Are you looking at the SIP Module datasheet here: BCM20737S Bluetooth Low Energy SiP Module Technical Reference ?
Essentially, on the SIP module, Physical Pin 25 = Logical Pin P1 (cannot be re-mapped to another logical pin), which is tied to the write protect pin of the internal EEPROM.
The internal EEPROM cannot be accessed externally (only by the minidriver).
What may be confusing you is that our TAG3 development board actually uses the SOC version of the 20737, so on that board the EEPROM is accessibe and can actually be changed over to serial flash if needed. This is not the case for the SIP module.
By read protection, I assume you are implying some form of security protocol to protect the EEPROM from being read externally? If so, we do not deploy any security for this scenario, but because the EEPROM is internal to the SIP, it is inherently secure to some degree.
Thanks! I did look at the data sheet, but clearly didn't search/look carefully, so I missed the reference to the WP pin. And yes, for the read-protect, I was implying some sort of security against reading the firmware.