Confidential information is any information that is not generally known or available to the public and is intended to be kept confidential or private by the owner or holder of the information. This information can be sensitive, valuable, or critical to the success of an individual, organization, or business. Confidential information can be tangible or intangible, and it may take various forms, such as trade secrets, patents, trademarks, copyrights, business plans, financial data, personal data, and more.
The protection of confidential information is essential for many reasons. It can help prevent unauthorized access, misuse, theft, or disclosure of the information, which can have severe consequences for the owner or holder. For instance, confidential information may be used by competitors to gain an advantage, or it may be sold or shared with unauthorized parties, causing financial losses, reputational damage, or legal liabilities. Moreover, the breach of confidentiality can also harm the trust, loyalty, and goodwill of customers, employees, partners, and other stakeholders. Therefore, it is crucial to define and safeguard confidential information properly. Below are some of the general considerations in drafting an NDA:
- Scope: The scope of confidential information should be clearly defined to identify what information is considered confidential and what is not. This can be done by creating a list or classification of the types of information that are confidential, such as customer data, research results, product designs, etc. It is also important to consider using certain criteria for determining whether information is confidential, such as its value, secrecy, uniqueness, or potential harm if disclosed.
- Access: The access to confidential information should be restricted to authorized individuals or entities who have a need-to-know basis. It is also important to establish the conditions under which access may be granted which would further ensure the security of the confidential information.
- Use: The use of confidential information should be limited to the purpose for which it was disclosed and should not be used for any other purpose without the owner’s consent. It is also essential to prohibit any unauthorized use of the information, such as copying, reproducing, modifying, or distributing the information.
- Protection: The protection of confidential information should be ensured by including appropriate safeguards to prevent unauthorized access, disclosure, or use in the NDA. It is also important to require that the recipient notifies the disclosing party of breaches of confidentiality as soon as possible to enable the disclosing party take steps to ameliorate the damage that may occur from breach.
Before discussing common pitfalls in defining confidential information, it is useful to take a brief look at the types of information that are commonly treated as confidential information. Here are some examples of confidential information that may be encountered in different contexts:
- Financial Data: Financial data is any information related to the financial performance or condition of an individual, organization, or business. Examples include revenue, expenses, profits, losses, assets, liabilities, or cash flows.
- Business Plans: A business plan is a document that outlines the goals, strategies, and operations of a business. A business plan may include confidential information related to market research, competitive analysis, financial projections, or intellectual property strategies.
- Personal Data: Personal data is any information related to an individual’s identity, such as name, address, social security number, or medical records. Personal data is protected by privacy laws, such as the General Data Protection Regulation (GDPR).
- Trade Secrets: A trade secret is any confidential information that provides a business with a competitive advantage. Examples include formulas, processes, designs, or techniques that are not generally known or easily discoverable by others.
- Patents: A patent is a legal document that grants an inventor the exclusive right to make, use, and sell an invention for a certain period of time. Patents can protect novel and non-obvious inventions, such as machines, compositions of matter, or processes.
- Trademarks: A trademark is a word, phrase, symbol, or design that identifies and distinguishes the source of goods or services from those of others. Examples include brand names, logos, slogans, or packaging.
- Copyrights: A copyright is a legal right that protects the original works of authorship, such as literary, artistic, musical, or dramatic works. Examples include books, paintings, songs, or plays.
Common Pitfalls in Defining Confidential Information
Breach of confidentiality can come with serious consequences. As such, from the perspective of the recipient, it is important that what is captured under the definition of confidential information is concise and ascertainable. Below are some common mistakes in defining confidential information that could lead to inadvertent breach of an NDA by a recipient. It is worth mentioning that from the point of view of the discloser, the pitfalls explained below are to its benefit and consequently, the discloser will seek to have these pitfalls included in the NDA.
- Confidential Information is not tied to a particular purpose: the recipient must ensure that the confidential information to be disclosed under the NDA is tied to the particular purpose/project/transaction. This would ensure that information which might otherwise be classified as confidential information but which was not disclosed or obtained in connection with the purpose of the NDA will not be caught, thereby limiting the exposure of the recipient.
- Persons who can disclose confidential information not defined: the recipient must also ensure that only the discloser and other specified persons who are authorised by the discloser can disclose information under the NDA. This way, information which is received from third parties unconnected with the discloser will not be subsumed under the definition of confidential information.
- No start date for disclosure of confidential information: it is important that the definition of confidential information mentions the time from which information received will be captured under the NDA. Preferably, this should be from the date the NDA is signed. Alternatively, it can be an ascertained date on which confidential information relating to the project/transaction was first disclosed. This would ensure that information received through discussions, teasers etc., before parties decide to execute an NDA are not covered.
- Open ended list of types of information considered confidential: the types of information usually classed as confidential have been discussed above. Here, it is worth mentioning that as much as possible, the types of information considered confidential be listed without any open-endednes. For example, the recipient should push against definition of confidential information which is couched as ‘includes but is not limited to…’ or provisions stating that ‘the foregoing shall not be deemed an exhaustive definition of confidential information’. Rather, the recipient should aim for the most concise definition possible to narrow the scope.
In conclusion, confidential information is a critical asset that must be properly defined and safeguarded to ensure the protection of the owner’s or holder’s interests and the trust, loyalty, and goodwill of customers, employees, partners, and other stakeholders. Nonetheless, within the context of an NDA, it is important that the information that is covered under the definition of confidential information is well defined to avoid ambiguity and prevent conflict between the disclosing party and the recipient on the types of information protected under the NDA.
