26 March 2025
In today’s digital workplace, employees generally have easier access to sensitive company information.
Unfortunately, it also happens that employees—especially when their employment is coming to an end—forward confidential company documents to their personal (email) accounts. In a recent ruling by the Court of Appeal in The Hague, an employee who sent confidential information to his private email was rightfully dismissed on the spot. Was this an isolated case or part of a broader trend in case law?
The employee in question was hired for one year as Director of Operations but reported sick after less than six months due to stress-related complaints. Just hours after reporting sick, the employee forwarded approximately 50 emails, some with attachments containing confidential information, to his private email account. The employer discovered this the next day, after which the employee was suspended, invited the employee to a hearing, and ordered to delete the emails and files. The employee ignored these requests and was eventually dismissed on the spot.
The court found that the emails contained sensitive company information. The employee explained that he forwarded the emails to his private account out of fear of being suspended and with the intend to safeguard his legal position. He mentioned a poor relationship with his supervisor and high levels of stress due to understaffing. However, both the subdistrict court and the Court of Appeal found this reasoning unacceptable and upheld the instant dismissal. The Court of Appeal also noted that the employee ignored the clear order to delete the files and provided no explanation for this, further justifying the dismissal.
In this case, the court did not tolerate the employee forwarding confidential company information to his private account. A key factor was the employee’s conduct after the incident. While case law shows a strict attitude towards employees who take sensitive business information for personal use, instant dismissal remains a risky measure. The ruling might have been different had the employee rightfully argued (in time) that the information was not sensitive or had provided a credible explanation for copying the data.
In this case, the employee argued that there was no written policy on the use of company information. He also claimed that he did not share the emails with third parties, that he could not open the attachments, and that the company suffered no damage from copying the files. However, these arguments did not help him here. That said, courts do not always rule the same way, especially when there is no internal policy in place.
It is advisable to implement a clear policy on handling confidential information. For example, are employees allowed to store documents on private devices, and if so, which documents? If not, what are the consequences of doing so, and how will this be enforced? Such policies can be included in the employee handbook. Additionally, it is possible to include a clause in employment contracts prohibiting the copying of company data to private devices, possibly with a penalty clause attached.
If a similar situation arises in your company, it is important to give the employee an opportunity to explain their actions and to formally order them to delete any company information from their devices. Even though the court in this case gave less weight to the absence of internal policy, it still helps if clear rules on handling sensitive information are in place.
Hof Den Haag 23 juli 2024, ECLI(verkort):1167
If you have further questions about employment law or other legal matters, feel free to contact us.
