehicle safety information); Patient Protection and Affordable Care Act, 29 U.S.C. § 218c (protecting employees who report violations of the ACA); and Seaman’s Protection Act, 46 U.S.C. § 2114 (protecting seaman and other maritime employees).

7 Although the U.S. Court of Appeals for the Third Circuit has not the issue, it has suggested in dicta that Dodd-Frank’s protections extend to internal reporting. See Safarian v. Am. DG Energy Inc., 622 F. App’x 149, 152 n.4 (3d Cir. 2015) (“In order to receive Dodd–Frank whistleblower protection, an employee must report ‘conduct which the employee reasonably believes constitutes a violation of section 1341, 1343, 1344, or 1348, any rule or regulation of the Securities and Exchange Commission, or any provision of Federal law relating to fraud against shareholders” (citing 18 U.S.C. § 1514A(a)(1), the SOX anti-retaliation provision)).

8 See, e.g., Azim v. Tortoise Capital Advisors, LLC, 2014 WL 707235 (D. Kan. Feb. 24, 2014); Bussing v. COR Clearing, LLC, 20 F. Supp. 3d 719 (D. Neb. 2014); Genberg v. Porter, 935 F. Supp. 2d 1094 (D. Colo. 2013); Ellington v. Giacoumakis, 977 F. Supp. 2d 42 (D. Mass. 2013); Nollner v. Southern Baptist Convention, Inc.,  852 F. Supp. 2d 986 (M.D. Tenn. 2012); Lutzeier v. Citigroup Inc., 2015 WL 7306443 (E.D. Mo. Nov. 19, 2015); Khazin v. TD Ameritrade Holding Corp., 2014 WL 940703 (D.N.J. Mar. 11, 2014).

9 See, e.g., Puffenbarger v. Engility Corp., 151 F. Supp. 3d 651 (E.D. Va. 2015); Verfuerth v. Orion Energy Systems, Inc.,  65 F. Supp. 3d 640 (E.D. Wis. 2014); Wagner v. Bank of America Corp., 2013 WL 3786643 (D. Colo. July 19, 2013); Martensen v. Chicago Stock Exch., No. 17 C 1494, 2017 WL 2461548 (N.D. Ill. June 7, 2017); Deykes v. Cooper-standard Auto., Inc., No. 2:16-CV-11828, 2016 WL 6873395 (E.D. Mich. Nov. 22, 2016); Lamb v. Rockwell Automation Inc., No. 15-CV-1415-JPS, 2016 WL 4273210 (E.D. Wis. Aug. 12, 2016); Englehart v. Career Educ. Corp., 2014 WL 2619501 (M.D. Fla. May 12, 2014).

10 U.S. Sec. & Exch. Comm’n, 2016 Annual Report to Congress on the Dodd-Frank Whistleblower Program (Nov. 15, 2016), https://www.sec.gov/whistleblower/reportspubs/annual-reports/owb-annual-report-2016.pdf.

11 U.S. Sec. & Exch. Comm’n, SEC Charges Hedge Fund Adviser With Conducting Conflicted Transactions and Retaliating Against Whistleblower (June 16, 2014), https://www.sec.gov/News/PressRelease/Detail/PressRelease/1370542096307.

12 U.S. Sec. & Exch. Comm’n, SEC: Casino-Gaming Company Retaliated Against Whistleblower (Sept. 29, 2016), https://www.sec.gov/news/pressrelease/2016-204.html. For more analysis of the enforcement action, see Alexis Ronickher, SEC brings its first stand-alone whistleblower retaliation action, FCPA Blog (Oct. 6, 2016), http://www.fcpablog.com/blog/2016/10/6/sec-brings-its-first-stand-alone-whistleblower-retaliation-a.html.

13 See David J. Marshall and Debra S. Katz, SEC Whistleblowers’ Rights Being Restricted in Severance Agreements (May 15, 2013), http://www.kmblegal.com/sec-whistleblower-blog/sec-whistleblowers-rights-being-restricted-severance-agreements.

14 U.S. Sec. & Exch. Comm’n, SEC: Companies Cannot Stifle Whistleblowers in Confidentiality Agreements (Apr. 1, 2015), https://www.sec.gov/news/pressrelease/2015-54.html

15 SOX and Dodd-Frank have received much attention in recent years as the SEC has engaged in high-profile, high-recovery enforcement efforts, and whistleblowing activity related to securities fraud has increased apace. There are, of course, various other federal whistleblower statutes applicable to workers in fields such as nuclear energy, transportation, environmental, aviation, etc. See, e.g., Energy Reorganization Act, 42 U.S.C. § 5851; Surface Transport Assistance Act, 49 U.S.C. § 31105; Wendell H. Ford Aviation Investment and Reform Act for the 21st Century, 49 U.S.C. § 42121; Clean Air Act, 42 U.S.C. § 7622. Where the language and structure of these statutes is similar, as is often the case, courts and agency tribunals generally construe their provisions consistently across the field of whistleblower law (although precedent does evolve uniquely in each jurisdiction). For an overview of state and federal whistleblower statutes, see Lisa J. Banks & Jason C. Schwartz, Whistleblower Law: A Practitioner’s Guide (2016).

