Confidentiality and data protection

Confidentiality and data protection2017-02-19T13:49:45+00:00

Cartoon Fairy

Our ‘ssshhhh!’ represents confidentiality – keep it to yourself!

It’s a sad fact that although the drafting and execution of Non-Disclosure Agreements (also called Confidentiality Agreements) take up a huge amount of legal resources globally each year, they are generally given very little attention from the parties who sign them.

The intention of such agreements, and the clauses in wider contracts covering confidentiality, is to ensure that information shared with another party for a particular purpose is not disclosed to any third party, or used for any other purpose. If such information is not protectable by other means (so you can’t patent it, or copyright it, for example) confidentiality may be the only way to keep your valuable information safe. So ensuring that the other party complies will be essential to your ongoing business security.

Key components of a confidentiality obligation include:

  1. A clear definition of what is, and is not, considered to be confidential information. If you know you’ll never confirm info disclosed during telephone conversations or meetings in writing, don’t make this a condition of the information being deemed confidential.
  2. A clear statement of the purpose for which the information is being disclosed. This should be as specific as possible, rather than a general ‘for their mutual benefit’, or ‘to discuss potential business’.
  3. The length of time for which the information will be kept confidential. This should always be measured from the date of disclosure of the information concerned, rather than the date of signature of the agreement (otherwise information disclosed towards the end of a 3 year agreement might only be kept confidential for a few days!).

You will often see in confidentiality provisions, clauses setting out circumstances under which information will not be protected by confidentiality. These include, for example, if the information has found its way into the public domain other than by breach of the receiving party.

The reason these exclusions are there is to make the remainder of the clause more enforceable – if all information disclosed by one party to the other is defined as ‘confidential’, then the recipient could potentially overturn the whole confidentiality clause simply by demonstrating that some of that information was already in the public domain.

On the data protection front, a requirement for specific provisions protecting customer data (and that of their employees, clients and suppliers) is something that’s becoming increasingly prevalent. It’s a particular issue among contracts for software as a service, and for anything involving the customer providing personal data to the supplier. Each party’s obligations are set out in the Data Protection Act 1998, and must be complied with regardless of whether they are referenced in the contract or not.

By putting data protection obligations into the contract, you give the each party a right to sue for damages under the contract if those obligations are breached by the other party. This can be particularly important with respect to third party claims resulting from data breaches, and can give a party a direct route to claim back its costs in compensating data subjects, or in fines paid to the authorities.

If you are supplying products or services to a Government or Local Authority customer, you may also need to be aware of the Freedom of Information Act 2000. This Act means that many (or all) of the details of your relationship with your customer can be made available to any member of the public who requests them. There is a provision under the Act allowing for certain information to be withheld in order to protect the supplier’s commercial confidentiality – but in practice, few Government and Local Authority customers are prepared to commit to protecting supplier information in this way.

Generally, you should assume that your pricing and the key deal-points will be freely available to the public (including your competitors) if you sell in this sector.

Want to know more? Contact Devant for contract assistance!