In May 2005, the French data protection authority (CNIL) refused to approve two ethical hotlines set up by US companies to comply with Section 301 (4) of the Sarbanes-Oxley Act on corporate governance. However, on November 10th 2005, the CNIL adopted a policy setting out a new framework for corporate whistleblowing in France.
CNIL whistleblowing policy: FedEE summary
* Companies that require their financial records and statements to be certified by the US stock exchange have strong grounds for ensuring that no irregularities are present in their accounts. This brings them within the scope of article 7-5 of the 1978 French data protection law (as amended) as having a legitimate interest to protect their fundamental rights by establishing 'devices of alarm' to 'fight against corruption'.
* Details communicated to employees and other interested parties about a company hotline should include:
See full Article.
Posts
