The EESC preached whistleblower protection while hunting its own

The European Economic and Social Committee helps shape Europe's whistleblower rules. Yet when anonymous letters accused its own leadership of corruption, the body did the opposite of what those rules ask. Its president ordered a secret hunt to unmask the source, using printer forensics, video footage, and fingerprints.

What is the EESC?

The European Economic and Social Committee, or EESC, is an advisory body of the European Union. It writes opinions on new EU laws on behalf of workers, employers, and civil society groups. Its members come from all 27 EU countries. They sit in three groups: employers, workers, and other civic bodies. The committee has about 700 staff and an annual budget near 165 million euros. So when it mishandles its own staff, that is public money and public trust at stake.

The body is not famous, and that is part of the story. It rarely makes headlines. It also helped review the very EU law that protects people who report wrongdoing. A committee that advises Europe on whistleblower rights is the last place you would expect a hunt for a whistleblower. That gap, between what it preaches and what it did, is what makes this case worth reading.

The anonymous letters that named the secretary-general

The trouble started with paper. Around 50 anonymous letters began appearing on desks inside the EESC. They accused the body's secretary-general, Isabelle Le Galo Flores, of handing public contracts to friends and associates. The secretary-general is the top civil servant at the committee, so the claims pointed straight at the leadership.

These are allegations, not proven facts. Le Galo Flores has not commented publicly on them. But the letters were not the first sign of worry. According to Euractiv, at least three staff members had already gone to OLAF, the EU's anti-fraud office, about her conduct over the past two years. The letters pushed a private concern into the open.

A corruption claim usually gets one kind of response. You look into the claim, and you check whether the contracts were clean. Instead, the body's first move was to look for the person who raised it. That choice, source first and substance second, is the heart of what went wrong.

The secret note that ordered a source hunt

On 5 March 2026, EESC president Séamus Boland sent a note marked "strictly confidential" to two security officials. It did not ask them to check the corruption claims. It asked them to find who was behind the letters. Boland told them to gather all 50 letters and to "collect all elements that could help to identify the possible perpetrator."

Séamus Boland, EESC president, who signed the confidential note.
© Parliament of the Republic of Moldova (CC0)

The methods read like a police case, not an office review. The note told the officials to run forensics on printers. It told them to check whether the letters came from EESC computers. It told them to secure video footage from the spots where the letters appeared. Boland even offered to bring in forensic specialists from the European Commission. The reported brief also covered fingerprints.

Boland wanted the work kept quiet. He wrote that he wanted "to emphasise the confidential nature of the task, which I invite you to strictly respect." The two officials were to report back only to him and to his chief of staff, Eamonn Mac Aodha. Boland framed the whole effort as building a file to send to OLAF.

The note did not stay secret. A copy reached Daniel Freund, a German Green member of the European Parliament, sent to his office by an anonymous source. The hunt for a leaker had itself been leaked. By early June, Euractiv had the documents and the story was out.

How staff and an MEP fought back

Staff did not stay quiet. Three trade unions wrote to Mac Aodha on 24 March, challenging the body over whether finding the sender was the real goal of its internal "security review." They saw it as a hunt for a colleague who had spoken up. The clash moved from the mailroom to the unions to the press in weeks.

MEP Daniel Freund, who received the leaked note and called the leadership "unfit."
© European Union 2024 (Source: EP)

Freund was blunt. He said the documents showed a leadership that should not be in charge.

"If these letters are authentic, then I think they show that this leadership is unfit. People that expose wrongdoing, maladministration, fraud, or whatever it is, should not be prosecuted but celebrated."
Daniel Freund, Member of the European Parliament

The EESC rejected the "witch hunt" label outright. Its spokeswoman said the president acted on "staff concerns clearly expressed to him about the irregular way letters appeared on their desks." She said the review did not trawl email or web searches, and did not look at CCTV. "There is categorically no witch-hunt," she said. The file, she added, was with OLAF, with no outcome yet.

