Monday, September 30, 2013

JAILHOUSE BLUES: EEOC TRIES TO ADDRESS CONCERNS OVER CONTROVERSIAL GUIDELINES ON CRIMINAL BACKGROUND CHECKS


The Equal Employment Opportunity Commission (“EEOC”) has responded to complaints from nine state attorneys general, over the federal agency’s enforcement actions against employers who use criminal background checks in making employment decisions.

However, the EEOC’s assurances are unlikely to address the concerns raised by the states, and the Commission’s enforcement guidelines are already faring poorly in the courts.

It has been over a year since the EEOC issued its revised enforcement guidance on the extent to which employers may rely on an individual’s criminal history in making hiring or other employment selection decisions. The stricter guidelines made it clear that an improper reliance on such information may constitute a violation of Title VII of the Civil Rights Act of 1964 (“Title VII”). The stated rationale for the EEOC’s position is that employers’ reliance on criminal records as a factor in hiring decisions disproportionately affects minorities, who statistically have higher rates of arrest and criminal conviction. This theory of liability is called “disparate impact.”

The complaints from the states were prompted by two high profile lawsuits filed by the EEOC against BMW Manufacturing in South Carolina and Dollar General Stores, based in Illinois. In the suits, the EEOC alleged the companies discriminated against minorities by excluding them from employment opportunities based on improper reliance on criminal background checks. The states take issue with the Commission’s reliance on the disparate impact theory of liability and accuse the EEOC of improperly and illegitimately seeking to expand Title VII’s protections to "former criminals."

In its letter  responding to the complaints, the EEOC claims criticism of the new guidelines is based on a “misunderstanding” of how employers should implement the Commission’s suggestions. The EEOC also claims that the employee screening proposed by the guidelines should not result in "significant costs" to employers.

Although employers may continue to struggle to determine how to best comply with the guidance, as demonstrated by a recent U.S. District Court decision, they are also not defenseless to claims that their policies are discriminatory.

On August 9, 2013, a District Court in Maryland granted summary judgment in favor of the defendant employer Freeman, dismissing the plaintiff EEOC’s claim that Freeman’s background check policies violated Title VII of the Civil Rights Act of 1964, 42 U.S.C. § 2000e-2(k). EEOC v. Freeman, Case No. RWT 09cv2573 (D. Md. Aug. 9, 2013). In so doing, the District Court recognized an employer’s policy of conducting criminal history or credit record background checks on potential employees as “a rational and legitimate component of a reasonable hiring process.” The District Court chastised the EEOC for pursuing a disparate impact discrimination claim based on “a theory in search of facts to support it,” disregarding the EEOC’s expert’s report as “an egregious example of scientific dishonesty.”

The EEOC’s expert’s report was pivotal to the success or failure of its claim. To prevail on a claim of disparate impact discrimination, a plaintiff must show that a certain class of applicants is disproportionately and adversely impacted by a particular employment practice on the basis of their race, color, religion, sex, or national origin. 42 U.S.C. § 2000e-2(k). In its revised guidance, the EEOC essentially presumes that, based on national statistics, the use of criminal records to exclude individuals from employment has a disparate impact on individuals of certain races and national origins. This presumption, however, may not be sufficient in court where the plaintiff bears the burden of proving disparate impact by showing statistical disparities between the number of protected class members in the qualified applicant group and those in the relevant segment of the workforce. More often, the plaintiff’s burden requires reliable and accurate statistical analysis performed by a qualified expert.

Freeman challenged the EEOC’s use of an unreliable expert report to establish a prima facie case of disparate treatment discrimination and prevailed. The District Court, in excluding the EEOC’s expert’s report, found that the report was based upon an inaccurate database containing “cherry-picked” data and a “mind-boggling number of errors.” The District Court was also unpersuaded by the EEOC’s arguments that national statistics were sufficient to create an inference of disparate impact, noting that the national statistics relied upon by the EEOC were not representative of the relevant applicant pool.

With neither national statistics nor expert analysis to support its allegations of disparate impact, the District Court concluded that the EEOC’s claim could not survive and granted summary judgment in favor of Freeman. This decision strikes at one of the pillars for the EEOC in pursuing disparate impact litigation based on the use of criminal background checks; namely, the ability to move easily past (or effectively skip) the plaintiff’s burden to prove that a particular policy has a disparate impact on a class of applicants based on their race or other protected characteristic. The EEOC cannot rest on its presumption that the mere existence of a background check policy creates a disparate impact; it must prove the existence of this disparate impact with reliable expert testimony and statistics.

Despite the Freeman decision, employers should still expect the EEOC to rely upon its presumption of disparate impact during the investigation stage. What is less clear is what impact this decision may have on the two currently pending lawsuits the EEOC has filed against BMW and Dollar General. It is clear, though, that despite some direction from the federal courts, employers still continue to struggle when determining how to comply with the EEOC’s revised guidance more than a year after its issuance.

