Harsher Sanctions for Employee Theft?

I heard on the news today about a number of T Mobile employees who were selling customers’ details to competitors. Apparently this activity is rife amongst businesses that deal in such sensitive but valuable data as mobile users’ names and contact details – and when dates of their current contract is up! This is theft, but is apparently being dealt with under the Data Protection Act. The Act provides for shows lenient penalties – a maximum fine up to £5,000 from the Magistrates Court and unlimited fines from the higher courts. The Information Commissioner announced that the £5,000 limit is unlikely to be reached, and that harsher penalties should be available to deter this activity.

Why do we not simply prosecute – as I noted above – it is theft after all!

If an employee steals from an organisation he or she is working for there are a number of ways in which this can be dealt with. The decision will no doubt be based on the organisation’s fraud policy and what it wants to achieve. Does it want its money back, to sack the fraudster or to make a public example of the issue? The alternatives include:

  • Reporting the employee to the police – the police may or may not be interested. If they are – they may investigate. If they do, this can be disruptive to the business. Often however, given the shortage of police fraud investigation resources the response to a fraud report may well be a request to provide comprehensive details of the occurrence i.e. effectively to go and investigate the fraud yourselves!
  • Commencing some form of disciplinary action in order to safely remove the fraudster from the business. This has to be done with care because inappropriate treatment of staff can lead to claims for unfair dismissal or constructive dismissal – even by the guilty fraudster!
  • To investigate the fraud using internal or external resources with the view to instigating some form of civil litigation for recovery of the losses due to fraud.

Very often, however, an organisation will do none of the above! They will let the perpetrator go with a reference on the understanding that this is the end of the matter. Incredible though it seems, this is exactly what some major financial institutions or publicly listed companies will do. Not wanting any publicity to impact share prices perhaps, they prefer to hush the matter up!

In the T Mobile case the company chose to inform the Information Commissioner. Let us see if the public interest can steer this affair towards a proper criminal prosecution.

Leave a Reply

Please use your real name instead of you company name or keyword spam.