Abstract
This study compares the laws in the United States and the European Union protecting cybersecurity whistleblowers from employer retaliation. Similarities and differences exist regarding the scope of laws, the definition of “retaliation,” and required reporting procedures to be eligible for legal protection. In the US, no anti-retaliation federal statute directly addresses cybersecurity whistleblowing, but whistleblowers may still be protected when they disclose cybersecurity-related violations of laws falling within the scope of protected activity under the current laws. In the EU, the Directive (EU) 2019/1937 directly protects employees who report breaches falling within the scope of the EU acts, including the protection of privacy and personal data and the security of network and information systems. The two approaches also differ concerning the confidentiality of the reporting person’s identity. This study provides a brief foundation for understanding how the US and EU’s approaches differ in providing legal protection against retaliation for whistleblowers.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