Notably, employers who operate in states that have their own requirements regarding the hiring of applicants with criminal backgrounds face a particularly arduous task. At least one federal court has recognized this dilemma but has concluded that “Title VII trumps state mandates.” See Waldon v. Cincinnati Public Schools, Case No. 1:12-CV-00677 (S.D. Ohio Apr. 24, 2013). In Waldon, the defendant employer Cincinnati Public Schools complied with a state law that required background checks of current school employees, even those whose duties did not involve the care, custody, or control of children. As a result, two long-term employees were fired, and they subsequently filed suit, alleging that their terminations were based on state legislation that had a racially discriminatory impact.

The school system moved to dismiss, asserting that it was simply following Ohio law by terminating the plaintiffs’ employment, that it maintained no particular employment practice that caused a disparate impact, and that it was a business necessity to follow Ohio law. A District Court in Ohio disagreed, recognizing that although it was clear that the school system did not intend to discriminate, it implemented a policy that had a disparate impact on African-Americans. The District Court did not believe that the school system was “compelled to implement the policy” and stated that the school system “could have raised questions with the state board of education regarding the stark disparity it confronted.”

The District Court’s suggested course of action for employers facing such a quandary is not particularly instructive, especially when multiple state leaders themselves have expressed to the EEOC the difficulty of complying with its guidance. On July 24, 2013, the attorneys general for nine states sent a letter to the EEOC expressing concerns about its revised guidance and the position the EEOC has taken in recent lawsuits regarding criminal background checks. View the letter here. The letter described the EEOC’s claim that its revised guidance document supersedes state and local hiring laws as “particularly egregious” and expressed concern that many of the states’ laws could be affected.

Thus, the propriety of criminal background check policies remains uncertain, and the EEOC’s pursuit of litigation has not added clarity. If anything, the EEOC has muddied the waters by pursuing cases with theories like it advanced in Freeman, which cause employers to wonder whether they should consider ignoring the EEOC, or expend resources trying to comply with guidance that has not been well received in federal court litigation, as well as a patchwork of competing state laws. Nevertheless, Freeman is but one case, state law continues to evolve, and the jury is still out on whether the states that have publicly criticized the EEOC’s guidance will do more than jawbone about it. In the meantime, employers seeking to navigate the various laws should continue to monitor the developments and revisit their policies and practices as the situation develops.

Mark Fijman is a labor and employment attorney with Phelps Dunbar, LLP, which has offices in Louisiana, Mississippi, Florida, Texas, Alabama, North Carolina and London. To view his firm bio, click here. He can be reached at (601) 360-9716 and by e-mail at fijmanm@phelps.com.

Friday, September 27, 2013

Improving Prospects for Federal Law Protecting Against Sexual Orientation/Gender Identity Discrimination


For decades, legislation has been unsuccessfully introduced in Congress to include sexual orientation/gender identity as protected categories under Title VII.  As the law currently stands, an employee has no cause of action against an employer for adverse employment actions based on the employee being lesbian, gay, bisexual or transgender (“LGBT”).  However, in light of the Supreme Court’s recent overturning of the Defense of Marriage act, and changing societal attitudes, that could be about to change.

According to political observers and employment law experts, the Employment Non-Discrimination Act (“ENDA”) has very good prospects of being enacted within the next year. ENDA would put in place put a nationwide ban on workplace discrimination based on sexual orientation and gender identity. 

According to an article published by Ben James in Employment360, the evolving attitude of the American public on LGBT issues “has created a critical mass to make this the best time and the best opportunity for ENDA to pass.

ENDA’s improved prospects for passage comes after the Equal Employment Opportunity Commission’s (“EEOC”) release late last year of its Strategic Enforcement Plan (“SEP”) for 2013-2016.  In the SEP, the EEOC made it clear, that despite sexual orientation not being a protected class under Title VII or any other federal law, it intended to bring cases against employers for LGBT discrimination by construing such instances as “sexual stereotyping” under Title VII’s general prohibition against gender discrimination.

Mark Fijman is a labor and employment attorney with Phelps Dunbar, LLP, which has offices in Louisiana, Mississippi, Florida, Texas, Alabama, North Carolina and London. To view his firm bio, click here. He can be reached at (601) 360-9716 and by e-mail at fijmanm@phelps.com.

Wednesday, September 25, 2013

DEPARTMENT OF LABOR EXTENDS FLSA REQUIREMENTS TO IN-HOME HEALTH CARE WORKERS




 
On September 17, 2013, the Wage and Hour Division of the U.S. Department of Labor issued a Final Rule which limits the "companionship exemption" of the Fair Labor Standards Act ("FLSA") and extends additional minimum wage and overtime protections to an estimated two million direct care workers, including personal caregivers, home health aides and certified nursing assistants.

Hardest hit by the Final Rule will be home health care staffing agencies and similar health care business. This is because the Final Rule, which becomes effective on January 1, 2015, does not allow third-party employers to claim the FLSA’s companionship services or live-in domestic service employee exemptions.

Generally, the FLSA requires that all hourly non-exempt employees be paid at least the minimum wage and overtime for hours worked beyond the forty hour work week. However, the law provided an exemption for domestic service workers hired for "companionship services" and such workers were not required to be paid the minimum wage or overtime. Likewise, the exemption did not require live-in domestic service workers to be paid overtime.

