Protecting business secrets when an employee resigns

In this case significant information was copied onto a USB drive but the forensic IT evidence showed one of the Defendants did not subsequently access it and the other Defendant made very limited use of the information available to him.

Accordingly, only nominal damages were awarded. The Court held it was inappropriate to award “jackpot” damages where it was not alleged the Claimant had suffered a loss nor that the Defendants had made any gain. The Judge noted that no case was advanced asking the Court to value the time, trouble and expense one of the Defendants had saved by his actual albeit limited use of the information.

Plainly, all cases turn on their own facts. However the case illustrates two truisms. Firstly, that the possibility a departing employee might seek to exploit highly confidential information represents a serious threat to many businesses and, secondly, that it is the period prior to resignation when confidential information will be at its most vulnerable.

Accordingly, whilst it is possible to look to the Court to protect a business from unfair competition by an ex-employee post-resignation, the effective management of information security should not be left until a resignation is tendered but should start the moment a new employee is taken on.

The following are key questions employers should consider:-

1. What information does the employee have access to which would damage the business if known by a competitor or if the employee was to set up on his own?
2. Is that information protected by appropriate clauses in the employee’s contract of employment?
3. Is the contract of employment signed and up to date?
4. Is it made clear to employees what information is confidential and the legal and reputational consequences of breaching that confidentiality?
5. Should additional IT security measures be put in place to protect certain data and should access to certain information be restricted to key individuals?
6. When the resignation is tendered, are immediate steps taken to block the employee’s access to the IT network or monitor usage if a notice period is being worked?
7. More importantly, is a check undertaken to see if there is evidence of confidential information being misappropriated prior to resignation, such as the downloading or emailing of documents and databases to personal email accounts?
8. Is the employee reminded in writing of his obligations regarding confidential information when he resigns and, if appropriate, his new employer put on notice of those obligations and any other restrictions to which the employee might be subject?

If these issues are properly addressed an employer stands a far better chance of deterring breaches of confidentiality by departing employees. Equally, the employer greatly improves its prospects of success if legal action is required to prevent the ex-employee and his new employer making use of that confidential information (by injunction if necessary) and of recovering damages for losses suffered.

Marathon Asset Management LLP v Seddon [2017] EWHC 300 (Comm)

For further information relating to the points raised in this article, please contact Dispute Management Director, Simon Lockley.