A South African Labour Court ruling reveals how employee dismissals can intersect with data protection and internal security risks.
The Labour Court of South Africa issued a ruling in the case between Lucchini South Africa Ltd. and its former employee, Vishen Mahabeer. He was dismissed by the company after alleged violations of the work contract. The court ruled that the dismissal was illegal and awarded compensation equal to six months’ salary. Let’s focus on this case and find out how this legal process is related to data protection.
Mahabeer began to work as Safety, Health, Risk, and Quality (SHERQ) Manager at the beginning of 2021. Six months later he was dismissed after five cases of alleged misconduct.
- Charge 1 concerned a breach of the employment contract, which prohibited employees from taking preparatory steps to engage with a competing business while still employed. Mahabeer was alleged to have negotiated a position change with Scaw Metal/Cast Products, a direct competitor of Lucchini.
- Charge 2 alleged that Mahabeer undermined management. He reportedly suggested that Lucchini should consider the value of its intellectual property during a discussion of his potential leave with an HR manager. The company insists that he was implying potential misuse or exposure of confidential data.
- Charge 3 alleged that Mahabeer acted dishonestly toward Lucchini by failing to disclose that he was engaged in ongoing discussions about his potential departure from the company. During this period, he accessed sensitive internal information, including current financial, operational, and sustainability data, as well as information related to possible layoff processes.
- Charge 4 was insubordination. The company accused Mahabeer of refusing to provide a password from his laptop, arguing that ‘you can get it from the IT service provider.
- Charge 5 for misuse of the relocation fee, which Mahabeer negotiated during his hiring process.
The court ruled out that Vishen Mahabeer is not guilty on any of the charges. Charge 1 was dismissed, as it is violating an individual's right to freedom of trade, occupation, and profession. Charge 2 was dismissed as the court concluded that Lucchini failed to prove that Mahabeer used IP to extort money. Charge 3 was dismissed based on Ruling 1, as the court found that Mahabeer was entitled to seek alternative employment opportunities. Charges 4 and 5 were also dismissed, as he returned the company laptop to the employer, and the relocation fee was paid to him for the purchase of items.
All Luchini charges were dismissed. The court ordered compensation to be paid to Vishen Mahabeer. It includes 3 months of missed salary, when Mahabeer was suspended from work, compensation for emotional impact, and repayment of legal costs.
This case highlights that internal threats are not limited to data leaks and corporate fraud. Business risks also include various forms of employee misconduct, such as misuse of working time or exposure of confidential information. However, collecting sufficient evidence to support legal action can be challenging.
SearchInform has developed Risk Monitor, a Next-Gen Data Loss Prevention (DLP) solution designed to protect businesses from a wide range of internal threats. On a basic level, it provides businesses with highly demanded data protection capabilities, such as data classification, data loss prevention, and watermarks.
On top of that, the solution safeguards companies against business threats. It provides security specialists with monitoring capabilities, allowing them to detect cases of misallocation of work time.
All those features are delivered in a single platform that is easy to configure and operate. Risk Monitor includes preset security policies that ensure smooth and swift implementation.
In the context of this legal case, Risk Monitor could prevent any potential misuse of confidential information. The system will prohibit unauthorized access and operations with such files. Moreover, the solution can be used to reconstruct an incident. It provides facts for formal investigation or legal action.
Subscribe to get helpful articles and white papers.
We discuss industry trends and give advice on how to deal with data leaks and cyber incidents.
SearchInform uses four types of cookies as described below. You can decide which categories of cookies you wish to accept to improve your experience on our website. To learn more about the cookies we use on our site, please read our Cookie Policy.
Necessary Cookies
Always active. These cookies are essential to our website working effectively.
Cookies does not collect personal information. You can disable the cookie files
record
on the Internet Settings tab in your browser.
Functional Cookies
These cookies allow SearchInform to provide enhanced functionality and personalization, such as remembering the language you choose to interact with the website.
Performance Cookies
These cookies enable SearchInform to understand what information is the most valuable to you, so we can improve our services and website.
Third-party Cookies
These cookies are created by other resources to allow our website to embed content from other websites, for example, images, ads, and text.
Please enable Functional Cookies
You have disabled the Functional Cookies.
To complete the form and get in touch with us, you need to enable Functional Cookies.
Otherwise the form cannot be sent to us.
Subscribe to our newsletter and receive a bright and useful tutorial Explaining Information Security in 4 steps!
Subscribe to our newsletter and receive case studies in comics!