The Final Rule clarifies that direct care workers who perform medically-related services for which training is typically a prerequisite are not companionship workers and therefore are entitled to the minimum wage and overtime. And, in accordance with Congress' initial intent, individual workers who are employed only by the person receiving services or that person's family or household and engaged primarily in fellowship and protection (providing company, visiting or engaging in hobbies) and care incidental to such activities, will still be considered exempt from the FLSA's minimum wage and overtime protections.

Because home healthcare agencies will no longer be able to claim the exemption, such business will have to review and revise their payroll and time-keeping practices and procedures to be in compliance with the FLSA.

For Further information, the Department of Labor has proved answers to frequently asked questions on the Final Rule.

Mark Fijman is a labor and employment attorney with Phelps Dunbar, LLP, which has offices in Louisiana, Mississippi, Florida, Texas, Alabama, North Carolina and London. To view his firm bio, click here. He can be reached at (601) 360-9716 and by e-mail at fijmanm@phelps.com.

Sunday, September 22, 2013

Pirates and Rogues: Employee Theft of Trade Secrets and Proprietary Information “or” Jack Sparrow, Esquire’s Tips for Battling Digital Raiders

I. Introduction
"Me? I'm dishonest. And a dishonest man you can always trust to be dishonest. Honestly, it's the honest ones you want to watch out for, because you can never predict when they're going to do something incredibly ... stupid."
~ Captain Jack Sparrow

In the mid-18th Century, an owner of a merchant vessel on the high seas would clearly know when his ship came under pirate attack. Cannons would be fired and buccaneers armed with cutlasses would board the vessel, looking to carry off the ship owner’s gold and other treasure.

In the modern workplace, the theft of an employer’s treasure, i.e. trade secrets, proprietary information, customer data, is much less obvious but just as devastating. Unlike the pirates roaming the sea in the late 1700’s, this theft is most likely to be carried out by a trusted and supposedly honest employee, usually for the benefit of a business competitor or to assist the employee in setting up his own competing business.

To paraphrase the observation above by the infamous Captain Jack Sparrow from the Pirates of the Caribbean movies, employers need to watch out for the employees they “think” are honest but who are actually getting ready to do something “incredibly stupid” and most likely, illegal.

This is further complicated by the now common “bring your own device” or “BYOD” practice of many employers, who allow employees to use their personal computers and smart phones to perform their workplace duties. When the employee eventually sails out the door to another job, the employer’s trade secrets likewise can sail away inside the employee’s iPad, iPhone or other device.

According to a 2013 survey conducted by computer security software company Symantec, more than half of departing employees kept confidential information belonging to their former employer and 40 percent planned to use such misappropriated trade secrets in their new jobs.

The purpose of this article is to make employers aware of how such workplace theft can occur, how to best protect and defend your business against any would-be pirates in the workplace and the options for launching a legal counter-attack.

II. The “Pirate” Attack

"Worry about your own fortunes gentlemen. The deepest circle of hell is reserved for betrayers and mutineers."
~ Captain Jack Sparrow

The theft of company trade secrets and other information by former employees or executives has become so common, it regularly makes the news. For example, computer chipmaker Advanced Micro Devices just recently sued four former employees, alleging they stole hundreds of thousands of documents before leaving to work for a competitor. In August 2012, a former Intel Corporation employee was sentenced to three years in federal prison for stealing Intel’s confidential design information prior to taking a job with another high tech company.

According to a 2010 statistical analysis, the annual costs associated with the theft of trade secrets and intellectual property were estimated at that time to be as high as $300 billion dollars a year, and that number has only risen in the ensuing years. However, such theft is not limited to large corporations, and businesses of any size can fall victim to such misappropriation.

In the most typical instance, an employer will not be aware its trade secrets or proprietary information have been stolen until it discovers the information is already being used to lure away its business and customers. The following hypothetical scenario illustrates the very real types of improper conduct now common in the American workplace.

Port Royal Industries (“PRI”) is a successful marine engineering company founded twenty-five years ago by its owner, Will Turner. Back when PRI was a small family business, Turner hired Hector Barbossa and Edward Teach for entry level positions. They ultimately became top executives and corporate officers. Turner considers them friends and trusted employees.

Because of the level of trust Turner has in Barbossa, Teach and all of his employees, PRI has never required its employees to sign non-disclosure, non-solicitation or non-compete agreements. Because of the “family business” atmosphere, Turner is somewhat lax about security for the Company’s computer network, where PRI’s proprietary designs and customer information are stored. Barbossa has a company-owned laptop which he uses for work, while Teach uses his personal iPad to perform his duties.

Late one Friday afternoon, Turner receives an e-mail from Barbossa, informing him that Barbossa, Teach and three of PRI’s top design engineers are resigning, effective immediately.

Turner learns that Barbossa, Teach and the engineers now work for PRI’s chief competitor, Black Pearl Enterprises (“BPE”). After the return of Barbossa’s company laptop, a preliminary computer forensic examination reveals that days prior to the resignations, Barbossa downloaded thousands of PRI’s engineering and design blueprints off its server and copied them onto external hard drives and flash drives. Computer professionals examine PRI’s server and determine that the day before he resigned, Teach used his iPad to remotely access and copy PRI’s confidential customer and pricing information.

