In this age of technology, the risk of departing employee theft and fraud has increased substantially. Departing employees are no longer limited to removing printed confidential business information, but can abscond with business information, trade secrets, client contacts, and other similar material using, for example, an external disk drive or an external email account.
How can companies protect themselves from departing employee related theft and fraud? To begin, companies should ensure that their employment contracts contain strict confidentiality clauses. Companies should also ensure they have technology-use policies in place specifying the types of technology and media covered by the policy, and stating that what an employee might reasonably consider to be private (including personal e-mail accounts, social networking sites, etc.) may be monitored by the employer, and that the employee has no reasonable expectation of privacy over information or communications accessed through company-based resources. This policy must be consistently applied and updated by the employer, and employees should be required to sign an acknowledgement of understanding of this policy and regularly reminded of the policy and its updates. In the absence of a regularly enforced technology-use policy, employers may find themselves facing claims based on breach of privacy, and made to compensate in the form of damages.
When an employee departs, employers should require a signed acknowledgement by the employee that he or she has returned all company property, including laptops, external disk drives, and intellectual property. In addition to the technology-use policy, employers should make their position clear regarding client contacts made by departing employees on social networking sites by virtue of their position with the employer.
If you suspect data theft by a departing employee, you should immediately seek the assistance of your counsel who can retain a well-trained computer forensic investigator. Such experts are best able to preserve and recover the hard drive of the departing employee, including email trails and browsing history. Many departing employees believe that their secret and deceptive attempts to steal their employer’s confidential information are not detectable. In most cases, this is a baseless assumption and your counsel and computer forensic investigator can track precisely what confidential information the employee stole and otherwise retrace the departing employees’ activities while using the employer’s computers. A court may view the contractual provisions and policies outlined above as important considerations regarding the employer’s rights to conduct such a forensic computer investigation, and to what degree.
In addition, employers may be able to take civil action. Where you believe the departing employee will use the confidential business information to further his or her own interests, you may also seek an injunction from the court to prevent such use until the civil matter can be properly resolved. This will provide added protection to your business information and intellectual property. An injunction must be brought quickly, both because an employer wants to protect its proprietary information and any delay in bringing an injunction may lead a court to conclude that the damage suffered by the employer is not irreparable, and therefore an injunction is not an appropriate remedy.