Staff then escalated to the highest ethics referee they have. In June, they took the case to the European Ombudsman, the EU's independent watchdog, asking it to examine the body's methods and the risk of retaliation. The Ombudsman cannot hand out fines. But it can investigate, publish its findings, and push a body to change course. The timeline below shows how fast a stack of letters became a Brussels scandal.

What the EU Whistleblower Directive actually requires

The EU has a law for exactly this moment. The Whistleblower Directive (2019/1937) protects people who report breaches of EU law. It bans retaliation against them, demands that their identity stay confidential, and tells organisations to run proper reporting channels. Trying to unmask an anonymous source runs against the spirit of all three rules.

In plain terms, the Directive asks an organisation to do a short list of things. The EESC's first reaction failed several of them at once.

• Keep the reporter's identity secret. Hunting the source does the reverse.
• Ban retaliation in any form, including investigations aimed at the reporter.
• Offer a safe internal channel so staff do not have to resort to anonymous letters.
• Act on the report itself, not on the question of who sent it.
• Give an external route, such as OLAF or the Ombudsman, when internal trust breaks down.

The law also sets a clock. An organisation must confirm it got a report within seven days. It then has three months to tell the reporter what it did about it. The point of that clock is to stop a reporter being left in the dark. A person who speaks up should never be treated as the problem.

There is a catch worth naming. The Directive binds EU member states and the companies inside them. It does not directly bind the EU's own institutions, which run on their Staff Regulations instead. That gap is part of why staff at bodies like the EESC can feel exposed. But as the next case shows, the courts have started to close it.

Why hunting the source was the real violation

A 2024 court ruling makes the legal risk concrete. In TU v European Parliament, the EU's General Court found that an EU institution can be held liable for mishandling a staff whistleblower. The Parliament had moved, sidelined, and failed to protect a worker who reported harassment and financial irregularities. The judges set out rules that any EU body, the EESC included, now has to respect.

The EU courts in Luxembourg, where the General Court ruled in TU v European Parliament.
© Cédric Puisney (CC BY 2.0)

Two of those rules sting here. First, protection is automatic. A person becomes a protected whistleblower the moment they report in writing, with no need for the body to grant them a status. Second, the burden of proof flips onto the institution. Once a worker shows credible harm, the body must prove it protected them.

"The Parliament carries the burden of proof that it has fulfilled its duty to protect the whistleblower."
EU General Court, TU v European Parliament (2024)

Now place that ruling next to what the EESC did in public. On 26 June 2026, only weeks after the hunt became news, the committee adopted an opinion with a striking title: whistleblower protection "must work in practice, not only on paper." Its rapporteur, Giulia Barbucci, urged Europe to treat whistleblowers as a civic asset, not a threat.

"We must recognize the civic value of whistleblowers, who contribute to the protection of the public interest, democracy, and fundamental rights."
Giulia Barbucci, EESC rapporteur, 26 June 2026

The opinion never mentions the body's own case. It lectures governments on fear of retaliation and weak enforcement while staying silent on the hunt running in its own corridors. The advice is reasonable. What is missing is any sign the committee held itself to it.

The fix the EESC reached for was forensics. The fix it needed was a channel. Staff used paper letters because they had no trusted way to report safely. Paper can be traced, by printer, by camera, by fingerprint. A secure digital channel cannot be hunted the same way. It takes a report with no name attached and strips the data trail that would expose the sender. The report lands with someone outside the accused person's team. The tool the body lacked is the tool that would have made the hunt pointless. That is what whistleblowing software like WeMoral is built to do.

So the EESC ends up as its own best argument. A body that helped write Europe's whistleblower rules showed, in one secret note, how easily an institution reaches for the source instead of the truth. The question it leaves is uncomfortable. If the committee that advises Europe on protecting whistleblowers could not protect its own, what hope has a worker with no MEP to leak to?