Business and Commercial Law – The Dislcosure of Confidential Information and the Panama Papers - The Law of Toothless Tigers
BUSINESS AND COMMERCIAL LAW
THE DISCLOSURE OF CONFIDENTIAL INFORMATION AND THE PANAMA PAPERS – THE LAW OF TOOTHLESS TIGERS
Very few people in the business and legal communities had heard of Mossack Fonseca, a small but thriving commercial law firm specializing in taxation and financing in Panama.
However, in April 2016, over 11 million files were leaked following a hack into its computers. The leaked materials have become known as “the Panama Papers”. What was revealed was what had previously been regarded as confidential information about some 214,000 offshore companies and their shareholders and directors. The hackers undoubtedly broke many Panamanian laws and regulations.
This article will briefly examine what sort of information qualifies as “confidential information” in Australia and what protections are available to anyone who wishes to keep their confidential information safe and secure.
Under Australian law, the law of confidence exists to protect confidential information from publication or other unauthorized use. It is often the only or main form of protection for commercially sensitive information which is not otherwise capable of being protected by intellectual property rights or contractual rights.
In order to be classified as confidential information, it must be:
Confidential in nature; and
Disclosed in circumstances giving rise to an obligation of confidence.
This definition of confidential information does not help in accurately identifying confidential information. There are often disputes about what falls within the definition. What is clear, however, is that information which is available publicly will not be confidential and neither will information revealed in circumstances where the recipient of the information could not have been on notice that the information had to be kept secret.
Under Australian law, the person receiving information in confidence must not take unfair advantage of it. An obligation to keep information confidential arises when an individual receives information that they know, or ought reasonably to appreciate, is to be regarded as confidential. Certain relationships automatically give rise to an obligation of confidentiality. Examples are the relationships between a doctor and patient or between a solicitor and client.
The obligation of confidence does not need a contract or agreement for its operation. It exists independently of any express agreement between the information sharing partners. However, it is wise for any person about to reveal sensitive information to only do so under the terms of an express confidentiality agreement. This will avoid problems of what is or what is not confidential information or whether it has been imparted in a confidential manner or not. Written agreements can clearly specify what information is confidential and what the receiving party may do with it.
In order for a party to enforce the law of confidence, there must be a misuse or threatened misuse of the confidential information. This is a breach of confidence. A breach of confidence can arise in two ways:
Disclosure of the confidential information to an unauthorized third party; or
Using the confidential information for an unauthorized purpose.
Once breach of confidence is established, there are a number of remedies available to the innocent person:
An account of profits – if the party which has misused the confidential information has profited financially from the misuse, then the innocent party can recover those profits for itself;
Damages – if the misuse of the confidential information has led to the innocent party suffering loss and damage, then the innocent party can be compensated financially by the wrong-doer; and
Injunction – a court can prevent further breaches of confidence by the disclosing party and force that party to destroy copies of the confidential information held.
The mere threat of disclosure or other misuse of confidential information may enable the innocent party to seek an injunction to prevent the actual breach of confidence from occurring. However, not every breach of confidence will grant a remedy to the non-disclosing party. For instance, if the breach was carried out in the public interest, then courts may not automatically punish the disclosure. An example of this is the difficulties which authorities are having in pursuing and/or suing “WikiLeaks” or Julian Assange.
How then should confidential information be protected?
As in many aspects of the law, prevention is always better (and certainly cheaper) than cure.
As advised above, any release of confidential information should always be carried out under the terms of a clear written confidentiality agreement. This will provide good measures of protection in most cases.
However, the law of confidence will not be able to prevent situations like the Panama Papers where a hacker is determined to steal information and reveal it to the press. In that case, the horse has well and truly bolted! In other breaches of confidence, the remedies set out above may have limited redress. Often, the prime goal of the innocent party is to maintain the confidential nature of the information and not have it revealed to the public. Once a widespread publication has taken place, the damage may have been done already and the innocent party can never be properly compensated.
This is the soft underbelly of the law of confidence. It is ore of a deterrent than anything else.
Accordingly, if any warning of a potential future breach of confidence is given, it should never be ignored. The threat should be addressed forcefully. It is better to prevent the breach if possible than to deal with the fallout after a breach has occurred.
This article is intended only to provide a summary of the subject matter covered. It does not purport to be comprehensive or to render legal advice. No reader should act on the basis of any matter contained in this article without first obtaining specific professional advice.
For any further information concerning this article, please Michael Pickering, Managing Principal, De Marco Lawyers.. His contact details are as follows: