I.      Introduction

 


The following report is a result of the observation and analysis of the particular divisions of the company, Security Corp (SC). For the intention of D’Ausecours to acquire the said company, the findings of this report are deemed necessary in order to establish a strong base of information for the acquisition of SC. Moreover, the findings of this report will also be employed to be an account of the due diligence of the target company. Based on the investigative methods employed for the gathering of the necessary data, D’Ausecours will be notified of the necessary risks involved in the acquisition of SC both in the short-term and long-term basis. This report will establish the existing condition that D’Ausecours needs to be acquainted to in order to help them deal with SC once the take over indeed push through. In establishing the importance of this document, it is the contention of the paper to attempt to create an in-depth analysis of the existing circumstances within the target company. Moreover, so as to clearly establish the specific areas of the target company that needs attention, the discussions in this paper is going to be divided into several parts. This is to establish a clear and concise depiction and analysis of certain aspects of SC. At the end of the said discussions, a conclusion and a set of recommendations will be given.  


 


II.   Confidential information

 


The observation of the target company, SC, established that the employees of the company have no confidentiality clause signed. This provides SC at great risk with regards to the leaking of information external of the company. This information could be used against the company by other players in the industry where SC partakes in. The worse part is that every employee of the said company is able to carry this out without any restriction or any form of sanction once they are caught. To boot, there are several hundreds of employees that could be suspected once vital information indeed leaked outside the company. And this is situation where the said company incurs a great liability.  This is similarly a liability for the D’Ausecours considering that there is no actual record of the number of individuals or the specific people who are able to access the information vital to SC. This means that at the worse case scenario, all employees are able to leak information, and D’Ausecours once they have acquired the company, could do nothing about it.


 


In this context, the keeping of the trade secrets of SC, is compromised. According to the case of  [1918] 35 TLR 87, a trade secret could be classified as a “technical, scientific, secret formula or design.” This means that the stated future projects could be leaked out from the said company. The intricacies of the said future plans of the prospective projects listed in the portfolio of SC may be at risk of being given to people outside of the firm. Moreover, the case of [1991] IRLR 80 similarly stated that trade secrets are information that are considered as a highly confidential which could also take the form of a “non-technical” nature. According to the said case, such information, if leaked to the other players in the industry, may trigger an actual and considerable damage to the firm, in this case SC. Thus, given the findings of the said investigation on SC, the employer is at risk of being harmed, probably in terms of reputation or any other factor that could damage the firm as a whole, the moment even a single employee gets hold of any information. This is feasible considering that the said employees are not bound by any clause prohibiting them to leak the said information.


 


A major concern of the investigation is the fact that the marketing information of the company might have been compromised. ( [1978] 1 All ER 1026) In this scenario, the competitive edge of SC might be compromised by the risk of such exposure. The list of the possible clients and existing customers including the individual agreements that they have gone into are among the basic information that could be considered confidential and at the same time damaging for the company. The moment this information is transferred to the hands of other competitors, then the said competitors acquires an unfair leverage against SC. To address this situation, a recommendation is provided in the last part of the report.  


III.Copyright and intellectual property

 


As presented in the case of SC, the investigation found out that the products that the target company generally are made of works of employees, contractors and other companies. The troubling matter in this context is that formal contracts are completed follow on a much delayed time in the employment of players external of the company. This means that information is openly shared among the employees, contractors, and other companies within a completion of a project. In this process, the intellectual property of the firm, SC, is not protected. (1992) Although the companies are employed initially at a contractual level, SC is still not safe from them from getting hold of information that could be deemed important for the company. Information like business processes, connections and other information that could be accessed by the contractors and other companies may place SC at risk.