The forensic examination also reveals that months prior to their resignations, Barbossa and Teach engaged in regular e-mail communications with the President of BPE. Among the topics discussed in the e-mails are their plans to leave PRI, how the abrupt loss of the three design engineers will cripple PRI’s ability to serve its customers, and PRI’s internal pricing information for key customers.

BPE is now aggressively competing against PRI and has been able to underbid PRI on a number of projects using the stolen pricing information. Utilizing the misappropriated design information, which they otherwise would not have been able to obtain through legitimate means, Barbossa and Teach have been able to take a number of key customers away from PRI.

An angry Will Turner contacts the law firm of Davy, Jones & Locker, LLC, to determine the best way to give Barbossa and Teach a legal keelhauling, and makes an appointment to meet with the firm’s top employment attorney, Jack Sparrow, Esquire. Unlike his famous cousin of the same name, Mr. Sparrow has issues with sea sickness, and opted to attend law school as opposed to entering the family business of captaining sailing ships.


The tale of PRI, its mutinous former executives and the piracy of its confidential business information will serve as the backdrop for how employers can avoid finding themselves in the unfortunate position of Will Turner. The advice from Jack Sparrow, Esquire also will show employers how to turn the tide against would-be boardroom buccaneers.

III. Best Practices to Avoid Trade Secret Theft by Employees
"Prepare the cannons, wake all sailors and prepare to repel boarders." ~ Captain Jack Sparrow

In their first meeting, attorney Jack Sparrow agrees with Will Turner that Barbossa and Teach are indeed “scurvy dogs, yellow-bellied bilge rats and generally dishonest rapscallions.” However, he advises that PRI could have avoided many of the problems now facing it by having had in place some basic policies and practices. “Not only would these policies have prevented or at least discouraged your two former executives from trying to pillage your business, but it would have given us additional legal claims to bring against these scalawags.” Will asked, “what do we need to incorporate into our HR policies and practices.”

A. Confidentiality / Non-Compete / Non-Solicitation Agreements
Sparrow explained, “One of the easiest ways to prevent employees from stealing your company’s confidential information is to simply have them contractually agree in advance not to do it.”
For most companies, employee confidentiality is vital to a company's competitiveness. An employee confidentiality agreement establishes that an employee will keep the employer's confidential, private, secret and proprietary information private and confidential and that such information will not be disclosed to the general public or to outside third parties, such as competitors. Typically, such agreements also can prevent an employee’s unauthorized use of such information. Employee confidentiality agreements ensure that a company's private information and valuable knowledge stays where it belongs, within the company.

Sparrow noted that another option would be for PRI to have all of its higher level employees enter into non-compete / non-solicitation agreements. “These type of agreements prevent former employees from competing against you or soliciting your customers for a period of time after they leave the company.”

In most states, these type of “restrictive employment covenants” are generally not favored, but will be enforced by the courts if the terms of the agreement are reasonable under the particular circumstances. Generally, there are three requirements: (1) the employer has a valid interest to protect; (2) the geographic restriction is not overly broad; and (3) a reasonable time limit is given. The employer bears the burden of proving the reasonableness of the agreement. The reason these types of agreements are construed very narrowly is that most courts recognize that an employer is not entitled to protection against ordinary competition from a departing employee.”

“In your instance” Sparrow observed, “you could justify the first factor because Barbossa and Teach were high level executives with access to confidential business and customer information, as opposed to one of your employees working on the loading dock. Courts look closely at the geographic restrictions of such agreements, because it would be against public policy for the restriction to be so broad as to prevent an individual from earning a living in his or her chosen field. For example, a restriction on competing within the entire United States would be considered overly broad and unenforceable. However, a limitation on competition in specific markets where you currently do business would be more likely to be enforced. As far as time restrictions, most courts will find a period of one to two years to be reasonable and enforceable.”

Sparrow also remarked that to be enforceable, these types of agreements must be supported by sufficient consideration. When Turner looked puzzled, Sparrow explained, “In non-lawyer talk, that means that the employee had to have received something of value in exchange for entering into the agreement.” What constitutes sufficient consideration can vary depending on the specific circumstances. However, in many states, courts have held that continued employment alone can be sufficient consideration to uphold a contract.

If Barbossa and Teach had been required to sign these types of restrictive covenants as a condition of their employment or continued employment with PRI, their actions would serve as the clear basis for a breach of contract claim. “However”, Sparrow noted, “because they never signed an agreement, that is one legal claim unavailable to us.” Turner sighed and noted, “I never expected I would need to have my employees contractually promise not to be dishonest” and he and Sparrow made arrangements for Davy, Jones & Locker, LLC to draft such agreements for PRI to use going forward.

B. “BYOD” or Bring Your Own Device Policies

The subject then turned to Teach’s use of his iPad to access and copy PRI’s confidential customer and pricing information. Sparrow asked “How long has PRI allowed its employees to use their personal computers and devices for work, and what kind of policies do you have in place to regulate how they are used?”

