In the digital age, confidential information and intellectual property rights are a crucial assets for any company. This can include client and supplier details, employment contracts, email addresses, company operations, software codes, and financial statements. Companies are increasingly vulnerable to insider threats, particularly from employees who have access to this data. Data theft by employees can pose a significant threat to a company, due to unauthorized removal or copying of important or confidential information and misusing the data.

There are several reasons why an employee might commit data theft like:

1. An employee may seek revenge on their employer following termination.
2. An employee may be working for a competitor, often referred to as an insider agent.
3. An employee may intend to sell confidential information for profit.
4. An employee may wish to cause harm to the company.

Prosecution under the IT Act, 2002

The Information Technology Act, 2002 (IT Act) governs cyber laws. Section 43 of the IT Act deals with unauthorized access to computer resources, including the theft, concealment, or destruction of any computer source code. If an employee commits any act falling under this section, they may be liable to pay damages to the affected person.

The IT Act also provides penalties for dishonest or fraudulent acts, including the use of another person’s signature or password (Section 66C), and the concealment or destruction of computer source code (Section 65). The Personal Data Protection Bill also mandates the fair and reasonable processing of personal data, with penalties for contravention.

Breach of Contract by Employees

An employee is bound by the employment agreement signed by both the employer and the employee. If an employee maliciously steals or shares confidential information, such as client details, business plans, or financial records, this can lead to a breach of the employment contract and the Company can claim civil damages against the employee. In addition, legal provisions under the IT Act, such as Section 72 (breach of confidentiality and privacy) and Section 72A (disclosure of information in breach of a lawful contract), provide for penalties in such cases.

Bangalore is a tech capital of India and protection of data is of utmost importance. Data theft by employees can become a significant issue for the company and may result in customers losing faith in the organization and closure of business. It is crucial for companies to understand the legal implications of such theft and take strict measures against their employees to safeguard their valuable data assets. Our advice is to implement robust data security measures and practices from time to time, as well as ensuring that employees understand the consequences of data theft.