The recent news that the electric car maker Tesla’s chief executive Elon Musk has accused an employee of carrying out “extensive and damaging sabotage”, places the media spotlight on the hidden dangers of deliberate employee sabotage. It is alleged that the unnamed employee made coding changes to Tesla’s manufacturing operating system and sent sensitive data to third parties. He was seemingly motivated by being annoyed at missing out on a promotion.
It’s perhaps worth pausing at this point to note that a recent survey by Investors in People concluded that almost half of the UK workforce is looking to change jobs. Or, to put it another way, around half of your workforce are likely to have low job satisfaction. Of course, we cannot simply jump to the conclusion that an employee who wants to change jobs will necessarily engage in employee sabotage. Many of them will simply find alternative work and move on quietly. A small proportion of those leaving may try to take confidential information or client connections with them. Assuming you have robust confidentiality and post-termination restrictions in place, this is where injunctions prove most useful. However, a much smaller proportion – perhaps those most disgruntled by what they perceive to be injustices in the way they have been treated – may take steps to deliberately damage the business from within.
Cases of employee sabotage are perhaps more common than most employers would like to think. So, what can employers do to minimise the risks? The first step is to understand that employee sabotage can take many forms. How can an employer prevent it, and identify and deal with it when it does occur?
Minimising the risk of reputational damage
At the lower end of the spectrum, an employee saboteur may badmouth the business online or otherwise bring it into disrepute. Commonly, this will involve negative posts on social media. Perhaps the worst sort of these posts being the publication of videos of employees misbehaving in the workplace, or not following company procedures. These funny video clips quickly turn viral and can have a very serious impact on a business’s reputation. Perhaps more serious is an employee who secretly or openly blogs negatively about the company (a recent example is the blog which led to a high profile investigation into sexual harassment at Uber). Depending upon the nature of the business, it can sometimes be all too easy for a saboteur to quickly damage a brand e.g. by leaving negative reviews on Facebook, Trip Advisor or Trustpilot.
To minimise these risks, companies should keep a close eye on their brand profile and regularly monitor for anything published online which may damage their brand negatively. Swift action should be taken to remove anything online which can be proven to be false or defamatory and, if possible, steps taken to identify the source of the information or posting. However, remember that more damage is sometimes done by trying to cover things up or sweep them under the carpet; sometimes it is better to acknowledge wrongdoing, deal with it and apologise publically for it.
Protecting confidential information
A disgruntled employee may decide to spy for your competitors, to release confidential information into the public domain (e.g. Morrison’s Supermarkets has found itself embroiled in lengthy and potentially costly litigation resulting from the malicious disclosure of employee personal data online by a disgruntled senior manager), or to manufacture negative press attention e.g. by leaking financial reports or other sensitive information to journalists.
External leaks of confidential or sensitive information can largely be prevented by having contractual terms designed to protect confidential information and robust internal monitoring systems designed to spot breaches (e.g. having IT systems which identify and verify large external data transfers).
Internal attacks on systems or processes
At the most extreme end of the spectrum, an employee may seek to make unauthorised changes to your internal systems or processes. For example, in Tesla’s case it is alleged that the saboteur made coding changes to Tesla’s manufacturing operating system. In another well reported case, an IT manager set up a digital bomb that deleted all of the company’s programs.
Implementing a system in which no one person is responsible for crucial equipment or IT systems is a vital first line of defence in preventing this sort of attack. Any major changes should require the authorisation and approval of multiple senior personnel (remember, even the US President isn’t in sole control of the nuclear codes).
Can good HR practices reduce the risk of employee sabotage?
In a word, yes! HR has a very real role to play in both recruiting the right people for the job in the first place, ensuring any promotions are handled fairly and tackling any grievances an employee may have in a fair and thorough manner. HR may also spot the early signs of a potential saboteur. For example: Does a suspended employee have access to crucial systems or processes? Is an employee particularly disgruntled that they have not received a hoped for training or promotion? Is an employee particularly unhappy that their grievance has not been upheld? Has an employee been issued with a disciplinary warning for misconduct which they deny and may therefore feel annoyed about? When faced with an employee who may pose a risk of employee sabotage, HR should always consider whether additional safeguards need to be put in place to prevent it from occurring. HR also has a crucial role to play as part of the exit process. Exit interviews can identify staff that are leaving upset or disgruntled and steps can be taken to improve their perception so they can leave on a more positive note.
Dealing with an employee saboteur
Despite undertaking preventative measures, an employer may still find themselves the victim of an employee saboteur. The employer should take care not to have a knee-jerk reaction – there needs to be a thorough investigation and a fair disciplinary process should be followed. Account should be taken of any previous good service and mitigating factors (e.g. mental illness). Employee sabotage can lead to a fair dismissal for misconduct and may result in other legal action being taken against the employee including in some circumstances criminal action.
By Emma Ahmed, Professional Support Lawyer in the employment team at Hill Dickinson LLP