Updated as at 5/8/2001.

1. What is Confidential Information?(1)

Confidential information is difficult to define.(2) This stems from the fact that law does not recognise property in information on its own. (3) In fact, it is the relationship of confidence which receives the legal protection not the information. Therefore, when looking at an action for breach of confidence, it is more important to focus on the relationship rather than the information itself.

Confidential information includes commercial secrets, personal secrets, artistic secrets and state secrets. The terms confidential information and trade secrets are often used interchangeably but strictly speaking, trade secrets are a subset of confidential information in the context of business, commerce or trade.(4) Examples of trade secrets can include manufacturing processes, recipes, engineering and technical designs and drawings, product specifications, customer lists, business strategies and sales and marketing information. Probably the most well-known example of a trade secret is the formula for making Coca Cola.

2. How is confidential information protected?

The law does not generally recognise property rights in information. Generally, it is the relationship of confidence or the obligation of confidence which receives the legal protection rather than the information itself. Thus, confidential information can be protected under contract if a confidentiality agreement has been put in place. Generally speaking, where a relationship is governed by express contract, obligations of confidence will be viewed in contractual terms (5). This is particularly true in certain types of relationships, such as employment, partnership or joint ventures.

The courts however, sometimes impose an obligation of confidence even where there is no relationship between the parties. An example of this is where liability is imposed on third parties who acquire information as a result of a breach of confidence. It is clear that any person who receives information resulting from a breach of confidence may be restrained from using the information if he or she has actual or constructive notice of the breach (6).

Sometimes, an action may lie both in contract as well as in equity (for example, in the case of an ex-employee). A major concern for a plaintiff suing in equity is that the defendant would have a number of equitable defences that would not be available in an action based in contract, such as laches and "unclean hands".

There are also certain pieces of legislation (7) which protect certain types of information, such as official secrets, however these are outside the scope of this Fact Sheet and will not be discussed further.

If information has commercial application and meets the criteria of patentability, businesses or individuals may choose to protect that information by obtaining a patent rather than by keeping it secret (for further information on the criteria, see Patents Fact Sheet). A patent gives the information holder a relatively secure legal monopoly for up to 20 years. However, after that period the business no longer has any proprietary interest in the idea. Trade secret (8) protection on the other hand, can go on forever, as long as the information is kept secret. The protection however, is arguably less robust than the protection granted by patent for several reasons. There is always a risk that the secrecy may be breached, either through error, carelessness, or industrial espionage. Also, not all ideas may be suitable for protection by keeping them confidential, particularly if others are able to reverse-engineer the product. Trade secrets are best used to protect only certain types of information, such as chemical formula or manufacturing processes or other information which is difficult to reverse-engineer.

3. Action for Breach of Confidence

The most important factor in determining whether information is confidential is that it retains some degree of secrecy and has not entered the public domain. Although the precise degree of secrecy required depends on the circumstances of each case (9), it is generally accepted that there are three elements required to bring an action for breach of confidence (10):

* information has the "necessary quality of confidence about it";
* information is imparted in circumstances involving an obligation of confidence; and
* an unauthorised use is made of the information to the detriment of the party communicating it.

First, whether or not the information has "the necessary quality of confidence" depends on a number of factors including:

* the measures taken to maintain its confidentiality;
* whether the information had been disclosed publicly without restrictions;
* the extent to which the information was known outside the owner’s business;
* the value of information to the owner’s competitors; and
* the amount of time and effort required to produce the information.(11)

Information which is public property and public knowledge will not be held to have the necessary quality of confidence.(12)

Second, the obligation of confidence is clear if it is expressly communicated to the recipient of the information that it is being imparted in confidence. Sometimes the relationship between the parties implies the obligation of confidence. For example, partnership, employer/employee or other relationships of trust, confidence or good faith (including family or marital situations) may imply an obligation of confidence (13).

In all cases, the circumstances must make it reasonably clear to the recipient of the information that the information is being communicated in confidence and that the recipient is expected to keep it confidential. The test employed by the courts is the "reasonable man" test: that is, would a reasonable person present at the time of the exchange have said that there must be an implication of obligation of confidence? (14) In addition, the information is deemed to be received in confidential circumstances if it was stolen from the owner or obtained by reprehensible means. A third party who knowingly receives such stolen information will be bound by confidence to the original owner.

Third, whether or not the information is disclosed in an unauthorised manner is determined by asking the question: has it been disclosed without the consent (actual or implied) of the discloser? In a contractual relationship, this is a matter of applying the contract or looking for implied terms. Issues may arise in the interpretation of the scope of authorised use but usually this is a straight forward exercise. In a commercial relationship without a contract, usually the confidential information which is the subject of dispute would be of commercial value and the court will generally protect the confider against any damaging disclosure.

The use of information will be held to be unauthorised notwithstanding that it may have been disclosed by way of innocent error (15) or there has been an unconscious use of the information, for example, unconscious plagiarism.(16) The duty of confidence usually ends once confidential information has become lawfully disclosed to the public.

