International Corporate Codes of Conduct: U.S. Whistleblowing and E.U. Data Privacy Laws
Abstract
Companies operating internationally may face laws and regulations that, at times, appear to conflict with one another. Those companies must diligently review those laws and work to ensure compliance with all applicable legislation. One critical area where this is particularly true for U.S.-based companies operating abroad is the intersection between the United States’ Sarbanes-Oxley whistleblower law – which mandates, among a host of other things, anonymous reporting lines for employees to “blow the whistle” on inappropriate financial conduct – and other countries’ privacy and data protection laws. Those laws, and some notable judicial decisions, particularly in the European Union (“E.U.”), discourage employers from investigating employees based on anonymous complaints.