Heightened stockholder engagement and influence, a proliferation in the availability of third-party information (including through social media) and a desire for greater corporate transparency and accountability have increased the pressure on corporate directors to share information with stockholders. In addition, the influence of activist investors and the increasing number of board members selected by activists and other investors has increased the likelihood of informational conflicts involving stockholder-designated directors. Case law and statutes are only of limited help in this area. While it is generally accepted under Delaware law that a director’s duty of confidentiality is within the scope of his or her duty of loyalty, the exact scope of the duty of confidentiality and what constitutes confidential information has not been clearly addressed. For example, there is no clear guidance in Delaware as to whether and to what extent a stockholder-designated director can share information with the stockholder designating such director. Until additional guidance is provided, a public corporation may decide to take a pragmatic approach to this subject and use policies, practices and contractual arrangements to fill the gaps in the legal framework. We have included below a few pieces of practical advice that a board can follow to address some of the principal issues relating to board confidentiality.


  • A corporation should review periodically its confidentiality policy and tailor it to appropriately address what makes sense for the corporation (i.e., standard forms are often insufficient in this context) in light of the composition of its board of directors and special concerns arising from the presence of stockholder-designated directors on the board (discussed below).
  • Confidentiality policies should address the directors’ confidentiality obligations not only with respect to classic material non-public information about the corporation but also with respect to all other information that is the subject of board proceedings and deliberations or that is learned by directors in connection with their role (for example, information about a corporation’s suppliers and clients).
  • Because there is some evidence that courts will look at how the concept of “confidential information” is defined in a corporation’s confidentiality policy when determining the scope of its directors’ duty of confidentiality,1 a carefully drafted definition of confidential information may be essential to supplement a scarcely developed jurisprudential framework. Examples of each type of information subject to confidentiality obligations are often desirable. A list of narrow exceptions to the directors’ confidentiality obligations should be specified in the confidentiality policy.
  • Directors should be routinely reminded of the basic measures and practices that are likely to mitigate the risk of inadvertent disclosure of confidential information. For example, directors should be reminded to adhere to the corporate policy on retention of confidential information and board materials, which policy should be clear and consistent. Similarly, directors should be reminded of the confidentiality risk related to reviewing board packets or other sensitive materials on planes or engaging in phone conversations regarding confidential transactions anywhere but the most private places. It is particularly important that these practices be diligently followed when the corporation is engaged in merger negotiations or other sensitive transactions.
  • A corporation may consider whether, upon a director’s appointment to the board, the director should be made aware that any breach of his or her confidentiality obligations may result in the director not being re-nominated and, if appropriate, may be publicized by the corporation. In addition, each director should be reminded that a breach of his or her confidentiality obligations could involve conduct that constitutes a breach of the director’s duty of loyalty and may result in personal liability for damages caused by the breach. A breach of a director’s duty of loyalty could also limit the director’s exculpation and reimbursement under Section 102(b)(7) of the Delaware General Corporation Law (and similar provisions under corporate laws of other states) or even insurance coverage.
  • Corporations should consider the appropriateness of having directors sign confidentiality agreements to underscore their commitment to confidentiality and/or submit advance resignation letters that would become effective upon a director’s breach of his or her confidentiality obligations.


  • A corporation’s confidentiality policy should be supplemented with clear guidelines regarding the corporation’s disclosure policies and purposes and compliance with Regulation FD, which guidelines should be memorialized in a corporation’s disclosure policy.
  • A corporation’s disclosure policy should specify as a default rule that directors must decline to comment in response to inquiries about the corporation or its securities and should clearly ascribe to the chief executive officer (and very few other key personnel) or other designated spokesperson authorized by the board the role of chief spokesperson(s) for the corporation. Directors should be routinely reminded of the need for the corporation to speak with one voice. Uncoordinated communication is particularly dangerous where public relations and/or litigation could determine the outcome of a key corporate initiative, such as defending against an unsolicited takeover offer or proxy contest.
  • If a director is authorized to have private communications with a subset of stockholders in accordance with Regulation FD,2 consideration should be given to implementing procedures intended to help avoid Regulation FD violations. Pre-clearing discussion topics with the stockholder or having counsel participate in the meeting are examples noted in the SEC’s Regulation FD Compliance and Disclosure Interpretations.


  • A corporation must address the issue of whether stockholder-designated directors may provide confidential information obtained through their position on the board to their designating stockholder. As a threshold matter, stockholder-designated directors should be reminded that directors of a Delaware corporation owe fiduciary duties to all stockholders of the corporation they serve, not just to the particular stockholder(s) that nominated, elected or designated them to the board.3
  • Although it appears that under Delaware law a stockholder-designated director may disclose confidential information learned in connection with the director’s role to his or her designating stockholder so long as the stockholder is not in a position adverse to the corporation and the disclosure doesn’t harm the corporation,4 it is advisable to create a clearer standard in the corporation’s confidentiality policy or, if practicable, in a confidentiality agreement with the designating stockholder with respect to what information a stockholder-designated director can disclose to its designating stockholder. In addition, it may be appropriate to specify use restrictions with respect to any confidential information conveyed to the designating stockholder and a process for pre-clearing disclosure of confidential information to such stockholder.
  • Activists and other designating stockholders should be reminded of the potential restrictions on trading and other consequences stemming from having the right to appoint a director to the board and to receive confidential information from their designated director.


  • In addition to adopting and periodically updating confidentiality and disclosure policies, directors should be timely advised, particularly in connection with the deliberation of particularly sensitive matters (e.g., an unsolicited proposal), that confidentiality is essential for their protection and that there is a risk of breaching both legal obligations and corporate policies by disclosing confidential information without authorization. For example, directors should be made aware that irrespective of whether there are Regulation FD issues stemming from a leak to the press, there may be consequences with respect to possible misstatements or omissions in the information disclosed.
  • In the context of deliberations on an acquisition proposal or other similarly sensitive matter, the directors should be reminded of the disclosure processes that the corporation has adopted and the identity of the designated spokesperson(s). The use of tailored and carefully customized checklists is also advisable in connection with particularly sensitive deliberations where the more general guidelines set forth in a disclosure policy may not suffice.
  • Boards should permit the exercise of vigorous dissent by their members within the formal corporate processes. Collegiality and robust opposition are not antithetical at the board level. While the exercise of vigorous dissent in the context of board proceedings is often a sign of a proper corporate governance, we think that it also mitigates the risk that a minority director would go outside the corporate processes to achieve his or her objectives.
  • In all instances, directors should be reminded that as the Delaware courts have recently articulated, while fair debate is an important component of corporate governance, “the steps that a [director] may take to achieve objectives are not without limits.”5 Even in cases where a director believes that his or her fiduciary obligations mandate that certain information be publicized, it should be underscored that such director should not act independently, should adhere to the disclosure policies adopted by the corporation and, in the first instance, should raise the disclosure issue with management.
  • A corporation should consider adopting and publicizing internally a practice to address all leaks irrespective of the level of materiality of the information leaked and whether the disclosure was harmful to the corporation. This approach might have some benefit in stopping repeat offenders while also creating a basis for persuading directors to adhere to the confidentiality and disclosure policies and putting them on notice about the possible repercussions and steps that will be taken in connection with a leak.