Three-Quarters of Homeland Security's Employee Non-Disclosure Agreements Fail to Comply With Federal Law

President Trump, it turns out, is not the only person in the federal government making his staff sign non-disclosure agreements.

The Homeland Security Department regularly requires its employees, contractors, detailees and consultants to sign NDAs in order to access DHS systems and information. In 75 percent of those agreements signed between fiscal years 2014 and 2017, however, DHS’ inspector general found the department failed to include mandatory language reminding employees of their whistleblower protections. Such oversights could “deter reporting waste, fraud or abuse” and run “counter to fostering an open and transparent environment,” the IG said.

Non-disclosure agreements are not unusual in the federal government, and the General Services Administration maintains a “standard form” for agencies to use when issuing one. That form, however, includes the requisite language reminding employees that the agreement does not “supersede, conflict with, or otherwise alter the employee obligations, rights or liabilities” regarding whistleblower protection.

In the forms DHS uses, however, three-quarters do not contain the statement, which is required under the 2012 Whistleblower Protection Enhancement Act that President Obama signed into law. Following the passage of another whistleblower update last year, Homeland Security’s undersecretary for management in November sent an email to all employees. The email contained a link to information specifically referring to the whistleblower requirement for non-disclosure agreements, but neither DHS nor its components updated their NDAs.

The issue trickled down to more than just NDAs. The 2012 law also required the whistleblower language to be included in settlement agreements that include a broad confidentiality clause, which agencies sometimes reach with employees after performance issues, misconduct and allegations of discrimination. DHS signed nearly 7,000 such agreements in fiscal years 2014-2017, most of which included non-disclosure provisions and no reference to whistleblower protections.

Employees “shall not make any comments or take any actions with the effect of disparaging or undermining [DHS], including undermining the operations or leadership of [the component],” reads one template for settlement agreements. Others require employees to “withdraw any complaints or allegations they raised against DHS,” the IG said, or waive their ability to file complaints against the department that predate the settlement. Only two components included the whistleblower language in their agreement templates.

DHS’ failures came despite a 2013 memorandum from the Office of Special Counsel, the independent federal agency that investigates whistleblower disclosures and allegations of reprisal, that NDAs and settlement agreements contain the protection clause. OSC reminded agencies of that requirement in 2017 and 2018.

The IG further determined that while DHS estimated it had struck nearly 7,000 settlement agreements in the covered period, the department could not actually be sure that figure was accurate because it did not keep track of each case. It could not determine the settlements by category, such as whether they were disciplinary in nature or compensating for discrimination.

“Not knowing how many settlement agreements fall under particular categories makes it difficult for DHS to analyze trends, to identify risk areas, and to develop mitigation strategies to address those risks,” the IG said.

Jim Crumpacker, the DHS management liaison to the IG, agreed to update the department's NDA templates to include the whistleblower language and to better track its settlement agreements. He disagreed that the department had to include the protection provision in those settlements, but still vowed to update the language as the IG suggested.

"The department remains committed to ensuring that all employees and former employees are not chilled from making lawful disclosures," Crumpacker said.