News & Blog

Legally, what can I do when my company data is stolen?

By Francis West on 9th March 2016




The Centre for Strategic and International Studies has calculated that cybercrime costs the global economy as much as £390bn a year with the Cabinet Office reporting the cost to UK business alone totalling £27bn in 2015.


The majority of businesses operating in 2016 have to operate online effectively to survive, yet alone prosper. Customers and employees alike demand constant connectivity with the “Internet of Things” (machine-to-machine communication via sensors which operate and leverage data from cloud storage) being just the tip of the iceberg.  Evidently, the sheer volume of data is increasing with more data being created in the last two years than in the entire history of the human race.  By 2020, a third of all data will be stored in the cloud with an estimated 26 billion connected devices worldwide.


There is no doubt that technology in the next 5 years will develop at an unprecedented rate which will pose many complex security issues and challenges for businesses. Whilst from a strategic standpoint businesses will (to varying degrees) adapt with these technological changes, they must not forget to take the simple steps to ensure they are protecting their confidential data and doing what they can, from a legal perspective, if confidential data is stolen.


Your biggest threat is still....your employees


A Cisco survey from 2015 of more than 1,000 UK employees showed that whilst 61% of respondents thought their company had a security policy that 48% claimed they weren’t concerned about it as it didn’t affect them. Alarmingly 39% said they thought it was their employer’s responsibility to protect data and not theirs.


Whilst businesses cannot protect against all developing external threats, many (if not the majority) of businesses are not doing all that they can to protect themselves from internal ones. Staff awareness and training is an essential component in reducing accidental data breaches but on a more fundamental level, businesses need to ensure their own house is in order and protected from deliberate internal breaches before considering the external threats. A study conducted by the Ponemon Institute in the US found that 59% of employees who either quit or are asked to leave take confidential or sensitive business information upon their departure.


Protect what your business can control


A company’s confidential data is, in most cases, one of its most valuable assets with customer databases, trademarks, patents and trade secrets giving a company a competitive edge in their market.  


Simple steps like ensuring that employment contracts clearly define what the company’s confidential data is, or ensuring that contracts with suppliers clearly define and manage the movement of confidential data (be it collaborative or otherwise) as it is passed down the supply chain, are often overlooked.


In addition to employment contracts, companies should have in place and review regularly, polices on the use of mobile devices, social media and a data theft policy which sets out what steps employees should take if confidential data has been stolen (or lost).  


Some pertinent questions that all businesses should be able to answer:

  • What IT security systems have you got in place to prevent data theft?
  • What measures are in place to prevent data theft by employees?
  • Are there any easy ways to detect a data theft?
  • Do your employment contracts contain a sufficient definition of confidential information and restrictive covenants which are relevant to your business?
  • Does your company have a handbook which contains policies dealing with the use of social media?
  • Are employees aware of, and regularly reminded of, their duties of confidentiality?


What options do I have legally if confidential data has been stolen?


If confidential data has been stolen by an employee (or ex-employee), there are a range of legal remedies which can be sought to discover not only the extent of the theft but to assist with the recovery of the information (and your legal costs).   


Search Orders


A Search Order is a form of injunction which we can obtain on your behalf which allows us to enter and conduct a search of the individual’s premises (this can be a business and /or a home address). The Search Order will allow us to seize any relevant evidence. Due to their draconian nature, obtaining a Search Order can be difficult to obtain from the Court but Freeths have extensive experience in obtaining Search Orders and ensuring a successful outcome if such is required.


Delivery up Order


A Delivery Up Order is a type of injunction which forces the Defendant to immediately give back all stolen information (including hard copy confidential information and often copies of computers and other electronic devices). If such an Order is not complied with individuals can be held in contempt of Court and be fined or sent to jail. Freeths have experience in both obtaining Delivery Up Orders and contempt of Court proceedings and have successfully obtaining a 20 month custodial sentence against an individual for not complying with a Search/Delivery Up Order.


Freezing Orders


In instances where there is a risk of the individual dissipating their assets in the face of a legal claim, we can help you to ensure that these assets (bank accounts, properties, shares, etc.) are frozen. This helps guarantee that any damages awarded by the Court will be recoverable once the legal proceedings have concluded.


If you have any questions on the contents of this article, or the legal remedies available to your company we would be more than happy to discuss these will you via email, or on the telephone. Please contact James Gorman on 0845 050 3291 or at


Thank you very much for this article James. I am sure that it will provoke some interesting feelings among Recruitment Company staff and owner.


Westtek can help with Security Audits and also keep your company stay safe. Please call on 0203 195 0555 for a no obligation 15 min call to see if we can help.


Please also have a look at the following;

video - 5 ways to prevent Cyber Attacks

video - How to stop your staff stealing your data

Ebook - Cyber Security Tips for employees

Ebook - One Sheet of Cyber Security Statistics


Other people also liked:

1. 5 Top security tips for business owners to stay safe online

2. Is it ok to let staff bring in their own tablets, phones and laptops?