What is "Confidential Information"?
Confidential information is a fragile intellectual property right. By contrast with intellectual property rights, such as patents, trademarks and copyright, there is no statutory framework governing ownership which can be protected under the laws of confidentiality. Saying information is confidential will not of itself turn information which is not inherently confidential, into confidential information. It must have the necessary quality of confidence. Each case will be considered on its merits.
There are two main aspects to protecting confidential information under the law of confidentiality:
- Ensuring that the information is disclosed in circumstances importing an obligation of confidence.
- Ensuring that publication does not occur and the information is, and remains, confidential.
What type of information can be protected?
Almost any type of information can be confidential and legal protection is offered to commercial information, including know-how and personal information. Commercial information protected under the laws of confidentiality may take many forms. The following are examples of information, which may be protected:
- Formulae, which cannot be derived from the final product.
- Business methods, until they are used in public.
- Financial or statistical information.
- Plans, sketches, drawings.
- Improvement to products or processes.
Do you need a Confidentiality Agreement?
In some cases, the law of confidentiality may be the only way of protecting certain information such as business methods, discoveries, and scientific theories, which are specifically excluded from patent protection in Europe, for example. In other cases the law of confidentiality may be used to protect information relating to a patent application at the development stage prior to filing.
A person or a company could take the view that it does not need a formal confidentiality agreement, as the law will provide protection in any event. To a certain extent that is true, however, this often entails relying on a mixture of rights that do not always provide clear remedies. This approach is therefore dangerously complacent and is liable to leave the discloser unprotected.
Some of the reasons for having a confidentiality agreement can be summarised as follows:
- It creates a simple contractual obligation. This will help support a claim under general law because it creates the relationship of confidence.
- It will help the disclosing party delimit what needs to be disclosed.
- It has moral force, which may prove as valuable as legal remedies. It sets out the conduct the discloser expects from the recipient. This encourages the recipient to put procedures in place that will avoid information being disclosed to unauthorised persons.
- It can, for example, be used to protect the novelty of inventions pending the filing of a patent application by keeping the material that is the subject of obligations of confidentiality out of the “state of the art”.
When should confidentiality agreements be entered into?
Confidentiality agreements are appropriate in almost every type of commercial transaction. It is essential that commercially sensitive information is not disclosed unless properly authorised and the information is protected by an appropriate undertaking. In particular, in the research and development area, it is important that information, sufficient to allow a third party to replicate the inventions, is not disclosed before a patent applications has been made and before the patent applications have become public. Failure to do so can severely limit, or even wholly undermine, the scope for protecting the information either under patent law or as a trade secret under the law relating to confidentiality.
Careful management of the disclosure process
The practical importance of managing disclosure cannot be over-emphasised. If information is disclosed in connection to a process of several stages, the disclosing party should only gradually disclose the information necessary for each stage. Critical information should therefore as far as possible be released at the latest possible stage. Confidentiality agreements should be entered into as part of an overall package of measures designed to protect information. Unreasonable or impractical restrictions will usually be ignored or overlooked and a better protection will thus be achieved by establishing clear, reasonable guidelines.
Limitations of the confidentiality agreement
- Even if the parties enter into a formal confidentiality agreement, they should be aware, that it does not provide perfect protection:
- It does not eliminate the need to take all available practical steps to ensure that the other side fulfils its obligations.
- It is very difficult to enforce and may be of little use against dishonest recipients. No legal remedy will make the information secret again. Even an honest recipient will inevitably take the disclosed information into account in its own commercial plans, whatever the terms of the confidentiality agreement.
Accordingly, prevention is far better than the cure.
What and when to disclose:
- Information should be graded in sensitivity, and critical information separated from the rest. Only information which is absolutely necessary to disclose should be disclosed
- Identify information that the discloser cannot disclose because it is already subject to a confidentiality obligation. Check all major contracts, particularly technology or similar licensing agreements or long-term customer supply agreements.
- Endeavour to anticipate what recipients will want to know and when in the negotiating process to disclose this information.
Show that information is "Confidential":
- Have internal policies such as marking information as "Confidential" and procedures for ensuring all employees have a clear idea of exactly what is to be regarded as confidential information..
- Keep confidential information in a locked cabinet or in secure computer files and restrict internal disclosure.
- Consider keeping a central record of the agreements containing confidentiality undertakings. This may make it easier to find out whether you can enter into a new undertaking without breaching an existing undertaking.
- Establish appropriate records to ensure that the discloser can demonstrate exactly what information was disclosed, when and to whom. Any confidential information supplied to a recipient should be recorded with dates and times. Letters should always set out the enclosures or they should be separately documented.
- Keep a contemporaneous written record of new developments and related data. This will constitute important written evidence in any subsequent litigation, and makes the confidential information on which such proceedings are to be based easier to identify and more convincing.
- If information is given verbally, the recipient should be told the information is confidential, in connection with the disclosure. This should be confirmed in writing as soon as possible after the disclosure..
- Remind departing employees and consultants of their continuing confidentiality obligations and require the return or destruction of any confidential material, particularly if they are likely to have kept information off-site.
Such policies must be strictly enforced if they are to be effective. Failure to do this will likely be fatal to any attempt to stop unauthorised use or disclosure. The more sensitive the information is, the tighter the controls should be.
- Investigate the business objectives and plan disclosure.
- Determine if there are any legal restrictions on disclosing the information.
- Identify sensitive information and delay disclosing it until required.
- Limit the disclosure within your organisation to those that need to know.
- Appoint one person who determines to whom and when confidential information should be disclosed.
