The Shield and the Sword: Protecting Business Confidential Information

Back To Latest News

‘Barbenheimer’ has become a global marketing phenomenon (for the uninitiated, it refers to the blockbuster films Barbie and Oppenheimer which were released on the same weekend). The film Oppenheimer details Robert J. Oppenheimer’s Manhattan Project (the secret Second World War project to build the first atomic bomb). The project was shrouded in secrecy to protect national secrets from USSR (Russian) spies at the beginning of the Cold War. In the context of developing a super weapon in the United Kingdom, this would now likely fall under the protection of the Official Secrets Act 1989. Though, not all businesses have the benefit of the Official Secrets Act to protect important information.

However, almost all businesses will have some confidential information that requires protection. Whether these are trade secrets, client lists, or internal business structures. Ideally, because of thorough methods of protection, confidential information should be shielded and would not leave your business without your permission. But what happens when confidential information gets out and its use could damage your business? And, how can the law be used as a sword protect your information? James Hudson (Trainee Solicitor) and David Moore (Principal Associate) explore this below.

The Shield 

Restrictive covenants 

Most contracts will contain some form of restrictive covenants. Put simply, the purpose of restrictive covenants is to stop someone from doing something (so long as the protection is enforceable). For example, common restrictive covenants in employment contracts are non-solicitation or non-dealing clauses. These stop ex-employees approaching customers of their previous employer. Commonly, confidentiality is also protected by the terms of an employment contract. However, it is not fatal if it is not as there are further protections provided by common law, including implied terms of confidentiality.  

Breach of confidentiality 

To be protected under the legal doctrine of confidentiality where information has left the business, the information must: 

  1. Be confidential in its nature
  2. Have been told to someone confidentially and
  3. Have been used without the business’ permission. 

On the face of it, the first limb of the above test appears quite vague. But case law has described it as “information which is not generally available to others and which the possessor does not wish to be generally available.”

In an employment context, the case of Faccenda Chicken showed that an employee has access to three tiers of information: 

  1. Trivia of the business
  2. Information which has some confidential elements and  
  3. Truly confidential trade secrets. 

Trivia of the business is generally publicly available information (e.g., delivery routes, identities of directors). Information which has some confidential element may be confidential whilst an employee is employed with a business, but only protectable for a limited time post-employment (e.g., prices and inside know-how). Thirdly, there are truly confidential trade secrets. These can – potentially – remain confidential forever (e.g., secret ingredients, significant algorithms).  

The recent case of Rancom Security Limited v Girling and others is a good example of the above. Girling and others were found to be in breach of contract and of their duties of confidentiality for taking customer details, and supply contracts from their ex-employer’s database. They then contacted those customers to seek to unlawfully make a financial gain (for a new company, which they had formed).

The Sword 


If someone breaches their duties under contract or confidentiality, a range of steps are available to the injured party: 

  1. Sending a ‘cease and desist’ letter (this is the usual first step)
  2. If certain criteria are satisfied, obtaining an injunction from the court to stop further dissemination of that information and/or  
  3. Claiming damages (compensation) – or an account of profits – for financial losses suffered.  

There also remains the opportunity to have the matter dealt with by out of court methods (ordinarily starting with the first step above). By engaging a lawyer at an early stage, the right solution can be identified sooner, which should assist in minimising legal costs in the long run. 

Practical Protective Measures 

Turning back to ‘the Shield’ (i.e., preventative measures), there are some practical ways in which confidential information can be protected in a business. Some of these include: 

  • Identifying and monitoring confidential information within your business through centralised lists or registers
  • Using non-disclosure agreements when disclosing confidential information to third parties
  • Ensuring your business has confidentiality policies and training to prevent the unauthorised disclosures of your business information and 
  • Having the relevant cyber-security in place to prevent cyber-attacks from stealing your confidential information.

If your business is facing any of these issues, or if you have any questions or concerns about protecting its confidential information, don’t hesitate to get in touch with us.

The specific topic of trade secrets is covered in more detail in our recent update on Threads/Twitter, available here.