Maintaining a paper trail after leaving a company
Clash Royale CLAN TAG#URR8PPP
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty margin-bottom:0;
up vote
0
down vote
favorite
Over the course of my two years with my current employer, I've collected a small but not insignificant amount of company data on my personal machine(s). Most of these are in the form of old config files I keep as a back up or emails with information I like to reference. SOME files contain more potentially dangerous information from user ids to private VPN configurations. I know that most of this information resides elsewhere, I keep it there now for easy access.
I'm leaving in roughly a month (my boss already knows), what I suspect he doesn't know, or chooses to ignore, is that some of the things both he and a client told me to do are, while not illegal, wrong. By this I mean that there has been a continuous pattern of choosing speed or cost over system reliability, security, etc. I anticipate a lawsuit one day, and being the only person in the company who actually dealt with these things, I don't see how I could not be at least contacted by either party.
My question: I've been obsessive about documenting everything: who wanted what done when, why, what phase the moon was in, and the color of my underwear. The documentation will live on without me, but I have a personal paper trail of config file snippets, emails, and other records. I'd like to hold onto this personal documentation. Do I open myself up to any ethical or legal implications in doing so? The information is certainly confidential, but doesn't contain things like passwords or user logs.
ethics politics legal
suggest improvements |Â
up vote
0
down vote
favorite
Over the course of my two years with my current employer, I've collected a small but not insignificant amount of company data on my personal machine(s). Most of these are in the form of old config files I keep as a back up or emails with information I like to reference. SOME files contain more potentially dangerous information from user ids to private VPN configurations. I know that most of this information resides elsewhere, I keep it there now for easy access.
I'm leaving in roughly a month (my boss already knows), what I suspect he doesn't know, or chooses to ignore, is that some of the things both he and a client told me to do are, while not illegal, wrong. By this I mean that there has been a continuous pattern of choosing speed or cost over system reliability, security, etc. I anticipate a lawsuit one day, and being the only person in the company who actually dealt with these things, I don't see how I could not be at least contacted by either party.
My question: I've been obsessive about documenting everything: who wanted what done when, why, what phase the moon was in, and the color of my underwear. The documentation will live on without me, but I have a personal paper trail of config file snippets, emails, and other records. I'd like to hold onto this personal documentation. Do I open myself up to any ethical or legal implications in doing so? The information is certainly confidential, but doesn't contain things like passwords or user logs.
ethics politics legal
Really you anticipate a lawsuit because someone chose speed or cost over reliability and you could be contacted by either party. To facilitate this you wonder if you should take a copy of confidential information.
â paparazzo
Apr 20 '16 at 13:26
I don't think business strategy decisions are likely to generate a lawsuit, especially since both parties are actively involved. Just because you think these things were wrong from a developer perspective, doesn't mean that both sides didn't evaluate the pros/cons and agree to take in the technical debt.
â cdkMoose
Apr 20 '16 at 16:55
suggest improvements |Â
up vote
0
down vote
favorite
up vote
0
down vote
favorite
Over the course of my two years with my current employer, I've collected a small but not insignificant amount of company data on my personal machine(s). Most of these are in the form of old config files I keep as a back up or emails with information I like to reference. SOME files contain more potentially dangerous information from user ids to private VPN configurations. I know that most of this information resides elsewhere, I keep it there now for easy access.
I'm leaving in roughly a month (my boss already knows), what I suspect he doesn't know, or chooses to ignore, is that some of the things both he and a client told me to do are, while not illegal, wrong. By this I mean that there has been a continuous pattern of choosing speed or cost over system reliability, security, etc. I anticipate a lawsuit one day, and being the only person in the company who actually dealt with these things, I don't see how I could not be at least contacted by either party.
My question: I've been obsessive about documenting everything: who wanted what done when, why, what phase the moon was in, and the color of my underwear. The documentation will live on without me, but I have a personal paper trail of config file snippets, emails, and other records. I'd like to hold onto this personal documentation. Do I open myself up to any ethical or legal implications in doing so? The information is certainly confidential, but doesn't contain things like passwords or user logs.
ethics politics legal
Over the course of my two years with my current employer, I've collected a small but not insignificant amount of company data on my personal machine(s). Most of these are in the form of old config files I keep as a back up or emails with information I like to reference. SOME files contain more potentially dangerous information from user ids to private VPN configurations. I know that most of this information resides elsewhere, I keep it there now for easy access.
