Waking up to news of another major data breach seems to have become a daily routine. On the front pages and cable news, we hear about hackers, rogue governments, and shadowy figures involved with these data breaches. But too often we overlook the fact that most data breaches are not the stuff of Tom Clancy novels. Instead, businesses in the gig economy regularly confront serious but smaller-scale “inside jobs” – data theft by employees seeking to use information like customer lists or financial data for personal gain, often by bringing that information to a new job with a competitor.
To address this threat, gig companies can take some relatively easy steps to prevent contractors and departing employees from taking confidential information in the first place, and to protect that information from use by competitors.
Defending Trade Secrets
Businesses in the gig economy create and retain a trove of information that could be valuable in the hands of competitors: customer lists, purchase histories, customer preferences, and all kinds of financial information. And that’s just scratching the surface. Most gig employers have policies restricting employee or contractor use of and access to such information, and most states have laws to protect employers against trade secret theft.
As of 2016, federal law also provides a civil cause of action for trade secret misappropriation. However, in order to recover punitive damages or attorneys’ fees under the law, the Defend Trade Secrets Act (DTSA) requires employees or contractors to be given notice of whistleblower immunities in all agreements dealing with trade secrets and confidential information. Gig businesses should take advantage of the trade secret protections afforded by this new law by reviewing policies and agreements to ensure they comply with the DTSA’s various provisions.
A gig business’s relationships with its customers, contractors, and vendors are among its most valuable assets. Some employees and contractors are expected to develop lasting relationships on behalf of the company. Well-drafted agreements with these individuals should include a provision prohibiting them from soliciting customers, contractors, and vendors – especially those with whom they interact directly – for a reasonable period of time. State laws regarding the validity of non-solicit agreements can vary and can be complicated. That said, an enforceable agreement can be a potent tool to prevent individuals from poaching customers, contractors, or vendors on behalf of a competitor.
One of the more sweeping measures a business can take to protect its relationships and confidential information is to ask workers to sign a non-competition agreement. These agreements generally prohibit departing workers from joining a businesses that competes with the company in a specified geographic area for a limited amount of time after their tenure with the company ends. Though a handful of businesses use non-competition agreements liberally, we generally recommend that companies limit these restrictive covenants to higher-level positions. As with the non-solicitation agreements discussed above, state laws vary widely regarding the enforceability of non-competition agreements, so well-tailored agreements are crucial.
With the deluge of stories about data security, now is an opportune time to review and update employment and independent contractor agreements and policies to protect trade secrets, confidential information, and relationships. On this front, an ounce of effort on the front end can save a ton of headaches in the event that an employee or contractor decides to take the company’s valuable information or relationships to a competitor.