Compliance

Whistleblowing and NDAs: What a UK NDA Can Never Stop

UK law protects whistleblowers, and no NDA can override it. The Employment Rights Act 2025 extended protection to sexual harassment disclosures from 6 April 2026. Here is what the carve-out must say and why it is mandatory.

By Richard Wood, Founder9 min readUpdated 9 June 2026Last reviewed 9 June 2026whistleblowingemployeeUK lawenforceability

One thing a UK NDA can never do is silence a whistleblower. The law protects people who report wrongdoing, and that protection sits above any confidentiality agreement. For employers this is not a nuance to negotiate — it is a hard legal limit that a compliant NDA has to respect on its face. This guide explains the rule, the carve-outs, and what it means for both sides — including the extension to sexual harassment that came into force on 6 April 2026.

This is general information, not legal advice

NDASafe is a document preparation service, not a law firm. Our templates are legally reviewed against applicable UK law at the point of release, but every situation is different. Where significant value, unusual risk or a cross-border element is involved, take independent legal advice before you sign.

The law: protected disclosures

Whistleblowing in the UK is governed by the Employment Rights Act 1996, as amended by the Public Interest Disclosure Act 1998 (PIDA). It gives workers the right to make a protected disclosure — broadly, raising a genuine concern about matters such as a criminal offence, a breach of a legal obligation, a danger to health and safety, environmental damage, or the deliberate concealment of any of these.

Crucially, section 43J of the Act makes void any provision in an agreement that tries to prevent a worker making a protected disclosure. That includes NDAs, confidentiality clauses, and settlement ("COT3") agreements. The contract term simply has no effect to the extent it would gag a protected disclosure.

ERA 2025: sexual harassment now a protected disclosure

In force from 6 April 2026

The Employment Rights Act 2025 (section 23) extended the protected-disclosure regime to cover sexual harassment within the meaning of section 26 of the Equality Act 2010. From 6 April 2026, any NDA clause purporting to prevent a worker disclosing sexual harassment is void. This applies to employees and to freelancers/contractors who personally perform work or services.

Before 6 April 2026, the PIDA regime covered matters such as criminal offences and health-and-safety risks. Sexual harassment disclosures had some protection through the Equality Act 2010, but an express NDA carve-out was not mandated. That changed with the Employment Rights Act 2025.

A compliant employee or freelancer NDA must now expressly state that the confidentiality obligation does not prevent the worker from making a disclosure about sexual harassment. Omitting this carve-out does not mean the obligation applies — it just makes the agreement appear non-compliant and risks challenge to the whole document.

Why this matters for the whole agreement

Beyond being void, an over-reaching confidentiality clause can attract regulatory criticism. The Solicitors Regulation Authority has issued warning notices on the misuse of NDAs as "gagging clauses", and an NDA that looks designed to suppress wrongdoing is both unenforceable on that point and a reputational risk.

What the carve-out must preserve

A compliant employee NDA does not stay silent on this — it spells out, in the agreement itself, that the confidentiality obligation does not stop the individual from:

  • making a protected disclosure within the meaning of the Employment Rights Act 1996 (as amended), including any disclosure about sexual harassment within the meaning of section 26 of the Equality Act 2010;
  • reporting a criminal offence to the police or any law-enforcement body;
  • co-operating with, or making a disclosure required by, a regulator or other body with statutory authority;
  • complying with a legal or regulatory obligation, or an order of a court;
  • seeking support as a victim of criminal conduct (Victims and Prisoners Act 2024); and
  • taking legal advice about the agreement.

Stating these expressly does two things: it keeps the agreement lawful, and it reassures the person signing that they are not being asked to give up rights they cannot give up anyway.

How NDASafe handles it

In the NDASafe Employee NDA and Freelancer NDA templates, these carve-outs are tagged [mandatory]. That tag is a signal: the clause is not optional and should not be edited out. Removing it does not make the underlying right go away — it just makes the agreement look like it is trying to do something unlawful. Templates were updated in June 2026 to reflect the Employment Rights Act 2025.

For employers: good practice

  • Keep the carve-out in, visibly. A clear carve-out protects you as much as the employee.
  • Use confidentiality to protect genuine business interests — trade secrets, client data, plans — not to discourage people from raising concerns.
  • Where you are settling a dispute, take advice on the confidentiality wording; settlement agreements are squarely within the scope of section 43J.
  • Pair the NDA with a proper internal whistleblowing policy so concerns have a route that does not require anyone to test the limits of a contract.
  • Review any existing employee NDAs signed before 6 April 2026 — the sexual harassment carve-out is void as a matter of law regardless, but a express updated clause removes ambiguity.
Employee and Freelancer NDAs updated for ERA 2025

NDASafe Employee and Freelancer NDA templates include the mandatory whistleblowing and sexual-harassment carve-outs, updated June 2026 for the Employment Rights Act 2025. £29 each or £79 for all eight.

Frequently asked questions

Can an employer use an NDA to stop whistleblowing?

No. Under the Employment Rights Act 1996 (as amended by the Public Interest Disclosure Act 1998), a worker has a statutory right to make a protected disclosure. Section 43J makes void any contractual term — including an NDA or settlement-agreement clause — that purports to stop them. An NDA simply cannot gag a protected disclosure.

What is a whistleblowing carve-out?

It is a clause that expressly preserves the recipient's right to make protected disclosures, report criminal activity, and co-operate with the police or a regulator, regardless of the confidentiality obligation. A compliant UK employee NDA must include one — NDASafe tags it [mandatory] so it cannot be removed by accident.

Can an NDA prevent a worker from disclosing sexual harassment?

No. Since 6 April 2026, the Employment Rights Act 2025 extended the protected-disclosure regime to cover sexual harassment. Any NDA clause that tries to prevent a worker disclosing sexual harassment is void under section 43J of the Employment Rights Act 1996. A compliant employee or freelancer NDA must expressly carve this out.

Templates mentioned in this guide

Employee NDA

From £29

UK-compliant. Includes whistleblowing carve-outs. Optional IP assignment and non-solicitation.

View template

Freelancer NDA

From £29

IR35-aware. Includes IP assignment for project work. Clear contractor status.

View template

Related guides

Enforceability
Are NDAs Enforceable in the UK? What Holds Up and What Doesn't
Yes — a properly drafted NDA is an enforceable contract in the UK. Here are the conditions it has to meet, the clauses courts will not enforce, and the remedies available if confidence is breached.
Pillar guide
UK NDA Templates: The Complete Guide for 2026
What a UK non-disclosure agreement does, the eight types, what every NDA must contain, how long it should last, and how to choose and complete the right template — without paying a solicitor £150 to £350.