France: Whistleblowing Hotlines In France: A Welcome Lightening Of Regulation

Implementing whistleblowing hotlines in France has caused significant concern for companies implementing such hotlines globally, as French regulation had considerably narrowed their scope with the major threat of considering non-compliant hotlines as null and void.

Times have changed: a couple of months ago, the French CNIL adopted an important modification of its unique authorisation policy AU-004 dedicated to whistleblowing hotlines, last revised in 2010. Initially, the companies were only allowed to collect and record through a whistleblowing hotline any serious situation related to banking, accounting, financial, and fight against corruption areas, as well as any facts involving compliance with the applicable competition law – but only to "answer to a legislative or regulatory requirement".

Every time the planned policy fell outside this very limited scope, the company had to ask the CNIL an individual authorization with very limited chances of success, besides an exception concerning harassment.

To face those increasing requests – more than 60 between 2011 and 2013 – the CNIL amended its AU-004 in two ways:

• In addition to the areas already under its scope, the Commission extended the unique authorization system to environmental protection, fighting against discriminations and harassment in the workplace, and health, hygiene and security at work.
• The AU-004 now applies in those areas to "answer a legislative requirement or a legitimate interest".

In order to empower and protect users of such hotlines, the Commission has always insisted on the principle of an identification of the author of the alert , which has been reaffirmed. Nevertheless, the new applicable rules open the way towards anonymous alerts in exceptional cases, when "the gravity of the facts is established and the factual elements sufficiently detailed". The Commission specifies that processing those anonymous alerts has to be surrounded with special precautions, such as a "preliminary examination, from its first consignee, on the opportunity of its diffusion within the scheme".

With these amendments, the CNIL obviously seeks to ease, step by step, the use of whistleblowing hotlines in France, and to finally allow global compliance programs to be rolled out without too many exceptions.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.