HANDLING CONFIDENTIAL INFORMATION

www.burdlaw.com

©1998, 2002  Bruce E. Burdick, JD

 

 The reaction I usually get from business people when I question their handling of secrecy agreements (also called “confidential information agreements”, “non-disclosure agreements”, “privacy agreements”) varies from "Who cares, everybody signs these agreements." to "You lawyers are always holding us up for no good reason." to “These are really crucial, we aren’t moving until a secrecy agreement is in place.”

An appropriate program for handling confidential information can overcome these and similar myths. Those same business people, when trained in the handling of confidential information, handle matters of confidentiality with ease and legal acumen. They have found that following correct procedures for handling confidential information normally involves a minimal inconvenience to their business activities and that by doing so they have better protected their trade secrets. As an example, one of my clients, a large commercial and military ordnance manufacturer, had its upper management visit most of the major ammunition factories in Europe without signing a single confidentiality agreement. They were able to identify a significant body of information of interest to the company without incurring any restrictions on its use. At the same time, they were able to obtain valuable restrictions when other companies visited here. If this can be done on military production facilities, with proper planning and procedures it may be possible with less secure facilities.  This turnabout is achievable in your company by a three-point program backed by top management.

 

General Considerations

A Three-Point Plan

First, clear policies and procedures relating to the receipt or disclosure of confidential information must be set out. Second, an education program must be undertaken to your company’s personnel with respect to the risks associated with receiving or disclosing confidential information and the proper procedures which must be carried out to minimize those risks. Third, little or no delays must exist in the legal function reviewing and providing acceptable form agreements and prompt review procedures so as to accommodate the needs of the business people. This will result in the business people being able to move quickly on a sound footing with respect to trade secrecy issues, and thus encourage businessmen not to try to take shortcuts in order to accommodate urgent business.

 

What is "confidential information" or "proprietary information"?

It is non-public technical or business information, such as trade secrets, know-how, technology, business plans, forecasts, financial information, sales reports, customer lists, vendor lists, equipment specifications, manufacturing parameters, and the like. If the confidential information has business value, it is often called "trade secrets." If the information relates to the military it may be "classified" as CONFIDENTIAL or SECRET or TOP SECRET, thus some companies (particularly those in the defense industries) often use the term "proprietary information" to refer to non-military confidential information to prevent confusion with classified military secrets.

 

What are the risks?

Let us next take a look at some of the risks relating to the handling of confidential information. The misappropriation or misuse of confidential information received from a third party can have very damaging consequences for your company. The courts view such misappropriation as a form of theft, in a manner similar to patent infringement (which is viewed as theft of an invention recognized by the Government as worthy of protection.) Theft of confidential information can thus result in damages and injunction against future use sufficient to put a company out of business in a product line or, in severe cases or with smaller companies, even put the company out of business altogether. The tarnishment of a company’s reputation from being "branded" as a thief can severely impact business relationships with customers and vendors who insist on honest dealings. Trade secrets, by their nature, do not have to be novel or patentable and do not terminate after a fixed period, as patents do. The long life of the Coca-Cola formula is a well-known example worth billions of dollars. The loss of your company’s confidential information to third parties can also cost your company its competitive edge and waste valuable research and development efforts by allowing competitors free access to and use of the "company jewels." Wal-Mart has closely guarded its computerized purchasing and inventory control system, which has allowed it to maintain a cost advantage over its competitors. Olin has kept its gunpowder manufacturing procedures secret for more than 60 years, long after patents would have expired. In any event, litigation expenses in trade secrecy cases can be substantial and may jeopardize the secrets in the process of proving what secrets were or were not stolen and employees involved are often summarily terminated and "blacklisted."

The treatment of confidential information differs depending on whether your company is receiving or disclosing the information.

Receipt of Confidential Information ("In")

It should be your company’s general policy that it will not accept information in confidence. In a majority of cases, particularly those involving marketing, engineering or sales, this general policy will not present any impediment to the carrying out of business and it will reduce substantially the number of instances where your company has to receive confidential information. Many companies, because of their concern over the risk of handling confidential information of others, have very strict policies against the receipt of confidential information and virtually refuse to accept confidential information under any circumstances. In certain instances where there are overriding business reasons which justify accepting information in confidence, it can be done relatively safely if properly managed, particularly where upper management approval is required prior to receipt of confidential information.

          The receipt of confidential information should require the approval of a senior manager such as a Divisional President or his/her delegate. The reluctance of personnel to request such high level approval acts as a reinforcement of the general policy against receiving information in confidence. If the approval is given, and if the information is received, the information should be received pursuant to a carefully drafted confidentiality agreement. To ensure that your company's risks in accepting the information are minimized, intellectual property counsel should scrutinize the agreement. The intellectual property counsel will be in a position to assess the effect on patenting activities of your company that receipt of confidential information might impose and whether the information is the subject of pending patent applications or has undesirable effects on other divisions.

