<< Back to article Print this page Loading page, please wait...

IT Confidential

Think you've protected your organisation's intellectual property with non-disclosure agreements? Maybe you should have second thoughts.

Sue Bushell (CIO)
06 September, 2002 11:00

Be warned: when it comes to confidentiality agreements and the protection of trade secrets, at least one prominent IT lawyer reckons 80 per cent of his fellows have forgotten most of what they learned in law school.

There are plenty of bad and lazy solicitors touting for business, says Clayton Utz partner in corporate Peter Knight, and most of them clearly do not understand how this aspect of law works. One of them could be advising you.

CIOs lumbered with one of Knight's neglectful colleagues are in peril of being advised very badly indeed, and of finding their contracts filled with "silly" provisions and their employee agreements and technology disclosure arrangements peppered with potentially costly errors. "There is such a lot of mystique built up around these non-disclosure agreements, yet it is an incredibly simple proposition that we're dealing with," Knight says. "It's only silliness we've got to avoid, not enormous big risk. But, in the areas of employee agreements and technology disclosure arrangements, not understanding how it works means you can make some terrible mistakes."

Knight says CIOs who make themselves aware of the simple fundamentals of the rules of confidential information will change their behaviour in many areas - to the benefit of their career and company. He offers some simple rules for confidentiality agreements and the protection of trade secrets.

RULE ONE:

A secret is not a piece of paper, whatever some lawyers think.

Australian law allows action to prevent the disclosure or misuse of "confidential information", and/or to seek damages, or an "account of profits", as appropriate, in the case of the unauthorised disclosure or misuse of confidential information. That law is very simple and has absolutely nothing to do with contracts. It says it is wrong and improper and unfair of people to disclose information that has been told to them in confidence. Full stop.

If you have a secret, whether commercial or otherwise, and you disclose it to somebody else in circumstances where they know, or ought to know, that it was secret, the court if necessary will prevent that somebody from threatening to wrongly disclose or use - or punish them for actually wrongly disclosing or using - that information.

"[The law] has to do simply with those three propositions," Knight says. "Is it a secret? Was it disclosed to the other person in circumstances where that person knew, or ought to have known, it was a secret? And is that person threatening to or has that person wrongfully used that information, or wrongfully disclosed it to somebody else?"

The law applies whether or not a person has signed a non-disclosure agreement. While a non-disclosure agreement can be useful in proving the person betraying the secret knew it was a secret, so can a stamp on a piece of paper reading Confidential or Secret or a letter written before or soon after disclosure instructing the person not to tell.

Knight says too many ill-informed lawyers ignorant of the facts of the law insist on trying to impose confidentiality by deeds (that is, binding instruments where there is no "consideration"). Such efforts are misconceived. If lawyers attempt to impose a duty of non-disclosure that exceeds the general law obligation, then courts are unlikely to try to enforce that obligation.

Page Break

RULE TWO:

The Sydney telephone directory is not a secret.

The law will protect you from betrayal of your secrets, but they have to be secrets.

The law applies to trade secrets as much as to any information marked Confidential. The courts will not protect "trivial tittle-tattle" but even "pillow-talk" can be considered a secret under the right circumstances. The point is, the information you are trying to protect has to be a secret.

"You can't make the Sydney telephone directory a secret," Knight says. "If I were to draw up a deed with you that said, for $1000, you promise that you won't disclose the Sydney telephone directory to anyone, or any part of it, and you threaten to go off and tell your next door neighbour about the Sydney telephone directory, what am I going to do?

"If I go to court, the court is not going to issue an injunction. [It's] an exercise in futility since everyone knows what is in the Sydney telephone directory. The second thing is, if you've done that, I haven't suffered any damage. I haven't suffered any loss so I'm not going to get any damages or an account of profits either. So it has to be secret."

Furthermore, the court will only act to prevent the disclosure of confidential information where the original recipient knew the information was confidential: either because they were told so or because even Blind Freddie could see the information was confidential in all the circumstances.

RULE THREE:

You have to be able to say what the secret was.

The secret must be real enough to be identified. Knight says a common trap people trying to use the law run up against is finding themselves unable to identify the secret that has been disclosed.

"They say: Â'Oh, my employee left and he knew all about my business and he knew all about my customers', but the court will say: Â'Tell me, what was the secret, and when was it disclosed?' If [the employer] can't put their finger on it they will lose in that situation, so it has to be real enough to be identified."

In other words, it is simply not enough to claim confidence in vague and broad categories of commercial knowledge, such as "the customer base", "business policies" or "product directions". The court will only act when the aggrieved party can give a complete written description of the information claimed to be confidential, in terms precise enough so that the court, and the party to be restrained, can know what it is that can be used, and what it is that cannot.

"That's why [people] lose so many cases on this: it's because they can't prove that something is a real secret," Knight says.

Page Break

RULE FOUR:

A lot of what companies think of as secret is no secret at all.

Vendors often have a totally unrealistic view of the secrecy and novelty of their own information, Knight says.

Software vendors often ask an organisation to sign a confidentiality agreement before discussing pricing or contract terms and conditions. The risk for the organisation is that such an agreement may limit the flow of information between it and its consultants or others engaged to help it negotiate better pricing and contract terms and conditions.

Knight says this issue looms particularly large in the IT industry, where request for tenders (RFTs) are likely to spell out an information-processing or business problem and request a solution. In such circumstances vendors frequently come up not just with confidential information about products and prices, but also confidential ideas which are solutions to problems.

Organisations confronted with this issue should make clear to vendors very early in the tendering or negotiating process that they might choose to share certain information coming out of that process with others.

"That might be very offensive to an IBM or a Unisys who will say: Â'No, we don't want you to tell the other vendors how we solved this problem.'," Knight says. "But it's a commercial issue. I'll tell you what [changes their minds] - and I act for suppliers as well as customers - is to ask them: Â'Do you want to tender or not?' Usually they want to tender, because it's not that secret."

