With increasing employee mobility, maintaining confidentiality of company information is critical. Confidential documents in the wrong hands has significant adverse implications for competitiveness.
Confidential information is relatively easy for employees to steal. Information can be physically copied, emailed as attachments to private email accounts, or transferred onto memory sticks. Unless an organisation obtains specialist computer forensics support, detecting theft of information is extremely difficult, save where an employee has been foolish enough to leave some evidential paper trail.
Confidentiality in the Contract of Employment
The starting point for any organisation is to make sure contracts of employment contain clauses dealing with both confidential information (highlighting the types of information it regards as confidential), and providing for the return of all company property on termination. By having an express clause it widens the scope of information which the business regards as being confidential and which otherwise would not meet the test of confidentiality under current case law.
Investigating breaches of Confidentiality
The difficulty in trying to enforce confidentiality obligations post termination is that it tends be restricted to what can be properly regarded as “trade secrets” of the business, something which Courts will construe narrowly.
If an organisation suspects a breach of confidentiality by a former employee then it needs to act quickly. The starting point is to undertake a thorough search of computer systems and any other devices (e.g. tablets, smartphones) which are likely to provide evidence of a breach. Not surprisingly perhaps, most employees who conspire to steal confidential information will plan ahead, deleting emails and text messages, using memory sticks, or setting up miscellaneous cloud based email accounts.
Despite an employee’s ability to hide visible traces of wrongdoing, with the advances in computer forensics, it is now relatively easy to reinstate documents (together with metadata) which have previously been deliberately deleted.
In conjunction with any forensic computer investigation, if the breach is serious, employers will need to take legal advice about the range of interim injunctive orders which are available to them. These include search orders, delivery-up orders and disclosure orders.
Given that employees often steal confidential information which is likely to be for the benefit of a new employer, that new employer will also owe a duty of confidence to the former employer, especially where it knows the information is confidential.