 


Another issue in this context is that the final product that are these SC employees, contractors and other companies complete are basically in an open source format. This means that after the product is completed, the work is accessible to everyone who uses the same application as that of SC. (, 2002) This implies that after a project is done, then the project becomes public and free. This presents a new problem in the context of the intellectual property in the case of D’Ausecours if it wants to purchase SC. In this situation, there is a considerable amount of risk for the company with regards to the loss of Intellectual property, provided that SC continues to use an open source in their codes. Another risk is that the previous projects of the SC with contractors and other companies are still open to scepticism. Specifically, SC could not be sure if the codes provided by the contractors and other companies are intellectual property of another entity. Thus, there is still the risk of potential lawsuits on the part of SC when they chose an open source as their mode of application. (, 2002)


 


In this section, it has been established that the company is at risk of breach with regards to their security, particularly with the security of their intellectual property. This is revealed in the absence of a contract prior to the employment of the contractors and other companies in a completion of a project. Another risk is that the company is open to any lawsuit as a result of the rather vague sources of the codes used by the previous contractors and other companies. The company is in a situation wherein it is unaware of the possible breach of any intellectual property rights by other entities using the same open source as they are employing. Recommendations for these observations will be provided in the concluding part of this paper.


IV.           Records, staff surveillance and monitoring

There are certain issues that the company may possibly encounter with regards to their monitoring of employees with regards to electronic usage, like computer use and other ICT-related applications. Let us first look at the records of the company. There is the problem of having a considerable number of information from the staff. On the subject of surveillance and monitoring, the IT Department of the company examines them at will. This means that they are able to access the data from the workstations of the employees randomly. This shows that the IT department cleaves to an Orwellian authority over the activities of the employees with regards to their use of computers and ICT-related applications. They can see every single element that the employee takes part in through electronic monitoring.


 


The problem in this scenario is that the privacy of the employees may be compromised. There is actually a legislation that is actually in effect in UK with regards to the human rights of the employees. To illustrate, the Human Rights Act, ratified in 2000, incorporates the civil liberties that has been instituted in the European Convention on Human Rights. Specifically, Article 8 of the said legislation specifies the right of the employee for privacy. This means that it would be illegal for the employer to oversee the communications of the employees within the work area if there is no consent coming from the latter. Thus, the employee must be fully aware that his/her actions through the use of ICT-related applications are monitored by the employer. ( 2001) Indeed this right of the individual to privacy extends to the work area; however this does not discount the right of the employer to make sure that the employees are indeed doing their jobs adequately. The basic premise that the employees have to be informed that they are being monitored is enough to create a firm ground in implementing any form of electronic monitoring.   


A.   Email libel

 


The case in which an employee has circulated a defamatory email towards a certain member of the Information Security team reveals an inappropriate behaviour and shows unprofessional conducts on the part of the employee who sent the message. Although its intention is to illicit humour, the said individual still utilized company property to disseminate such a message. The problem in this context is that the employee that sent the message does not represent only himself, in using SC property in carrying out his/her deeds, his actions appear to represent the SC as a whole. Thus, this creates a bad image for the company. It represents a bad reputation for the company.


 


The said employee may claim his/her freedom of expression, however, one must take into consideration that in his/her exercises of this freedom, and another individual’s right has been violated. Moreover, the company has the authority to monitor this kind of employee activity as reflected in the recent Regulation of Investigatory Powers Act 2000 (2000). Specifically, the interception of communication has been noted as among the elements that has been covered by the act. This provides the employer a much wider area to wield his authority in terms of monitoring the employees. Specifically, telephone calls and emails, regardless of whether it is work-related or otherwise, are among the things that the employer could do with the use of this piece of legislation.


 


There is indeed some presence of conflict in the stated legislations in this part of the report. Article 8 of the Human Rights Act, as stated in the previous part, is totally in conflict with the  2000. However, this report continues to hold on to its contention that the knowledge of the employees that they are being subject to such monitoring and surveillance balances the said inconsistency. Although it is established here that the company has indeed the power to monitor the employees, it is much better for the company to consider installing a means of order, or a set of guidelines for that matter, in terms of monitoring and surveillance.        


