Whistleblowing as a Shield: Protecting the Voices That Keep AI Safe 

*Winner of the Excellence Award in Advocacy & Legal Analysis from AI Safety Collab a project of European Network for AI Safety

Imagine this: you’re sitting at home watching the news. An employee in a major beverage company is coming out of the courthouse in an ongoing, much publicized legal battle with her employers. All she did was inform government officials of a specific component that has been added to a recent product without proper tests. After going through the proper channels and filing a complaint at the company, she was told that it would be investigated, but nothing happened. 

She took action. Because someone had to.

The company argues that she signed a non-disclosure agreement (NDA) that prevents any employee from divulging trade secrets. Her lawyers counter that when it comes to public health, NDAs are not legally (nor ethically) binding. 

You have been following this case from the start, and you’re waiting for the court-ordered independent lab results to settle the matter. 

Now, ask yourself this: which part of that scenario did you care about most? You’d only be human if the first thing that came to mind was personal interest. When it is a health-related topic, everyone’s first priority is – and should be –  their own. The second thing might be a coin-toss between how the court would penalize the company if wrongdoing was proven, and how government officials would try to revise laws on food additives.

Coming last would be the employee who reported it. Why? Because we all assume she’ll be fine.  She actually did the right thing and her actions will save lives. If the courts rule in her favor, she’ll be lauded as a heroine. She presented evidence: lab results, testimonies, and her own eyewitness account. What more is there to think about?

She’ll be fine.

And you’d be right to think that way. In the United States, whistleblowers in the food industry are protected under the Food and Drug Administration (FDA) Food Safety Modernization Act (FSMA). The company can’t retaliate against her in any way for whistleblowing: by dismissal, demotion, or transfer. Should that happen, she’d be within her legal right to file a complaint, win it, and likely be compensated and reinstated back to her position.

Let’s use the same scenario but shift the industry; this time it’s an AI company. Here, the story takes a different arc. 

The common theme among AI whistleblowers differs from that of the food and beverage industry. In the absence of clear laws and reporting channels, the decision to speak out against AI industry giants is often weighed against livelihood, personal and professional reputation, and, in one case, life itself.

Stories from the AI Trenches

Sounding the alarm takes not just evidence, but courage and a firm moral belief that you’re doing the right thing: telling the truth. 

Meet a few brave individuals who faced hard obstacles to let the world know what goes on behind closed lab doors.

Leopold Aschenbrenner: Former OpenAI safety researcher, fired from his position for allegedly sharing documents externally. He warned of “egregiously insufficient” security against foreign threats, citing OpenAI’s failure to adequately protect critical algorithmic information and model weights. He became an advocate, urging a shift away from fast, unsafe deployment towards robust safety measures.

Suchir Balaji: Former researcher at OpenAI and perhaps the most tragic story on this list. He resigned in August 2024 after stating the company’s use of copyrighted material violated U.S. law and posed commercial harm to creators. He was set to testify in intellectual property lawsuits against OpenAI; but was tragically found dead by suicide on November 26, 2024. 

Timnit Gebru: Co-lead of Google’s Ethical AI team, dismissed in 2020 after writing a research paper that exposed how current AI training methods could deepen biases against minorities and marginalized communities. Her dismissal gained widespread coverage, exposing corporate retaliation, prompting her to found the Distributed AI Research Institute (DAIR).

Louis Hunt: Former CFO and VP of Business Development at Liquid AI. He resigned from his position and publicly challenged the claim that AI models don’t replicate copyrighted works. He  presented evidence of generated outputs that were exact copies of texts from The New York Times, Stephen King’s books, and Harvard Business Publishing articles.

Margaret Mitchell: Founder and co-lead of Google AI ethics unit who was fired in 2021 for alleged misconduct. She testified in the September 2024 Senate hearing on AI oversight, stressing the need for clear instructions to employees navigating NDAs, and accessible whistleblowing channels to provide support to those who wish to come forward with their concerns.

