When should we be silent? Children used to be told that they should be seen but not heard, but approaches to child-rearing appear to have changed in the meantime.  In the business world some things never change. One of those things that hasn’t altered over the centuries is the need to be able to trust and rely on the fact that your business partner will not tell the world your confidential information.

Confidentiality, or keeping information secret, is a necessary element of much commercial work and in many areas such as M&A, technology development, design or research, the safe-guarding of data is critical. From the very first contact with a potential partner it is often of supreme importance to ensure that any material or concepts revealed are treated in a confidential manner. Controlling your own information can give a company a competitive edge.

One of the most common methods of seeking to preserve such secrecy is to use confidentiality agreements. But this has resulted in an over-reliance and an unjustified faith in such contractual obligations. In practical situations it is very risky to rely solely on an undertaking in a confidentiality clause or non-disclosure agreement. Such agreements may, in limited circumstances where the plaintiff can prove causation and actual damage, allow claims for  damages in the event of wrongful use or disclosure. In U.S. jurisdictions it may even be possible to avoid the difficulties of proving the damage by claiming liquidated damages (subject to a suitable clause to this effective being expressly agreed to). However, contractual damages are not a business solution even if they can be claimed successfully. They are certainly not preventative and once information is released, it usually cannot be called back in.  It may be a case of “closing the stable door after the horse has bolted.”  The damage has already been done.  We need to do more to prevent it occuring.

Thus, in practical terms we should be using a much broader range of measures to protect against and deal with potential disclosure situations. We should not abandon the well-drafted non-disclosure agreement, but we need to supplement it with other procedures:

1. Clearly identify and record all confidential information and wherever possible label it as such.

2. Ensure that all employees are aware of the importance of such information and are trained in related procedures, policy and documentation.

3. Store all confidential information so that it is inaccessible to unauthorised persons.

4. Any communication of confidential information should only be by secure means and in an approved manner.

5. Recipients of confidential information must be expressly informed in each case that such information is confidential

6. From the very first contact and before any disclosure can take place all potential recipents (companies and the individuals) should made subject to contractual confidentiality obligations. You can find examples of confidentiality clauses in this blog.**

And, finally and most importantly, notwithstanding all of the above measures, we should remember to only disclose confidential information to employees or third parties as and where it is necessary (on a “need-to-know basis”). Mum is indeed the word.*

Have a look at Bugg’s Boilerplate this month to see how you can try to ensure your business partner has a contract duty to keep mum in both a long and a short type of boilerplate**. 


* Modern idiom to be found in Shakespeare’s Henry VI, Part 2, Act 1, Scene 2. “Mum” means silent. To “keep mum” means to keep something secret or not to mention something.

**see Confidentiality in brief and Confidentiality: the long, but not the short of it from January 10, 2015