          When entering into a confidential arrangement on information you receive, every effort should be made to avoid restrictions on its use. It is the restrictions on the use of the information that give the patent like character to the transaction. In fact, your company undoubtedly already has many mutual confidential arrangements with companies where both sides are free to use the information within their own organizations and the only obligation is to not to disclose the information to others. This type of arrangement is relatively risk-free since it is in your company’s normal policy to maintain its business information in confidence. Each party is protected from the other by its patents and by limiting the scope of the information that it discloses to the other.

          Where a free use arrangement is not acceptable to the other party, then your company will sometimes accept use restrictions. Normally, in such instances, however, the term of confidentiality will be minimized, e.g., five years or less, so as to reduce the potential for misuse inadvertently or otherwise. The information to be kept confidential should be limited to written information since it is necessary for your company to know "with confidence" what information it received "in confidence." There should be the normal exceptions to confidentiality particularly including independent development by your company. In such instances, the disclosure of the information within your company should be carefully managed to ensure that your company’s research operations are not tainted in their independent development efforts by receipt of any information which would conflict with their programs.

 

Disclosure of Confidential Information ("Out")

            Non-confidential disclosure of your company’s information, e.g., to customers, can result in loss of enforceable rights in the information. Government agencies will not treat your company’s confidential information, e.g. health data, environmental data, financial data, etc., unless your company can certify that all disclosures of the information were in confidence. If your company is to have any opportunity to enforce its rights against potential misappropriators or misusers of its confidential information, it must take certain measures to ensure that such information is maintained secret and to prove that it was considered by your company to be secret. These measures include limiting disclosure to public officials and the media, plant security, limiting the circulation of the information within your company and the use of appropriate agreements, when disclosures of the information are made to others outside the company.

          The disclosure of confidential information to outsiders must be carefully managed. It should require high level approval before such disclosure can be made. Except to intellectual property counsel who need full disclosure to best protect the information, disclosure of trade secrets should be very limited. Even when disclosed, appropriate agreements are required to control the disclosure and maintain its confidential nature. Standardized agreements are used to permit purchasing, procurement and marketing to disclose ordering and sales information within reasonable limits without legal review. Where trade secrets are involved, those agreements should extend for an indefinite term until the trade secrets become public. Where the information will generally become public within a reasonable time, e.g., upon commercialization, a shorter period of confidentiality can be accepted. Where standard agreements are rejected or modified by the other party, intellectual property counsel is normally involved to ensure that the changes are acceptable. The standard agreement for confidential information going "out" will normally be more onerous than a similar agreement that would be accepted for confidential information coming "in." Indeed, to the extent that difference can be maximized, the company is gaining competitive advantages that may ultimately prove of significant value should your company decide to sell the relevant product line or business to another company.

          The signing of a confidentiality agreement ("secrecy agreement", "non-disclosure agreement") is only the first step in protecting the disclosure of confidential information of your company. It is necessary for your company personnel making the disclosures to understand the terms of the confidentiality agreement so that they operate within its limits. It is important that the disclosures themselves be limited to the minimum necessary to accomplish the desired end result, since no matter how good the agreement is there is a risk of misappropriation or misuse. Finally, the agreement should be consulted before any disclosure is made since disclosures over a period of time have a tendency to diverge from the limits of the original agreement.

          By properly managing the disclosure of confidential information and using appropriate agreements, you can maintain a strong trade secret position that can be readily enforced against misappropriators and misusers. When done well, the restricted disclosure of confidential information to third parties can in many instances have the same effect as if you had a patent on the subject matter. You might obtain secrecy agreements which continue to exist as to specific secrets not disclosed in the patents even though the underlying patents have expired, and these agreements might be renewed because of the use restrictions on the confidential information and technology which were disclosed.

          In the past, European and Oriental businessmen complained about confidentiality agreements because they seemed to indicate lack of trust and thus were a uniquely American way of doing business. That is no longer the case. There should be no fear by your company’s personnel of presenting a foreign businessman with confidentiality agreement to protect disclosure of your company’s information. Most foreign companies today will take the same action with regard to their own disclosures.

 

SUMMARY

The disclosure or receipt of confidential information can be managed with minor inconvenience to minimize the risks to your company.

This requires:

*      clear policy and clear procedures for handling such information;

*      education of the business personnel involved with the information so that they are aware of the risks and the procedures for managing the risks; and

*      minimizing delays through cooperation between the legal and business functions so as to to accomodate desired business activities.

 

* * * * * *

 

© 1998, 2002 Bruce E. Burdick, JD