Six scientists and doctors filed a lawsuit against the U.S. Food and Drug Administration last week, charging the agency with secretly monitoring personal email accounts after the group warned Congress and the White House that the FDA was approving medical devices they considered risky to patients.
According to news reports, the FDA is accused of prying into the plaintiffs' personal Gmail accounts, which they accessed from government computers, over the course of two years.
The emails and memos in question were compiled by the law firm representing the plaintiffs on behalf of the National Whistleblower Center and are available here via The Washington Post.
The suit alleges that the surveillance led to the harassment or dismissal of all six FDA employees who all worked in the agency's Office of Device Evaluation - an office devoted to reviewing cancer screening devices.
Beginning in 2007, the plaintiffs complained internally that the agency had approved, or was about to approve, at least a dozen radiological devices whose effectiveness was not proved and that posed risks to millions of patients. They went on to bring their concerns to Congress, the White House and the Health and Human Services Inspector General.
Here are the problems the FDA employees found with the devices, as summarized from the Washington Post article:
- Three of the devices risked missing signs of breast cancer.
- One device risked falsely diagnosing osteoporosis, leading to unnecessary treatments.
- One ultrasound device could malfunction while monitoring pregnant women in labor, risking harm to the foetus.
- Several devices for colon cancer screening used such heavy doses of radiation that they risked causing cancer in otherwise healthy people.
- The doctors and scientists were concerned about a computer-aided imaging device that searched for signs of breast cancer. A team of experts recommended against approval three times, with middle managers agreeing each time. After the third rejection, a senior manager approved of the device.
At issue, of course, is the question of whether employees should have any expectation of privacy when using work computers. The agency's computers explicitly warn users that they should have “no reasonable expectation of privacy” for data passing through or stored on the systems and that it may be intercepted at any time for any lawful government purpose.
The definition of what's a lawful purpose, though, is far from settled. Civil liberties groups such as The Constitution Project have said that employers should have the right to spy on employees mainly in the case of serious breaches, such as suspected watching or transmittal of child pornography.
Whistleblowing communications, since they're conducted in the public interest, deserve a higher standard of protection from employer surveillance, they say.
The government's line: If the whistleblowers wanted to prevent prying eyes, they should have used their own computers. At least one of the plaintiffs didn't have her own computer, however.
It's a sticky wicket. The courts need to step in and provide much more granular guidance on what suspicions merit employer surveillance.
If we lump all employee communications under the rubric of "liable to being monitored", we run the risk of silencing those brave enough to challenge employers who conduct business in an illegal or immoral manner.
Regardless of whose computers whistleblowers use, their communications deserve protection. Speaking out on behalf of the public good should surpass employers' rights to monitor and control that speech.Follow @LisaVaas
Spy image credit: Shutterstock