Remember when Tesla sued a former employee for allegedly stealing files? Michael Stocks explores legal issues related to confidential documents
We live in a world where data is king. For automakers vying for a position in a competitive market, confidential documents are especially valuable, whether they are details on assembly line machinery and engineering designs, or even business strategies, data. customers or financial records. All the more so in the rarefied world of motorsport where the material is often at the cutting edge of technology and therefore highly sought after.
Earlier this year, Tesla sued a former employee for allegedly stealing 26,000 confidential files just three days after taking office. The employee, a software engineer, transferred confidential hardware from Tesla’s software platforms to his own personal Dropbox account, removing the imprint he left along the way.
Such situations are not unique. Indeed, as homeworking becomes mainstream, leading employers to believe that they have lost some degree of control over who has access to what and from where, it can be expected that cases of ” data hijacking is increasingly making the headlines.
What is confidentiality?
First, a brief lesson in law.
The principle of the protection of confidential information is that which acts on the conscience of the recipient not to use the information to harm the party who provided it. It is a general principle based on fairness. With the exception of trade secrets (which are a category of confidential information of particular commercial value and defined in the Trade Secrets Directive), there is no legislation which defines what constitutes a trade secret. confidential information and what can (or cannot) be done with information. Rather, it is based on a principle of “fairness” which has been allowed to develop through cases that English courts have heard over the centuries.
Confidential documents are especially valuable, whether they are details of assembly line machinery and engineering designs, or even business strategies, customer data or financial records.
For history buffs, the principle originally applied to personal information: one of the first recorded cases of abuse of confidential information dates back to 1849 and concerned private engravings made by Prince Albert ( which had been obtained in a nefarious manner and published by a third party). Over time, the principle has grown beyond the scope of personal information to protect confidential business information.
Prevention is better than cure
The fact that some of the world’s best-known companies with robust cybersecurity systems have experienced data breaches (Renault, Apple, BA, etc.) suggests that it may never be possible to protect yourself. fully against this problem. Educating staff about the risks of data loss is one of the best ways to guard against unthinkable events. Companies must ensure that they train employees with access to particularly sensitive information to ensure that valuable company information is not inadvertently made public. They also need to ensure that when an employee leaves, all company property is returned promptly, by updating passwords and login information.
It is also essential to have technical solutions and policies in place to protect confidential information from unwanted distribution. Companies must ensure they have clear policies regarding the use of confidential information (work from home, emails, surveillance and data protection); employment contracts which oblige staff to respect confidentiality clauses during employment and beyond; and the appropriate restriction in contractual agreements with third parties when confidential information has to change hands. Finally, companies must ensure that they store confidential electronic information in a document management system that tracks individual usage and whose access is limited to those who need it.
“Confidential information” in commercial contracts
Sharing confidential information is an important part of many business contracts (although it can often be ignored in order to close the deal). It is therefore important to define as carefully as possible what âconfidential informationâ means and what the receiving party is (or is not) entitled to do with it.
If at the start of a business relationship it is not clear what material should be provided, the wording used to define âconfidential informationâ may need to be more general in order to capture a wide range of information. Lawyers are familiar with the drafting of agreements with such catch-all confidential information provisions, but it is important that business parties carefully review the drafting to ensure that it adequately covers all categories of documents that may need to be provided.
If, on the other hand, it is possible to identify what needs to be specifically provided for the purpose of the contract to be achieved, you may consider specifying precisely what has been provided; how it was delivered; in what format; and to whom and when.
You should also make sure that all parties know that this material is covered by the confidentiality obligations of the agreement.
What are my rights if confidential material has been misappropriated?
Depending on the circumstances, the misappropriation of confidential documents may overlap with both criminal and civil law. This means that a party who intentionally misuses confidential information can be prosecuted (it is after all a theft) and therefore risks a criminal sanction whether it is a fine or imprisonment.
However, what is more common in the business world (where a party wishes to take more urgent action to be compensated for the wrongdoing) is that a party who uses confidential information for unauthorized purposes may do so. subject of civil action. So what are the steps a party must take to file a claim?
Obviously, information that has been misused must be confidential. However, it is not always straightforward if the information is actually in the public domain or can be recreated by reverse engineering.
In many cases, it will become clear that the information is confidential by its very nature. This can be explained by the fact that the material at the center of the dispute falls under a contractual definition of âconfidential informationâ (hence the reason why lawyers recommend a good wording of the clause). Alternatively, the material could have âthe quality of trustâ (a test rather specific to the facts but which should demonstrate that it is the property of the transferring party and that it is not made public). In the automotive industry, this material will typically include manufacturing processes, engineering designs, customer lists, pricing information, business development strategies, etc.
At the time of transfer, the importance of confidentiality should have been noted. If information has been provided as part of a contract, then this test may be easy to meet. If this is not the case, the supplier will have to demonstrate the circumstances in which the information in question was provided to the recipient.
Use must be unauthorized
If the information has been used in a way that is outside the scope of a contract (hence the need to address the circumstances in which the information can and cannot be used is so important) then it will be a problem. solid evidence of guilt on the part of the recipient.
What can I get back?
A company that has established the above factors mainly has three remedies available. An injunction is often the first choice of remedy to prevent the further release of confidential documents. Obtained within a short period of time, the court is asked to make an order preventing the perpetrator from abusing or disclosing the material.
In addition, the relinquishing party could sue for damages, ordering the infringer to compensate it for losses caused by the misuse of the information. The ceding party may also be entitled to the profits that the infringer has generated as a result of his misuse of confidential information.
Regardless of the misuse of confidential material, whether caused by a hacker, disgruntled employee, or business partner, the ramifications can be serious and costly for the business as it risks losing its competitive edge. Proactivity is essential.
About the author: Michael Stocks is Managing Associate and Co-Head of Automotive Group at Stevens & Bolton LLP