The Integrity News
Vol. XIII No. 11
"objective risk management services"
June 2, 2004
Two current articles look at some of the new angles on
MSNBC, May 20, 2004
"Up to 70% of cases start with an employee heist"
"As much as 70 % of all identity theft starts with theft
of personal data from a company by an employee."
"Today, what we have to think about, in the Information
Age, is employees stealing information." "Why steal
merchandise when they can steal data and get money ?"
From a major national study they quote: "In 50% of
the cases, the victim's identity was originally pilfered by
a company employee. In another 20% of cases, evidence
strongly suggested dirty play by an insider."
"Perhaps the greatest surprise: a large number of the
identities were stolen not by an employee --- but by the
The report on the study continues: "It only makes sense.
A majority of the (personal) information is in the hands
of corporate America." "In most cases, temporary
workers or employees stealing data from other
departments were to blame. That suggests companies
need to tighten up data security practices."
Because information equals cash, organized crime rings
are placing members in low-level jobs in order to commit
identity theft and other crimes. Terrorists are attempting
to infiltrate companies too. Recall the airline that found
out that it was employing an Al Qaeda baggage handler.
While "men tend to be more risk-takers, and committing
crime is high risk, ID Theft is low risk." "About half the
criminals in the study were women -- suggesting that
identity theft is a new kind of equal opportunity crime."
Congress is working on the "Identity Theft Penalty
Enhancement Act" which includes additional jail time
for criminals who steal data on the job. "It's an extra
two years if you are an insider, and steal data, and that
data is used for a crime." And the article says, in the
current proposed legislation, there is "no provision for
corporate liability when employees steal data".
Workforce -- Legal Insight, May, 2004
"with the reach of the Internet, they have a much
more effective and invasive method for harassing
their former employers"
"In the past, unhappy former employees might have
sent a letter to the editor of the local newspaper, or
complained loudly to their neighbors. With the widespread
availability and expansive reach of the Internet, however,
they have a much more effective and invasive method for
harassing their former employers."
In one case, the ex-employee "posted two authentic
looking job listings on a Web site, announcing that the
former employer was seeking applications for their
Director of Human Resources position. The employer
was not seeking such applications." In addition, the
ex-employee "registered the email address of the
current HR Director on a number of pornographic
Web sites." In addition to the "huge amounts of sexually
explicit emails that the Director began to receive at
work", there was also a new quantity of "unwanted
catalogs for pornographic materials" arriving at work.
"Human resources professionals have always had to
deal with disgruntled ex-employees who speak out
against their former employers. However, the Internet
can raise this problem to an entirely new level."
"The legal solution to the cyber-harassment campaign
came from a traditional cause of action, rarely seen or
applied in courtrooms today, and created well before
the days of computers and the Internet. The solution
was to sue the former employee for 'trespass to chattels'."
"A chattel is simply an article of personal property. A
claim for unlawful trespass to chattels must show that
a person dispossessed another person of his property,
or used or otherwise meddled with the person's property
in a way that damaged the property." "Trespass to
chattels, therefore, is something less than outright theft;
it is more like unlawful borrowing." "In theft, the cause
of action is called 'conversion' -- the person converted
your property to his own by stealing it. The little
brother of conversion is called 'trespass to chattels'."
"In the case above, the chattel was the employer's
computer system, where the 'use and meddle' with the
computer system and email accounts was the depleted
hard drive space, the drained processing power, and
the adverse effect on the other computer system
resources." The court found that the computer system
"If a company can prove damage to its computer,
Internet, or email systems, it could obtain legal relief
to stop the harassment." However, "not every unwanted
email from a former employee will result in a lawsuit."
"Employers should also take proactive steps to defend
themselves against cyber-harassment campaigns."
"Purchase Internet and email filters that stop unwanted
materials from entering their computer systems."
"If the employee receives a severance payment, the employer
should insist on a clear non-disparagement agreement in the
release obtained for the severance payment." "The
non-disparagement clause should clearly extend to all forms
of communication, including emails, chat rooms, instant
messaging, and all other forms of electronic communication."
"The employer should carefully monitor any actions taken
or emails sent by the ex-employee to see if the person makes
any false statements, either in an email or elsewhere on the
Internet, that could be the basis for a defamation claim."
"Remember the importance of disciplining and terminating
employees with fairness and honesty. An employee who is
given opportunities to improve his or her performance, a
thoughtful and honest explanation of why he or she was
not a good fit for the employer, and assistance in
transitioning, is much less likely to resort to such extreme
and destructive behavior. Human Resources can play a
critical role in preventing costly and time-consuming legal
For additional information about the business risks related
to employee crimes, browse
The Integrity Center, Inc.
website and feel free to call (972) 484-6140 to discuss
a particular situation that you have. Helping you with your
Risk Management and HR Automation is what we do.