The recent revelation that it was Edward Snowden, an employee of National Security Agency (NSA) contractor Booz Allen Hamilton, who blew the whistle on the NSA’s surveillance programs has sparked a debate over the government’s use of private companies to perform sensitive national security work. It has also thrust Booz Allen Hamilton into the spotlight.

Most of the media coverage of Booz Allen has focused on its size ($5.8 billion in annual revenue and 25,000 employees according to NBC News.com), its close government connections (current company vice chairman John McConnell is the former director of national intelligence; current director of national intelligence James Clapper is a former Booz Allen executive) and even the damage this recent controversy is causing to its stock value. A company that derives between 97 and 99 percent of its revenue from federal contracts (see “Government Contracting Matters” on page F-31) can expect to take a hit when one of its employees publicly reveals classified government data.

Unfortunately, Booz Allen’s track record of business ethics and integrity has largely escaped scrutiny.

The Project On Government Oversight has kept an eye on Booz Allen for years, primarily through our Federal Contractor Misconduct Database. According to our database, the company currently has 3 instances of misconduct and $3.8 million in fines, penalties, and settlements resulting from those instances.

NBC News.com correctly observed that 3 misconduct instances since 1995 for a company as big as Booz Allen is “a relatively small number.” But consider the nature of these instances: Two involve allegations of federal contract fraud, one of which almost got Booz Allen debarred in 2006. The third case is particularly relevant to the recent controversy, as it involved the mishandling of sensitive government data. As we blogged in February of last year, the Air Force suspended and proposed debarment of Booz Allen’s San Antonio office and five employees—one of whom was a retired Air Force officer—for improperly sharing protected, non-public government contracting information. When the suspension was lifted two months later, we were surprised to learn that the company admitted to having larger, company-wide ethics problems, including problems with its use of non-public information. The company also admitted it needs to do a better job of curbing potential revolving door abuses when it hires former government employees. (The non-public contracting data at issue in the matter had been obtained by the ex-Air Force officer, and he shared it with co-workers on his first day at Booz Allen intending to give his new employer an advantage in a contract competition.)

POGO was bothered by the fact that the three-year administrative agreement Booz Allen signed with the Air Force last year to settle the San Antonio matter did not address the issue of employees reporting misconduct directly to the government. It has long been our concern that intelligence agency contractors have virtually no whistleblower protections. With the dramatic growth in the number of intelligence contractors, and the number of contractor employees granted clearances to handle sensitive information, the lack of a viable whistleblower protection framework could make bombshells like the Edward Snowden disclosure more likely in the future.