All firms are vulnerable to IT theft
OPINION: Huge damage has been caused to governments and private organisations by employees or contractors downloading or stealing often top-secret information.
KGB spy Kim Philby copied a considerable amount of the British Government’s secret intelligence in the 1960s but it was nothing compared with what he could do today.
Julian Assange and WikiLeaks have managed, using information technology, to steal what a fleet of trucks and a photocopier would not be able to capture, even with years of repeated journeys.
Fairfax Media, only a few days ago, reported a case of a small business in Christchurch being severely damaged by the wrongful activity of its IT expert.
The worker resigned and walked out the door. The owners of the business say they were appalled to subsequently find that the IT man had wiped the records on his computer, deleting commercial files and emails.
The Christchurch couple that owned the business say sorting out the mess took hundreds of hours and cost thousands of dollars.
They went to the police and the matter is being investigated. They are also considering employment action against their recalcitrant former employee.
The worker claims that the owners asked him to remove personal information from the work computer.
He decided the easiest way to do that was a factory reset. He said ‘‘it was like a new computer out of the box, ready for the next person to use’’. Very thoughtful!
The owners have spent $4000 on experts assessing the damage and have been unsuccessful in recovering the deleted material.
The Christchurch couple seem to still be in a state of shock and considering what they might do.
In 2012 James Watchorn connected a hard drive to his computer at his place of work and dragged and dropped to an open drive the property of Tag Oil Ltd.
Eighty-two days later the police searched his home and work and found he had downloaded a huge amount of information including geotechnical information belonging to the company.
Watchorn did not pass the information on to anybody else.
He ended up working for a competitor, which no doubt was a source of considerable anxiety to Tag Oil. He was convicted of accessing a computer system for dishonest purposes and sentenced to 21⁄2 years’ imprisonment, although the conviction was overturned on appeal.
A substitute conviction was entered but he was released from prison by the appeal court.
Tag Oil also brought an employment case claiming Watchorn had breached his duty of fidelity, his implied duty of trust and confidence and that he had breached certain provisions of his employment contract.
The ex-employer said they had incurred costs of $75,000 investigating his activities and suffered disruption and inconvenience.
Damages of $65,000 and penalties of $12,000 were awarded. An appeal was lodged and the matter was settled out of court.
In another case in the High Court in Christchurch, Rooney Earthmoving sued three former employees who left to form a competing earth moving business. Judgment was obtained for more than $4 million in the Employment Court against the former employees.
The stakes are huge when a departing employee takes confidential information.
The two cases that saw damages awarded were brought by significantly aggrieved employers.
The Christchurch couple who are considering suing in the employment jurisdiction are, it appears, a ‘‘mum and dad’’ business with no ability to fund serious litigation. Despite this, the impact on them of what occurred is significant.
Where an employer has vulnerability in the information technology space, it is important that their employment contracts give them the best possible protection.
This will provide employees with assistance and will help better protect the company after the event. Larger companies should additionally have a policy dealing with information technology.
The illegal access to or use of technology may well have played a role in the outcome of the recent United States presidential election.
Russian hackers are the subject of various investigations. Election hacking has resulted in the leakage of many secret and confidential documents through Julian Assange and WikiLeaks.
But in everyday life in a corner of the South Pacific, and in particular in New Zealand, all is not well in the technology space.
Reading the Dominion Post and New Zealand employment cases makes it clear to all that the vulnerability brought about by information technology is huge.
It is not just the rich, the powerful and the politically famous who are vulnerable.
Small, medium and large businesses in New Zealand are at grave risk of real harm sometimes fatal, if proper precautions are not taken.
It is not just the rich, the powerful and the politically famous who are at risk.
Peter Cullen is a partner at Cullen – the Employment Law Firm. He can be contacted at peter@cullenlaw.co.nz.