Confidentiality agreement: Difference between revisions

From The Jolly Contrarian
Jump to navigation Jump to search
No edit summary
No edit summary
Line 1: Line 1:
Also known, to those for whom the glass is half-empty, as a [[non-disclosure agreement]]. An agreement whereby you promise not to tell. If Robert Plant were writing one, he would write it like so:
Also known, to those for whom the glass is half-empty, as a [[non-disclosure agreement]]. An agreement whereby you promise not to tell. If Robert Plant were writing one, he would write it like so:


[[Confidentiality Agreement - Rock 'n' Roll Style]]  
[[Confidentiality Agreement - Rock ’n’ Roll Style]]  


===What's in a confi?===
===What’s in a [[confi]]?===
Confis can be “one way”, where one party discloses and the other receives, or “two way”, where both parties disclose sensitive information. A broker’s template will tend to be far more generous when it is receiving only, than when it is giving information up.
Confis can be “one way”, where one party discloses and the other receives, or “two way”, where both parties disclose sensitive information. A broker’s template will tend to be far more generous when it is receiving only, than when it is giving information up.


*'''Purpose''': ''Why'' are the parties sharing the information in the first place? Typically, you'll want to restrict use of the information to matters relevant to the project. Expect to see a definition of “purpose”, or something similar.
*'''Purpose''': ''Why'' are the parties sharing the information in the first place? Typically, you’ll want to restrict use of the information to matters relevant to the project. Expect to see a definition of “purpose”, or something similar.
*'''What information is in scope?''': Parties give each other all kinds of information. Not all of it is sensitive. Seeing as a confi imposes onerous obligations, you need to carefully define the “confidential information” that’s in scope.  If the information is personal information about individuals, there may be additional provisions concerning storage, processing and rights to access and correct that information.
*'''What information is in scope?''': Parties give each other all kinds of information. Not all of it is sensitive. Seeing as a confi imposes onerous obligations, you need to carefully define the “confidential information” that’s in scope.  If the information is personal information about individuals, there may be additional provisions concerning storage, processing and rights to access and correct that information.
*'''What information that otherwise would be in scope, is out of scope?''': Even within the definition of confidential information, you'll need to make exceptions:
*'''What information that otherwise would be in scope, is out of scope?''': Even within the definition of confidential information, you’ll need to make exceptions:
**Information the receiver already held at the time of disclosure
**Information the receiver already held at the time of disclosure
**Information the receiver receives separately from someone else
**Information the receiver receives separately from someone else
**Information the receiver develops independently of the disclosure  
**Information the receiver develops independently of the disclosure  
*'''What is the confidentiality restriction?''': Now you know what counts as confidential information, what can you do with it, and what’s not allowed.  You’ll often see:
*'''What is the confidentiality restriction?''': Now you know what counts as confidential information, what can you do with it, and what’s not allowed.  You’ll often see:
**Keep the information confidential. In a large organisation this may be to a small group of people in the organisation (for example, credit, legal or the onboarding team). There may be specific restrictions to prevent it getting to trading desks or front office personnel who may use the information to profit from it (this will usually be illegal: it's likely to constitute insider trading or market abuse, but no harm is specifying in the contract).
**Keep the information confidential. In a large organisation this may be to a small group of people in the organisation (for example, credit, legal or the onboarding team). There may be specific restrictions to prevent it getting to trading desks or front office personnel who may use the information to profit from it (this will usually be illegal: it’s likely to constitute insider trading or market abuse, but no harm is specifying in the contract).
**Only use it to carry out the “purpose” or “project”.
**Only use it to carry out the “purpose” or “project”.
**There will be some exceptions to these rules:  Disclosure to regulators; to professional advisers (lawyers and accountants and so on). There may be some tiresome details about only giving in formation that is reasonably necessary, and taking what steps are necessary to take legal action to prevent disclosures to regulators.
**There will be some exceptions to these rules:  Disclosure to regulators; to professional advisers (lawyers and accountants and so on). There may be some tiresome details about only giving in formation that is reasonably necessary, and taking what steps are necessary to take legal action to prevent disclosures to regulators.
 
*'''Return of information''': the disclosing party will want rights to get the information back at the end of the project. In this modern era of distributed network computing, the old entreaties to “return all copies of information” are faintly absurd - as if they’ve been kept in a manila folder in a filing cabinet somewhere, only inspected by chaperoned employees wearing white cotton gloves. Of course everything will have been transmitted electronically, will exist on servers all around the world, and the very action of attempting to return it will oblige it to be copied onto other servers. Some of these copies will be stored for years under document retention policies. So the real ask ought to be “to put beyond practical use” and have an exception for regulatory retention. There’s also a conceptual issue with information the receiving party has derived from the confidential information — this may include information which is confidential to the receiver, and should not have to be offered up to the discloser.


===Special AKA===
===Special AKA===

Revision as of 15:40, 26 September 2016

Also known, to those for whom the glass is half-empty, as a non-disclosure agreement. An agreement whereby you promise not to tell. If Robert Plant were writing one, he would write it like so:

Confidentiality Agreement - Rock ’n’ Roll Style

What’s in a confi?

Confis can be “one way”, where one party discloses and the other receives, or “two way”, where both parties disclose sensitive information. A broker’s template will tend to be far more generous when it is receiving only, than when it is giving information up.

  • Purpose: Why are the parties sharing the information in the first place? Typically, you’ll want to restrict use of the information to matters relevant to the project. Expect to see a definition of “purpose”, or something similar.
  • What information is in scope?: Parties give each other all kinds of information. Not all of it is sensitive. Seeing as a confi imposes onerous obligations, you need to carefully define the “confidential information” that’s in scope. If the information is personal information about individuals, there may be additional provisions concerning storage, processing and rights to access and correct that information.
  • What information that otherwise would be in scope, is out of scope?: Even within the definition of confidential information, you’ll need to make exceptions:
    • Information the receiver already held at the time of disclosure
    • Information the receiver receives separately from someone else
    • Information the receiver develops independently of the disclosure
  • What is the confidentiality restriction?: Now you know what counts as confidential information, what can you do with it, and what’s not allowed. You’ll often see:
    • Keep the information confidential. In a large organisation this may be to a small group of people in the organisation (for example, credit, legal or the onboarding team). There may be specific restrictions to prevent it getting to trading desks or front office personnel who may use the information to profit from it (this will usually be illegal: it’s likely to constitute insider trading or market abuse, but no harm is specifying in the contract).
    • Only use it to carry out the “purpose” or “project”.
    • There will be some exceptions to these rules: Disclosure to regulators; to professional advisers (lawyers and accountants and so on). There may be some tiresome details about only giving in formation that is reasonably necessary, and taking what steps are necessary to take legal action to prevent disclosures to regulators.
  • Return of information: the disclosing party will want rights to get the information back at the end of the project. In this modern era of distributed network computing, the old entreaties to “return all copies of information” are faintly absurd - as if they’ve been kept in a manila folder in a filing cabinet somewhere, only inspected by chaperoned employees wearing white cotton gloves. Of course everything will have been transmitted electronically, will exist on servers all around the world, and the very action of attempting to return it will oblige it to be copied onto other servers. Some of these copies will be stored for years under document retention policies. So the real ask ought to be “to put beyond practical use” and have an exception for regulatory retention. There’s also a conceptual issue with information the receiving party has derived from the confidential information — this may include information which is confidential to the receiver, and should not have to be offered up to the discloser.

Special AKA

The same as a:

See also