• forIndividuals
  • forBusiness
  • forCommunity
search
About usFact sheetsPrimary legislationWhat's new?
DictionaryTeachingContact usSite mapLinks
click to go home


Our Fact Sheets provide a detailed account of 29 areas of law as they apply to the Internet

Fact Sheets



IIA releases draft Cybercrime Code of Practice in July 2003

Workplace

Confidentiality


1. What is confidentiality?

The law does not recognise confidentiality or confidential information on its own.(1) It is the relationship of confidence rather than the information which receives legal protection. Confidential information can include documents, ideas, commercial secrets, personal secrets, artistic secrets and state secrets.

An obligation of confidence may exist between an employer and an employee, a husband and a wife or between business partners.

Confidential information can be protected by contract law if a confidentiality agreement has been entered into.

2. When does a breach of confidence occur?

A breach of confidence occurs when:

(a) the information has a "quality of confidence about it";

(b) the circumstances in which the information is imparted gives rise to an obligation of confidentiality; and

(c) a person who receives the information discloses or threatens to disclose the information to the detriment of another.

3. Employees

Employees are in a special class when it comes to dealing with obligations of confidence. Confidential information is invariably created or received during the course of employment. The rights of the employer must be balanced with the right of the employee, especially after the employment terminates, to enable the employee to earn a living using their knowledge and skills.

Usually the employment contract will contain a non-disclosure or confidentiality clause requiring employees to keep confidential any information they learn during the course of employment which, if disclosed to third parties, may be detrimental to the employer. In the absence of an employment agreement, an employee during the term of employment will be considered to be under an implied contractual "duty of fidelity" consisting of three main duties:

(a) a duty to maintain the employer’s information in confidence;

(b) a duty to disclose relevant information to the employer which was developed or learned during employment; and

(c) a duty not to compete with the employer’s business.

Once the employment is terminated the legal duty changes. A former employee may freely work for the former employer’s competitors, and engage in activities which directly compete with the former employer, subject to an important restriction that the employee may not utilise the former employer’s confidential information. If there is a contract of employment, this freedom is also subject to any other obligations or restrictions contained in the contract.

4. Employment Contract

It is best practice to have a written employment contract and also an express confidentiality clause in the employment contract.

This not only expressly states what the obligations of the parties are but also acts as a reminder of the party’s obligations.

In addition, information which may not necessarily be held to have the required quality of confidence about it at common law could also be protected by the employment contract if expressly defined in the contract to be protected.

Another way an employer may attempt to protect confidential information is with a "non-competition clause". This tries to limit the employee’s freedom to work for a competitor or to set up a business in competition with the employer once the employee has left the employment. Such a clause must be drafted very carefully because such "restraint of trade clauses" as they are known, are enforceable only if they are reasonable. If these clauses are couched in terms which are too wide (for example, if the period of restraint is too long or the area of restrain to wide), a court may strike it down as being unenforceable.

5. Contract Employees

Contracted or outsourced labour may also be subject to similar obligations of privacy. One of the National Privacy Principles (NPP 9) places restrictions on the cross-border transfer of personal information where the recipient is not bound by privacy rules substantially similar to the Australian privacy rules.

6. Employees’ Medical Health Records

There have been recent government moves towards systems of electronic health records. It is likely that many states will implement specific health privacy legislation covering the handling of health information in electronic records in the public and private sectors.(2)


Other relevant Articles on this site:
Email legal risk
Encryption of data
Security

Other relevant Fact Sheets:
Confidential Information
Privacy
Secure Electronic Transactions
Workplace Net Control 

End Notes
(1) Specific legislation may create exceptions to this. For example, a specific obligation to hold information in confidence may be imposed in the case of the interception of an electronic communication on a network under the telecommunications legislation. Generally, confidential information is only protected by the common law and not legislation.

(2) The Health Records Bill 2000 (Vic) is expected to be passed in 2001, and the New South Wales Government recently announced it would introduce state-based health privacy legislation in an effort to ensure confidence in electronic health records.

"Anything that is too stupid to be spoken is sung", Voltaire
forIndividuals/