My article in July's issue of WBN talked about the legal test to establish a breach of confidence. In this follow-up article, I outline what remedies are available to a person who finds their secret is out.

To refresh readers' memories, in order to establish breach of confidence a person must prove:

  1. The subject information has the necessary quality of confidence about it;
  2. The subject information has been communicated in circumstances importing a duty of confidence; and
  3. There has been an unauthorised use of that information to the detriment of the person communicating it.

The first requirement refers to information that is not public knowledge, i.e. ‘private’ knowledge.  Such knowledge typically includes trade secret (such as recipes or formulae), a database of information or designs for a new product.

The second requirement refers to the manner in which the ‘private’ information has been passed from person A to person B.  The obligation frequently arises out of a relationship between two parties in which one party has passed ‘private’ information to the other party on the basis it is to be used only for a known, agreed and usually limited purpose.

The third requirement is that the recipient of the confidential information has disclosed or used that information without the consent and to the detriment of the owner of that information.

If a person can establish all these elements the court will consider remedies.

In any case for breach of confidence the complainant can choose what remedy or remedies they want; what remedies they get however will be decided by the judge. The choices are usually one or more of the following:

  • damages (monetary compensation), which usually requires expert evidence as to the amount of loss and how that amount has been calculated;
  • account of profits, to claw back any riches the person in breach has unjustly made;
  • injunction, to stop a person from continuing to do something and/or prevent them from doing something in the future; and
  • exemplary damages, if the breach is so flagrant that an additional level of punishment is required.

The most appropriate remedy or remedies is really dependent on the circumstances of each case. For example, if you know an ex-employee has taken a copy of a customer database and is about to set up a rival business, then an injunction to prevent use and to order destruction or return of that copy would probably the most appropriate as the owner of the information is unlikely to have suffered any loss at this point to justify a claim for damages or account of profits.

Taking the same scenario a step further, if the ex-employee has already set up the business and stolen customers directly because of access to the customers’ details then it would be appropriate to seek an injunction plus either damages or an account of profits (depending on, for example, how long the unlawful use has been going on and/or the value of the business lost).