 


B.   Internet use

 


The extent to which this issue is related is not limited to the access of pornographic material. The free use of internet, devoid of any firewall or any other security tool opens the company to a lot of possible misdemeanours carried out by the employees. The free use of the internet may allow the employees to use a considerable amount of software that may not be licensed to the company. This means that if this happens, the company may well be open to major copyright infringement lawsuits in the near future. Frequent downloading of “free” application and “trial” applications often triggers these instances. ( 1998) Again, the company have to install a surveillance program that would be able to avert this kind of activities.  


 


V.  Data Protection

 


Based on the findings of the investigation, it appears that there are some inconsistencies in the compliance in the Data Protection Act of 1998. This reveals that that the company has failed to manage the data of the employees in the company. Given that a report is made by the Data Protection Commissioner, it means that SC has been irresponsibly processing the data of the individuals connected and employed in the company. Although the said legislation does not entail any sanction and serves only as a set of guidelines for employer use, the company, SC, should not have failed to these take into consideration. To deal with this situation, several recommendations are placed in the end of the paper.  


 


VI.           External contracts

 


The findings of the investigation uncovered that the target company has implemented external contract with other companies. The problem with the said set of circumstances is that there were no apparent set of files that depicts the kind of company or any company profile whatsoever in the archives of SC. The following will present a set of findings that will reveal some information of the two companies that SC have acquired an external contract with, moreover the data acquired in this section are basically taken from the Internet.  


 


A.   Scolarest Catering

Based on the website of the said firm (), it is a company that specializes in catering services. It provides its food services primarily in educational institutions. Apparently, though the said company’s target market includes schools and state colleges, its services are not restricted to them. Probably, SC must have taken this company to cater for its cafeteria.


 


However, a study from the website of  (2005), objections on the sizes of the means as well as the quality of the food they are serving from instructors and educators of a school in Wandsworth were made in May of 2004. There have also been reports, as stated in the same website, that the food choices were not meeting the standards of the government. This has been also reported in Camden. As a result these institutions decided to severe their contractual ties with Scolarest.        


B.   Pegasus Security and Parking Control

 


There is not much information about the said company available in the internet. However, according to its website, it is a provider of private security and manned guarding. ( 2005) Apparently, SC may have hired the said company to provide security services for the establishments owned by the company.


 


VII.        Recommendations A.   Confidential information

 


In the condition of SC, it is safe to assume that there is indeed likelihood that lay-offs will be taking place once the acquisition has taken place. Otherwise, if D’Ausecours, deemed lay-offs unnecessary the recommendations in this section would still be imperative for the company. It would be advisable for D’Ausecours to force SC to make the employees sign a new contract, one which contains a garden leave clause and an implied duty of fidelity.


 


The issuance of a garden leave clause presents the employer to protect their interests the moment an employee is terminated in his position. This is the course of action taken in the case of  [1989] IRLR 84. In this scenario, the employee will be given a fair treatment considering that he/she will still be remunerated regardless of a long time of compulsory absence or even after the notice of termination has been given to him/her by the employer. In this context, the employee is still covered the stipulations in his/her contract implying not to compete, breach confidence, or any other stipulation noted in the contract. This is enforceable considering that the employee continues to be bound by the contract that he/she has signed with the company. The inclusion of this provision on the contracts of the said employees is imperative. This is because the employer would find it difficult to impose this type of action if a contractual provision in absent. This means that without such a clause in the contract, the employer has no right whatsoever to compel an employee to a garden leave.


 


Another recommendation in this aspect is to place a clause in the said contract unambiguously stating an implied duty of fidelity. As stated in the case of  [1895] 2 QB 315, the said concept provides the obligation on the part of the employee to establish an “honest, faithful and loyal service.” If a clause stating this term is placed in the contract then the employees are bound by the fact that they are to steer clear of any exposure of information that belongs to the firm in the course of their employment. This even goes further on implying that the said obligation extends when the employees’ services are severed from the company. ( , 1986) Although the said clause could only cover a much constricted range with regards to the still “unterminated” employee, the firm will be able to protect information such as customer connections and other data that could be considered a trade secret, as defined in the above discussions. ( , 1986)    


B.   Copyright and intellectual property

 


The use of an open source by the target company, SC, may have spawned from the context of convenience and greater access for the employees of the company. However, the employment of such a technique has opened the company at risk from stealing their own intellectual properties. There is no problem in placing their projects in an application revealing an open source; the problem in their situation is that the information that they are using and eventually presenting as their won finished product is an amalgamation of works from entities both internal and external of the company. In this sense, as stated in the earlier discussion, they are exposed to possible lawsuits, both by them and against them. D’Ausecours should take into consideration several courses of action in order to avert any possible lawsuit once they have acquired SC as their own.


