Back

Employees Copying Company Files Before Resigning-Court Says Ok!

In another irritating, anti-employer decision, the Ninth Court Circuit of Appeals (covering California) ruled that an employee who copied company files before resigning did nothing wrong! The practice of such behavior is not surprising. It happens more than you may think and with technological advances comes more creative ways for employees to take confidential information away from their place of business. Personal data storage devices and email permits information to be easily transmitted without the employer’s knowledge. Sad but true.

The facts in this case were actually very simple. A former employee had emailed numerous files from his work computer to his personal email account, as well as to his wife’s email account before he left the company. The files that he copied included financial statements, marketing data, and personal information about the employer’s clients. In addition, he used an administrator’s password to access the company’s network after he left the company.

The employer sued arguing that the former employee violated the federal Computer Fraud and Abuse Act, which prohibits unauthorized computer access, or access to computer systems that exceeds authorization. The court ruled that since the employer had given the employee (former) authorization to access company files the employee had done nothing wrong.

Where did the employer go wrong? They failed to have an established policy prohibiting employees from copying company files for personal use or emailing them to a personal email account. Furthermore, how in the world did the employer fail to change the access codes after the employee left?

Now let’s discuss what an employer should do to try and safeguard their confidential information.

1. Have a policy in place prohibiting employees from copying company files for personal use (or emailing);

2. Limit access to highly confidential information to a select few;

3. Change the codes upon the departure of individuals who had access to the sensitive information;

4. Have a selected “IT” person monitor who is accessing the information and note any downloading of files;

5.  Have a policy in place limiting the use of personal data storage devices (or even bringing them to work).

We have clients who prohibit employees from bringing cellphones or other such devices to work. Such policies are not an infringement on their individual rights. Good luck!

author avatar
pottsnew

You may also like

Employers Must Reimburse Employees for Using Their Personal Cell Phones
25 August, 2014

Reimbursing employees for expenses has been the source of confusion for employers. One area, not generally considered, is reimbursing employees for the use of their personal cell phones for company business. Well, the bell has been rung. Last week a Read More »

The Definition of “Spouse” to Legally Married Same-Sex Couples
30 June, 2014

There appears to be some confusion when employers are attempting to accommodate FMLA leave requests for the “spouse” of a same-sex couple. Well, to clarify this issue, the Department of Labor (“DOL”) has announced a notice of proposed rulemaking to Read More »

EEOC Cracking Down on “Speaking English Only Policies”
23 June, 2014

Immigration reform continues to be a hot button issue, and a recent rash of lawsuits continues to fuel the debate over whether an “English-only” rule constitutes national origin discrimination. The EEOC’s position is that a “rule requiring employees to speak Read More »

Leave A Reply

Your email address will not be published. Required fields are marked *

Accessibility Tools
hide