I'm leaving in roughly a month (my boss already knows), what I suspect he doesn't know, or chooses to ignore, is that some of the things both he and a client told me to do are, while not illegal, wrong. By this I mean that there has been a continuous pattern of choosing speed or cost over system reliability, security, etc. I anticipate a lawsuit one day, and being the only person in the company who actually dealt with these things, I don't see how I could not be at least contacted by either party.
My question: I've been obsessive about documenting everything: who wanted what done when, why, what phase the moon was in, and the color of my underwear. The documentation will live on without me, but I have a personal paper trail of config file snippets, emails, and other records. I'd like to hold onto this personal documentation. Do I open myself up to any ethical or legal implications in doing so? The information is certainly confidential, but doesn't contain things like passwords or user logs.
ethics politics legal
edited Apr 20 '16 at 3:55
asked Apr 20 '16 at 3:31
agentroadkill
979613
979613
Really you anticipate a lawsuit because someone chose speed or cost over reliability and you could be contacted by either party. To facilitate this you wonder if you should take a copy of confidential information.
â paparazzo
Apr 20 '16 at 13:26
I don't think business strategy decisions are likely to generate a lawsuit, especially since both parties are actively involved. Just because you think these things were wrong from a developer perspective, doesn't mean that both sides didn't evaluate the pros/cons and agree to take in the technical debt.
â cdkMoose
Apr 20 '16 at 16:55
suggest improvements |Â
Really you anticipate a lawsuit because someone chose speed or cost over reliability and you could be contacted by either party. To facilitate this you wonder if you should take a copy of confidential information.
â paparazzo
Apr 20 '16 at 13:26
I don't think business strategy decisions are likely to generate a lawsuit, especially since both parties are actively involved. Just because you think these things were wrong from a developer perspective, doesn't mean that both sides didn't evaluate the pros/cons and agree to take in the technical debt.
â cdkMoose
Apr 20 '16 at 16:55
Really you anticipate a lawsuit because someone chose speed or cost over reliability and you could be contacted by either party. To facilitate this you wonder if you should take a copy of confidential information.
â paparazzo
Apr 20 '16 at 13:26
Really you anticipate a lawsuit because someone chose speed or cost over reliability and you could be contacted by either party. To facilitate this you wonder if you should take a copy of confidential information.
â paparazzo
Apr 20 '16 at 13:26
I don't think business strategy decisions are likely to generate a lawsuit, especially since both parties are actively involved. Just because you think these things were wrong from a developer perspective, doesn't mean that both sides didn't evaluate the pros/cons and agree to take in the technical debt.
â cdkMoose
Apr 20 '16 at 16:55
I don't think business strategy decisions are likely to generate a lawsuit, especially since both parties are actively involved. Just because you think these things were wrong from a developer perspective, doesn't mean that both sides didn't evaluate the pros/cons and agree to take in the technical debt.
â cdkMoose
Apr 20 '16 at 16:55
suggest improvements |Â
3 Answers
3
active
oldest
votes
up vote
4
down vote
Short answer: Don't.
Make sure you do a good handover, ensure they know where the information is, and enjoy your new job. It's not your problem any more. Unless they are going to pay you for the privilege, it's there prerogative to make sure all the information in your head is available.
[Edit]
The original question asked "Should I take confidential data with me once I leave a company to make it easier to help them when called?". The last edit changed the question to "How can I keep a confidential paper trail when leaving a company in case of potential legal action?" The below answer addresses the new question, while the above the original question
I would strongly encourage you to talk to a lawyer before you leave the organisation. That way if they recommend keeping information that may protect you, then you still have access to it. But only a lawyer can give you the legalities of doing so. The "how" then becomes simple.
