Check out all the on-demand sessions from the Intelligent Security Summit here.
MasterCard’s decision to go to federal court last week and sue Nike for $5 million because it hired away several IT security people may force the courts to remap the boundaries of corporate recruiting.
At issue are so-called non-solicitation agreements, which are routinely included today in hiring letters. These agreements try to prohibit someone from recruiting fellow employees when they leave the company.
In the MasterCard case, some former employees left to join Nike and help improve its security operations. The rub involves what constitutes “recruiting” and, most critically, how one defines “indirect recruiting,” which is what the MasterCard letter banned.
The topic gets complicated when it’s not an issue of the executive calling former colleagues and asking them to join, nor when it involves instructing someone else to make such calls on his behalf. (Those are clearly banned under non-solicitation agreements.) The issue is when the action is limited to telling a new boss about who some of the best security talent in the industry is — and offering general ranges of salary needed to attract such talent.
Intelligent Security Summit On-Demand
Learn the critical role of AI & ML in cybersecurity and industry specific case studies. Watch on-demand sessions today.
Does such behavior constitute indirect recruiting? And if so, is it practical to try and prohibit such behavior?
It’s important to note that the rules differ in many states. California and North Dakota, for example, all but ban the enforcement of non-solicitation agreements, and there are substantial restrictions for employee recruitment bans in Oklahoma, Montana, Colorado, Louisiana, and South Dakota, said Marnie DeWall, a partner in the law firm of Lindquist & Vennum.
J. Philip Martin, a litigator with the Silicon Valley-based Kastner Kim law firm who specializes in non-compete clauses, said the definition of “indirect” will vary based on the court making the ruling. In layman’s terms, though, he said it’s a matter of provable intent.
“Don’t make it happen by doing things you know will” trigger the indirect recruiting clause, he said. “Giving them information as to who the hotshots are may very well be indirect.”
The lawsuit that MasterCard filed (.pdf) was vague as to exactly how the former MasterCard executives were supposed to have recruited their former colleagues. (Nike has yet to respond in court, but it told the Wall Street Journal yesterday that it regards the lawsuit as “without merit.”) Those execs — William E. Dennings, former MasterCard Chief Information Security Officer (CISO), and Ryan Fusselman, former senior business leader at the payment card company’s IS department, “in charge of security engineering” — apparently recruited at least one employee through LinkedIn, the filing said, but it’s unclear if it was a generic message sent to all of the execs’ LinkedIn followers or something much more specific.
Reached by phone yesterday, MasterCard attorney Martin Edel, who signed the lawsuit filing, declined to clarify the nature of the message. MasterCard spokesman Seth Eisen did not respond to a request to clarify.
The lawsuit said that Nike hired “at least seven additional” MasterCard managers or employees, beyond Dennings and Fusselman, within six months, all to build out Nike’s security IT department.
“Because talent in this rapidly growing area is limited, in demand and not well known, Dennings and Fusselman conspired to build Nike’s information security department by soliciting and hiring highly qualified managers and employees from MasterCard,” the lawsuit claims.
In an apparent attempt to suggest that the two former execs knew they were doing something wrong, the filing said that employees were asked to lie to MasterCard about why they were quitting.
An example of the lies told to MasterCard, according to MasterCard? One employee “claimed that she was resigning to relax and to focus on her family and health.” Fusselman himself said, according to the lawsuit, “that he was accepting a job with an aerospace company in California.”
There’s a bigger issue at play here: What is a new executive permitted/expected to do to fulfill his/her new role? And what constitutes sensitive information that cannot move from one company to the next?
In this case, the CISO job at Nike required the executive to recruit and identify new talent. Is the exec required to not reveal to a new boss the best talent that exists, even at a former employer? What if that employee’s talents were known from elsewhere? What if that recruitment target spoke at conferences and penned opinion pieces?
Let’s take this up a notch. One of the things that make experienced people valuable is the collection of experiences and knowledge gathered from various roles. Is it reasonable to ban an executive from leveraging any experience gained at a prior company, by dubbing it proprietary information? Take salaries, for example. Can an executive set a salary range for a position without specifying what a specific former employee was paid?
One example that MasterCard cited was that knowledge of how talented and hard-working an employee is would be confidential and can’t move from one employer to another.
This area of law is messy, with so many states having very different standards and so many enterprises having operations in so many different states.
Mark Elfenbein, the chief executive of visual search vendor Slyce, said the distinctions here are important, but avoiding legal entanglements may be much more important.
“At the end of day, even a non-direct attempt to solicit an employee from an agreed upon prohibited company is not worth the risk and I have always personally assumed the safest path in these instances,” Elfenbein said.
Somehow, the more people try to quantify when such recruitment is OK and when it isn’t, the more sensible it seems to just ban non-solicitation agreements altogether.
However, the Mastercard-Nike suit is likely to lead to more complexity and nuance, not less.
VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.