Template:Confi term: Difference between revisions

From The Jolly Contrarian
Jump to navigation Jump to search
No edit summary
No edit summary
Line 1: Line 1:
So must your confi have a {{confiprov|term}}? Some insist on a hard stop, say two years, after which {{confiprov|confidential information}} ''ceases'' to be confidential.  
So must your confi have a {{confiprov|term}}? Some insist on a hard stop, say two years, after which {{confiprov|confidential information}} ''ceases'' to be confidential.  


Many [[Inhouse lawyer|inhouse lawyers]] profess themselves immutably bound to such a term, by internal [[policy]]. They would sooner be broken upon a wheel than let this one go. This [[policy]], they will intuit, will date from the days of the [[First Men]], perhaps after an unfortunate misunderstanding in 1989. and have subsequently hardened, encrusted, calcified, petrified, and finally fossilised itself into a layer deep in the firm’s organisational [[substrate]] without anyone ever having really understood what the issue was that prompted it, much less being able to articulate it now. In the thirty odd years since, generations of employees of that firm have since circulated the market, inculcated with strong sense that some ineffable calamity would befall them, their firm, the market or indeed the entire industry should this sacred covenant ever be breached. It has now become part of the folklore of the financial services markets. You have to have a term, and it can’t be longer than two years ''at the most''.
Many [[Inhouse lawyer|inhouse lawyers]] profess themselves immutably bound to such a term, by internal [[policy]]. They would sooner be broken upon a wheel than let this one go. This [[policy]], they will intuit, dates from the days of the [[First Men]], possibly was the result of a misunderstanding, but in any case has subsequently hardened, encrusted, calcified, petrified, and finally fossilised itself into a layer so deep in the firm’s organisational [[substrate]] that there are now no means to remove it. If anyone ever did really understand what the issue was that prompted it, they have long since moved on, or ''been'' moved on, and no-one remains who can recall, much less articulate the original reason for this policy, or why it is still needed now. Furthermore, in the thirty odd years since, generations of employees have left that firm (some voluntarily, many not) but have taking this deep personal conviction with them, and have circulated the market, inculcated with strong sense that some ineffable calamity would befall them, their firm, the market or, indeed, the entire industry should this sacred covenant ever be breached. Thus the “mandatory confidentiality term” has now become part of the folklore of the financial services markets. You ''have'' to have a term, and it can’t be longer than two years ''at the most''.


Now perhaps the [[JC]] is that long-prophesied seal of the forthcoming [[apocalypse]] (actually that might explain a few things, come to think of it) but personally he has never been able to understand what this term covenant could possible achieve? What, after a couple of years I can suddenly start blaring all your secrets from the minarets around town, without so much as a by-your-leave?
Now perhaps the [[JC]] is that long-prophesied seal of the forthcoming [[apocalypse]] (actually that might explain a few things, come to think of it) but personally he has never been able to understand what this term covenant could possible achieve? What, after a couple of years I can suddenly start blaring all your secrets from the minarets around town, without so much as a by-your-leave?


While the commercial value of much information ''does'' go stale over time (blueprints for a BetaMax, anyone?), this isn’t universally true — a client list is valuable however long you hold it — and the usual justification for the hard stop (“we just don't have the systems to indefinitely hold information subject to confidence and don't want indeterminate liability for breach”) is a canard — a palpably false one at that, for a regulated financial institution. Whatever information security systems you do have don’t suddenly stop working after three years. And as for [[indeterminate liability]] — well, [[no harm no foul]]: if the information really is stale then no loss follows from a breach, right? No loss, no damages.
While the commercial value of much information ''does'' go stale over time (blueprints for a BetaMax, anyone?), this isn’t universally true — a client list is valuable however long you hold it — and the usual justification for the hard stop (“we just don't have the systems to indefinitely hold information subject to confidence and don't want indeterminate liability for breach”) is a canard — a palpably false one at that, for a regulated financial institution. Whatever information security systems you do have don’t suddenly stop working after three years. And as for [[indeterminate liability]] — well, [[no harm no foul]]: if the information really is stale then no loss follows from a breach, right? No loss, no damages.

Revision as of 18:42, 10 March 2021

So must your confi have a term? Some insist on a hard stop, say two years, after which confidential information ceases to be confidential.

Many inhouse lawyers profess themselves immutably bound to such a term, by internal policy. They would sooner be broken upon a wheel than let this one go. This policy, they will intuit, dates from the days of the First Men, possibly was the result of a misunderstanding, but in any case has subsequently hardened, encrusted, calcified, petrified, and finally fossilised itself into a layer so deep in the firm’s organisational substrate that there are now no means to remove it. If anyone ever did really understand what the issue was that prompted it, they have long since moved on, or been moved on, and no-one remains who can recall, much less articulate the original reason for this policy, or why it is still needed now. Furthermore, in the thirty odd years since, generations of employees have left that firm (some voluntarily, many not) but have taking this deep personal conviction with them, and have circulated the market, inculcated with strong sense that some ineffable calamity would befall them, their firm, the market or, indeed, the entire industry should this sacred covenant ever be breached. Thus the “mandatory confidentiality term” has now become part of the folklore of the financial services markets. You have to have a term, and it can’t be longer than two years at the most.

Now perhaps the JC is that long-prophesied seal of the forthcoming apocalypse (actually that might explain a few things, come to think of it) but personally he has never been able to understand what this term covenant could possible achieve? What, after a couple of years I can suddenly start blaring all your secrets from the minarets around town, without so much as a by-your-leave?

While the commercial value of much information does go stale over time (blueprints for a BetaMax, anyone?), this isn’t universally true — a client list is valuable however long you hold it — and the usual justification for the hard stop (“we just don't have the systems to indefinitely hold information subject to confidence and don't want indeterminate liability for breach”) is a canard — a palpably false one at that, for a regulated financial institution. Whatever information security systems you do have don’t suddenly stop working after three years. And as for indeterminate liability — well, no harm no foul: if the information really is stale then no loss follows from a breach, right? No loss, no damages.