As a point of clarification: my replacement as Lead Systems Engineer is still not placed (and I doubt will be), so the 'handover' I've been trying to make happen seems unlikely. I obviously plan to purge 'sensitive' info like passwords, TLS certs etc. I'm more worried about emails I'd like to retain in anticipation of a law suit one day. Perhaps a better question would be 'How do I maintain a paper trail after leaving a company'?
â agentroadkill
Apr 20 '16 at 3:44
so the 'handover' I've been trying to make happen seems unlikely
. Not your problem. The other, however, may be a different question to ask.
â Jane Sâ¦
Apr 20 '16 at 3:45
I edited the question's title and content to better reflect what I'm asking and concerned with. Thanks
â agentroadkill
Apr 20 '16 at 3:56
1
Hmm, thus totally invalidating my answer :) I will edit.
â Jane Sâ¦
Apr 20 '16 at 3:57
Sorry. It's late here. Have an upvote C=
â agentroadkill
Apr 20 '16 at 3:59
suggest improvements |Â
up vote
1
down vote
In theory you should hand over everything related belonging to the company, to the company. In reality that doesn't always work out.
But, if you were to hold on to such information because in your opinion it might save you some grief, here's some advice. Don't go on the internet and advertise the fact.
An example would be a series of emails covering your back if anyone tried to implicate you for doing something that shouldn't have been done. Because the emails clearly show you refusing to get involved, things like that.
suggest improvements |Â
up vote
0
down vote
Generally speaking - when exiting a company you are to turn over all property that belongs to them. In the case of emails, etc, those belong to the company and it's up to them to retain them (given applicable laws). By extension, once handed over, you should remove any, and all, company emails, source code, config files, passwords, etc from your devices.
If the company is sued that is their problem; not yours. Well, not yours unless you engaged in illegal behavior. If you did engage in illegal behavior I highly doubt you'd want a record of that anyway. So absolutely get rid of it.
suggest improvements |Â
StackExchange.ready(function ()
$("#show-editor-button input, #show-editor-button button").click(function ()
var showEditor = function()
$("#show-editor-button").hide();
$("#post-form").removeClass("dno");
StackExchange.editor.finallyInit();
;
var useFancy = $(this).data('confirm-use-fancy');
if(useFancy == 'True')
var popupTitle = $(this).data('confirm-fancy-title');
var popupBody = $(this).data('confirm-fancy-body');
var popupAccept = $(this).data('confirm-fancy-accept-button');
$(this).loadPopup(
url: '/post/self-answer-popup',
loaded: function(popup)
var pTitle = $(popup).find('h2');
var pBody = $(popup).find('.popup-body');
var pSubmit = $(popup).find('.popup-submit');
pTitle.text(popupTitle);
pBody.html(popupBody);
pSubmit.val(popupAccept).click(showEditor);
)
else
var confirmText = $(this).data('confirm-text');
if (confirmText ? confirm(confirmText) : true)
showEditor();
);
);
3 Answers
3
active
oldest
votes
3 Answers
3
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
4
down vote
Short answer: Don't.
Make sure you do a good handover, ensure they know where the information is, and enjoy your new job. It's not your problem any more. Unless they are going to pay you for the privilege, it's there prerogative to make sure all the information in your head is available.
[Edit]
The original question asked "Should I take confidential data with me once I leave a company to make it easier to help them when called?". The last edit changed the question to "How can I keep a confidential paper trail when leaving a company in case of potential legal action?" The below answer addresses the new question, while the above the original question
I would strongly encourage you to talk to a lawyer before you leave the organisation. That way if they recommend keeping information that may protect you, then you still have access to it. But only a lawyer can give you the legalities of doing so. The "how" then becomes simple.
As a point of clarification: my replacement as Lead Systems Engineer is still not placed (and I doubt will be), so the 'handover' I've been trying to make happen seems unlikely. I obviously plan to purge 'sensitive' info like passwords, TLS certs etc. I'm more worried about emails I'd like to retain in anticipation of a law suit one day. Perhaps a better question would be 'How do I maintain a paper trail after leaving a company'?
â agentroadkill
Apr 20 '16 at 3:44
so the 'handover' I've been trying to make happen seems unlikely
. Not your problem. The other, however, may be a different question to ask.
