Protecting confidential information and trade secrets

During employment, employees owe certain obligations not to use or disclose trade secrets (ie a piece of information, treated as confidential by its owner, which has commercial value because it is secret). However, it is not legally clear that this duty applies to lesser types of confidential information.

After employment ends, employees are not automatically forbidden from using or disclosing trade secrets or confidential information.

It is always recommended that employers put in place clear Employment contract clauses clarifying that employees must not use or disclose trade secrets or other types of confidential information. Such clauses should also state that this obligation continues even after employment ends and specify the information that the employer considers confidential.

However, as confidential information breaches can be hard to police, also consider reducing the opportunity for misuse by restricting employees’ activities after employment using post-employment restrictions (eg non-compete clauses).

Trade secrets include valuable and potentially confidential material that employees can be restrained from using, even after they leave their employer. The disclosure or use of a trade secret (if it is confidential information) is illegal. Under the Trade Secrets Regulations 2018, revealing or using a trade secret is unlawful where it constitutes a breach of confidence in confidential information.

The Regulations also build upon the existing concept of 'trade secrets' by adding new requirements (eg reasonable steps must have been taken to keep the information secret and such information having commercial value because it is secret). What is reasonable is typically for the courts to decide.

Ask a lawyer for more information on protecting trade secrets in the workplace.

Practical steps to protect information not only reduce risk but improve your prospects of enforcing protective clauses in court, if necessary.

You should:

• clearly label confidential information as such

• restrict access to confidential information and circulate only as needed, on a need-to-know-basis

• ensure information security by securing physical and electronic documents by using locked cabinets, offices, password protection and encryption

• keep a register of confidential information to monitor ownership and/or control

• regularly train your employees on the importance of confidentiality and how to avoid the disclosure of commercially sensitive confidential information 

• adopt an Information security policy to set out your processes and rules for ensuring the security of your confidential information

When dealing with third parties, consider using a non-disclosure agreement (NDA). You can make your NDA using our One-way confidentiality agreement or Two-way confidentiality agreement. You can also use a Letter of confidentiality.

Stop employees from storing contacts and any business information on external sites, such as LinkedIn, as this makes information harder to protect. Consider doing this using a Social media policy.

Make sure not to breach an employee’s employment contract (eg by making a PILON without the contractual right to do so), as this can remove your right to enforce the contract altogether.  

Act fast if you discover an ex-employee has breached confidential information restrictions (or other post-employment restrictions), as delaying may mean you lose the right to an 'injunction' (ie a court order preventing further breaches).