Hi everyone,
We’re preparing the European Pirate Party’s response to the European Commission’s Call for Evidence on the evaluation of the Whistle-blower Protection Directive (Directive (EU) 2019/1937). The deadline is 9 April 2026.
This consultation is part of the Commission’s formal review of whether the Directive is working in practice and whether its scope should be extended — especially in relation to digital and tech-related breaches
In simple terms: this law is meant to protect people who report wrongdoing (such as corruption, illegal practices or data protection violations) from retaliation like dismissal, legal threats or professional harm. The Commission’s 2024 transposition report already identified shortcomings in how Member States implemented retaliation protections and the material scope of the Directive.
Our response will focus on three core areas aligned with our manifesto:
1. Retaliation Protection & Fundamental Rights
Are anti-retaliation measures strong enough in practice?
Do national systems create real deterrents against punishing whistle-blowers?
Are exemptions from liability and penalties properly implemented?
Is retaliation treated as a fundamental rights issue (freedom of expression, rule of law)?
2. Scope in the Digital & Tech Sector
Does the current Directive clearly protect people reporting:
• AI system harms and algorithmic discrimination
• Mass surveillance or biometric monitoring
• Platform abuses or large-scale data collection
• Cybersecurity failures and cross-border digital harms
3. Transparency, Awareness & Accessibility
Are reporting channels easy to access and understand?
Are gig workers, contractors and self-employed individuals adequately covered?
Has the very late transposition across Member States affected awareness and trust in the system?
We would appreciate your input especially in these areas:
• Practical assessment of retaliation protection: real cases, weaknesses in remedies, judicial delays
• Legal analysis of exemptions from liability and penalties across Member States
• Evaluation of cross-border retaliation in multinational or digital company contexts
• Gaps in protection for AI, surveillance, cybersecurity and platform-related reporting
• Interaction between this Directive and GDPR, AI Act, DSA or NIS2
• Barriers to reporting (fear of financial consequences, lack of awareness, complex procedures)
• Data, case law, or academic research that could strengthen our submission
• Any specific issues that should be raised under Q29–Q31 of the consultation
You can review the consultation documents and the Commission materials (Call for Evidence Ares 2025/6765097 and COM(2024) 269) in the shared folder.
Thank you for your contributions.