William Saunders: Ex-OpenAI technical staff member who testified at the September 2024 Senate hearing. He advised on: 1) establishing a list of government contacts who understood the reported issues and could act on them, and 2) identifying legal protections insiders need when flagging actions that don’t break laws, but put public safety at risk.

Helen Toner: Former OpenAI board member on the nonprofit arm, who testified at the September 2024 Senate hearing. She highlighted how vagueness in current AI whistleblower laws discourages people from coming forward, specifically those with complaints about AI development that often don’t fit existing legal categories designed for traditional industries.

Anonymous and Named Whistleblowers: Group of eleven-thirteen current and former employees at leading AI companies who in June 2024 wrote an open letter “Right to Warn” calling for principles to create a safe environment for employees to voice their concerns on potential risks. In July 2024, they filed a complaint to the Securities and Exchange Commission (SEC) requesting an investigation into how NDAs restrict scrutiny of safety behaviors (e.g., the rushed testing of GPT-4o). 

This list is not exhaustive, many more names can be mentioned, including, David Evan Harris, Jacob Hilton, Geoffrey Hinton, Daniel Kokotajlo, Ramana Kumar, Jan Leike, Neel Nanda, Carroll Wainwright, and Daniel Ziegler, among others. 

Why Blow the Whistle

Merriam-Webster defines a whistleblower as “an employee who brings wrongdoing by an employer or by other employees to the attention of a government or law enforcement agency,” followed by the following note: “A whistleblower is commonly protected legally from retaliation.” 

If we analyze the stories above based on that definition, we see events unfolding in two stages. Stage One: the employee notices wrongdoing and first reports it internally. When the response from the company dismisses the complaint or addresses it inadequately, the employee either reports their concerns to the government/the media or publishes their findings as independent research.

The complaints themselves span a wide range, from ethical and governance concerns to more technical issues of alignment and safety. In addition, the alarms raised aren’t about one company’s specific attitude towards AI training, testing, and deployment; they bring to light an industry-wide, systemic pattern of behavior that if left unchecked could lead to non-reversable consequences.

For an insider to have that first-hand experience and courage to go through the steps to prevent such dangers, their actions should be celebrated as a reflection of moral integrity, not cause for retaliation. This brings us to the second part of the definition where the key term is “commonly protected”. Commonly means usually/often and that is an apt description in the case of AI whistleblowers. 

Stage Two is where we fail them, because there is simply no protection. The stories show that all of them lost their jobs, either by dismissal (with or without stated reasons) or through resignation (as a form of protest). They became industry pariahs just for speaking up, and some couldn’t find employment immediately after their stories broke out. 

If you’re an employee in an AI frontier company and read about the consequences faced by those who actually wanted to help, would you risk your career/livelihood, your industry standing, and your future to report AI risks? 

Nuclear Whistleblowing as a Model

In recent years, AI research has seen a surge in academic papers, books, interviews, and podcasts that wrestle with growing safety concerns. These works highlight AI’s dual-use and emphasize its black box nature – the opaque decision-making processes that continue to baffle even the scientists building these systems. 

In response, many AI governance and ethics experts compare the risks posed by advanced AI systems to those of the Chemical, Biological, Radiological, and Nuclear (CBRN) materials and agents in their severity and potential for catastrophic and even existential harm.

Therefore, as a model for the AI industry, I turn to the nuclear field. Its whistleblower laws and regulatory frameworks have long maintained vigilant oversight over both plant operations and worker safety.

The Energy Reorganization Act of 1974 (ERA) established the Nuclear Regulatory Commission (NRC), which regulates civilian (not military) nuclear facilities and materials. The Act was substantially strengthened in 1992 through the Comprehensive National Energy Policy Act, which added significant whistleblower protections including Section 211.

The key provisions in this amendment include the following:

1. It defines the protected activities for which employees cannot face discrimination. 
2. It establishes a clear complaint and investigation process for whistleblowers who face retaliation. 
3. It requires that these protections be posted permanently in the workplace for constant employee access
4. It directs the NRC or the Department of Energy (DOE) to conduct swift investigations into whistleblower allegations of substantial safety hazards.