4. Special considerations

4.1 Springboard Doctrine

In addition to not making any unauthorised disclosure, the person to whom confidential information is disclosed (the "recipient") under an obligation of confidence must not make use of the confidential information in an unfair manner. Therefore, the recipient must not use the information as a "springboard" for other activities which may give the recipient an unfair advantage over or be detrimental to the confider of the information. In such cases, a court may grant an injunction to stop the recipient of the information from using it for a period which is calculated to offset the unfair advantage the recipient would otherwise have had.(17) This is called the "springboard" doctrine.

4.2 Employees

Employees are in a special class when it comes to dealing with obligations of confidence as they invariably receive or create confidential information during the course of their employment. However, the rights of the employer must be balanced against the rights of the employee, especially after the employment terminates, to enable the employee to earn a living using his or her knowledge and skills.

Usually the employment contract will contain a non-disclosure or confidentiality clause requiring the employees to keep confidential any information they learn during the course of their employment which, if disclosed to third parties, may be detrimental to the employer. Under common law principles, in the absence of an employment agreement, an employee during the term of his or her employment will be considered to be under an implied contractual "duty of fidelity" consisting of three main duties:

* a duty to maintain the employer’s information in confidence;
* a duty to disclose relevant information to the employer which was developed or learned during employment; and
* a duty not to compete with the employer’s business.(18)

A former employee may freely work for the former employer’s competitors and engage in activities which directly compete with the former employer, subject to an important restriction that the employee may not utilise the former employer’s confidential information for example, chemical formulae or manufacturing processes that the employer has taken steps to keep secret.

If there is a contract of employment, this freedom would be subject also to any other obligations or restrictions contained in the contract, so long as those restrictions are valid and enforceable.(19) An employee however, is not prevented from using his or her recollection of commercial information that has not been kept secret such as names of customers, to compete with his or her original employer.

5. Confidential Information and the Internet

5.1 Internet

There are two main problems posed by the Internet for confidential information:

* the Internet allows widespread instantaneous dissemination of information that was once confidential. This will amount to a breach of confidence by a recipient of the information who posts it to the internet. The plaintiff will usually have an action against such a recipient.

* the information may be readily used and further disseminated by third parties, who may be in different legal jurisdictions. This means that it may be difficult for the plaintiff to bring an action against third parties who use the information. If an action can be brought against the original recipient, however, this is not an overwhelming problem.

A person concerned with maintaining confidential information should take steps to ensure that the information does not end up on the Internet. As the United States cases suggest, it is fairly clear that as soon as information is put on a public part of the Internet, it will cease to be confidential. Loss of confidentiality depends, however, upon the circumstances of each case. For example, if access to information is controlled by an access prevention measure, such as password protection, then the information may retain a degree of confidentiality, especially if few people have access to passwords.

As explained above, the law does not protect confidential information on its own. There is no general action for "theft" of confidential information. The only protection arises out of the relationship between the parties and the obligation of confidence which arises out of the relationship (contractual or otherwise).

Traditionally, a person who innocently came across confidential information and used it without knowing that it was confidential information was not held liable simply because the person had no obligation of confidence. In the ordinary (offline) environment, the chance of this happening is quite rare. If the information was of value to the owner, the owner would do its utmost to ensure that it is kept secret and secure. Usually, the information would not be disclosed without a breach by someone who is under an obligation of confidence or by an intentional interception or espionage. Innocent third party usage would be quite rare. However, with the Internet where communication is instantaneous and worldwide, once information is made available, anyone can come across it without knowing that the information was once confidential and use the information. The owner would have virtually no recourse against these third parties.

There are no cases in Australia dealing with trade secrets and the Internet but in the USA, it has been held that once information is put on the Internet, it becomes public knowledge and no longer has the necessary quality of confidence to be categorised as confidential information.(20)

The speed with which information can be disseminated with such wide reach also effects the effectiveness of legal remedies that are available and the ability of the courts to act quickly when faced with an application to stop the unauthorised dissemination.

5.2 Emails

Email is not a secure communication tool however many people use email to communicate confidential information. Email may be forwarded to any number of people with the greatest ease and if this happens and the dissemination is wide enough, it is likely to be held that the information has lost the quality of confidence.

5.3 Intranet

The case of the internet can be contrasted with that of intranets. Many businesses now use intranets for internal activities. Since intranet access is restricted by passwords and IDs, the nature of intranet is different from the Internet and therefore confidential information posted on an intranet may not necessarily lose the quality of confidence. However, the more people who are aware of the confidential information, the more likely it is that it will be leaked. Also, no firewalls or other security measures can withstand the persistent attempts of a determined hacker (as the example of the Microsoft trade secret espionage showed late last year).

6. Remedies for Breach of Confidence

The owner of confidential information can seek one or more of the following remedies against a person who has breached the confidence:

* order allowing the search of premises and the seizure of documents and products if there is a risk that evidence may be destroyed;
* an injunction restraining the use and disclosure of the information;
* order requiring the return of the information;
* account of profits; or
* damages to compensate the owner.

