18 January 2018
Cassandra Bujaroska, Graduate Associate
It is Friday afternoon and one of your most senior employees, the manager of the sales team, comes to your office to officially give notice of their resignation. All appears to go smoothly, until, a few months later, you lose two of your firm’s major clients. Upon investigation, you discover that the senior executive accessed and stored confidential information on a USB before he resigned.
You need a game plan, but you are unsure how to go about it. What steps should you take? What are you legally entitled to do in these types of situations? What obligations do employees owe regarding confidential information post-employment?
What is confidential?
Any information that is not in the public domain, such as customers’ names and software programs, and trade secrets would fall under the definition of confidential information. Additionally, the case law in this area points to a number of factors that are relevant in determining whether or not information is considered to be confidential. Recently, the factors that a court will consider were summarised, and include the following1:
- The extent to which the information is known outside the business;
- The skill and effort required to collect the information;
- The extent to which the business treats the information as confidential;
- The value of the information to competitors;
- Whether the information can be easily duplicated by others;
- Whether the employee was informed that the information was confidential; and
- Whether the usage and practice in the industry supports the confidentiality.
How does the law protect confidential information?
Employees owe a number of obligations to their employer regarding confidential information obtained in the course of their employment. For example:
- an employee will have an implied contractual obligation to maintain confidentiality, an obligation which remains post-employment;
- an employee may be subject to equitable obligations, including fiduciary duties to maintain confidentiality, and to act only in the interests of the employer;
- if employed by a corporation, an employee will have an obligation under the Corporations Act 2001 (Cth) to not ‘improperly use the information to gain an advantage for themselves or someone else, or to cause detriment to the corporation’.2
The best way for an employer to protect its confidential information is to ensure that the employee has a written contract of employment that includes specific obligations with respect to confidential information.
For example, the contract should:
- define confidential information;
- impose express obligations (both during and post-employment) not to misuse confidential information; and
- impose obligations to prevent misuse of confidential information by other parties, and to report any such misuse to the employer.
What to do if an employee breaches confidentiality
If an employee breaches his or her obligations with regards to confidential information, the employer may pursue a number of legal remedies, including:
- an injunction to prevent any further breaches of confidentiality;
- damages for breach of contract; or
- an account of profits.
However, an employer will need to act quickly to ensure that these remedies remain available.
Please contact People + Culture Strategies on (02) 8094 3100 if you would like assistance with reviewing or preparing confidential information policies, procedures or training.