Turner replied, “Well, about two years ago, we started letting employees link their work e-mail to their personal smart phones. Over time, I let people use their personal laptops and tablets because they tended to be more efficient and productive with their own devices. It also saved the company money because it spared us the cost of buying a company-issued gadget. We instead pay a monthly stipend to the employees who use their own devices. We really don’t have any formal policy on how they are used.”

“You’re not alone,” Sparrow said. “In one recent survey, 92% of the companies reported that they had employees using their own personal devices for work. However only 44% of those organizations had ‘bring your own device’ or “BYOD’ policies that regulated the use of personal devices in the workplace. Even those employers who have BYOD policies are constantly having to scramble to ensure they are still relevant in light of the constantly changing technology.”

Sparrow continued, “While there are a lot of good reasons for having an effective BYOD policy, one key benefit is to prevent the misappropriation of your company’s confidential information. In a recent corporate survey, the most pressing concern was that sensitive information will be on a personal device that is lost, stolen, or in the possession of someone who leaves the company or other theft of data via uploading to a personal device.”
Turner requested that Davy, Jones & Locker, LLC draft a BYOD policy for PRI, and asked, “What should our policy include?” Sparrow said, “There is no ‘one-size-fits-all” policy, because every business is different and has different security and technology issues. He then outlined the following:

• Require devices to be pre-approved. Sparrow pointed out, “Different gadgets have their own pros and cons when it comes to security, and your company’s particular security needs will dictate which ones employees should be allowed to use.”

• Have mobile device management (MDM) software installed. “The two non-negotiable elements to look for in an MDM system are the ability to enforce security policies and to wipe remotely the personal devices used by employees.” Sparrow further explained, “Such software typically requires a strong password that's entered every time the device is turned on; ensures on-device file encryption; disables the camera; and specifies which applications are allowed, banned, or mandatory. It may also allow for monitoring to limit or deny access to certain company information. Data loss prevention (DLP) technologies also can automatically flag when sensitive files are touched or an unusual number of files accessed or copied.”

• Have employees agree in writing to security provisions. “You can save yourself a lot of grief if you address the issue with employees on the front end,” Sparrow said. “For example, an employee must agree to have their device remotely wiped if (1) the device is lost, (2) the employee terminates his or her employment, (3) if IT detects a data or policy breach, including unauthorized access to confidential company information, or (4) if there is any virus, malware or similar threat to the security of the company’s data and technology infrastructure.”

• Have an acceptable business use policy. The policy should define acceptable business use as activities that directly or indirectly support the business of the company. Devices may not be used for unauthorized storage or transmission of proprietary information belonging to the company or misappropriated from another company, to engage in outside business activities, to harass others, view pornography, etc.

• Disciplinary policy. “Employees need to know there will be consequences for lax computer security when using their own devices for work,” said Sparrow. “The company should reserve the right to take appropriate disciplinary action, up to and including termination for noncompliance with the BYOD policy.”

• Have a plan for departing employees. “The company should have a written agreement, signed by the employee, stating that the company’s IT department will be allowed to inspect and delete all confidential information from the device when the employee leaves the company.”

• Institute specific prohibitions on copying and forwarding of confidential information. Sparrow noted that a common thread in these types of cases is the downloading and copying of company information onto external hard drives/flash drives, or the forwarding of confidential information by e-mail to an employee’s personal e-mail address.

• Prepare a Departing Employee Checklist so nothing is ever forgotten. “The list itself will vary by the individual employer,” Sparrow noted, “but might include changing office lock codes, collecting keys, asking questions about any personal devices that may have company data, having the employees sign a statement acknowledging that all company data has or will be returned and another statement acknowledging that any post-departure access to the network would be a criminal act.”

• Consider other employment related issues. For example, a non-exempt employee’s use of a personal smart phone to check and respond to business –related e-mails or voice-mails off-the-clock can potentially expose an employer to liability under the Fair Labor Standards Act for unpaid wages or overtime. A BYOD policy should address when an employee is allowed to use the personal device for business purposes.

Sparrow added that along with the BYOD policy, “You also should have your IT department be on the lookout for any unusual activity that would suggest unauthorized accessing and/or copying of company information.”

IV. Assessing the Damage/Preparing a Case

"I leave you people alone for just a minute and look what happens. Everything’s gone to pot."~ Captain Jack Sparrow

When a company suspects a former employee has stolen confidential information, time is of the essence, both to prevent additional losses, and to acquire and preserve digital evidence of the employee’s wrongdoing to build a case against them. Sparrow told Turner, “A company that sits idly by while its trade secrets are being used unlawfully invites significant commercial harm, and even potentially risks waiving its rights to an injunction to protect those secrets, or even from claiming them as secrets at all. An employer should be ready to immediately implement an action plan.” This should include the following:

• Sparrow said, “you need to immediately lock the digital door”. “Terminate any remote access privileges or user credentials that the employee may have to company proprietary information, and make sure that all company-issued electronic devices (e.g. laptop, smart phone, tablet, USB and external drives, etc.) have been returned. These steps should have been done at the time of the employee's termination but are sometimes overlooked.”

• “Not all the information you need will be on a computer,” Sparrow noted. “Interview the employee's manager and co-workers about what the employee was working on, had access to, and whether there was unusual activity during the employee's last days, and whether the employee was acting secretively or left the company on bad terms.”

