Facebook-Hacking Employer Still Gets Injunction Against Ex-Employees

By John Alan Doran

Scherer Design Group (“SDG”) sued several of its former employees for starting a competing business (while still employed), stealing trade secrets, and stealing clients. The trial court entered an injunction against the ex-employees based on evidence that came, in part, from one of their Facebook accounts, which may or may not have been left open on an SDG laptop after their departure. It turns out that some of the exes used their Facebook accounts to communicate about their new company. When their Facebook communications showed up as evidence in the injunction hearing, the exes cried foul.

The exes argued that their former employer was not entitled to the equitable relief of an injunction because it had acted inequitably, itself, by wrongfully hacking their Facebook accounts. The trial court rejected this argument, finding that the alleged Facebook hack had no bearing on the employer’s right to obtain an injunction because SDG’s alleged hacking was not directly “related to the litigation.” The hacking occurred, if at all, after the conduct that gave rise to the lawsuit.

On appeal, a Third Circuit panel split 2-1 in favor of the employer, applying New Jersey law. The majority agreed that the alleged hacking was not directly related to the subject matter of the lawsuit because: (1) SDG did not hack the Facebook account as a means to acquire the legal rights it asserted against the exes; (2) SDG would have been able to prove the exes’ disloyalty independent of the Facebook evidence; and, (3) the exes’ privacy rights involved a separate body of law not directly tied to employee disloyalty/unfair competition law, so there was no direct nexus between the litigation and the alleged hacking. This appears to be bad facts making peculiar law—the trial court and the Court of Appeals were extremely reluctant to let the exes off the hook for their extraordinary misconduct simply because SDG may have committed a privacy gaffe.

All we can say is: Kids, don’t try this at home! Assuming SDG did hack one or more Facebook accounts, at the very least it potentially jeopardized its ability to obtain an injunction against the exes. Far worse, SDG might have exposed itself to a variety of federal or state law violations for the alleged hack.  Before you go jumping into an employee’s private social media account: (1) talk to your lawyer…a lot; (2) make sure your policies clearly provide that you have the right to access any social media account that is accessed from an employer system or device (except where prohibited by state law); and (3) be sure to record your method of accessing the account so you can prove later on that you did not hack into anything, but simply accessed an open account (as SDG claimed in this case).

Scherer Design Group, LLC v. Ahead Engineering LLC et al., No. 18-2835  (3d Cir. February 25, 2019)