As a small business owner, you may be wondering how to best protect confidential information. After all, this information is often what makes your business unique and helps you to stand out from amongst your competitors.
New technology is making it easier for people, such as employees, to copy and improperly use and disclose information obtained during employment. This may include business information such as financial data, client lists and databases, software codes, as well as documents outlining your business’ strategies and processes.
So, it is increasingly important for your business to take steps to prevent these situations from arising. It’s a good idea to clearly lay out how your business deals with confidential information from the outset when dealing with new people. This may be new employees, contractors, service providers, suppliers, and even customers.
By setting out this information early, you can minimise the risk of potential disputes arising later down the track, saving you time, money, and headaches.
One of the easiest ways to do this is to include a confidentiality clause in a contract. But what is a confidentiality clause and how does it work? Is it different to a privacy clause?
This article will take you through the ins and outs of confidentiality clauses – your business’ confidential information will be safe and secure in no time!
What Is A Confidentiality Clause?
Simply put, a confidentiality clause is a legally binding agreement that places an obligation on one or both parties to keep specified information confidential.
Confidentiality clauses are an important mechanism, not only to protect sensitive information that may give you an edge over your competitors, but also to prevent employees from stealing your business information.
Why is it important to maintain confidentiality in the workplace? Find out here.
A confidentiality clause may appear in the form of a standalone contract that explicitly deals with confidentiality, such as a Non-Disclosure Agreement. It can also be included as a clause in a larger contract, such as an Employment Contract or Contractor Agreement. There is no one way of forming confidentiality clauses — what matters is its legal effect.
You can choose for the confidentiality clause to be a one-way obligation or a mutual obligation:
- One-way confidentiality: Information, communications, and documents received from the disclosing party must be kept confidential. For example, if Party B signs a one-way confidentiality clause with Party A, they must keep confidential information received from Party A confidential.
- Mutual confidentiality: Both parties have the same duties and obligations to keep the other party’s confidential information secret.
What Is Confidential Information?
What constitutes ‘confidential information’ is up to you and is defined in your confidentiality clause.
It may be things like the personal information of your employees and customers, as well as your business’ proprietary information — from your client database and financial data to your brand guidelines, secret recipes, or software codes.
Using a broad definition of ‘confidential information’ is a good way to keep all your information secret and to make sure that all items in the agreement are covered. This may be useful if your business is entering into a long-term relationship, especially since the type of information you want to protect can change over time.
Notably, there are some exceptions to confidentiality clauses, such as situations in which:
- Information is already publicly available
- Disclosure of confidential information is required by law or to provide goods or services under the contract
- Written consent has been given by the disclosing party
- The receiving party is seeking professional advice concerning the contract, and the advisor is bound by client confidentiality
If you are signing a confidentiality clause, it is good to double check to see what other information may be exempt from confidentiality.
What’s The Difference Between Confidentiality Clauses And Privacy Clauses?
When talking about sensitive information, it’s easy to get confused between confidentiality clauses and privacy clauses. Both clauses are concerned with what your obligations are with respect to how you can use and disclose information. Understanding how they differ is important so you can make sure you act appropriately.
Whereas a confidentiality clause requires parties to keep information confidential, a privacy clause imposes an obligation on one or both parties to comply with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). The purpose of the Privacy Act is to protect the personal information of individuals. Personal information includes things such as an individual’s name, date of birth, address, contact details, and photograph.
Another major difference between the two clauses relates to definitions. Unlike a confidentiality clause, in which you can define what constitutes ‘confidential information’, a privacy clause cannot modify or negotiate the meaning of ‘personal information’ nor the obligations arising under the Privacy Act and APPs.
Read more about selling personal information and what your obligations are here.
Case Study: Showpo & Black Swallow
The importance of protecting your business’ information from unauthorised disclosure is illustrated in a dispute arising between Australian online fashion retailers Showpo and Black Swallow.
Showpo and Black Swallow are online women’s fast fashion retailers, both of which have a similar target market.
In mid-November 2016, Showpo commenced proceedings against Black Swallow in the Federal Court. Showpo alleged that a former employee downloaded a copy of Showpo’s customer database and provided it to their new employer, Black Swallow. The database contained the contact information of over 306,000 customers, suppliers, competition entrants, and other contacts.
It was also alleged that Black Swallow sent promotional emails to the customers contained in the database, and adopted similar branding in an attempt to market itself as an affiliate label to Showpo.
Showpo successfully sought an interim injunction against Black Swallow. The injunction prevented Black Swallow from using or disclosing the customer database – an important step taken to minimise and control any foreseeable damage that Showpo could suffer.
The dispute was ultimately settled through mediation. Black Swallow was ordered to pay $60,000 in compensation, and have been permanently restrained from using or disclosing the database.
This case just goes to show how breaches of confidential information and data often occur internally.
Enforcing A Confidentiality Clause
When it comes to enforcing a confidentiality clause, you will need to know about the two types of breaches: actual and anticipatory.
An actual breach of confidentiality occurs when the other party fails to uphold their contractual obligations. In most cases, such as with the dispute between Showpo and Black Swallow, this happens if the other party doesn’t keep confidential information secret, and either uses or discloses it without permission or authorisation.
In contrast, an anticipatory breach arises if the other party displays an unwillingness to keep information confidential and perform their contractual obligations. An example of this is if the other party threatens to leak confidential information.
Now you understand the types of breaches, you may be wondering what remedies are available to you if they happen. Generally speaking, the remedy will depend on the type of breach.
Courts will often grant damages in cases where there has been an actual breach of confidentiality. Damages are usually awarded in the form of monetary compensation for actual harm or loss experienced and sustained.
Where there is an anticipatory breach, courts will typically order an injunction. This order will prevent the other party from using or disclosing confidential information.
What Should You Do If Someone Has Breached Your Confidentiality Clause?
If you believe that another party has breached a confidentiality clause and improperly used or disclosed your confidential information, it is always best to attempt to resolve the matter outside of court. This will help you save time and money.
When it comes to resolving the matter outside of court, you should begin by sending the other party a formal letter. This will let them know that you mean business and are taking the breach seriously.
So, what do you need to include in the letter? While there is no prescribed format that your letter needs to follow, there are a few key elements that it should cover:
- Alleged breach: make it as clear as possible for the other party to understand what the specific parameters of the confidentiality clause are and how they have breached it.
- Damages: what harm or loss has been suffered, or can be expected to occur, as a result of the breach?
- Demands: what do you want from the other party? Do you want them to stop using or disclosing the information, monetary compensation, or something else?
- Notification: another good practice is to inform the other party of what steps you plan to take if the matter cannot be resolved, for example, taking them to court.
Want To Find Out More?
We’ve spoken about the importance of confidentiality clauses and what to do if you believe someone has disclosed your confidential information.
So, what now?
It’s always good to seek a lawyer’s help to make sure your contracts include effective confidentiality clauses that protect your business properly. The wording of confidentiality clauses can sometimes be tricky so you want to make sure you haven’t left any gaps!
From straightening up your contracts, to drafting formal letters and enforcing confidentiality clauses, Sprintlaw has a team of friendly and experienced lawyers that are ready to help!
If you would like a consultation on your options going forward, you can reach us at 1800 730 617 or firstname.lastname@example.org for a free, no-obligations chat.
Need legal help?
Get a free, fixed-fee quote.
We'll get back to you within 1 business day.