Schillings Lawyers - link to home
“Schillings... one of the legal
companies most feared by
Fleet Street”

The Scotsman


Malicious insiders - dangers of leaking company secrets


8 May 2009

A recent study carried out by the Ponemon Institute revealed that six out of ten US employees who had been sacked, made redundant or decided to move jobs admitted to having stolen confidential company data before they left. Given those are just the people who fessed up; the actual number of light fingered employees is bound to be higher.

As the study shows, the risk of disgruntled employees trashing companies in the media or disclosing confidential information is likely to be great over the next few years, particularly given the media’s current appetite. A small minority of such stories will emanate from genuine whistle-blowers concerned about corporate abuses. The vast majority will stem from aggrieved employees, who might be seeking to exert leverage in any settlement negotiations or litigation, to create a name for themselves, or to extract revenge for having being laid off.

Whilst there is not a great deal that can be done to prevent a legitimate whistle-blower from damaging a company’s reputation, nor arguably should there be given the importance of the issues at stake; the position is completely different if someone is just styling themselves as a whistleblower.

It’s particularly important, therefore, to know the difference between a whistleblower and a malicious insider. To qualify as a genuine whistleblower, the employee has to disclose the confidential information in good faith to their employer, a regulator or another authorised person. In most cases, there will be other parties who the whistle-blower should go to first before speaking to the media. Also to be eligible for whistle-blower protection, the informer must not be acting for personal gain. So a very easy way to distinguish a whistleblower from a malicious informer is to find out if they’ve been paid for their story.

Of course, like with most reputational threats, prevention is better than a cure so it’s vital that effective systems are put in place; firstly to minimise the risks of employees being able to steal confidential information and secondly to enable companies to act swiftly in the event that something does go wrong. To achieve this, it’s more important than ever that comms, IT, legal and HR work closely and pro-actively together.

For press enquiries please contact:
Christopher Mills
christopher.mills@schillings.co.uk 
 + 44 (0)20 7034 9000 

First published on Gorkana as part of Schillings' regular contribution to their site. Gorkana is about creating a media market place for both financial/corporate PR professionals and the media to engage and interact. www.gorkanapr.com