Rippling's lawsuit was filed on Monday (17 March) in San Francisco. It claimed that one of its employees was spying for Deel, and had spent four months uncovering trade secrets and information.
In the lawsuit, Rippling named the spy D.S. and claimed that their activities began around the beginning of November 2024 up until March 2025.
Rippling’s Slack logs showed that D.S. searched and accessed Rippling’s Slack channels at an unprecedented rate beginning in or around early November 2024. D.S. searched the term “deel” approximately 23 times per day.
According to the lawsuit, to identify the spy, Rippling created a ‘honeypot’ test. On 3 March 2025, Rippling’s general counsel created a Slack channel called ‘#d-defectors’ which acted as a false channel for ex-Deel employees now employed by Rippling to share embarrassing information about Deel. D.S. joined the channel and confirmed the Rippling team’s suspicions.
The lawsuit document also stated that, after an independent solicitor served D.S. with a court order, D.S. went into a bathroom and refused to come out, and that D.S's actions were suggestive of them trying to flush their phone down the toilet.
Read more: Made.com staff seek legal action after Zoom sackings
Protecting company information whilst respecting employees’ private communications at the same time is a “tightrope-walking act” for HR departments, Jim Moore, employee relations partner at HR consultancy Hamilton Nash, stressed.
Moore told HR magazine: “Any well-drafted employment contract will already have clauses covering confidential information and employee monitoring. The problem is not a lack of rules, it's enforcing them. That's where HR and IT need to collaborate.
"We've long had the capability to monitor what emails get sent in or out, what files are accessed, and what data is downloaded or uploaded. The problem is that manually reviewing all those audit trails for an entire employee population is impractical.”
Julian Munroe, associate solicitor at law firm Thackray Williams, echoed this, and told HR magazine: “Confidentiality provisions should be clearly set out in employment contracts. The provisions should remove any ambiguity and specify what constitutes confidential information, while serving as a reminder to employees of ongoing confidentiality duties, emphasising that such duties continue after their employment ends.
“It may also be appropriate for intellectual property provisions to be included. HR teams should regularly update and circulate internal company policies which contain clear guidelines outlining conditions for handling confidential information.”
The news comes as former Meta employee, Riley Berton, alleged in a LinkedIn post on Friday (14 March) that he was fired for sharing an internal company update with his wife. He explained that Meta CEO Mark Zuckerberg posted an update on the company’s internal platform, Workplace, in January about “getting tougher on low performers in the current performance review cycle".
This information, he alleges, was then leaked to media outlets. However, Berton insisted he was not the source of the leak and had only shared a portion of the post with his wife.
Read more: Recent developments in employment law
Munroe emphasised that although these cases were based in the US, employers in the UK can learn from them.
He said: “The issues pertaining to confidentiality are relevant and should be considered in a UK context. They beg the questions: what can employers reasonably do to protect their confidential information?, and what scope do employees have to share personal information regarding their job security with their loved ones?
“Identifying what specifically constitutes 'confidential' information is slightly greyer with trade secrets and any other relevant information that is not available or accessible in the public domain garnering protection. Any other information already within the public domain will not have the protection of confidentiality.”
Nash explained that there are many tools that can be implemented to detect suspicious behaviour patterns.
He said: “Automated AI tools can look for suspicious behaviour patterns and then flag that user's activity for scrutiny by a human reviewer. These tools can be supplemented by having confidential reporting mechanisms so employees can raise concerns about colleagues if they observe anything that doesn't look right.
"HR and IT leaders need to collaborate on balancing the power of these tools with the culture of the organisation. 'Trust, but verify' may seem self-contradictory, but people are fallible and unpredictable. HR needs to verify that a culture of trust is still trustworthy.”
Rippling and Deel have been contacted for comment.
A spokesperson for Deel said: “Weeks after Rippling is accused of violating sanctions law in Russia and seeding falsehoods about Deel, Rippling is trying to shift the narrative with these sensationalised claims. We deny all legal wrongdoing and look forward to asserting our counterclaims.”
