Legal Liability for Deleting Company Group Chats and Records After Resignation

In the modern corporate landscape, the transition of an employee out of a company is often more than a physical exit; it is a digital decoupling. However, a growing trend of "digital scorched earth"—where departing employees delete company group chats, emails, or project files—has raised significant legal alarms. In the Philippines, such actions are not merely a breach of professional etiquette; they may constitute serious criminal and civil offenses.

I. The Nature of Company Property

The foundational principle is that data created or managed within the scope of employment is considered company property. This includes:

  • Official company group chats (Viber, WhatsApp, Telegram, Slack).
  • Emails and internal correspondence.
  • Client databases and project spreadsheets.

Under the Civil Code of the Philippines, an employee has an obligation to return and preserve the properties of the employer upon the termination of the employment contract. Deleting these records is viewed as a form of "unauthorized destruction" of property.

II. Criminal Liability: The Cybercrime Prevention Act

The most potent tool against the unauthorized deletion of digital records is Republic Act No. 10175, otherwise known as the Cybercrime Prevention Act of 2012.

1. Data Interference (Section 4(a)(3))

This is the primary offense applicable to deleting records. It involves the intentional or reckless alteration, damaging, deletion, or deterioration of computer data, electronic documents, or electronic messages without right.

  • Penalty: Imprisonment of prision mayor (6 years and 1 day to 12 years) or a fine of at least ₱200,000, or both.

2. System Interference (Section 4(a)(4))

If the deletion of group chats or records hinders the functioning of a computer system (e.g., deleting a database that runs an internal app), the individual may be charged with System Interference.

  • Penalty: Similar to Data Interference, with higher penalties if the act affects critical infrastructure.

III. Breach of the Data Privacy Act (R.A. 10173)

While the Data Privacy Act (DPA) primarily protects personal data, it also imposes obligations on "Personal Information Controllers" and their employees.

If a departing employee deletes records containing personal information of clients or co-workers, they may be liable for Malicious Disclosure or Unauthorized Processing. Furthermore, Section 25 of the DPA penalizes the "Accessing of Personal Information and Sensitive Personal Information Due to Negligence," which can be extrapolated to the mishandling or destruction of data repositories.

IV. Civil Liability and Labor Law Consequences

Beyond criminal prosecution, an employer can pursue civil and administrative remedies:

  • Breach of Contract: Most employment contracts contain "Return of Assets" or "Confidentiality" clauses. Deleting data is a direct violation of these provisions, justifying the withholding of "Back Pay" or "Final Pay" until the damage is appraised (subject to DOLE regulations).
  • Civil Damages: Under Article 2176 of the Civil Code (Quasi-delict), the company can sue for actual damages (lost revenue/reconstruction costs), moral damages (reputational harm), and exemplary damages.
  • Serious Misconduct: In Philippine Labor Law, "Serious Misconduct" and "Willful Disobedience" are just causes for termination. If the deletion occurs before the resignation is effective, it can lead to a dishonorable discharge, forfeiting certain benefits.

V. The Issue of "Admin" Rights in Group Chats

A common defense is that the employee was the "Admin" or "Creator" of a Viber or WhatsApp group and thus had the "right" to delete it. Philippine jurisprudence and evolving digital laws generally reject this. If the group was used for official business purposes, the "Creator" status is deemed a function of their employment, not a personal right. Deleting the group is seen as destroying a company archive.

VI. Key Takeaways for Departing Employees

To avoid legal entanglements, employees should adhere to the following:

  1. Turn Over Credentials: Provide all passwords and administrative rights to successors.
  2. Preserve the Trail: Do not "clear chat" or "delete for everyone" in official communication channels.
  3. Adhere to Exit Clearances: Ensure the IT department or HR has verified the integrity of the digital turnover before signing the final clearance.

Legal Note: The "right to be forgotten" does not apply to corporate records. Deleting company data under the guise of privacy is a common legal misconception that can lead to significant jail time and financial penalties in the Philippines.

Disclaimer: This content is not legal advice and may involve AI assistance. Information may be inaccurate.

Privacy Policy

Terms of Use

Lawyer Login

 
 
Privacy Policy         Terms of Use         Lawyer Login