The usual difficulties associated with finding and proving the culprit of breach of confidence is compounded by an Internet environment where electronic footprints can be very hard to track.



Other relevant Fact Sheets:

Sources of Law
Prince Albert v Strange (1849) 2 De Gex & Sim 652; 64 ER 293 Merryweather v Moore [1892] 2 Ch 518
Argyll v Argyll [1967] Ch 302
Cranleigh Precision Engineering Ltd v Bryant [1965] 1 WLR 1293
Ansell Rubber Co Pty Ltd v Allied Rubber Industries Pty Ltd [1967] VR 37
Seager v Copydex [1967] 1 WLR 923
Coco v AN Clark (Engineers) Ltd [1969] RPC 234
Interfirm Comparison (Australia) Pty Ltd v Law Society of NSW [1975] 2 NSWLR 104
Talbot v General Television Corp Pty Ltd [1980] VR 224
Faccenda Chicken Ltd v Fowler [1987] 2 Ch 117
End Notes
1. The fact sheet draws on information provided by D Hunter, Lecture Notes for Information Technology Law for LLM at University of Melbourne (1998).
2. is Gummow J in Corrs Pavey Whiting & Byrne v Collector of Customs (1987) 14 FCR 434 said, "Confidence is essentially, like ‘negligence’ or ‘privacy’, a concept which defies intrinsic definition."
3. There are, of course, exceptions to this where there is specific legislation, for example, patent legislation. Confidential information is not, however, a creature of legislation but is an equitable doctrine. There are certain pieces of legislation, which create specific obligations in certain circumstances to hold information in confidence, eg. interception of communication on a network, etc. But such topics are outside the scope of the discussion in this fact sheet and will not be dealt with.
4. However, the courts do not always follow this distinction and often interchange one term for the other.
5. See R. Dean, The Law of Trade Secrets (1990) at p 47.
6. See for example, Fraser v Evans [1969] 1 QB 349; Talbot v General Television Corp Pty Ltd [1980] VR 224
7. For example, Crimes Act 1914(Cth) section 79
8. The Anglo-Australian courts have expressed two views of what is meant by a "trade secret". The preferred view is that the term extends to any information of a business or commercial nature that is kept secret: Lansing Linde Ltd v Kerr [1991] 1 WLR 251 at 260; Searle Australia Pty Ltd v Public Interest Advocacy Centre (1992) 108 ALR 163. A narrower view has also been expressed, which uses "trade secrets" to refer only to valuable commercial information that is highly secret, such as secret formulae or manufacturing processes: see, for example, Ansell Rubber Co Pty Ltd v Allied Rubber Industries Pty Ltd [1967] VR 37 at 46; Faccenda Chicken Ltd v Fowler [1986] 1 All ER 617 at 625
9. For example, in Deta Nominees Pty Ltd v Viscount Plastic Products Pty Ltd [1979] VR 167 at 193 it was stated that it is not possible to "slavishly check off the factors against the information, as if one were counting spots on some strange creature to see if it was indeed the species of leopard illustrated in the picture book".
10. See Coco v AN Clark (Engineers) Ltd [1969] RPC 41 at 46-48 per Megarry J.
11. See Ansell Rubber Co Pty Ltd v Allied Rubber Industries Pty Ltd [1967] VR 37; Agreement on Trade Related Aspects of Intellectual Property (TRIPS) art. 39.
12. Saltman Engineering Co. v Campbell Engineering Co (1948) 65 RPC at 215 per Lord Green MR.
13. See Prince Albert v Strange (1849) 64 ER 293 which was really the case from which the modern action of breach of confidence developed. See also Argyll v Argyll [1967] Ch 302 which illustrates the principle arising out of a marital relationship.
14. See Coco v AN Clark (Engineers) Ltd [1969] RPC 41 at 48 per Megarry J.
15. Interfirm Comparison (Australia) Pty Ltd v Law Society of NSW [1975] 2 NSWLR 104.
16. Talbot v General Television Corp Pty Ltd [1980] VR 224. 17. Seager v Copydex [1967] 1 WLR 923.
18. See A Coleman, The Legal Protection of Trade Secrets (1992) at 57.
19. For example, the contract may stipulate a certain restraint of trade clause prohibiting the former employee from working in the same area or in the same industry or for a competitor of the employer for a certain period of time. These restraint of trade clauses will not be enforceable if they are too wide and unreasonable than is necessary to protect the employer’s interests.
20. For example, in Religious Technology Centre v Lerma 908 F. Supp. 1362, it was held that although a person who originally posts trade secret material on the internet may be liable for trade secret misappropriation, reporters who merely downloaded such information from the internet were not liable since the information was publicly available once it was published on the internet. Similarly, in another case of Religious Technology Centre v Netcom On-Line Communications Services Inc., 923 F Supp 1231, it was held that posting materials onto the internet makes them generally known such that they can no longer be considered secret.