The FDA Spied On Its Own Scientists 95
retroworks writes "The New York Times has an interesting article about efforts by the Food and Drug Administration to locate a source of 'leaks' within the agency. The search became a slippery slope involving trojans, keyloggers, screenshot captures, and an investigation that eventually became an allegory for management overkill. The article describes how the investigation of one employee expanded to five, and how the investigation of five led to other staff (including the interception of correspondence to President Obama). The Agency struggled with the gray area between protecting trade secrets of drug companies (which had applied for FDA approval) and censoring researchers with legitimate questions about the Agency's approval process."
Re:FTC (Score:5, Informative)
Your iPhone example doesn't hold here. The targeted personnel are responsible scientists communicating with proper whistle blowing channels regarding impropriety, not some lower-tier techies leaking shallow trinket tidbits for cash to rumor web sites.
> The FTC should do this.
No, they should not. They can certainly act if the leak question was on leaking to competitors and such. But these were issues of public concern and they were clearly told to not investigate... and then they went ahead and did it anyway.
"F.D.A. officials went to the inspector general at the Department of Health and Human Services to seek a criminal investigation into the possible leak, but they were turned down. The inspector general found that there was no evidence of a crime, noting that “matters of public safety” can legally be released to the news media."
Re:On the one hand (Score:5, Informative)
Theres is also a chain of command to be respected, john douche going to the new york post over a finding without informing anyone is also wrong
there is 2 sides to this coin, your only looking at the shiny one
How do you think the FDA knew who to monitor? The scientists used the chain of command and were told to STFU. Then they leaked the information and contacted Congress. A special investigation determined that their concerns were valid and that an investigation would be needed due to "a substantial and specific danger to public safety".
Four of the scientists were fired. See, that is what the chain of command does. It makes it easy to put together a complainers list.
The end result: four scientists had to lose their jobs in order to protect the public from faulty medical imaging devices. Would you prefer that nobody leaked anything and that the faulty medical imaging devices were released to hospitals?
Re:Trojans? (Score:4, Informative)
I had to deploy some software that did just this not too long ago. I forget which version or manufacturer we used, but it came with a signed certificate from an regular authority and the antivirus simply ignored it unless you boosted the heuristics up to the point about anything would trigger an alert.
Anyways, not too many people check their antivirus to see if someone placed a few exceptions in it. This is especially true when there is an IT department taking care of most of the computer related stuff. Even if the software was detected by the antivirus, the agency had control over the systems and could have placed exceptions for it. and of course this is assuming they used windows systems (we did) and not Linux or something where the Antivirus would probably see it as just another daemon running.
Oh yea, in my case of using it, we caught a person who was funneling bid information to a competitor for a commission and attempting to pad his own sales to scam bonuses.
Re:This is understandable (Score:5, Informative)
"the F.D.A. program may have crossed legal lines by grabbing and analyzing confidential information that is specifically protected under the law, including attorney-client communications, whistle-blower complaints to Congress and workplace grievances filed with the government"
Other administration officials were so concerned to learn of the F.D.A. operation that the White House Office of Management and Budget sent a government wide memo last month emphasizing that while the internal monitoring of employee communications was allowed, it could not be used under the law to intimidate whistle-blowers. Any monitoring must be done in ways that "do not interfere with or chill employees' use of appropriate channels to disclose wrongdoing,"
Members of Congress from both parties were irate to learn that correspondence between the scientists and their own staff had been gathered and analyzed.
While you may have to do what the boss says, when you're a public servant and the White House as well as members of Congress from both parties come are on your side and your actions are specifically protected by law, you ARE doing what the boss says.
And to cap it off: A confidential government review in May by the Office of Special Counsel, which deals with the grievances of government workers, found that the scientists' medical claims were valid enough to warrant a full investigation into what it termed "a substantial and specific danger to public safety."
They were doing the right thing.
Don't expect privacy if you work for the Fed. (Score:5, Informative)
Re:Don't expect privacy if you work for the Fed. (Score:4, Informative)
Sorry, as someone who has worked for the fed and has held a security clearance, I don't sympathize with the journalist who wrote the WP article. If you work for the federal govt, then you have absolutely no expectation of privacy for communications sent using federal equipmentt. It's in the U.S. laws, and HR in all the places I worked where the fed was involved made sure you knew that. And yes, there is a legitimate public interest for the government to find out who is leaking confidential information. Lives, reputations, and public confidence is often at stake in these matters.
'... Lives, reputations, and public confidence is often at stake in these matters.'
FTA
'...
The extraordinary surveillance effort grew out of a bitter dispute lasting years between the scientists and their bosses at the F.D.A. over the scientists’ claims that faulty review procedures at the agency had led to the approval of medical imaging devices for mammograms and colonoscopies that exposed patients to dangerous levels of radiation.
A confidential government review in May by the Office of Special Counsel, which deals with the grievances of government workers, found that the scientists’ medical claims were valid enough to warrant a full investigation into what it termed “a substantial and specific danger to public safety.” ...
F.D.A. officials went to the inspector general at the Department of Health and Human Services to seek a criminal investigation into the possible leak, but they were turned down. The inspector general found that there was no evidence of a crime, noting that “matters of public safety” can legally be released to the news media.
Undeterred, agency officials began the electronic monitoring operation on their own. ...'
That's because it's the EPAs job (Score:4, Informative)
The FDA only regulates pesticides as they relate to residues left on human-consumed food (because they then become a food contaminant.)
Regulation of the pesticide's environmental impact is the EPAs job.
Re:This is understandable (Score:5, Informative)
I think the laws at issue here are Lloyd - La Follette Act [wikipedia.org] of 1912 and the Treasury and General Government Appropriations Act of 1998.
It is explicitly forbidden for Federal agencies and managers to interfer with whistleblowers trying to contact Congress to report abuses. One caveat is the whistleblower can't usually divulge classified information to people not authorized to recieve it as part of the whistle blowing but I doubt there is any classified information in an FDA dispute.
Garcetti v. Ceballos has nothing to do with whistleblowing to Congress, it wasn't whistleblowing at all really. Its not whistleblowing when you report an issue to your boss. I can see no way it applies to this case. A DA disagreed with and disputed a warrant, Sherrif's office was furious and his boss overruled him and proceeded with the case. DA thought he was passover for a promotion over it.
Manning wasn't whistleblowing to Congress and he was divulging classified information without authorization to people not authroized to receive it so his case has NO relevance to this case either.
Not sure why you are bringing up cases that have no particular bearing on this case and pretending like they do. You kind of sounded impressive there for a second until you acutally parse what you said.