When employees go rogue: How to protect your confidential information and intellectual property

Stephen Booth, Lisa Qiu

On 4 January 2016, Justice Bromberg of the Federal Court of Australia, handed down a judgment after hearing an urgent ex parte application brought by steel producing mogul, BlueScope Steel. The urgent application was to stop a disgruntled former employee, Ms Chinnari Sridevi Somanchi, from leaking confidential information and intellectual property, to competitors. 

Ms Somanchi was an employee of BlueScope for 12 years and was involved in the development of BlueScope intellectual property (IP). Her position with BlueScope was made redundant on 29 June 2015. In an article published by the Sydney Morning Herald, it was alleged that in the hours before her redundancy meeting, Ms Somanchi was suddenly very busy on the phone. BlueScope alleged she was downloading volumes of confidential information from her computer- all up over 40 gigabytes of IP and confidential information over four years, including important codes which could result in disastrous consequences for BlueScope if they fell into the wrong hands, such as a serious loss of its competitive edge.  

Ms Somanchi relocated to Singapore in November 2015 to take up a position as Innovation Manager of NS BlueScope Limited, a joint venture of BlueScope Steel with two other companies. Although related, BlueScope and the joint venture do not share IP. BlueScope Steel didn’t seek monetary penalties in its urgent application: the aim of the game was simply to find and secure the information. The Court granted injunctions to restrain Ms Somanchi and to require delivery of BlueScope’s information, pending further hearing. Similar orders have been sought in the Singaporean courts.  

Seeking these types of search and desist orders from a Court is a costly process. Therefore, as far as possible, prevention is better than cure, and the best form of defence is to take action to protect your confidential information and IP. 

First of all, make sure your IP is properly protected through trade marks or copyright.  

Secondly, make sure your employment contracts and internal policies clearly state that employees have duties to protect that information, both during and after their employment, and regulating employee use of electronic devices, especially their own devices. If there’s nothing in the contract, your rights to go to court will be limited.

Thirdly, make sure you know which employees have access to what information, who is using what devices, and if necessary, speak to IT experts to make sure that only those who need to know have access.  

Fourthly, if a relationship with an employee with a lot of access to sensitive information gets rocky, then take steps proactively to ensure that their ability to take that information is limited. 

Fifthly, if such an employee does leave, make sure that all their means of access to your system are closed off. Employees with sophisticated IT knowledge and with codes that enable access to your system may still be taking information, or creating havoc in your system, after they go.

If you need help protecting your IP, or reviewing your contracts and policies to ensure they offer adequate protection to your confidential information and IP, then get in touch with Emma Macfarlane in our Litigation & Dispute Resolution team, or a member of our Employment Law team