16 For the official account of the comments received during the SEC’s final rulemaking process related to the whistleblower reward program established by Dodd-Frank, see 76 Fed. Reg. 34,300 et seq. (June 13, 2011).

17 See also, 17 C.F.R. § 205.6(c) (“An  attorney  who complies in good faith with the provisions of this part shall not be subject to discipline or otherwise liable under inconsistent standards imposed by any state or other United States jurisdiction where the attorney is admitted or practices.”).

18 See NYCLA Comm. on Prof’l Ethics, Formal Op.  746, at 15 (2013) (“New York lawyers, in matters governed by the New York RPC, may not disclose confidential information under the Dodd-Frank whistleblower regulations, except to the extent permissible under the Rules of Professional Conduct.”); State Bar of California Ethics Hotliner, The New SEC Attorney Conduct Rules v. California’s Duty of Confidentiality (Spring 2004), available at http://www.calbar.ca.gov/Portals/0/documents/ethics/Publications/EthicsHotliner/Ethics_Hotliner-SEC_Ethics_Alert-Spring_04.pdf. Note that most jurisdictions either require or permit attorneys to disclose privileged information to avoid assisting in the commission of a crime. See, e.g., N.J. R. Prof. Conduct 1.6(b) (requiring disclosure in order to prevent illegal or fraudulent acts); N.Y. R. Prof. Conduct 1.6(b) (permitting disclosure of confidential information to, inter alia, prevent the commission of a crime).

19 Wadler proceeded to trial and in February 2017, a jury found that Bio-Rad engaged in unlawful retaliation when it terminated its general counsel for raising complaints about the company’s violation of the Foreign Corrupt Practices Act. The jury awarded Wadler $7.96 million in total damages, including $5 million in punitive damages. Cara Bayles, Jury Awards Bio-Rad’s Ex-GC $8M for Retaliatory Firing, Law360 (Feb. 6, 2017), https://www.law360.com/articles/888816/jury-awards-bio-rad-s-ex-gc-8m-for-retaliatory-firing.

20 See, e.g., Starnes v. Wallace, 849 F.3d 627 (5th Cir. 2017). Forfurther discussion of the origins and current application of the doctrine, see Lisa J. Banks and Sam Kramer, Emerging Issues in Anti-Discrimination Law (2016), available at http://www.kmblegal.com/sites/default/files/ALI-Anti-Discrimination-Law-Emerging-Issues-Lisa-Banks.pdf.

21 Courts have also addressed this issue when construing state whistleblower statutes. See, e.g., Harrison v. Granite Bay Care, Inc., 811 F.3d 36, 51 (1st Cir. 2016) (holding that under Maine’s Whistleblower Act, “although a particular employee’s job duties may be relevant in discerning his or her actual motivation in reporting information, those duties are not dispositive of the question”).

22 The EEOC has relied upon Crawford for its position that the “manager rule” does not apply to retaliation claims under its jurisdiction. See EEOC, Proposed Enforcement Guidance on Retaliation and Related Issues, at 11–16 (Jan. 21, 2016), available at https://www.regulations.gov/#!documentDetail; D=EEOC-2016-0001-0001.

23 17 C.F.R. §§ 240.21F-3, 240.21F-5. The SEC program was established by Dodd-Frank in 2010. In 2016, the program made awards to 13 whistleblowers, totaling over $57 million. See U.S. Sec. & Exch. Comm’n, 2016 Annual Report to Congress on the Dodd-Frank Whistleblower Program, at 10 (Nov. 15, 2016), https://www.sec.gov/whistleblower/reportspubs/annual-reports/owb-annual-report-2016.pdf.

24 17 C.F. R. § 165. The CFTC program has made just four awards since it was established by Dodd-Frank in 2010, with one award totaling $10 million dollars-plus to a single whistleblower. See CFTC, CFTC Announces Whistleblower Award of More Than $10 Million (Apr. 4, 2016), http://www.cftc.gov/PressRoom/PressReleases/pr7351-16.

25 26 U.S.C. § 7623. The IRS program has been in place since 2007. In 2016, the agency made awards to 418 whistleblowers, totaling more than $61 million. See Internal Revenue Serv., IRS Whistleblower Program Fiscal Year 2016 Annual Report to the Congress, at 10 (Mar. 22, 2017), available at https://www.irs.gov/pub/whistleblower/fy16_wo_annual_report_final.pdf.

26 See 76 Fed. Reg. 34,300, 34,314 (June 13, 2011) (“[C]ompliance with the Federal securities laws is promoted when individuals, corporate officers, and others consult with counsel about possible violations, and the attorney-client privilege furthers such consultation. This is an important benefit that could be undermined if the whistleblower award program created monetary incentives for counsel to disclose information about possible securities violations in violation of their ethical duties to maintain client confidentiality.”) (footnotes omitted).

