Alex is Sprintlaw's co-founder and principal lawyer. Alex previously worked at a top-tier firm as a lawyer specialising in technology and media contracts, and founded a digital agency which he sold in 2015.
Contents
If your business runs on unique know‑how, processes, data or strategy, those “behind the scenes” assets may be your strongest competitive advantage. In Australia, we commonly group these assets under trade secrets and confidential information.
The challenge? You often need to share sensitive information with employees, contractors, investors or suppliers to grow. That’s where a clear legal strategy makes all the difference.
In this guide, we cover what counts as a trade secret in Australia, how the law protects you (even before you sign a contract), the practical steps to safeguard your information, and what to do if your secret is leaked or misused. Our goal is to help you protect your edge so you can focus on building your business with confidence.
What Counts As A Trade Secret In Australia?
Australian law doesn’t define trade secrets in a single statute. Instead, protection comes from a mix of common law (judge‑made law) and contracts. In practice, a trade secret or confidential information is information that:
- Is not generally known or readily accessible to the public or competitors.
- Has commercial value because it is secret.
- Is communicated or held in circumstances that impose an obligation of confidence.
Think formulas, source code, manufacturing methods, customer lists, pricing models, product roadmaps, business strategies, and non‑public financial data.
Importantly, Australian courts can find that a person owes a duty of confidence even without a written agreement where information is clearly confidential and shared in circumstances importing confidence. In other words, protection can arise at law as soon as the information meets the criteria above. However, your position is much stronger-and easier to enforce-when you also put clear contracts and practical safeguards in place.
Trade Secrets vs General Know‑How
Employees take their skills, experience and general industry knowledge with them. That’s normal and lawful. But they can’t misuse specific trade secrets (like your non‑public algorithm or customer list) after they leave. Contractual clarity helps draw this line and reduces disputes.
Why Trade Secret Protection Matters
Most growth activities-hiring, outsourcing, pitching, partnerships-require sharing sensitive information. Without the right framework, that sharing can put your most valuable assets at risk.
- Competitive advantage: If a key method, price model or roadmap leaks, you may lose market position quickly and irreversibly.
- Valuation and deals: Investors and buyers look for robust IP and confidentiality controls-they directly impact deal value and due diligence outcomes.
- Legal leverage: Courts look at your conduct. Clear agreements, access controls and policies show that the information is truly confidential and support remedies like injunctions.
- Practical reality: Prevention is faster and cheaper than litigating a breach. Good paperwork and systems deter misuse and make enforcement easier if needed.
Legal Options To Protect Trade Secrets In Australia
There’s no standalone “Trade Secrets Act” in Australia. Instead, protection comes from several legal pathways that work together:
- Equitable duty of confidence: Even without a contract, a person who receives information they know (or ought to know) is confidential can be restrained from using or disclosing it. Remedies can include injunctions, damages or an account of profits.
- Contracts: Written obligations make your position clearer and stronger. Common tools include a Non-Disclosure Agreement, confidentiality clauses in an Employment Contract or contractor agreement, and specific terms in supplier, distributor or partnership contracts.
- Post‑employment protections: Ongoing confidentiality obligations for true trade secrets apply at common law. Carefully drafted restraints (for example, reasonable non‑solicitation or non‑competition clauses) can supplement this where appropriate-specialist advice on restraint of trade is recommended.
- Australian Consumer Law (ACL): In some circumstances, misuse of your confidential information can also involve misleading or deceptive conduct-another potential avenue for relief.
- Criminal and cyber laws: Where fraud, theft or unauthorised system access is involved, criminal avenues may apply in parallel with civil remedies.
Separately, you should assess whether related intellectual property is better protected through registration. For example, protecting your brand by choosing to register your trade mark can operate alongside trade secret strategies for your processes or code.
Practical Steps To Safeguard Your Secrets
Strong legal rights start with strong day‑to‑day practices. Here’s a practical playbook you can apply now.
1) Map Your Confidential Information
List the key categories of information you consider confidential (e.g. algorithm X, supplier pricing, roadmap Q3, private datasets). Note who needs to access each item and why.
This helps you set appropriate controls and ensures your contracts accurately describe what must be protected.
2) Use Targeted Contracts-Early
Get your paperwork in place before you share sensitive information:
- NDAs: Use a one‑way or mutual Non-Disclosure Agreement when exploring investor pitches, partnerships, or vendor evaluations.
- Employment and contractor terms: Build clear confidentiality, IP ownership and return‑of‑materials obligations into your Employment Contract and contractor agreements. Where suitable, take tailored advice on reasonable restraint of trade clauses.
- Project and partner deals: If you’re co‑developing or sharing sensitive technical information, consider a dedicated Collaboration Agreement with bespoke confidentiality, IP ownership and exit provisions.
Clarity up front reduces the risk of disputes and strengthens your position if a breach occurs.
3) Limit Access On A “Need‑To‑Know” Basis
Only give access to people who genuinely require it to perform their role. Practical controls can include:
- Role‑based access to repositories and databases, with logging and version control.
- Marking documents “Confidential” and tracking downloads/shares.
- Clean‑desk and screen‑lock practices; locked storage for prototypes and sensitive printouts.
