A recruitment company’s position in the market is reliant on the value of its confidential information, its trade connections and the ability of its staff to exploit this to broker the placement of candidates.
All too often, employees are tempted to steal a recruiter’s candidate database before joining a competitor or launching a start-up. Despite public access to networks such as LinkedIn, the database still presents itself as a temptation to the data crook. The theft of this data can cause serious and lasting financial damage to the former employer. As a primary focus, recruitment companies should ensure that they have robust security systems in place to minimise this risk.
When a recruitment company’s data security systems do fail, it should respond immediately. Crucially, recruitment companies and their employees should be aware that the person who has unlawfully taken the confidential information may be subject to both civil and criminal sanctions.
On the civil side, often the most effective remedy is to obtain an injunction (with or without giving notice to the individual responsible) to secure and recover the stolen confidential information and any evidence of its unlawful misuse. Prompt action can force a quick settlement and avoid protracted and expensive litigation.
In recent years, there have also been a number of criminal convictions of individuals who have unlawfully obtained personal data. It is a criminal offence under the Data Protection Act (subject to certain limited defences) to knowingly or recklessly obtain or disclose personal data without the consent of the data controller.
Former employees who have stolen a recruitment company’s candidate database have committed a criminal offence that is punishable by a maximum fine of £5,000 if convicted summarily in a magistrate’s court, or an unlimited fine if convicted on indictment in a Crown Court.
It is also worth noting that, in circumstances where an individual has passed on the candidate database to his or her new employer, the new employer may also have committed an offence.
Employers and employees should be aware that it is not just the civil courts who will be interested by the theft of a recruiter’s candidate database – the criminal courts will too.