In the modern day it has become common place for an employee or worker to use their personal computers or tablets to work remotely, whether at home, onsite, or at client locations. Although this practice can be useful and beneficial to employers, the issue of confidentiality regarding the information stored on that computer and in particular, what happens to that information post termination, is one that is increasingly coming under the microscope. We report on the recent case of Warm Zones v Sophie Thurley concerning the issue of personal devices.
How can employers be sure an employee has deleted all confidential information from their personal computers?
There are now often terms in contracts of employment, policies and settlement agreements requiring individuals to irretrievably delete confidential information from all personal devices. The issue remains; however, as to how employers can ensure this is fulfilled. Does an employer have the right to view a personal computer or tablet? This was explored in the case of Warm Zones v Sophie Thurley & others. Here contracts of employment included a confidentiality clause. An issue arose as to whether former employees, had copied company information onto their home computers. The employer applied to obtain an interim injunction, compelling former employees to allow it to view and copy information from their personal computers.
The former employees were accused of having copied and/or disclosed a customer database to a competitor whilst still employed by Warm Zones. Evidence provided at the interim injunction hearing included email evidence which strongly suggested the employees were attempting to sell information from the database. An interim injunction was granted preventing any further disclosure of confidential information by the former employees.
How can employers best protect their business?
The issue of business protection should not be overlooked when drafting contracts of employment. Employers should ensure there are clear clauses in employment contracts that protect business information and ensure there are clear definitions of what is considered to be "confidential information". You should include the right to check all information has been deleted and not transmitted on the termination date. It is also advisable to have clear policies on using personal devices at work – including being able to delete business information remotely if a personal device is lost. Leaving it to "trusting" your employees can leave the business open to damage if they do not comply with the relevant clauses.
Consistent with our policy when giving comment and advice on a non-specific basis, we cannot assume legal responsibility for the accuracy of any particular statement. In the case of specific problems we recommend that professional advice be sought.