ex-employee took client list: trade secret theft? — what are my options?

I own a B2B services company with about 120 clients. My top salesperson ("Jason") resigned three weeks ago and immediately started his own competing company. Within a week, several of my clients told me Jason contacted them and offered the same services at a lower price.

Jason clearly took our client list, including contact information, account details, and pricing. This was stored in our CRM (Salesforce) which he had access to during his employment. We've since revoked his access but the damage is done.

Jason signed a confidentiality agreement but not a non-compete. Can I do anything about the client list specifically? This feels like theft.

You may have a strong trade secret misappropriation claim. There are two primary legal frameworks:

1. Federal: Defend Trade Secrets Act (DTSA), 18 U.S.C. § 1836 — This allows you to bring a civil action in federal court for trade secret misappropriation. It applies to trade secrets "related to a product or service used in, or intended for use in, interstate or foreign commerce."

For more details, see our analysis at /2025/12/04/trade-secret-theft-client-poaching-demand-letters/.

We do have access controls — individual Salesforce logins, role-based permissions. Jason only had access to his own accounts, not the full client list. But he still had about 45 accounts, which is a lot.

We checked the Salesforce audit logs and he exported a report of all his accounts (including contacts and pricing) the day before he resigned. Is that the smoking gun?

That audit log is extremely significant evidence. It shows deliberate acquisition of confidential information immediately prior to departure, which goes directly to the "misappropriation" element. Under the DTSA, misappropriation includes acquisition by "improper means" or use/disclosure of information the person knew was a trade secret.

Given the urgency (he's actively soliciting your clients right now), you should consider seeking a Temporary Restraining Order (TRO) and preliminary injunction in federal court. A TRO can be granted ex parte (without the other side present) in emergencies and would order Jason to:

1. Immediately cease using the misappropriated client information
2. Return or destroy all copies of the data
3. Stop soliciting the specific clients whose information he took
4. Preserve all evidence (emails, files, communications with your clients)

The DTSA also provides for an ex parte seizure order under § 1836(b)(2) in extraordinary circumstances, where the court can order law enforcement to seize the misappropriated trade secret. This is a powerful remedy but courts grant it sparingly.

You need to move quickly. Every day that passes, more client relationships are at risk and it becomes harder to argue the emergency required for a TRO.

This is why exit procedures matter. At my company, we revoke all system access before the employee knows they're being terminated or before we accept a resignation. We also run an audit of all downloads, exports, and email forwards for the 30 days prior to departure.

Derek, check more than just Salesforce. Look at his email (did he forward anything to a personal account?), any cloud storage access (Google Drive, Dropbox), and USB device logs if your IT tracks those. Building a complete picture of what he took strengthens your case significantly.

Also, if any of the clients he's soliciting have told you about it in writing (email, text), those are valuable as evidence of actual use of the misappropriated information.

Pam, great point. I had IT check and he did forward a few emails with client-related attachments to his Gmail two days before resigning. So we have the Salesforce export AND the email forwards.

I've already had three clients reach out to me saying Jason contacted them with competitive offers. Two of them sent me the actual emails he sent them, which reference specific pricing from their contracts with us — information he could only have gotten from our system.

I'm contacting a litigation attorney today. This seems like a clear-cut case with strong evidence.

You have very strong facts. The combination of the confidentiality agreement, the audit log showing the day-before-resignation export, the email forwards to personal accounts, and the evidence that he's using specific pricing data from your CRM in his solicitations — that's about as clean a trade secret case as you'll find.

When you meet with the litigation attorney, bring all of this documentation organized chronologically. Also note that under the DTSA § 1836(b)(3), available remedies include:

• Injunctive relief (stopping him from using the information)
• Actual damages (lost profits from clients he poached)
• Unjust enrichment (profits he earned using your trade secrets)
• Exemplary damages up to 2x actual damages for willful and malicious misappropriation
• Reasonable attorney's fees in cases of willful misappropriation

Move quickly. Time is your enemy here.