• Pointing to the computer on Turner’s desk, Sparrow said, “A common mistake is for employers to immediately re-assign a former employee’s computer equipment to another employee without first having it examined by a qualified expert. It is best not to even turn on or ‘power-up’ any such returned equipment,” he warned. “Collect and sequester any electronic media (e.g. smart phones, laptops, and removable hard drives) that the employee used, and store it in a safe location accessible to one or only a few people to ensure the devices are not tampered with and that a chain of custody is preserved.”

• “You’ve already taken one important step,” Sparrow said with a smile. “Retain outside counsel experienced in trade secrets and hacking cases to oversee the investigation and analyze the intellectual property and other legal rights which are available.”

• Sparrow also strongly stressed that any employer victimized by computer theft needs to “Retain an experienced computer forensic consultant.”

Sparrow told Turner, “While it is tempting for a company to rely on its in-house IT personnel to look for evidence of computer piracy, I always advise retaining an outside computer forensic expert to do the job. They typically have the specialized training and software to analyze the data without altering the contents or operating parameters of the devices and drives in question. This preserves the evidence for any litigation. A common practice is for the forensic expert to create an exact forensic ‘image’ of the device’s hard drive for purposes of analysis, leaving the original device unaltered.”

“What are the computer forensic experts looking for?,” Turner asked. “Using specialized techniques and software, they are looking for proof that files or other information have been copied off the device or otherwise misappropriated,” Sparrow explained. “A registry analysis will identify every external device that was attached to the computer by the date the device was connected, the time the device was connected, and the name and serial number of the device that was connected. It won’t tell you who was on the computer at the time or which files were copied, but it will provide some evidence that can be followed up in further discovery that can establish the theft.”

For example, Sparrow said, “If an analysis shows that Barbossa’s laptop was used to illegally copy your files, and the copying was done on a date when he was the only one with access to the device, that can be strong evidence to support our case.” Sparrow laughed and remarked, “It still amazes me how people will put the most harmful evidence in e-mails and texts, thinking they can destroy the evidence just by hitting ‘delete’. We should be able to get a better idea of what Mr. Barbossa and Teach were up to once we get a good look at their e-mails.”

“In some cases, you have employees who are more sophisticated about their computer theft and this is where computer forensics really pays off,” said Sparrow. “Rather than copying files off a laptop, they may simply copy the entire hard drive using software such as Norton Ghost©, which creates an exact duplicate image which can be transferred to another computer or storage device. They may then try to cover their tracks by using software like EvidenceEliminator© or Evidence-Blaster©.”

“However, this ‘cleverness’ can come back to bite them, said Sparrow. “While they may succeed in overwriting deleted data, making the files unrecoverable, the fact that they installed and then uninstalled evidence wiping software a day or two before they quit will remain in the registry. This raises the interesting question of what type of evidence is more damning, the forensic recovery of deleted files showing proprietary information was on the employee’s computer but deleted, or the presence of unauthorized evidence elimination software that could only be present for the purpose of spoiling the evidence.”

Sparrow also noted that computer forensic information is important in determining what business losses can be attributed to the employee theft. “In any lawsuit, you’ll bear the burden of having to prove money damages because of Barbossa and Teach’s wrongdoing.”

V. Legal Action Against Former Employees and Others

"Send this pestilent, traitorous, cow-hearted, yeasty codpiece to the brig."~ Captain Jack Sparrow

Turner banged his fist on the table and demanded, “Is there anything I can do right now to stop these rogues? I’m afraid that by the time we get to trial, they’ll have already sunk my business using my own trade secrets against me.”

Sparrow said, “The first thing we can do is to ask the court to grant some immediate injunctive relief. Injunctive relief is an equitable remedy granted when money damages would not be enough to compensate you for your losses if an injunction was not granted.“

“The type of injunctive relief we’ll seek is a temporary restraining order or “TRO” against Barbossa, Teach and BPE to prevent them from disclosing or utilizing PRI’s trade secrets. We’ll later move the court to leave it in place until our lawsuit can be decided on the merits. To obtain a TRO, we’ll have to convince the court of four things: (1) that we’re likely to succeed on the merits of our claims, (2) that PRI is being irreparably harmed by the improper disclosure and use of its trade secrets, (3) that Barbossa, Teach and BPE will not suffer irreparable harm if the TRO is granted, and (4) that the public interest is served by issuing the injunction.”

Turner thought about what Sparrow had explained and said “Well, if I’m going to have to convince the court I’ll succeed on the merits of my claims, I guess I better know what kind of claims I can bring. I think we’ve clearly and painfully established that it was a mistake for me not to have Barbossa and Teach under a restrictive covenant, and that rules out a breach of contract claim,” said Turner. What other options do I have?” Sparrow chuckled and said, “There’s more than one way to have these treacherous scoundrels walk the plank!”