Here are examples of how this works in practice:

In May 2013, the Occupational Safety and Health Administration (OSHA) found that Enercon Services Inc. wrongfully fired a senior engineer at Wolf Creek Generating Station for reporting safety violations. The engineer’s employment had been terminated in January 2012 after pointing out that soil coverage for buried safety pipes didn’t meet federal requirements. He was also asked to write a report justifying inadequate backfill material, but he refused.

OSHA ordered the company to reinstate the engineer with back pay, benefits, and compensatory damages. Enercon appealed, claiming the termination was for legitimate business reasons, but investigators found the engineer’s concerns were valid and that the field errors weren’t his fault.

In 2016, the Government Accountability Office (GAO) released a comprehensive review of DOE whistleblower protections and found that while the legal framework exists, enforcement and implementation needed strengthening. The report’s six recommendations, which were mostly accepted, demonstrate that Nuclear whistleblower protections are actively monitored, regularly evaluated, and continuously improved to address gaps, and ensure the law’s promise is realized.

In 2024, the U.S. Supreme Court ruled in Murray v. UBS Securities that whistleblowers under the Sarbanes-Oxley Act (SOX) don’t need to prove their employer intended to retaliate. The Second Circuit Court of Appeals had required plaintiffs to prove employer’s intent, but the Supreme Court vacated that decision. It held that if an employer treats someone worse (by firing, demoting, or changing their working conditions) because of whistleblowing (a protected activity), that constitutes a violation. The employer’s motivation is irrelevant.

This ruling is significant because the Supreme Court noted that the Energy Reorganization Act protections already worked this way. Under ERA, whistleblowers only need to show their protected activity was a factor in the adverse action. Then the employer must prove by clear and convincing evidence they would have taken the same action anyway. The Murray decision reinforced what nuclear whistleblowers already have: strong legal protections that shift the burden away from those who speak out.

The established path for Nuclear whistleblowers could serve as a blueprint for their AI colleagues, who operate in a similarly high-risk domain.

The Push for AI Whistleblower Protection: A Timeline

We now have a question: if AI risks are widely acknowledged as severe, from systemic bias to existential threat, why does the law still fail to protect those who report these risks? The answer is quite simple: existing legal frameworks typically require evidence of fraud or illegality – thresholds that may not encompass AI safety concerns. This leaves insiders vulnerable as they attempt to alert the public and policymakers. 

The following timeline traces key events from 2024 to 2025 that have shaped the need for whistleblower protection. 

In May 2024, news of OpenAI’s restrictive NDAs became known. Following public criticism, CEO Sam Altman admitted he was unaware of their extent and expressed embarrassment. He confirmed the company’s revisions of these agreements to remove provisions that threatened to deprive departing employees of their vested equity. This acknowledgment came after reports that OpenAI’s NDAs prohibited ex-employees from criticizing the company or disclosing safety concerns, sparking broader scrutiny of AI industry practices.

In June, thirteen current and former AI employees wrote an open letter “Right to Warn” urging frontier AI companies to promote an environment of safety-first in AI development and deployment. They stressed the current practice of forcing new hires to sign an NDA, the terms of which demand that they cannot voice concerns or disparage the company, even after leaving.

Moreover, they raised the point of widespread retaliation against whistleblowers, which adds to the growing concern that AI companies fear losing funding and investments more than protecting humanity from a technology that could possibly destroy it. By not allowing criticism, the companies silence well-meaning experts who could steer innovation in the right direction.

On July 1, the same group filed a formal complaint to SEC’s chairman Gary Gensler and to Senator Chuck Grassley’s office. In it, they provided evidence that OpenAI’s NDAs were restrictive to any protected disclosures of concerns related to AI safety, and asked the chairman to conduct an investigation into whether that practice broke SEC rules.

On July 31, OpenAI sent a letter to senators outlining robust safety measures, including dedicating 20% of computing resources to safety efforts like red-teaming and risk evaluations. The letter also affirmed support for whistleblower protections by introducing anonymous reporting options, for example: the Integrity Line.

