In February 2012, FDA Lawyers Blog wrote regarding FDA's secret e-mail monitoring of whistle-blowers in the Center for Devices and Radiological Health ("CDRH"). Now it appears that FDA's surveillance program, which began as an effort to determine whether five FDA scientists were leaking trade secret information, may have been much broader than previously known. According to a New York Times article published on July 15, an FDA contractor inadvertently posted a database containing more than 80,000 surveillance-related documents onto a public website. These documents revealed the extent of the surveillance program that tracked communications between the scientists and Congressional officials, journalists, and others. The surveillance software utilized by FDA allegedly tracked keystrokes, intercepted personal e-mails, and took screen shots of letters being drafted to members of Congress, the Office of the President, and the Office of Special Counsel ("OSC"), an independent federal agency which investigates whistle-blower retaliation claims.
Federal agencies have broad power to monitor employees' computer usage. In fact, FDA computers warn employees when logging on that they have "no reasonable expectation of privacy," and that the Agency may intercept data for any lawful government purposes. However, it is still possible that FDA acted unlawfully when intercepting certain legally protected communications, such as, attorney-client communications, whistle-blower complaints, and workplace grievance filings. The OSC sent a memorandum to all government agencies in June identifying the legal restrictions and guidelines that agencies should consider with regard to monitoring employee communications. Members of Congress have demanded an investigation into the legality of the FDA's program.
FDA defended the program, saying it restricted surveillance to the five scientists suspected of leaking trade secret information. The Agency established the operation after the Inspector General at the Department of Health and Human Services refused to launch a criminal investigation into the scientists' alleged wrongdoing. FDA officials acknowledge that the operation intercepted communications that the scientists had with Congressional officials, journalists, and others, but FDA maintained that the e-mails "were collected without regard to the identity of the individuals with whom the user may have been corresponding." Additionally, FDA claimed that they did not intend to prevent employees from making these communications, and that individuals outside of the agency were not targets of the operation.