A. Uniform Trade Secrets Act

“In your case, there is statutory protection against the theft of your trade secrets by your former executives,” said Sparrow. “Most states have adopted the Uniform Trade Secrets Act. The purpose of the Act (“UTSA”) is to prevent a person or business from profiting from a trade secret developed by another, because it would allow them to acquire ‘a free, competitive advantage.’ To establish a claim of trade secret misappropriation under UTSA, we would have to be able to show: (1) that a trade secret existed; (2) that the trade secret was acquired through a breach of a confidential relationship or discovered by improper means; and (3) that the use of the trade secret was without the plaintiff’s authorization.”

“So can you tell me what is considered a trade secret under UTSA?,” Turner asked. Sparrow explained that under the Act, “A trade secret’ means information, including a formula, pattern, compilation, program, device, method, technique or process, that derives independent economic value, actual or potential, from not being generally known to, and not being readily ascertainable by proper means, by other persons who can obtain economic value from its disclosure or use, and is the subject of efforts that are reasonable under the circumstances to maintain its secrecy.”

“Skip the legal jargon,” Turner demanded, “What the heck does that mean?” “In essence,” Sparrow said, “It means that a trade secret is something that is valuable to your business because it is not generally known outside your business, you take reasonable efforts to keep it secret, and the only likely way your competitor could find out about it would be by stealing it or through other improper means. Sparrow noted, “It would seem that the engineering designs that were stolen would meet the definition under UTSA.”

“Would the customer information they took also be considered a trade secret?” Turner asked. Sparrow nodded “Courts interpreting this section of the UTSA have consistently held that lists of current and prospective customers, the requirements of customers, and other proprietary business information can constitute a trade secret.”

Sparrow continued, “UTSA refers to the theft of trade secrets as misappropriation. That means the acquisition of a trade secret by someone who knows or has reason to know that it was acquired by improper means, such as theft, bribery, misrepresentation, breach or inducement of a breach of duty to maintain secrecy. It also includes the disclosure or use of a trade secret without consent by someone who used improper means to acquire knowledge of the trade secret. For example, if an ex-employee spilled the company secrets to a business rival, who starts using the trade secrets.”

“UTSA also prohibits the use of trade secrets by a company which ‘has reason to know’ that the material constitutes a trade secret. This is known as constructive knowledge (versus actual knowledge). In other words, even if a company was unaware it possessed purloined trade secrets, it can still be prosecuted if it should have known.”
Sparrow added, “With what we know right now, it looks like we have a good claim of misappropriation of trade secrets against Barbossa and Teach. In addition, we also should be able to go after BPE, because they clearly had reason to know that the information they were using belonged to PRI and was acquired by improper means. Under the Act, we can seek injunctive relief against them all and also seek money damages for the business losses they’ve caused to PRI.”

B. Computer Fraud and Abuse Act

“Because of the way Barbossa and Teach stole information from PRI’s computer system, you also can assert a claim under federal law, said Sparrow. Sparrow continued, “The Computer Fraud and Abuse Act (“CFAA)” provides civil remedies for certain types of misuse of computers and computer files. “This law was originally enacted to bring criminal charges against computer hackers, but the civil component of the statute allows employers to seek damages against former employees for misuse of a protected computer,” Sparrow noted. “CFAA defines a ‘protected computer’ as a computer ‘used in interstate or foreign commerce or communication’ so a protected computer, in effect, could include any computer connected to the Internet.

CFAA prohibits numerous types of conduct, including the theft of data from a protected computer and the unauthorized access of a protected computer resulting in damage to a protected computer. Sparrow pointed out to Turner “The crucial evidence to support a successful CFAA claim will be the information you obtain from the forensic examinations you conduct early in the litigation process”

C. Breach of Fiduciary Duty
“What really bothers me about all this is that these two mutinous swine were my top executives and officers in the company and they were actively conspiring with my competitor. They were supposed to be working on behalf of PRI,” Turner said to Sparrow. “Surely that can’t be legal! Is it legal?”

“No, it’s not,” said Sparrow. Because they were trusted high level executives and corporate officers, they owed a legal duty of care and loyalty to your company. Because they clearly and intentionally worked against the best interests of PRI, we have a strong claim against them for breach of fiduciary duty!”
Sparrow explained to Turner that under the law in most states, a corporate officer has a duty of care which can be defined as follows: "A director or officer has a duty to the corporation to perform the director’s or officer’s functions in good faith, in a manner that he or she reasonably believes to be in the best interests of the corporation, and with the care that an ordinarily prudent person would reasonably be expected to exercise in a like position and under similar circumstances."

Sparrow continued, “The second fiduciary duty that all officers owe to their employer is that of loyalty, good faith and fair dealing. Officers have a duty to exercise ‘the utmost good faith and loyalty’ to the corporation. This includes the duty to refrain from engaging in self-dealing activities.”

“In this case, Barbossa and Teach are clearly fiduciaries because of their high level positions within the company. However, courts have recognized that even lower level employees, such as a store manager or an office manager, also may owe such fiduciary duties to their employer, depending on the individual circumstances.”