â Jane Sâ¦
Apr 20 '16 at 3:45
I edited the question's title and content to better reflect what I'm asking and concerned with. Thanks
â agentroadkill
Apr 20 '16 at 3:56
1
Hmm, thus totally invalidating my answer :) I will edit.
â Jane Sâ¦
Apr 20 '16 at 3:57
Sorry. It's late here. Have an upvote C=
â agentroadkill
Apr 20 '16 at 3:59
suggest improvements |Â
up vote
4
down vote
Short answer: Don't.
Make sure you do a good handover, ensure they know where the information is, and enjoy your new job. It's not your problem any more. Unless they are going to pay you for the privilege, it's there prerogative to make sure all the information in your head is available.
[Edit]
The original question asked "Should I take confidential data with me once I leave a company to make it easier to help them when called?". The last edit changed the question to "How can I keep a confidential paper trail when leaving a company in case of potential legal action?" The below answer addresses the new question, while the above the original question
I would strongly encourage you to talk to a lawyer before you leave the organisation. That way if they recommend keeping information that may protect you, then you still have access to it. But only a lawyer can give you the legalities of doing so. The "how" then becomes simple.
As a point of clarification: my replacement as Lead Systems Engineer is still not placed (and I doubt will be), so the 'handover' I've been trying to make happen seems unlikely. I obviously plan to purge 'sensitive' info like passwords, TLS certs etc. I'm more worried about emails I'd like to retain in anticipation of a law suit one day. Perhaps a better question would be 'How do I maintain a paper trail after leaving a company'?
â agentroadkill
Apr 20 '16 at 3:44
so the 'handover' I've been trying to make happen seems unlikely
. Not your problem. The other, however, may be a different question to ask.
â Jane Sâ¦
Apr 20 '16 at 3:45
I edited the question's title and content to better reflect what I'm asking and concerned with. Thanks
â agentroadkill
Apr 20 '16 at 3:56
1
Hmm, thus totally invalidating my answer :) I will edit.
â Jane Sâ¦
Apr 20 '16 at 3:57
Sorry. It's late here. Have an upvote C=
â agentroadkill
Apr 20 '16 at 3:59
suggest improvements |Â
up vote
4
down vote
up vote
4
down vote
Short answer: Don't.
Make sure you do a good handover, ensure they know where the information is, and enjoy your new job. It's not your problem any more. Unless they are going to pay you for the privilege, it's there prerogative to make sure all the information in your head is available.
[Edit]
The original question asked "Should I take confidential data with me once I leave a company to make it easier to help them when called?". The last edit changed the question to "How can I keep a confidential paper trail when leaving a company in case of potential legal action?" The below answer addresses the new question, while the above the original question
I would strongly encourage you to talk to a lawyer before you leave the organisation. That way if they recommend keeping information that may protect you, then you still have access to it. But only a lawyer can give you the legalities of doing so. The "how" then becomes simple.
Short answer: Don't.
Make sure you do a good handover, ensure they know where the information is, and enjoy your new job. It's not your problem any more. Unless they are going to pay you for the privilege, it's there prerogative to make sure all the information in your head is available.
[Edit]
The original question asked "Should I take confidential data with me once I leave a company to make it easier to help them when called?". The last edit changed the question to "How can I keep a confidential paper trail when leaving a company in case of potential legal action?" The below answer addresses the new question, while the above the original question
I would strongly encourage you to talk to a lawyer before you leave the organisation. That way if they recommend keeping information that may protect you, then you still have access to it. But only a lawyer can give you the legalities of doing so. The "how" then becomes simple.
edited Apr 20 '16 at 4:03
answered Apr 20 '16 at 3:39
Jane Sâ¦
40.8k16125159
40.8k16125159
As a point of clarification: my replacement as Lead Systems Engineer is still not placed (and I doubt will be), so the 'handover' I've been trying to make happen seems unlikely. I obviously plan to purge 'sensitive' info like passwords, TLS certs etc. I'm more worried about emails I'd like to retain in anticipation of a law suit one day. Perhaps a better question would be 'How do I maintain a paper trail after leaving a company'?
