Most employers have valuable, confidential property, documents and electronically-stored information that they seek to safeguard through employment agreements, non-disclosure agreements, confidentiality policies, and procedures designed to detect information leaving their secure environments or not returned in a timely manner.

Despite these safeguarding efforts, employees often seek to disclose or take employer information for a myriad of reasons, including:

  • Employees use a personal phone to take photos of documents to access easily passwords, information, or documents when working remotely;
  • Employees consider filing a whistleblower or discrimination lawsuit and take information to share with their attorney for advice on how best to proceed;
  • Employees email presentations to personal email accounts for printing from home or for use in an upcoming interview with a new employer;
  • Employees prepare to resign and seek to retain key documents for use with their new employer;
  • Employees have old paper files that would normally be destroyed under the employer's retention/destruction policies, but take them for sentimental reasons.

Each of these situations requires employers to act consistently with their agreements, policies, practices, and other communications with their employees ("Employers' Processes"). Employers should have a playbook on how to learn of and respond to confidentiality breaches and removal or retention of Employer property or information from the secure company environment.

Employees taking copies of their employment agreements, wage information, trainings attended, or certifications will generally be treated differently than an employee taking confidential or proprietary information. Additionally, employers should be cognizant of employees at different levels with different responsibilities and access to different types of information, such that Employer's Processes are applied and enforced consistently for similarly-situated employees.

Frequently, employers encountering breaches of employee obligations will:

  1. Communicate directly with the employee to stop the conduct,
  2. Send a cease and desist letter from counsel,
  3. Initiate a court action for breach of contract and other applicable claims, such as conversion or violation of statutory trade secret protection laws (such as the Defend Trade Secrets Act), sometimes for injunctive relief, monetary damages, or as a counterclaim,
  4. Report the employee's conduct to appropriate law enforcement, or
  5. Assert an after-acquired evidence defense in any litigation brought by the employee.

Despite employers' playbooks and the frequently utilized steps taken to enforce confidentiality and return of property obligations, there are two issues that often arise: (1) the ability of employees to share employer information and retain company property/information for potential litigation or government reporting purposes, and (2) the ability for employers to cut off damages due to employees' breaches of confidentiality and failure to return property/information.

Are Current Employees Permitted to Take Company Property or Information for Purposes of Litigation Instead of Obtaining the Information through Discovery?

Courts have held that employees are required to return or destroy the employer's property or information consistent with the employees' contractual obligations to their employers. They reject arguments that employees' preservation obligations supersede agreements requiring the return or destruction of company documents. Below are examples of such decisions within the Third Circuit:

  • Ecore Intl., Inc. v. Downey, 343 F. Supp. 3d 459, 506–07 (E.D. Pa. 2018): The court determined the employee's retention of the employer's proprietary information for litigation was improper. It granted summary judgment on the breach of the Confidentiality Agreement, concluding parties should seek to obtain necessary documents for pending or anticipated litigation through the discovery process and not through their own means.
  • Bell v. Lockheed Martin Corp., No. CV 08-6292, 2010 WL 11450407, at *5 (D.N.J. June 30, 2010): The court held that plaintiffs who collected documents and information belonging to the employer were required to return the documents and engage in the formal discovery process to acquire them. The critical inquiry was: (1) the documents and information belonged to the employer and (2) plaintiffs were not authorized to take them.

These rulings reinforce that even when litigation is anticipated, employees must refrain from wrongfully acquiring or retaining company property/information in violation of their obligations. Instead, the discovery process is generally the means to obtain employer property or information with some limitations discussed below.

What Are the Limited Exceptions Where Liability Will Not Be Imposed Upon Employees for Confidentiality Breaches or in Some Cases, Taking Company Property or Information?

Inconsistency Leads to Loopholes

Employers' Processes require consistency of treatment among similarly-situated employees. See Smith v. Monsanto Chem. Co., 770 F.2d 719, 724 (8th Cir. 1985) (reversing the district court and finding that no reasonable jury could find that the employer was racially motivated in terminating the black employee). The Smith decision is telling. Here, the jury awarded more than of $20,000 to the plaintiff who had taken company property (towels) without an employer pass into the employer's parking lot, finding race discrimination. The Eighth Circuit reversed finding no racial motivation when all nine employees, with less than five years of seniority and no previous stealing violations, were also terminated, and no evidence supported the employer being aware of other white employees who allegedly stole company property. This decision demonstrates that employers need to articulate and apply their rules consistently to avoid claims of discrimination. Inconsistent employer enforcement may result in employees not being held liable for breach of confidentiality obligations or employees taking of Company property and information.

