Imagine these situations:
Your company’s IT manager uses a company laptop to hack into a competitor’s network, access its secret customer list, and download a copy to the company’s system.
Your company’s driver finishes her delivery. While returning to your warehouse she goes to the grocery store to pick up a birthday cake for an office party, and fatally injures a customer crossing the parking lot.
Your hotel’s service staff employee sees a guest leaving with hotel property, chases him into the street and injures him while taking the property back.
The victims of each of these three actions will likely sue your company, claiming that it is responsible for and financially liable for the harm caused by the employees. Will they win? Your immediate reaction will be to tell the court that the company shouldn’t be responsible because, for instance, you didn’t know the employee was going to drop by the store, or attack the guest, or hack the competitor’s system. If only it were that easy.
The legal issue is whether your company is “vicariously liable” for the actions of its employees. Some cases are easier than others. If the driver has the accident while making the delivery, most plaintiff lawyers will be able to convince a jury that the company should be responsible. If the IT manager hacks the competitor under the direct orders of management, the case will be tough to defend, even for a skilled defense attorney.
Other cases are easier to defend. For instance, imagine that your driver diverts from his delivery route to drop off his elderly mom’s medication, and strikes/injures a pedestrian on the way. The question we are always asked by clients in seemingly obvious situations like this is “Can the company be held responsible?” Unfortunately the answer to that particular questions is “It’s possible”. The real question is whether your company and its legal team can gather the evidence and arguments necessary to convince a judge or jury that the company, according to the law, is not legally responsible for the event. Any one of the examples above can be won or lost.
For all the examples we’ve given you, the court and jury will look at a long list of factors to determine whether there will be corporate responsibility for the employee’s act. None are magic bullets. In each case the court and jury will be asked to weigh all of the facts and circumstances in determining whether the business will be held responsible. Your chances of defending the case will increase if you are able to provide the court with evidence in your favor on as many of these questions as possible.
Was the employee “on the clock” at the time of the wrongful act? For an hourly employee, you should be able to quickly determine whether she was “on company time” at the time of the event. While employers can sometimes be responsible for “off the clock” wrongful acts of employees, the fact that an employee wasn’t punched in at the time of the event will be something the jury will consider. If the employee is salaried, however, it gets much harder to draw a bright line on whether she was actually paid for the time spent committing the wrongful act.
Was the employee “acting as an employee” at the time of the event? This question comes into play more often with a salaried employee, who is involved in some event away from the workplace. An example would be an employee who hacks into a competitor while at home, on her personal computer. Here, the company’s right to control the activity is important. The business should argue that it has no right to control, and can’t control an employee at home, working on a computer neither owned nor controlled by it.
Was company property used? Company liability is less likely if a personal, rather than business vehicle or computer is involved. As in the example above, the business should argue that it has no right to control how its employees use their personal property. If personal property was used while at work or while on the clock, it gets stickier. This is why employers often consider prohibiting non-emergency use of personal technology while at work.
What actions did the company take to guard against the action? In the cyber-piracy example above, it would be a strong defense if the company’s procedure manual expressly prohibited using company computers for illegal activities, or prohibited performing tasks not expressly authorized by the company, or prohibited visiting non-approved websites. In the hotel example, a policy forbidding employees to physically touch guests, or forbidding them to chase thieves will be strong evidence that the employee’s actions were not taken in the scope of his employment.
Did the company give the employee the authority to take the act? Here, job descriptions and company policies and procedures will be put under the microscope. Vague or broad job descriptions can come back to haunt the company. A job description probably will never give employees the authority to “hack competitors’ networks.” But what if the description tells employees that they should “Use innovative and creative methods to gain new customers”? In that case, the victim will have a strong argument that the company gave the employee the “general authority” to do what he did.
Was the wrongful act taken in furtherance of the company’s business? Lawyers in these cases typically make arguments as to whether a wrongful act somehow “furthered the business” purpose of the company. In the hotel example, the victim’s lawyer will argue that the employee was furthering the hotel’s business in trying to get the stolen property back. In the driver example, he will argue that the office party was a company condoned activity which furthered company morale, and thus furthered the company’s business. An imaginative lawyer can always come up with some argument as to how almost any action theoretically furthered company business. The defense lawyer must be equally ready to argue that the employee’s act in fact harmed the business.
What did the company do following the event? The court will look at the actions your company took after an employee’s wrongful act to see if they were consistent with the argument that it shouldn’t be responsible. Was the employee disciplined for the act? If she was given a raise after hacking a competitor, it will be used as evidence that the company approved of or even ratified the act. But think about how much stronger the defense would be if instead, the employee is disciplined, and the competitor is immediately notified, and all copies of the customer list are gathered and destroyed, and all employees are reminded that cyber-piracy is forbidden, and if measures are taken to monitor online activities are instituted? You’ll then be able to argue that the company in no way approved of, condoned or ratified the action.
This article only scratches the surface, because each case is completely different. These cases are all about the gray areas, and skilled attorneys can win cases that, on paper, should be lost. The key is to be proactive, by sitting down, imagining situations that could arise, and thinking of ways to prevent them. If you do your business will profit in terms of time, money and reputation. Call us at 832-284-4013 if your company needs help in applying these principals to your business.
WRITTEN BY