â agentroadkill
Apr 20 '16 at 3:44
so the 'handover' I've been trying to make happen seems unlikely
. Not your problem. The other, however, may be a different question to ask.
â Jane Sâ¦
Apr 20 '16 at 3:45
I edited the question's title and content to better reflect what I'm asking and concerned with. Thanks
â agentroadkill
Apr 20 '16 at 3:56
1
Hmm, thus totally invalidating my answer :) I will edit.
â Jane Sâ¦
Apr 20 '16 at 3:57
Sorry. It's late here. Have an upvote C=
â agentroadkill
Apr 20 '16 at 3:59
suggest improvements |Â
As a point of clarification: my replacement as Lead Systems Engineer is still not placed (and I doubt will be), so the 'handover' I've been trying to make happen seems unlikely. I obviously plan to purge 'sensitive' info like passwords, TLS certs etc. I'm more worried about emails I'd like to retain in anticipation of a law suit one day. Perhaps a better question would be 'How do I maintain a paper trail after leaving a company'?
â agentroadkill
Apr 20 '16 at 3:44
so the 'handover' I've been trying to make happen seems unlikely
. Not your problem. The other, however, may be a different question to ask.
â Jane Sâ¦
Apr 20 '16 at 3:45
I edited the question's title and content to better reflect what I'm asking and concerned with. Thanks
â agentroadkill
Apr 20 '16 at 3:56
1
Hmm, thus totally invalidating my answer :) I will edit.
â Jane Sâ¦
Apr 20 '16 at 3:57
Sorry. It's late here. Have an upvote C=
â agentroadkill
Apr 20 '16 at 3:59
As a point of clarification: my replacement as Lead Systems Engineer is still not placed (and I doubt will be), so the 'handover' I've been trying to make happen seems unlikely. I obviously plan to purge 'sensitive' info like passwords, TLS certs etc. I'm more worried about emails I'd like to retain in anticipation of a law suit one day. Perhaps a better question would be 'How do I maintain a paper trail after leaving a company'?
â agentroadkill
Apr 20 '16 at 3:44
As a point of clarification: my replacement as Lead Systems Engineer is still not placed (and I doubt will be), so the 'handover' I've been trying to make happen seems unlikely. I obviously plan to purge 'sensitive' info like passwords, TLS certs etc. I'm more worried about emails I'd like to retain in anticipation of a law suit one day. Perhaps a better question would be 'How do I maintain a paper trail after leaving a company'?
â agentroadkill
Apr 20 '16 at 3:44
so the 'handover' I've been trying to make happen seems unlikely
. Not your problem. The other, however, may be a different question to ask.â Jane Sâ¦
Apr 20 '16 at 3:45
so the 'handover' I've been trying to make happen seems unlikely
. Not your problem. The other, however, may be a different question to ask.â Jane Sâ¦
Apr 20 '16 at 3:45
I edited the question's title and content to better reflect what I'm asking and concerned with. Thanks
â agentroadkill
Apr 20 '16 at 3:56
I edited the question's title and content to better reflect what I'm asking and concerned with. Thanks
â agentroadkill
Apr 20 '16 at 3:56
1
1
Hmm, thus totally invalidating my answer :) I will edit.
â Jane Sâ¦
Apr 20 '16 at 3:57
Hmm, thus totally invalidating my answer :) I will edit.
â Jane Sâ¦
Apr 20 '16 at 3:57
Sorry. It's late here. Have an upvote C=
â agentroadkill
Apr 20 '16 at 3:59
Sorry. It's late here. Have an upvote C=
â agentroadkill
Apr 20 '16 at 3:59
suggest improvements |Â
up vote
1
down vote
In theory you should hand over everything related belonging to the company, to the company. In reality that doesn't always work out.
But, if you were to hold on to such information because in your opinion it might save you some grief, here's some advice. Don't go on the internet and advertise the fact.
An example would be a series of emails covering your back if anyone tried to implicate you for doing something that shouldn't have been done. Because the emails clearly show you refusing to get involved, things like that.
suggest improvements |Â
up vote
1
down vote
In theory you should hand over everything related belonging to the company, to the company. In reality that doesn't always work out.
