With increasing employee mobility, maintaining confidentiality of company information is critical. Often the company’s confidential information represents its competitive advantage. In the wrong hands it obviously has significant adverse commercial implications.
Not suprisingly, confidential information is easy for employees to steal. Information can be physically copied, emailed as attachments to private email accounts or transferred onto memory sticks. Unless an organisation goes to the expense of obtaining specialist computer forensics support any theft of information is almost impossible to detect, save where an employee has been foolish enough to leave some evidence of a paper trail.
Confidentiality in the Contract of Employment
The starting point for any organisation is to make sure contracts of employment contain clauses dealing with both confidential information (highlighting the types of information it regards as confidential), and also providing for the return of all company property on termination. By having an express clause it widens the scope of information which the business regards as being confidential and which otherwise wouldn’t meet the test of confidentiality under current case law.
Investigating breaches of Confidentiality
The problem with trying to enforce confidentiality obligations post termination is that it tends be restricted to what can be properly regarded as “trade secrets” of the business, something which the Courts will construe narrowly.
If an organisation suspects a breach of confidentiality by a former employee then it needs to act quickly. The starting point is to undertake a thorough search of computer systems and any other devices (e.g. tablets, smartphones) that are likely to provide evidence of a breach. Not surprisingly perhaps, most employees who conspire to steal confidential information will plan ahead, being delete emails and text messages, or using memory sticks, or setting up miscellaneous cloud based email accounts.
Despite an employee’s ability to hide any visible trace of wrongdoing with the advances in computer forensics, it is now relatively easy to reinstate any documents (together with metadata) which have previously deliberately deleted.
In conjunction with any computer forensic investigation, if the breach is serious, employers will need to take legal advice about the range of interim injunctive orders that are available to them. These include search orders, delivery up orders and disclosure orders.
Given employees often steal confidential information which will ultimately be for the benefit of a new employer, that new employer will also owe a duty of confidence to the former employer, especially where it knows the information is confidential.