We live in a world where data is king. For automotive companies vying for position in a competitive market, confidential material is particularly valuable, whether it be details about assembly line machinery and technical designs, or even business strategies, customer data or financial records. Even more so in the rarefied world of motorsport where the material is often cutting edge and therefore highly sought after.
Earlier this year Tesla sued a former employee for allegedly stealing 26,000 confidential files only three days into his employment. The employee, a software engineer, transferred the confidential material from Tesla’s software platforms to his own personal Dropbox account, deleting the footprint that he had left along the way.
Such situations are not unique. Indeed, as home-working becomes common, causing employers to feel they have lost a certain degree of control over who has access to what and from where, we can expect instances of data ‘misappropriation’ to be in the headlines more and more.
What is confidentiality?
Firstly, a brief lesson in law.
The principle of protecting confidential information is one that acts on the conscience of the recipient not to use the information to prejudice the party who volunteered it. It is a general principle that is based in equity. Save for trade secrets (which are a category of confidential information with particular commercial value and defined under the Trade Secrets Directive), there is no piece of legislation that sets out what confidential information is, and what can (or cannot) be done with that information. It is instead based on a principle of ‘fairness’ that has been allowed to develop though cases that the English courts have heard over the centuries.
Confidential material is particularly valuable, whether it be details about assembly line machinery and technical designs, or even business strategies, customer data or financial records
For the history buffs, the principle originally applied to information of a personal nature—one of the first recorded cases of misuse of confidential information was in 1849 and related to private etchings made by Prince Albert (that had been nefariously obtained and published by a third party). Over time the principle has developed beyond the scope of personal information to protect commercial confidential information.
Prevention better than cure
The fact that some of the world’s best-known companies—with robust cyber security systems—have fallen victim to data leaks (Renault, Apple, BA etc.) suggests that it may never be possible to fully protect against this problem. Educating staff about the risks of data-loss is one of the best ways to safeguard against the unthinkable happening. Businesses should ensure they train employees with access to particularly sensitive information to guarantee that valuable company information is not inadvertently made public. They should also make sure that when an employee leaves, all company property is returned promptly, updating any passwords and login details.
Putting in place technical solutions and policies that protect confidential information from unwanted dissemination is also fundamental. Businesses should make sure they have clear policies covering use of confidential information (addressing working from home, emails, monitoring and data protection); employment contracts that require staff to observe confidentiality provisions during employment and beyond; and the appropriate restriction in contractual agreements with third parties where confidential information is to change hands. Finally, businesses should make sure they store electronic confidential information within a document management system that allows for tracking of individuals’ use and with access limited to only those who need it.
‘Confidential information’ in business contracts
The sharing of confidential information is an important part of many commercial contracts (although it can often be overlooked in order to get the deal done). It is therefore important to define as carefully as possible what ‘confidential information’ means and what the receiving party is (or is not) entitled to do with it.
If at the start of a commercial relationship it is not clear what material may need to be provided, the wording used to define ‘confidential information’ may need to be more general so that it captures a broad range of information. Lawyers are well-versed in drafting agreements with such catch-all confidential information provisions, but it is important for commercial parties to scrutinise the drafting to make sure that it adequately covers all categories of material that might need to be provided.
If, on the other hand, it is possible to identify what specifically needs to be provided so that the purpose of the contract can be fulfilled, you may wish to consider specifying precisely what has been provided; how it has been provided; in what format; and to whom and when.
You should also ensure that all parties know that this material is covered by the obligations of confidentiality in the agreement.
What are my rights if confidential material has been misappropriated?
Depending on the circumstances, misappropriation of confidential material can straddle both the criminal and civil law. This means that a party who intentionally misuses confidential information may be subject of prosecution (it is after all a theft) and therefore risks a criminal punishment be that a fine or imprisonment.
However, more common in the business world (where a party wants to take more urgent action to be compensated for the wrongdoing) is that a party who uses confidential information for unauthorised purposes, may face a civil claim. So, what are the steps a party must take to bring a claim?
Confidential breach
Obviously, the information that has been misused must be confidential. However, this is not always straightforward if the information is actually in the public domain or can be recreated through reverse-engineering.
In many cases, it will be clear that the information is confidential by its very nature. This may be because the material at the centre of the dispute falls within a contractual definition of ‘confidential information’ (hence why legal experts advocate good drafting of the clause). Alternatively, the material might have ‘the quality of confidence’ (a rather fact-specific test but one that should demonstrate that it is proprietary to the transferring party and not made public). In the automotive business sector such material will typically include manufacturing processes, technical designs, customer lists, pricing information, business development strategies, etc.
Importance
At the time of transfer the importance of confidentiality must have been made known. If information has been provided under a contract, then this test may be easy to satisfy. If not, then the providing party will need to demonstrate the circumstances in which the information in question was provided to the recipient.
The use must be unauthorised
If the information was used in a way that falls outside the scope of a contract (hence why the need to address the circumstances in which the information can and cannot be used is so important), then this will be strong evidence of culpability on the part of the recipient.
What can I recover?
A business that has established the above factors principally has three remedies available. An injunction is often the first choice of remedy to prevent the further dissemination of confidential material. Obtained at short notice, the court is asked to make an order preventing the wrongdoer from misusing or disclosing the material.
In addition, the transferring party could pursue a claim for damages, ordering the wrongdoer to compensate them for losses that have been caused by the misuse of the information. The transferring party may also be entitled to the profits that the wrongdoer has generated as a consequence of its wrongful use of the confidential information.
However confidential material is misused, whether it is caused by a hacker, a disgruntled employee, or by a business partner, the ramifications can be serious and costly to the business as its risks losing its competitive edge. Proactivity is paramount.
About the author: Michael Stocks is Managing Associate and co-head of the Automotive Group at Stevens & Bolton LLP