27 While most often applicable to attorneys, these exclusions apply to non-attorneys, as well. Id. at 34,315 (“[B]oth exclusions apply to non-attorneys. Thus, if an attorney in possession of the information would be precluded from receiving an award based on his or her submission of the information to us, a non-attorney who learns of this information through a confidential attorney-client communication would be similarly disqualified.”).

28 The SEC also excludes information obtained through criminal means. 17 C.F.R. § 240.21F-4(b)(iv).

29 For more information, see Murat Kayali, Proposed Legislation could Weaken SEC Whistleblower Program, (Apr. 6, 2017), www.kmblegal.com/sec-whistleblower-blog/proposed-legislation-could-weaken-sec-whistleblower-program.

30 See SEC, SEC Announces Million Dollar Whistleblower Award to Compliance Officer (Apr. 22, 2015), www.sec.gov/news/pressrelease/2015-73.html (announcing award of $1.4-1.6 million); SEC, SEC Announces $300,000 Whistleblower Award to Audit and Compliance Professional Who Reported Company’s Wrongdoing (Aug. 29, 2014), www.sec.gov/News/PressRelease/Detail/PressRelease/1370542799812.

31 The reasonableness test has developed out of Title VII opposition-to-discrimination cases, and is not necessarily applicable to cases involving an employee’s participation in a discrimination case. See, e.g., Randolph v. ADT Sec. Servs., Inc., No. CIV.A. DKC 09-1790, 2011 WL 3476898, at *6 (D. Md. Aug. 8, 2011) (holding in an FLSA retaliation case that the reasonableness test does not apply to participation-retaliation claims).

32 Attorneys should also be mindful that threats of civil or criminal complaints against an employee can themselves constitute an adverse action of unlawful retaliation. See, e.g., Brown v. TD Bank, N.A., No. CV 15-5474, 2016 WL 1298973, at *6–7 (E.D. Pa. Apr. 4, 2016).

33 See Natalie Singer, Was Inspector Source of Leak at Boeing?, Seattle Times (Mar. 26, 2008), available at www.seattletimes.com/business/boeing-aerospace/was-inspector-source-of-leak-at-boeing/; Ian Hoffman, E-voting ‘hero’ pleads guilty to computer crime in Diebold case, Inside Bay Area (Nov. 21, 2006), available at www.insidebayarea.com/sanmateocountytimes/ci_4701950; Kevin Sack, Whistle-Blowing Nurse Is Acquitted in Texas, N.Y. Times (Feb. 11, 2010), available at www.nytimes.com/2010/02/12/us/12nurses.html.

34 Zachary Goldfarb, Whistleblower in Swiss Bank Case Sentenced to 40 Months, Wash. Post (Aug. 22, 2009), available at www.washingtonpost.com/wp-dyn/content/article/2009/08/21/AR2009082101566.html.

35 See, e.g., United States v. John, 597 F.3d 263 (5th Cir. 2010); Int’l Airport Ctrs. LLC v. Citrin, 440 F.3d 418 (7th Cir. 2006); United States v. Rodriguez, 628 F.3d 1258 (11th Cir. 2010), cert. denied 563 U.S. 966 (2011).

36 See, e.g., WEC Carolina Energy Sols. LLC v. Miller, 687 F.3d 199 (4th Cir. 2012), cert denied, 133 S. Ct. 831 (2013); United States v. Nosal, 676 F.3d 854 (9th Cir. 2012) (en banc).

37 SEC, Companies Cannot Stifle Whistleblowers in Confidentiality Agreements (Apr. 1, 2015), https://www.sec.gov/news/pressrelease/2015-54.html.

38 See, e.g., Adam Herzog, SEC Cracks Down on Company Policies that Prevent Employees from Reporting Fraud (Aug. 25, 2016), http://www.kmblegal.com/sec-whistleblower-blog/sec-cracks-down-company-policies-prevent-employees-reporting-fraud (noting six-figure penalties and other actions taken against two companies found to have unlawful severance agreements under Rule 21F-17(a)); Matthew LaGarde, SEC Penalizes Tech Company for Violating Rule 21F-17 (Jan. 18, 2017), http://www.kmblegal.com/sec-whistleblower-blog/sec-penalizes-tech-company-violating-rule-21f-17.

39 See Stacy Cowley, Wells Fargo Whistle-Blower Wins $5.4 Million and His Job Back, N.Y. Times (Apr. 3, 2017), available at https://www.nytimes.com/2017/04/03/business/04-wells-fargo-whistleblower-fired-osha.html?_r=0.

40 For more information on this topic, see Michael Filoromo, Congress Aims to Strengthen Federal Employee Whistleblower Protections under New Administration (Mar. 28, 2017), www.kmblegal.com/whistleblower-blog/congress-aims-strengthen-federal-employee-whistleblower-protections-under-new.