A Case Zulu Nyala Game Ranch (PTY) Ltd vs Christian Bukes and Custom Trails (PTY) limited which discusses some interesting thoughts on employee information and privacy act, has been reported.
The order protects the right of an employer to restrain an outgoing employee from disclosing its confidential trade sensitive customer information which is bound by the confidentiality under privacy laws.
The issue is that the applicant is a business entity which provides services to individuals and therefore holds the personal data of its customers as part of its business activity. Such information has economic value to the company besides providing certain privacy rights to the individuals.
The first respondent was an employee and the second respondent was a company promoted by the wife of the employee.
The first respondent’s employment contract contained confidentiality clauses that expressly prohibited him from disclosing, inter alia, trade secrets, marketing material, customer lists or supply lists, business affairs, technical methods, electronic mail and processes of the applicant’s operations. The employment contract also mandated return of such material on termination.
The employee even during employment was sharing the company’s customer information to his wife’s entity and was dismissed from service. He then continued to use the information and converted it into a business opportunity which was similar to that of the applicant.
The applicant proceeded against the wife’s business entity for infringement of its trade secrets etc.
The action of the employee was considered a “Breach of Trust” whether or not a “Breach of Contract” (ed: Which depends on the clauses in the employment contract).
The essence of the judgement was that the personal information recognized as such under the Privacy Act was also the business information and hence qualified to be considered for breach of trade secrets act.
This establishes the dual nature of the data and the concept of “Joint ownership of transaction data between the business entity and the individual”.
In the Indian context the ITA 2000 would have recognized this as “Unauthorized diminishing of value” [Section 66(i)] and also breach of trust under BNS. It also establishes the DGPSI concept of recognizing such data as a transaction data which can be retained after the immediate purpose . However such retention should be for legitimate use and must be adequately secured.
Employee’s breach of data ble acquired during their employment would amount to a criminal activity and is punishable under ITA 2000 and BNS.
(Comments are welcome)
Naavi