Whistleblower Exceptions

In addition to consistent communication and enforcement, whistleblower exceptions allow for employees to report wrongdoing, namely to the government or in some cases, the employee's attorney retained for purposes of providing legal advice. While these whistleblower exceptions are narrow, they encourage good-faith reporting. Examples of these protections may be found in the following laws:

  • Section 922 of the Dodd Frank Act: It allows for reporting to the U.S. Securities and Exchange Commission (SEC) and provides protections and incentives for whistleblowers who have reported possible securities law violations from retaliation.
  • Securities Exchange Commission Rule 21F-17(a): Itprohibits persons from taking action to prevent whistleblowers from contacting the SEC directly to report a possible securities law violation. The Rule states "[n]o person may take any action to impede an individual from communicating directly with the Commission staff about a possible securities law violation, including enforcing, or threatening to enforce, a confidentiality agreement...with respect to such communications."
  • Defend Trade Secrets Act (DTSA): It includes a whistleblower exception, which provides limited immunity for whistleblower employees who disclose trade secrets to a federal, state, or local government official or an attorney for the sole purpose of reporting or investigating a suspected violation of the law. It does not protect employees who fail to safeguard the trade secret information in making their permissible reports, such as filing trade secrets in court without protections.
  • Health Insurance Portability and Accountability Act (HIPAA): It allows for reporting ofgood faith beliefs of conditions that: (1) are unlawful conduct, (2) are violations of professional or clinical standards, (3) endanger patients, workers or the public provided the disclosure is made only to limited, authorized persons, such as a health oversight agencies, a healthcare accreditation organization, or attorneys retained for limited purposes.
  • Occupational Safety and Health Administration (OSHA) Whistleblower Protection Program: It encourages employees to report violations of the many laws it enforces, including the whistleblower provisions of the Sarbanes-Oxley Act. It also will not approve of settlement agreements in whistleblower cases that limit employee-protected activity, such as providing information to the government, participating in investigations, filing complaints, and providing testimony.
  • National Labor Relations Act (NLRA): As previously discussed in our update on the 2023 decision by the National Labor Relations Board (NLRB), which may be found here, confidentiality obligations that preclude employees from cooperating with NLRB investigations or litigation of unfair labor practices are prohibited because employees must be permitted to assist coworkers with workplace issues concerning their employers. Notably, this narrow exception goes directly to Section 7 protected activity under the NLRA and does not implicate most valuable company information or takings by employees.
  • Reporting of Sexual Harassment: A number of laws, such as the Speak Out Act (the Speak Act), discussed here, and the Tax Cuts and Jobs Act (the Tax Act), discussed here, allow for or incentivize employers for employees to disclose sexual harassment. The Speak Act prohibits non-disclosure and non-disparagement clauses agreed to before a claim involving sexual misconduct arises. For example, the Act applies to all blanket nondisclosure agreements that were entered into before the start of employment. The Tax Act eliminates the deductibility of sexual harassment settlement or payments that are subject to a nondisclosure agreement and related attorneys' fees. These laws seek to deter sex harassment by preventing employees from having to keep quiet.
  • The General Rule Remains: Employers should rest assured that confidentiality obligations and requirements prohibiting employees from taking and using company property and information remain intact. However, they should also be cognizant that narrow limitations exist when: (1) employers apply Employers' Processes inconsistently, (2) employees engage in good faith whistleblowing or government reporting, (3) employees engage in protected concerted activity under the NLRA, or (4) related to sexual harassment disclosures.

When Are Employers Able To Pursue an After-Acquired Evidence Defense for an Employee's Breach of Confidentiality or Taking Employer Property or Information?

This after-acquired evidence defense arises when an employer becomes aware of an employee engaging in misconduct that would have otherwise resulted in the employee's employment termination had the employer been aware at the time of the misconduct. The employer may use the employee's misconduct to cap certain damages otherwise available to the employee.

The Supreme Court held when an employee is terminated and the employer discovers after-the-fact that the employee committed wrongdoing that would have legitimately and lawfully led to that employee's termination, an employee's ability to recover lost wages is limited. McKennon v. Nashville Banner Pub. Co., 513 U.S. 352, 362 (1995) (in an ADEA case, while not an absolute bar, it provides some relief to the employer.); Bowers v. NCAA, 475 F.3d 524, 537 (3d Cir. 2007) (applying the after-acquired evidence doctrine "with equal force" in the ADA and Title VII context). Thus, employees' breach of confidentiality or taking of property/information, depending upon the Employers' Processes, even when discovered after-the-fact, may serve as "after-acquired evidence" of grounds for a justifiable termination, providing some monetary relief for the employer. It is an affirmative defense that employers must prove.

Moreover, the after-acquired evidence defense was extended to situations where the plaintiff's conduct occurred even after the decision to terminate was made and communicated. See Nesselrotte v. Allegheny Energy, Inc., 615 F. Supp. 2d 397, 405 (W.D. Pa. 2009) (Judge Nora Barry Fischer). In Nesselrotte, the court reasoned that the employer could rely on the after-acquired evidence doctrine to limit the employee's recovery of lost wages, even though the former employee's copying and downloading of confidential company documents prohibited by her Confidentiality Agreement occurred after she was notified of her termination. Id. The court rejected the argument that the after-acquired evidence rule should only apply during the employee's employment. Id.

What are the Key Recommendations to Employers for Safeguarding their Confidential Information and Property?

There are many steps employers should regularly take to protect their confidential information and property, including the following:

  • Create an internal playbook with help from the information technology department, the legal department (or external counsel), and business leaders to identify, protect, limit access to, and regularly test the security of its confidential information and property;
  • Require updated contractual obligations for employees and third parties to protect confidential information and return of company property;
  • Implement updated policies and training on protecting confidential information, including not removing it from the secure company environment, while being mindful of the whistleblower and NLRA exceptions;
  • Regularly remind employees of their duty of loyalty to protect and safeguard company confidential information/property;
  • Encourage employees to raise any confidentiality concerns or compliance concerns internally, making clear that there will be no retaliation for proper, good-faith reporting.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.