MillenniumPost
Opinion

Shield for secrecy

Amid rapid digital transformation and consequents threats emerging on the horizon, the need for a well-rounded umbrella legislation to protect ‘confidential’ information becomes evident

Shield for secrecy
X

In today’s digital world, protecting confidential information has become a paramount concern for businesses worldwide. Failure to adequately protect confidential information can result in severe consequences, including financial losses and damage to goodwill and reputation. As a consequence of digital transformation, new threats have also emerged. Employees, vendors, and third parties regularly carry with them important private and privileged information, which is prone to misuse.

The concept of trade secrets is derived from the Indian Contract Act of 1872. Read carefully, it includes recourse in the event of a breach of non-disclosure agreements and for the protection of sensitive information. According to Section 27 of the Contract Act, any agreement, to the extent that it restricts a person from carrying on their trade or profession beyond the term of the contract is ipso facto void. However, employers can prevent the misuse of confidential information and trade secrets.

Furthermore, aspects of trade secrets can also be found in the provisions of the Indian Penal Code, particularly the Information Technology Act of 2000, as well as in Intellectual Property Laws such as the Copyright Act of 1957 and the Designs Act. India is also a signatory to the Agreement on Trade-Related Intellectual Property Rights (TRIPS).

In the case of Universal Thermosensors Ltd. v. Hibben and Ors. 1992, reported in All England Law Reports, the duty of an employee regarding confidential information during the course of employment was dealt with. It was held that when an employee leaves to set up a competing business, it is impermissible to take confidential information, and if documents are taken away for the purposes of a new business dishonestly, it constitutes theft. In Burlington Home Shopping 1995, a dictum of the Delhi High Court restrained the defendant — an employee of the plaintiff company — upon cessation of employer-employee relation, from carrying on any business, including mail order business, by utilising the list of clientele/customers included in the database exclusively owned by the plaintiff company. In V. Govindan vs E.M. Gopalakrishna Kone 1954, the Madras High Court enunciated that no man is entitled to steal or appropriate for himself the result of another's brain, skill, or labour, even in such works.

Normally, it is suggested that companies require employees, contractors, partners, and third parties who have access to confidential information to sign legally binding non-disclosure agreements and confidentiality covenants.

In general, any information that is not known to the public, which has commercial value, and which has been generated using one’s skill and labour would be regarded as “confidential information”. However, the agreement must specify what information is considered confidential, who may not have access to it, who may not disclose and utilise it, as well as the consequences for violation. Damages may also be stipulated. Such steps create a good deterrent. In employment contracts, there should be an exclusive clause on what constitutes confidential information and the enforcement of confidentiality clauses even post-termination. Entities as well as individuals can initiate civil proceedings seeking injunctions and damages, as well as criminal prosecutions.

The Right to Privacy for employees has increasingly gained importance with the digitisation of the workspace, and rightly so. The much-talked-about Digital Personal Data Protection Act of 2023, which is yet to be implemented, is a very positive move empowering individuals and recognising ethical business practices. The statute inter alia regulates the governance of personal data collected by entities and aims at protecting the individual’s privacy to a large extent. It also takes care of organisations' legitimate purposes.

From an entity’s perspective, some additional protections are needed. Although there are a variety of provisions for fighting out misuse and leaking of confidential information, a comprehensive, well-defined unified law would be helpful to organisations across the country for resolving daily disputes. Liabilities for misappropriations, the prominence of non-disclosure agreements, and breach of trust should be well defined, preferably under the umbrella of one Act, for better and easier implementation.

In the rapidly evolving digital era, the volumes of data being generated and stored daily are growing at an unprecedented rate. As technology continues to evolve, it is important to simplify and implement data security as well as privacy laws. It is also crucial to provide protection from such issues to foreign companies looking forward to making investments.

The writer is a practising Advocate in Supreme Court and High Court of Delhi. Views expressed are personal


Next Story
Share it