The EU Whistleblowing Directive (2019) protects individuals who report violations of EU law by requiring clear reporting channels and safeguarding them from retaliation.
The Whistleblowing Directive is linked to the EU AI Act, specifically to “Article 87: Reporting of Infringements and Protection of Reporting Persons” which states that it “shall apply to the reporting of infringements of this Regulation and the protection of persons reporting such infringements”.
This means that from 2 August 2026 onwards, the EU Whistleblowing Directive will explicitly cover the reporting of violations under the EU AI Act.
For example, an employee at a general-purpose AI (GPAI) provider could safely report that a GPAI model presenting systemic risk lacks adequate cybersecurity measures, thereby breaching Article 55 of the EU AI Act, which sets out the “Obligations for Providers of General-Purpose AI Models with Systemic Risk”.
This provision reinforces compliance and accountability while ensuring system integrity and protecting whistleblowers.
#EUAIAct #WhistleblowingDirective #Compliance #Cybersecurity #AIRegulation #RuneLexAIActExperts
Image by Vecteezy
RuneLex AI 
Leave a comment