But, if you were to hold on to such information because in your opinion it might save you some grief, here's some advice. Don't go on the internet and advertise the fact.
An example would be a series of emails covering your back if anyone tried to implicate you for doing something that shouldn't have been done. Because the emails clearly show you refusing to get involved, things like that.
suggest improvements |Â
up vote
1
down vote
up vote
1
down vote
In theory you should hand over everything related belonging to the company, to the company. In reality that doesn't always work out.
But, if you were to hold on to such information because in your opinion it might save you some grief, here's some advice. Don't go on the internet and advertise the fact.
An example would be a series of emails covering your back if anyone tried to implicate you for doing something that shouldn't have been done. Because the emails clearly show you refusing to get involved, things like that.
In theory you should hand over everything related belonging to the company, to the company. In reality that doesn't always work out.
But, if you were to hold on to such information because in your opinion it might save you some grief, here's some advice. Don't go on the internet and advertise the fact.
An example would be a series of emails covering your back if anyone tried to implicate you for doing something that shouldn't have been done. Because the emails clearly show you refusing to get involved, things like that.
answered Apr 20 '16 at 4:57
Kilisi
94.5k50216376
94.5k50216376
suggest improvements |Â
suggest improvements |Â
up vote
0
down vote
Generally speaking - when exiting a company you are to turn over all property that belongs to them. In the case of emails, etc, those belong to the company and it's up to them to retain them (given applicable laws). By extension, once handed over, you should remove any, and all, company emails, source code, config files, passwords, etc from your devices.
If the company is sued that is their problem; not yours. Well, not yours unless you engaged in illegal behavior. If you did engage in illegal behavior I highly doubt you'd want a record of that anyway. So absolutely get rid of it.
suggest improvements |Â
up vote
0
down vote
Generally speaking - when exiting a company you are to turn over all property that belongs to them. In the case of emails, etc, those belong to the company and it's up to them to retain them (given applicable laws). By extension, once handed over, you should remove any, and all, company emails, source code, config files, passwords, etc from your devices.
If the company is sued that is their problem; not yours. Well, not yours unless you engaged in illegal behavior. If you did engage in illegal behavior I highly doubt you'd want a record of that anyway. So absolutely get rid of it.
suggest improvements |Â
up vote
0
down vote
up vote
0
down vote
Generally speaking - when exiting a company you are to turn over all property that belongs to them. In the case of emails, etc, those belong to the company and it's up to them to retain them (given applicable laws). By extension, once handed over, you should remove any, and all, company emails, source code, config files, passwords, etc from your devices.
If the company is sued that is their problem; not yours. Well, not yours unless you engaged in illegal behavior. If you did engage in illegal behavior I highly doubt you'd want a record of that anyway. So absolutely get rid of it.
Generally speaking - when exiting a company you are to turn over all property that belongs to them. In the case of emails, etc, those belong to the company and it's up to them to retain them (given applicable laws). By extension, once handed over, you should remove any, and all, company emails, source code, config files, passwords, etc from your devices.
If the company is sued that is their problem; not yours. Well, not yours unless you engaged in illegal behavior. If you did engage in illegal behavior I highly doubt you'd want a record of that anyway. So absolutely get rid of it.
answered Apr 20 '16 at 4:03
NotMe
20.9k55695
20.9k55695
suggest improvements |Â
suggest improvements |Â
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fworkplace.stackexchange.com%2fquestions%2f65511%2fmaintaining-a-paper-trail-after-leaving-a-company%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Really you anticipate a lawsuit because someone chose speed or cost over reliability and you could be contacted by either party. To facilitate this you wonder if you should take a copy of confidential information.
â paparazzo
Apr 20 '16 at 13:26
I don't think business strategy decisions are likely to generate a lawsuit, especially since both parties are actively involved. Just because you think these things were wrong from a developer perspective, doesn't mean that both sides didn't evaluate the pros/cons and agree to take in the technical debt.
â cdkMoose
Apr 20 '16 at 16:55