 


The company should decide whether they want to continue employing the open source as their means of application. If they decide to keep the use of the open source, then they have to change the operations in completing a project. Though the employment of contractors and other companies to help their employees could still be used, it is important for the company to oblige them to sign a contract before any exchange of information takes place. In doing so, the company would be able to hold these employed contractors and other companies liable once they are slapped by a lawsuit claiming a breach of the intellectual property rights of another entity. Moreover, the firm would be able to hold these external entities legally responsible if any of the projects that they have completed oddly turn out in other companies.


 


The change of compelling contractors and other companies to sign a contract prior to the commencement of a project is imperative. However, if the heads of D’Ausecours deem it unnecessary, an alternative nonetheless is the employment of software that could not be used by other entities other than the company itself. To this extent, the company have to use encrypted codes in order to keep their intellectual property protected. Although they could still employ the open source in the process of completing a project, it would be necessary for the company to convert the said information into an encrypted format so as the other companies may not regard it as open and free for access.


 


Moreover, the company should also get acquainted with its intellectual property rights in order to take the necessary precautions. This will reinforce the safety of their work as well as free them from any other possible lawsuits coming from other companies.        


     


C.   Records, staff surveillance and monitoring

 


Monitoring and surveillance in this context is limited to the use of computers and ICT-related applications in the work area. To a certain extent, this allows the company to monitor whether the employees are performing at par with the required performance level set by the company. With reference to the work of  (1998), the company could install a video display terminal (VDT) that would be able to clearly state the actions of the employees in their workstations, including the number of keystrokes that they have made and the time that they have spent away from their workstation.


 


However, it is still more convenient for the company to present a vigilant culture for its employees. The management should encourage the employees to work towards the company goal and motivate them in such a way that they report any kind of misdemeanour that their co-workers carry out in the workplace. This is a more effective method given that there is a sense of empowerment given to the employees.     


 


1.     Email libel

The D’Ausecours, the moment they decide to acquire SC, should install a directive, a set of guidelines that would be accessible to employees. The contents of the said guidelines should include the proper use of company email and the appropriate content of such messages. Moreover, in this directive, the company must stress that the use of such devices does not only reflect the behaviour of a single individual but represents the level of professionalism present in the company as a whole. Sanctions should also be indicated once an employee is caught.  


2.     Internet use

 


As stated in the earlier discussion, the issue is not limited to the access of porn sites and other perverse web areas. The free use of the internet and the ready access to porn sites reveals that the target company has no firewall installed in their system. This means that they are open to any form of hacking or intrusion in their database. Upon acquisition of the said firm, access to the internet should not be limited, however it is required for D’Ausecours to install a means to protect the database of the company and monitor the sites that employees are clicking on the time of their jobs. Moreover, it is the duty of the said company to inform the employees that they are indeed being monitored.  


D.   Data Protection

 


In the context of the Data Protection Act, the discussion is practically connected to monitoring of employees. At this point, if D’Ausecours intends to go through with the acquisition, they should create an impact analysis with regards to both the advantages and disadvantages of monitoring the employees. If there are any apparent adverse effect on the employee, like that of any inconsistencies with the Data Protection Act of 1998, then the said foreseeable effect have to be justified. Moreover, they must ensure that the data acquired from the monitoring activities have to be used only in the context of monitoring and nothing else. The moment a serious act is detected, appropriate actions should be taken.


 


References



Credit:ivythesis.typepad.com


0 comments:

Post a Comment

 
Top