Think twice before you delete

Over the years I have created a lot of work that now sits on the hard drive of my computer at work. It’s mostly letters, forms, submissions, statements and agreements. In preparing this article I actually had a quick look and was surprised to discover that it now stands at around 9.5 gigabytes.

A lot of my time, sweat and tears went in to writing, creating, and organising this data. More effort still arranging and labelling it in a coherent way. It’s hard not to feel a certain sense of accomplishment when I look back over it all. It certainly isn’t perfect by any stretch, with some of it mislabelled or containing unnecessary copies or even old documents that could serve no further purpose. My email inbox is in even worse condition, with the many emails each day it’s hard to keep up the administrative pace.

I’ve recently had cause to wonder, following several cases in which the IEU represented members in unfair dismissals, what I would do if asked to provide my work computer for inspection as part of a workplace investigation. What I might do if faced with the prospect of someone else going through all 9.5 gigs with a fine tooth comb.

I think there are a few understandable temptations. To go in and tidy up a bit, just so that I can present as organised and on top of my work. To take the opportunity to ensure that all files are in order, that old and personal material is deleted, unclutter the emails, and perhaps try to find and discard anything that might be a tad incriminating. There’s also the worry about what might happen to my saved work. I may even be tempted to keep a copy for myself to make sure that everything is safe, or so that I can use it in case I possibly get dismissed.

Forensic analysis

All of this is fairly natural for an employee who comes under the suspicion of their employer. However, the laws around intellectual property and confidentiality in an employment relationship can quickly turn these innocent efforts into misconduct. I could suddenly find myself facing a whole new set of allegations of compromising and/or deleting intellectual property and confidential information.

As a general rule anything you create in the course of your work is the property of your employer. Your programs, plans, observations, reports, even your emails may be or contain confidential information or intellectual property. Any attempts to delete, copy or alter that material without proper authority from your employer can quickly become misconduct.

Employees already under suspicion will often have their computers forensically analysed as part of the workplace investigation. The deletion, copying or alteration of material is forensically traceable even after you have ‘permanently’ deleting data from a computer device. In fact, through using specialised software a computer expert can often demonstrate USB activity, files recently opened, files sent to personal email accounts, and even recently printed documents.

Suddenly the alleged misconduct that initiated the workplace investigation is secondary to the deletion or copying of data, and what may just have been a warning is turned into a dismissal. In these recent cases several members have been left frustrated after their good intentions left them stranded, having gifted their employer evidence of misconduct.

Lesson to be learned

The lesson is to make sure that you are properly authorised to delete, copy or alter material on your work computer or laptop. Check your IT policy for your obligations in maintaining data, documents and emails; check with your principal or coordinator about what you should do with old emails/and documents. If you are ever in doubt, do not delete, do not copy, but do speak with your Union organiser.

Robert Seals
Industrial Officer