Confidentiality agreements

Confidentiality agreements (or non-disclosure agreements (NDAs)) are frequently entered into to protect confidentiality of information disclosed during negotiations for all kinds of transactions such as for the sale of a business, the entry into a partnership or joint venture, when engaging an external consultant and in employment contracts.

Whilst the confidential information disclosed in these scenarios may be protected by general law (equity), it is often preferable to require recipients of confidential information to enter into confidentiality agreements before receipt so that:

  • the recipient is prevented from claiming that the disclosed information is not confidential;

  • the identity and scope of the confidential information, as well as any exceptions to the obligation of confidentiality, are clearly defined; and

  • contractual rights and obligations, beyond the protections afforded by general law, are created.

Confidentiality agreements usually cover the following topics:

  • term and identification of the parties;

  • scope and identification of the confidential information;

  • approved use and permitted disclosures of the information;

  • a liability regime and remedies for breach; and

  • obligations to return or destroy confidential documents.

Confidentiality agreements may, in some cases, also include standstill provisions (for listed entities only), exclusivity provisions (eg no-shop/non-solicitation clauses, no -talk clauses), disclaimers, process protocols and restraints of trade.

The term of a confidentiality agreement will usually be between 1 and 3 years, or linked to the life of a contract, for example an employment contract. This can be longer if required, but unlimited terms can be struck down as an unreasonable restraint.

The agreement should be between the entity disclosing the confidential information, that is, the owner of that information, and the recipient of the confidential information.

The scope of the confidential information should be formulated in the broadest possible terms, to include all information and documents disclosed before or after the date of the agreement that a business seeks to keep private. However, in cases where there is particular information that is sought to be protected, this should be specified in the agreement for the avoidance of doubt.

Confidentiality agreements will generally include the following exceptions:

  • information in the public domain;

  • information already in the possession of the recipient;

  • information received from a third party that was entitled to disclose it; and

  • disclosures required by law.

Confidentiality agreements will generally hold the recipient of the confidential information responsible for any breach by its representatives. It is common for a recipient entity to be asked to provide an indemnity for any unauthorised disclosure. However, exceptions to liability can be negotiated by a recipient entity if its representatives have provided confidentiality undertakings directly to the discloser.

An information provider should consider whether an indemnity is necessary (and the form of it). Common law damages may provide an adequate remedy anyway, because the likely ‘usual’ loss from the wrongful disclosure would be compensated providing causation can be proved. For example, if a recipient used confidential information in breach of a confidentiality agreement which caused the information provider to lose the benefit of a third party contract, then that loss may be recovered by way of damages for breach. Indemnities are however preferable if the likely loss may be too remote as a matter of contract damages (e.g. the likely loss is too particular to the information provider to be assumed by the recipient) and therefore not recoverable as a matter of ordinary damages for breach of contract. Attention should be paid to the category of loss that is covered, the causative language and the type of conduct that will be captured by the breach.

The usual remedy for breach is the grant of an injunction to prevent unauthorised disclosure by the recipient or to prevent the recipient from unfairly taking advantage of the information, together with damages for any loss arising from the disclosure. These remedies may be available even where no indemnity has been agreed.

Consideration should be given to whether the confidentiality agreement should be executed as a deed. The form of the confidentiality agreement will depend on the reason for the provision of the confidential information and the nature of the relationship between the parties.  If confidential information is provided both ways, a mutual confidentiality agreement may be sufficient whereas if only one party is providing confidential information, a unilateral arrangement in the form of a deed or deed poll would be preferred to avoid any contractual enforcement issues arising from a potential lack of consideration on the part of the recipient.

Confidentiality at general law (equity)

In addition to the protections afforded by contract, obligations of confidentiality arise in equity that are legally enforceable against the recipients of confidential information.  Such obligations will arise where:

  • information was received with the understanding that it would be treated confidentially; or

  • the recipient ought to have realised in all the circumstances that the information was to be treated confidentially.

A recipient of confidential information will breach the duty of confidence where they use the confidential information in an unauthorised way, to the detriment of the owner of that information. Unauthorised use may include both unauthorised disclosure and intellectual use, such as the use of a trade secret to build a competing product.

The duty of confidence will not be breached if information that was disclosed in circumstances of confidence has entered the public domain. There is also a risk that the court will not uphold the duty if the discloser does not act quickly to restrain the breach.

The courts may provide injunctive relief to restrain an initial or future breaches of the duty of confidence. It is vital when seeking injunctive relief to act quickly to restrain the breach. Declarations, an account of profits and the delivery up of documents can also be ordered as a remedy for breach of confidence.