About this blog

  • Thinking Ethics was a project launched in Geneva to foster the debate about ethics. A few friends, fed up with only reading about abuses in the media, decided to hold a forward-looking seminar on five subjects: ethics and performance, ethics and knowledge, ethics and consciousness, ethics and disobedience and ethics in real time. If moral has to do with right and wrong, then ethics is its application in society. We believe that people need to talk about the subject to determine the level of ethics they want. The book Thinking Ethics, a result of the seminar, is to start the discussion. This blog is a contribution to the conversation.


  • Andrea Spencer-Cooke
  • Pascal Marmier
  • Kelly Richdale
  • Stephen Whittle
  • Steve Bowbrick
  • Beth Krasna

« Most people find politicians dishonest | Main | Protecting one's privacy »

January 23, 2006


Björn Rohde-Liebenau

The "distinctly French" solution - I believe an agreement with the SEC which is quite common-sense and outlined here:


The basic message is this: there is no discrepancy between the relevant SOX section and the CNIL Guideline document, 10 Nov 2005.

In its session of 31 Jan – 1 Feb, 2006, the careful stance of the CNIL has been adopted by the so-called Article 29 Data Protection Working Party of the EU in a yet unpublished document. The requirements of EU Data Protection Directive 95/46/EC in whistleblower hotlines are summed by the working party as follows:
- The scope of application and the persons against whom a report can be filed must be limited according to the purposes (risk management, crime prevention).
- Those making a disclosure should be assured that their identity will be kept confidential. Anonymous report shall be accepted only under extraordinary circumstances.
- Only data necessary for further investigation of the report may be processed.
- Within two months after closing the investigation the data should be deleted. Only in cases, which require further legal steps, may the data be saved for a longer period.
- The indicted person must be informed of the report (disclosure) as soon as there is no more risk of loss of evidence. The name of the disclosing person should normally be given to the accused only when the disclosure was maliciously wrong.


The comments to this entry are closed.