- Offboarding processes to immediately revoke credentials and recover devices.
4) Lift Your Cyber And Data Hygiene
Many trade secret breaches happen through phishing, misdirected emails or poorly configured tools. Invest in security basics-MFA, patching, backup, device management and staff training-and formalise expectations with an Information Security Policy.
If you collect or handle personal information alongside trade secrets (e.g. in a customer database or training set), ensure you comply with the Privacy Act and publish a clear, tailored Privacy Policy.
5) Embed Policies And Training
People can’t protect what they don’t understand. Run short, regular refreshers on confidentiality, acceptable use and incident reporting. Make it practical and relevant to your systems and workflows.
Remind staff of continuing confidentiality obligations at key moments, especially during onboarding and in exit interviews.
6) Label, Document And Audit
Consistent labelling, version histories and access logs all help demonstrate that information was treated as confidential. Periodically audit who has access to critical materials and close gaps fast.
7) Align IP Strategy With Secrecy
Some innovations are best kept as secrets (e.g. a recipe or internal process). Others benefit from registration because you need public, enforceable rights (e.g. your brand). Consider whether to register your trade mark while keeping your key process or code under wraps.
What To Do If Your Trade Secret Is Misused
Move quickly but methodically. Early action often limits damage and preserves your best options.
1) Contain And Preserve
- Revoke access, rotate credentials and secure affected systems.
- Preserve evidence: export access logs, keep email threads, note dates/times, and avoid altering original files.
- Identify what was accessed, by whom and how (accidental disclosure, ex‑employee, third‑party compromise, etc.).
2) Assess Your Legal Position
Pull together relevant contracts (NDAs, employment or partner agreements) and a short chronology of events. This speeds up legal review and helps determine the right approach-confidentiality obligations at common law, breach of contract, ACL, or urgent relief.
3) Act-Proportionately And Fast
- Commercial resolution: If the breach appears inadvertent, a firm, documented approach may fix it quickly (return/destruction of materials, written undertakings, tighter controls).
- Letter of demand: Where needed, send a formal cease and desist letter to stop use/disclosure and require delivery‑up of confidential materials.
- Injunction: For urgent risks (e.g. imminent leak or launch by a competitor), seek court orders to restrain further use or disclosure.
- Damages/account of profits: Claim compensation for loss or seek an account of profits the wrongdoer made from the misuse.
- Criminal avenues: If fraud, theft or hacking is involved, consider a criminal complaint alongside civil action.
Your likelihood of success improves when you can show the information was confidential, access was restricted, it was shared in circumstances importing confidence, and the recipient knew (or should have known) that it must be kept confidential.
Post‑Incident Improvements
Treat incidents as catalysts to strengthen controls: refine contracts, tighten access, adjust training and run tabletop exercises so your team knows exactly what to do next time.
Key Legal Documents To Consider
Every business is different, but the following documents are commonly part of an effective trade secret strategy:
- Non‑Disclosure Agreement (NDA): A targeted NDA helps you share information for a defined purpose while controlling use and disclosure. Start with a fit‑for‑purpose Non-Disclosure Agreement for pitches, supplier evaluations and early discussions.
- Employment Contract: Clear confidentiality, IP assignment, return‑of‑property and conflict clauses in your Employment Contract reduce risk throughout the employment lifecycle.
- Contractor Agreement: Outsourced specialists often need deep access-mirror your employment protections in contractor terms and set strict boundaries on use and disclosure.
- Collaboration/Partner Agreements: Where you co‑develop products or share R&D, a tailored Collaboration Agreement should allocate IP ownership, set confidentiality rules and plan for termination or separation.
- Information Security Policy: A practical, enforceable Information Security Policy sets minimum security expectations across your team and vendors.
- Privacy Policy: If you collect personal information as part of your operations or datasets, a tailored Privacy Policy and sound privacy practices sit alongside your trade secret program.
- IP Strategy Documents: Decide what to keep secret and what to register-e.g., protect brand elements by choosing to register your trade mark while keeping core processes confidential.
You may not need every document from day one. Prioritise based on your risk profile and sharing needs, and update your stack as the business scales.
Key Takeaways
- In Australia, trade secrets are protected through common law duties of confidence and contracts; you don’t need to “register” a secret, but you should still put clear agreements and safeguards in place.
- Employees can’t misuse true trade secrets after leaving even without a clause, but well‑drafted confidentiality and reasonable restraint terms make enforcement clearer and easier.
- Practical controls-need‑to‑know access, labelling, logs, offboarding, and an Information Security Policy-are just as important as your contracts.
- Use NDAs for early discussions, embed confidentiality and IP ownership in Employment and contractor agreements, and document partner sharing in a Collaboration Agreement.
- Move fast if there’s a breach: contain, preserve evidence, review your rights, and consider a cease and desist letter or urgent injunction to prevent further harm.
- Align your IP strategy: keep processes and code confidential where appropriate, and protect public‑facing brand assets by registering trade marks.
If you’d like a consultation on protecting your trade secrets in Australia, you can reach us at 1800 730 617 or team@sprintlaw.com.au for a free, no‑obligations chat.
