Can you keep a secret? The law of confidentiality and the role of NDAs

1 August, 2018
by: Cripps Pemberton Greenish

The English law on confidentiality is arguably more important now that it ever has been.

Knowledge is power and is guarded jealously and ever more so in an age where technology has made information, (whether true or not), increasingly accessible and dispensed on an unprecedented scale. The ability to control access to and the flow of information has become the sine qua non of commercial relationships (and some private ones too).


Common Law Duty
The duty of confidentiality is a principle of English common law. Information provided in confidence must not be disclosed without the approval of the party providing the information. Most information can be protected under common law if the following two conditions are met:

  1. The recipient of the information must know that the information being disclosed is confidential. This is judged from an objective perspective. Would a reasonable person, given the circumstances of the disclosure, know that the information is confidential? For example, information disclosed in public to a number of people is less likely to be confidential than that disclosed in private to one person; and
  2. The material being disclosed must also have a quality of confidence about it. It must not be information that already exists in the public domain. Merely labelling something as ‘confidential’ will not suffice – it must offer something novel or private which is not publicly known.

A breach of this common law duty can result in an injunction to prevent further disclosure and/or damages resulting from the financial cost of the unauthorised disclosure, though damages can be hard to quantify.


Statutory protection of certain information
Some information is of course protected under statute. The Official Secrets Act 1989 prevents many public servants, particularly those in the intelligence services, from disclosing information relating to national security and state secrets.


Confidentiality Agreements
Confidentiality agreements offer more certainty by (1) ensuring the recipient is always notified that the information is confidential, (2) defining the information which is confidential and (3) providing express remedies in the event that the agreement is breached.

The agreement can either be in a confidentiality clause of a contract between the parties or in a separate non-disclosure agreement (NDA).

In defining the information which is confidential it will not suffice to refer to all information disclosed as being confidential. Apart from not satisfying the second requirement of the common law duty it leaves the parties none the wiser. It is best to provide a specific list of confidential information, often by referring to a schedule or an annex. This can be time consuming but it provides clarity in the event of a dispute and also offers a useful means of verifying what material has been disclosed.

As well as defining what material is confidential, it is also important to stipulate who it can be disclosed to. Depending on the purpose of the agreement it is often useful to list people that the information can be provided to, whether that be more general; advisers, accountants and employees or more specific; a list of specified individuals. This helps to maintain a closed network of knowledge and reduces the chances of an unauthorised disclosure.

It is also worth remembering that not all third party disclosure can be prohibited. Disclosure may be required by law, certain information may have been independently discovered or the information provided may become out-dated or no longer possess the necessary quality of confidence. It is therefore advisable to limit the duration of the confidentiality agreement and provide for the return and/or destruction of material when the agreement comes to an end.

Depending on the context of the agreement, it might also be advisable to provide for the disclosure of information in tranches. Full disclosure is not always necessary and can result in one party being privy to information that is surplus to its needs. Providing information in tranches is not only more efficient but ensures that discussions develop at a staggered pace where, at each stage, the disclosing party can determine what information needs to be provided.

Many NDAs go further and include provisions on how the information is to be stored or treated by the recipient and for the recall and destruction of the information at the request of the party disclosing it. There may also be provisions to ensure that disclosure shall not be taken to imply a warranty that the information provided is correct or accurate or be taken to be a disposition of the intellectual property contained within the information.

Therefore, NDAs can be quite lengthy and complicated documents, and need to be treated with care.


Possible Reforms
Drafted correctly, confidentiality agreements are a useful tool for controlling the use of information. However, they have attracted criticism where they have been used to cover up illegal or potentially illegal activity. This has been a hot topic of late, with the press reporting instances of NDAs being used in attempts to prevent the disclosure of sexual misconduct. This is currently the subject of government scrutiny and the law in this area may be changed and will need to be considered carefully.
The possibility that, in future, certain information cannot be protected may have wider ramifications on commercial confidentiality agreements. Businesses will need to have a better understanding of exactly what information can be considered confidential and therefore afforded some form of statutory and contractual protection.


It won’t be surprising to learn that in any one commercial relationship or transaction, most of the information that passes between the parties is either not capable of being confidential (because it is in the public domain) or its confidentiality is really not that important and its disclosure by the recipient would not harm the disclosing party. Therefore, when considering an NDA or a confidentiality provision, carefully and narrowly define what information is and should be kept confidential.

…and remember, if you want to keep a secret the surest way of doing so is by not telling!