In an increasingly competitive business environment, many businesses face the threat of competitors or ex-employees seeking to make use of confidential information.
Businesses often go to great lengths to protect valuable information. Still, even with the best safeguards, there can be a leak or a threatened leak.
When a leak occurs there are many avenues a business might take to protect its position, including taking action pursuant to contractual rights.
One option that is often overlooked is to bring a claim for breach of confidence under the common law.
An action for breach of confidence might be available if an aggrieved party can establish three things:
- The information is protectable.
- The respondent owes an obligation of confidence.
- The respondent is making or threatening to make unauthorised use or disclosure of the information.
What will constitute confidential information varies from case to case. Given the complexities of modern commerce, courts are flexible when determining what confidential business information is.
There are three main threshold requirements to establish that information is protectable information.
- The information must be specific. To bring an action in breach of confidence a plaintiff must be able to clearly and precisely identify the information they believe is confidential.1
- The information cannot be in the public domain. Where confidential information has been published sufficiently in the public domain it will cease to be confidential. Information will be in the public domain where it has been published in print media, broadcast on television or radio, or made available on the internet.2
- The information must be sufficiently secret and valuable. The court will assess the extent to which a business has kept the information secret and the value of the information to the business or its competitors.3
Examples of the types of information that are likely to be considered confidential information include:
- Technical know-how such as product specifications, service processes, manufacturing methods, product designs, quality control methods, or trade formulas.
- Business or financial information such as business strategies, client and supplier details, research and development data, budget data, sales data, or distribution data.
- Damaging information such as video footage of controversial business practices, failed testing results, failed research results, controversial personal opinions of employees or directors, or controversial personal information of employees or directors.
Obligation of confidence
To take action for breach of confidence, the confidential information must be received by the respondent in circumstances implying confidentiality or where confidentiality is expressly stated.
Again, courts are flexible in the application of this element. They will take into account the circumstances in which the information was given, the intention of the confiding party and whether the defendant would have known the information was confidential.4
People who may owe obligations of confidence include the following:
- Insiders or people within the business, involved with the business, or who used to be involved in the business generally have obligations of confidentiality.5
- Outsiders or people who receive confidential information, either by theft, dubious means or because of an accidental leak, may have an obligation of confidentiality where they would have reasonably known the information was confidential.6
An aggrieved party may bring a claim for a breach of confidence where there:
- has been a breach – i.e. a person has misused confidential information;
- is a threatened breach – i.e. a person has threatened to disclose confidential information; or
- is a risk of a breach – i.e. a person is likely to use or disclose confidential information.
Depending on the circumstances, there are a number of remedies that may be available on a successful breach of confidence action, such as:
- injunction – where the court makes an order restraining a respondent from either misusing or continuing to misuse the plaintiff’s confidential information;
- delivery up and destruction – where the court orders the respondent to deliver up for destruction any property that uses the aggrieved party’s confidential information; and
- damages – this can be awarded either as an alternative to an injunction or to supplement an injunction to compensate an aggrieved party that has suffered loss.
Keeping information confidential in court
Where an aggrieved party takes action to protect confidential business information the last thing they want is for those secrets to be available to the press or competitors because of the public nature of court proceedings.
It is important that the parties to the action are conscious of the need to keep confidential information, which is the subject of court proceedings, confidential throughout any action. Some methods that can be employed to protect confidential information in the course of proceedings are:
- objecting to disclosure of certain documents;
- requiring confidential undertakings before disclosing documents;
- filing sealed documents; and
- seeking an order that the court’s reasons not be published.
In addition to contractual remedies, or where they are not available, breach of confidence may be a claim that is available to businesses to protect confidential information.
The key to this sort of claim is to always act quickly to minimise the damage that may eventuate.
Of course, making a claim in court should always be an option of last resort. It is always prudent for businesses to have comprehensive front end protections to preserve confidentiality (e.g. confidentiality agreements, access restrictions, etc.).