- Ensure both internal and external recipients enter into confidentiality agreement before any information is disclosed. Ensure that the signatories have the authority to contract.
- Keep the confidentiality agreement simple and:
- Define confidential information carefully to suit circumstances.
- Decide who the recipient can disclose the information to.
- Consider what time limits are required under local law or desired.
- If additional clauses are included ensure that they do not make the agreement invalid.
- Be realistic in your requirements to the recipient.
Common Provisions of the Confidentiality Agreement
- A confidentiality agreement should always contain the following key provisions and careful thought should be given to each of them:
- A definition of the confidential information to be protected.
- The central obligation to keep the information secret and to use it only for the permitted purpose.
- Any information which is to be excluded.
- The circumstances in which, and persons to whom, the recipient is permitted to disclose the information.
- The return and/or destruction of confidential material.
The definition of confidential information is at the heart of the agreement and should be considered carefully. If it is drafted too widely, tight disclosure provisions become very difficult to apply.
The following types of information may need to be kept confidential:
- The detailed commercial, scientific information and data provided to the recipient.
- The fact that negotiations are taking place and their details.
- The existence of the agreement, its detailed terms and conditions.
The recipient will want to ensure that certain categories of information are excluded. Information, which is public knowledge, is an obvious and common exclusion. Other exclusions are negotiable. The recipient may argue that information which it can prove is already known should be excluded. In a longer term relationship, (e.g. collaboration arrangement), the party giving the undertaking may want to exclude information arrived at after independent research during the period of the collaboration.
Confidentiality and non-use undertakings
A confidentiality agreement will contain a number of undertakings by the recipient relating to the information to be disclosed. The central undertaking the recipient gives is not to disclose the information to any third party and to use it except for a permitted purpose. Other undertakings are generally given as to copies, control and return of the information.
Confidentiality and related undertakings are restrictive in nature and will be construed strictly against the discloser. They should be very carefully worded, as every case will be considered on its merits by the courts.
Duration of undertakings
Confidentiality agreements are often drafted without a fixed term and without any means of termination. It is not uncommon, however, for the confidentiality undertaking itself to be limited to a period of say, three to five years. As information usually loses its value after a few years, it may be better to have an end date to the agreement itself rather than the agreement theoretically applying indefinitely.
However, each case should be assessed individually as it depends on the circumstances. For example, a confidentiality agreement in the context of a research and development arrangement will need to last for a long period of time because it will contain information which is not available at the outset.
There are contrasting interests involved. The recipient of the information may well wish to involve others in the process of evaluating and putting together the proposed deal, e.g. its own employees, professional advisers or banks. In contrast, the discloser wants to restrict the circle of people who are in the know. The discloser may seek to do this by forbidding disclosure unless it gives written approval or it may agree to restrict disclosure to selected named individuals or selected categories of people. The discloser’s second aim is to ensure that all third party recipients keep the information secret.
This can be achieved by:
- Placing the obligation on the original recipient to ensure that the third party recipients keep it secret. This leaves the recipient responsible for entering into undertakings with third parties to whom they disclose the information.
- Requiring these third parties to enter into an undertaking with the discloser before they are told the information.
At the same time, the discloser should take the opportunity to ensure that appropriate confidentiality restrictions are included in its contracts with its own employees, advisers and sub-contractors.
Return of confidential information
The discloser must ensure that the recipient is required to return or destroy on demand any information provided and any copies, notes, or records made from the information and to delete it from any computer or other electronic systems upon which it has been stored.
Where information is provided to enable the recipient to conduct for example preliminary trials for product development, synthesis of compounds which will be subject matter of a full agreement, provisions should be inserted addressing the ownership of any intellectual property rights resulting from any improvements made to such information.
Take care with ancillary provisions included in confidentiality agreements
Over the years there has been a vast extension of the matters which may be included in confidentiality agreements. Thus, confidentiality agreements vary greatly in form and length. Agreements should be looked at carefully to ensure that they do not fetter the disclosures in the future. The confidentiality agreement may for example contain a provision saying that the discloser is negotiating with the recipient exclusively and that the discloser may not negotiate or disclose confidential information to anyone else for a period of time. Before agreeing to such a provision the discloser should assess very carefully the effect, both short term and long-term, of giving this obligation in accordance with any business strategies or plans.
- Ensure parties to the agreement are accurate.
- Define what information is covered.
- Is it all information “confidential”?
- Are there any exclusions.
- Specific confidentiality measures.
- Specify duration of various undertakings.
- Announcements regarding transaction to be agreed jointly.
- No grant of rights in information.
- No representation as to accuracy or completeness of information.
- Ownership of improvements.
- Duty on recipient to inform the discloser if there is any breach of the confidentiality undertaking. This could be vital in the situation of making a patent application.
- Discloser may decline to provide information.
- Discloser may require recipient to deliver up information.
- Where information is not owned by discloser, discloser to warrant that it has authority to disclose information to recipient.
- Indemnity from recipient of discloser’s costs of enforcing agreement.
- Discloser not liable for recipient’s costs if discloser withdraws from discussions.
- Competition law considerations.
The confidentiality agreement should be entered into as a part of an overall package of measures designed to protect information. In addition, it should be borne in mind that a person or a company does not just have to protect its own confidential information; it may also have to protect confidential information, which is disclosed to it. Be wary of accepting onerous obligations aimed at preventing unauthorised access to the disclosed information. Similarly, when confidential information is being disclosed to third parties it is essential that the agreements are carefully looked at to ensure that they do not in any way fetter the disclosers in the future. It is also necessary to ensure that there are no terms in any confidentiality agreements, which in any way contradict any other confidentiality agreements signed by the person or company.