In agreeing to your conditions the vendor may insist that information to be shared, if it must be shared, should only be disclosed to a specified, closed set of people. That's fine, Knight says.

In a recent decision, Maggbury Pty Ltd v Hafele Australia Pty Ltd, the High Court even found that a non-disclosure agreement can be a "restraint of trade", and hence void if unreasonable in scope, duration or geographical restriction, to the extent that it exceeds the protection afforded by the general law in respect of genuinely confidential information.

RULE FIVE:

A secret is not a secret if it has ever been shared.

The holder of a secret need only have to have disclosed that information to a single other person without imposing an obligation of secrecy, to have forever compromised their claims for its confidentiality.

"It's got to be a real secret that nobody else knows, but if they've already tendered it to all and sundry all around the world, it's gone. And it only has to be gone once to be gone," Knight says.

Information can also lose its confidentiality if the person claiming the benefit of confidentiality has failed to diligently enforce that confidentiality, or even if an employee has carelessly, or maliciously, published the information. In the latter case the "owner" of the information may lose all rights in relation to the information, except against the employee.

Page Break

RULE SIX:

Confidential information is not property.

Under Australian law, unlike US and Canadian law, confidential information is not property. Australian courts recognise that the real difference between a secret and a Holden Commodore is that if you sell a Holden Commodore you no longer have the car, while if you sell a secret, you do still have that secret knowledge available to you.

If money changes hands for information, it is not the purchase of information as property that takes place but the purchase of a service: the act of disclosure. That understanding has some important consequences for those drawing up documents around the "selling" of information or technology, which if neglected can lead to some very bad practices, Knight says.

"Because [people] think they're selling property they forget to create all the circumstances that equate to property. They forget, for example, to provide for the information to be handed over - to be disclosed and taught. Naughty and lazy solicitors forget to put those provisions in technology Â'sale' agreements. And they forget to do the same thing you can do with a Holden Commodore, which is to prevent the vendor from going off and selling it to someone else," Knight says.

The distinction between car and secret has two very important consequences in law.

If an innocent third party gets hold of the information - that is, a person who was not the original recipient and who may have no knowledge of the original provider of the confidential information and who may even have paid good money for the benefit of the information - that person will also be restrained by the court from disclosing or misusing the information. In other words, the defence of a "bona fide purchaser for value without notice" does not apply.

A person who receives information confidential to another has no right, in the absence of any contract, to prevent the person from whom it was received from using it or disclosing it to any other person. The duty of non-disclosure is owed to the giver of the information, not the recipient.

Knight says placing the duty firmly with the giver of information is particularly important where the confidential information consists of valuable created works, whether or not the copyright passes to the principal. In these cases the courts have decided that the contractor is free to supply the works to someone else, or use his creative skills developed in one project to create other material for a competitor, provided no breach of contract or copyright takes place.

Page Break

RULE SEVEN:

You have to make confidentiality known if you want to protect your secrets.

The very best method of imposing an obligation of confidentiality is to ensure that the recipient knows of it, preferably in writing. You do not need a contract: a letter, or even a stamped warning in a visible place, is quite enough.

On the other hand, the obligation of confidentiality may arise even where you give no express warning that the information is a secret. If it is obvious to the recipient of the information, or would be obvious to any reasonable person in the position of the recipient, then that person will be equally bound by the duty of confidence.

The fact that confidentiality may be imposed without any direct express warning means even third parties can be bound by the duty of confidence, even if they never have contact with the owner of the confidential information. But just stamping something Confidential or writing to people insisting they treat the information as secret won't mean that information will be protected by the courts, unless the information is of a genuinely confidential nature.

RULE EIGHT:

Forget non-disclosure agreements when a letter will do.

When CIOs fully understand what the law has to say on confidentiality and trade secrets they are less likely to get hung-up on drawing up non-disclosure agreements when a letter will do.

People put all sorts of silly things in non-disclosure agreements, Knight says, such as provisions trying to restrict as confidential things that are not confidential. This might be fine if it did not aggravate the chances of the entire agreement being declared void. People "naughtily" try to write intellectual property assignments into non-disclosure agreements. This is inappropriate and unnecessary. They also try to incorporate restraints of trade.

Where a person having "purchased" a trade secret wants to ensure that it remains valuable and unique to him - as if he had purchased property rather than a concept - he needs to ensure there is an agreement on this between both parties. Otherwise the duty not to use and not to disclose the information falls upon the recipient and not the giver of the information.

To prevent this occurring, the giver must be prevented by a binding contract or by a deed from doing the things that he may otherwise be entitled to do. Such a restriction is referred to in legal language as a "restraint of trade", and special legal rules apply to it. It must not go too far in restricting the interests of the party under restraint, and it may in some certain circumstances be a breach of Australia's antitrust law or may be "unconscionable conduct" restricted by the Trade Practices Act.

Finally, many lawyers try to put a time limit on confidentiality, which is unnecessary in Australian law. In Australia there is no limit on how long something can stay secret. The habit of trying to put time limits on confidentiality comes from the US, where some states require that non-disclosure agreements be time-limited.

"There is really no need for that, but lots of Americans get very irrational about time limits on non-disclosure agreements, and it's fair to say that in a lot of the technological areas that I work in, quite frankly information does get stale after a few years anyway," Knight says.

The other time CIOs who understand the law are likely to change their behaviour is when they take a technology licence from somebody else or enter into a contractor agreement for supply of services of an intellectual kind. "You will think about what is to stop that person from doing the same thing tomorrow for somebody else," Knight says. "I would say 80 per cent of solicitors don't understand how the law works in this area. CIOs need to understand it."