On August 1, Sen. Grassley sent a letter to Sam Altman demanding answers about OpenAI’s restrictive NDAs with a deadline of August 15. The questions included:

1. Whether OpenAI changed the restrictive language of their NDAs, and provide proof of it.
2. The number of employees who requested to contact federal authorities, including all the relevant details.
3. The number of SEC investigations into OpenAI, including basis and outcome.

Sen. Grassley’s aim was to identify the purpose of the NDAs: whether it is for protecting trade secrets, or preventing employees from voicing their concerns.

On September 17, Sen. Blumenthal chaired a hearing by the Senate Committee on the Judiciary’s Subcommittee on Privacy, Technology, and the Law. He and several senators heard testimonies from, and directed questions to, expert witnesses on current AI regulations from an insider’s perspective. The hearing covered topics relevant to AI safety implementation and whistleblower protection.

At the start of 2025, President Trump signed Executive Order 14179 in January titled “Removing Barriers to American Leadership in Artificial Intelligence,” which revoked Biden’s AI safety order (EO 14110 of 2023). The new EO mandated the creation of an AI action plan within 180 days, and explicitly set the policy of maintaining U.S. “AI dominance” by removing regulatory barriers to innovation. This shift in policy marked a decisive turn towards deregulation, one that positioned acceleration as a national priority.

In May, Sen. Grassley and bipartisan cosponsors introduced the “AI Whistleblower Protection Act” (S. 1792) in response to mounting concerns about retaliation against AI employees who raise safety issues. The bill would prohibit retaliation against both employees and independent contractors who report AI security vulnerabilities or safety violations. As of October 2025, the bill has yet to advance beyond the Committee on Health, Education, Labor, and Pensions.

Following the executive order mandate, the White House released the AI Action Plan in July. It advances the deregulatory vision by explicitly prioritizing speed and innovation, while dismantling what it calls “onerous regulation” and “bureaucratic red tape.” By eliminating safety requirements, the plan effectively grants the private sector carte blanche to accelerate AI deployment with minimal oversight.

In October, California passed SB-53 “Transparency in Frontier AI Act”, the first U.S. state law establishing frontier AI transparency and whistleblower protections. Among other provisions, SB-53 introduces direct whistleblower protections for covered employees tasked with assessing or managing critical safety risks:

• It mandates that large AI developers establish anonymous reporting channels.
• Employees are shielded from retaliation when using these channels or when reporting externally to state or federal authorities.
• Protection applies when the whistleblower reasonably believes their employer’s actions pose a substantial threat to public health or safety; especially in cases involving catastrophic risk.

These provisions mark a shift from viewing whistleblowers as disruptors to recognizing them as vital protectors of public interest.

From corporate controversies to whistleblower advocacy and legislative breakthroughs, the road to stronger safeguards has been anything but easy, especially when the drive for rapid deployment outweighs the call for scrutiny. Yet through the combined efforts of courageous individuals and responsive institutions, robust protections are finally within reach.

Line of Defense

In her testimony at the September 17 2024 Senate hearing, Dr Mitchell compared AI training to baking:

“With Data as essentially ingredients, training is cooking, and the model is the output … we’re missing an approach where we have recipes, a deep understanding of what the pieces are that result in this output.”

In a landscape where the builders themselves don’t fully grasp the systems they create, insider disclosures may be the only path to effective regulation.

As the race to develop and deploy AI accelerates, safety and alignment concerns take a back seat at frontier companies. Governance frameworks are racing to catch up by creating laws and policies to protect public welfare, but the gap between innovation and governance remains wide. We need whistleblowers now more than ever. 

But how can we rely on insiders to shield us from high-stakes AI failures when they lack industry-wide protections and remain vulnerable to retaliation? Whistleblowers are our primary line of defense in this field. But shields need protection too. Without enforceable legal guarantees, we’re asking people to make sacrifices they shouldn’t have to.

Where is the justice in that?