Looking through copies of the e-mails between Barbossa and Teach and the President of BPE, Sparrow said, “In these e-mails, your two back-stabbing executives are actively discussing with your chief competitor how to do damage to PRI. They’re doing this while serving as company officers and top executives who are ‘supposed’ to be working in the best interests of your company. This is hardly the conduct of loyal employees acting in good faith. These e-mails are ‘the smoking gun’ in our breach of fiduciary duty claim against them! Plus, juries generally don’t care for sneaky dishonest employees who are foolish enough to discuss all their wrongdoing in an e-mail.”

Turner asked, “Is there any type of claim we can bring against BPE? What about the engineers who left with Barbossa and Teach? They had to have known what those two pieces of shark bait were up to, and helped them to steal our information!”

Sparrow nodded and said, “A person or a corporation ‘who knowingly joins with or aids and abets a fiduciary in an enterprise constituting a breach of the fiduciary relationship becomes jointly and severally liable with the fiduciary for any profits that may accrue.’ In other words, if BPE, its President or your former engineers knowingly helped Barbossa and Teach in breaching their fiduciary duties to PRI, they also can be can be held liable for money damages. This could include any profits they made utilizing PRI’s information.”

D. Tortious Interference with Business Relations / Civil Conspiracy
“I’d really like to sink these sea rats” Turner said. “Is there one more claim I might be able to bring?” Sparrow laughed, “How about two?”

“One potential claim against them would be for tortious interference with business relations. To prove such a claim, we would have to show (1) their acts were intentional and willful; (2) their acts were calculated to cause damage to PRI in its lawful business; (3) the acts were done with the unlawful purpose of causing damage and loss, without right or justifiable cause on the part of BPE or its President, and (4) actual damage and loss resulted.”
“In our case, I think we’ll be able to prove all of that. First, their actions were clearly intentional and willful because we can show this scheme had been in the works for months. Second, their acts were calculated to cause damage to PRI, by taking away its business and customers using stolen information. Third, BPE has no lawful right to be using your information against you. Finally, we can show PRI has suffered actual damage because of their wrongful actions.”

Sparrow continued, “Another possible claim would be for civil conspiracy. Conspiracy requires a finding of “(1) two or more persons or corporations; (2) an object to be accomplished; (3) a meeting of the minds on the object or course of action; (4) one or more unlawful overt acts; and (5) damages as the proximate result.” The purpose of the conspiracy has to be to accomplish an unlawful purpose or a lawful purpose unlawfully.”
“In your case, Barbossa, Teach, BPE, its President and your engineers had the goal of hurting PRI’s business and clearly agreed on how they were going to go about it. Further, the unlawful acts involved the breach of fiduciary duty, violations of MUTSA and CFAA when they stole your information, as well as their tortious interference with your business relations.”

VI. Conclusion

'Well, then, I confess, it is my intention to commandeer one of these ships, pick up a crew in Tortuga, raid, pillage, plunder and otherwise pilfer my weasely black guts out."~ Captain Jack Sparrow

As illustrated by the fictional pirate tale above, dishonest employees rarely let you know in advance of their intention to “raid, pillage, plunder and otherwise pilfer” your company’s trade secrets. However, employers who put in place the proper policies and practices are less likely to find themselves in the position of the overly trusting Will Turner, and better prepared for any legal battles against pirates and rogues in the workplace.

Mark Fijman is a labor and employment attorney with Phelps Dunbar, LLP, which has offices in Louisiana, Mississippi, Florida, Texas, Alabama, North Carolina and London. To view his firm bio, click here. He can be reached at (601) 360-9716 and by e-mail at fijmanm@phelps.com. An abbreviated version of this article has previously been published in the Mississippi Business Journal.

Tattoos and Piercings Still Viewed Negatively in the Workplace

In my 2011 article The Employee with the Dragon Tattoo I addressed some of the employment law issues facing employers as new generations of employees enter the workplace.  While tattoos have become more mainstream, particularly among members of Generations “Y” and “Z”, this type of self-expression is unlikely to be an asset in career advancement.

In a recent article Survey: Tattoos Hurt Your Chances of Getting a Job Salary.Com surveyed 2700 people and  76% of respondents felt tattoos and piercings hurt a job applicant's chances of being hired during a job interview.  More than one third - 39% of those surveyed, believe that having employees with visible tattoos and piercings, reflect poorly on the employer/business.  Of those surveyed, 42% felt visible tattoos are always inappropriate at work, with 55% reporting the same about body piecings.

As I noted in my 2011 article, employers could face potential Title VII liability for workplace restrictions on tattoos that are part of a religious practice.  Employers should generally avoid any overly broad dress code or similar policy that does not acknowledge the potential need to offer accommodation.  While religious tattoos or piercings may be subject to accommodation, those worn for secular or purely decorative reasons do not need to be accommodated under Title VII.  As such, it is legally within an employer’s right to require that tattoos, piercings or other body art be covered up in the workplace.  Likewise, an employer can require workers to cover up any secular tattoos that could be considered offensive or a source of harassment toward other employees or customers, including, but not limited to tattoos of a sexual nature or racist symbols or images.

Mark Fijman is a labor and employment attorney with Phelps Dunbar, LLP, which has offices in Louisiana, Mississippi, Florida, Texas, Alabama, North Carolina and London. To view his firm bio, click here. He can be reached at (601) 360-9716 and by e-mail at fijmanm@phelps.com.