Template:Confi obligation: Difference between revisions

From The Jolly Contrarian
Jump to navigation Jump to search
No edit summary
Line 1: Line 1:
====What is the confidentiality obligation?====
====What is the confidentiality obligation?====
Now you know what counts as {{confiprov|confidential information}}, what can you do with it and what’s not allowed?   
Having defined what counts as [[confidential information]], the question arises what can you do with it and what’s not allowed?   


You’ll often see:
In order of stating the bleeding obvious:
*'''Keep the information confidential'''. Don’t disclose it except to a limited group of people — and you may be required to ensure that these people only receive the information subject to an equivalent duty of confidentiality:  
 
**'''Inside the organisation''': In a large organisation this may be to a small group of people in the organisation (for example, credit, legal or the on-boarding team). There may be specific restrictions to prevent it getting to trading desks or front office personnel who may use the information to profit from it (this will usually be illegal: it’s likely to constitute insider trading or market abuse, but no harm is specifying in the contract).
=====Keep the confidential information confidential=====
**'''Outside the organisation''': you may be allowed to share it with your professional advisers, and to regulators and quasi regulatory authorities (stock exchanges etc) where required by law (or you reasonably consider it expedient).  There may be some tiresome details about only giving in formation that is reasonably necessary, and taking what steps are necessary to take legal action to prevent disclosures to regulators. One classic common error is to classify information that must be disclosed to courts or regulators as no longer confidential. This is wrong: It is still, in you hands, confidential. Obviously you cannot be blamed for miscreants in the public regulatory system who then misuse it, but you must still keep to your own word.
Don’t disclose it except to the defined group of people set out in the agreement — and you may be required to ensure that these people only receive the information subject to an equivalent duty of confidentiality: <br>
*'''Only use it to carry out the “{{confiprov|purpose}}” or “{{confiprov|project}}”''': This is somewhat hard to enforce — it’s nebulous, right? — and in practice you’ll never know what goes on behind closed doors, but in the English law-speaking world this is pretty uncontroversial precisely because it isn’t practically actionable. But our North American cousins — and those on the private side of the investment banking wall — can get very worked up over it.  
 
*'''Not make unnecessary copies''': Not the sort of thing to argue about, but not necessary either: you can xerox the information a thousand times, if that floats your boat, and that won’t cause me any more damage than had you only xeroxed it once — ''unless you then give it to someone you shouldn’t''. It is not the act of copying it that causes the loss, but your subsequent carelessness with the copies. But, still, would you strike that out of a draft? No.
''Inside the organisation'': In a large organisation you may be restricted to a small group of people in the organisation, and they may be behind [[information barrier|information barriers]] (for example, credit, legal or the on-boarding team). There may be specific restrictions on passing the information to trading desks and front office personnel who could profit from it (this may be illegal: it could be [[insider trading]] or [[market abuse]]), to rip a good idea off, end-run around the client to do the same deal with someone else or nefariously use it to curry favour with other clients. <br>
 
''Outside the organisation'': you may be allowed to share it with professional advisers, regulators and quasi-regulatory authorities (stock exchanges etc) where required by law (or you reasonably consider it expedient).  There may be some tiresome details about only giving what is reasonably necessary, and helping to prevent, challenge or minimise disclosures to regulators.  
Be aware of the [[What is Confidential Information? - OneNDA Provision#Information disclosed to a regulator is still confidential information|schoolboy error of reclassifying information that must be disclosed to regulators as “no longer confidential”]]. This is wrong: It is still, in you hands, confidential. Obviously you cannot be blamed for miscreants in the public regulatory system who then misuse it, but you must still keep to your own word.
=====Only use it to carry out the “purpose” or “project”=====
This is somewhat hard to enforce — it’s nebulous, right? — and in practice, you’ll never know what goes on behind closed doors, but in the English law-speaking world this is pretty uncontroversial precisely because it isn’t practically actionable. But our North American cousins — and those on the private side of the investment banking wall — can get very worked up over it.  
=====Not make unnecessary copies=====
Not the sort of thing to argue about, but not necessary either: you can xerox the information a thousand times if that floats your boat, and that won’t cause me any more damage than had you only xeroxed it once — ''unless you then give it to someone you shouldn’t''. It is not the act of copying it that causes the loss, but your subsequent carelessness with the copies. But, still, would you strike that out of a draft? No.

Revision as of 15:26, 30 May 2024

What is the confidentiality obligation?

Having defined what counts as confidential information, the question arises what can you do with it and what’s not allowed?

In order of stating the bleeding obvious:

Keep the confidential information confidential

Don’t disclose it except to the defined group of people set out in the agreement — and you may be required to ensure that these people only receive the information subject to an equivalent duty of confidentiality:

Inside the organisation: In a large organisation you may be restricted to a small group of people in the organisation, and they may be behind information barriers (for example, credit, legal or the on-boarding team). There may be specific restrictions on passing the information to trading desks and front office personnel who could profit from it (this may be illegal: it could be insider trading or market abuse), to rip a good idea off, end-run around the client to do the same deal with someone else or nefariously use it to curry favour with other clients.

Outside the organisation: you may be allowed to share it with professional advisers, regulators and quasi-regulatory authorities (stock exchanges etc) where required by law (or you reasonably consider it expedient). There may be some tiresome details about only giving what is reasonably necessary, and helping to prevent, challenge or minimise disclosures to regulators. Be aware of the schoolboy error of reclassifying information that must be disclosed to regulators as “no longer confidential”. This is wrong: It is still, in you hands, confidential. Obviously you cannot be blamed for miscreants in the public regulatory system who then misuse it, but you must still keep to your own word.

Only use it to carry out the “purpose” or “project”

This is somewhat hard to enforce — it’s nebulous, right? — and in practice, you’ll never know what goes on behind closed doors, but in the English law-speaking world this is pretty uncontroversial precisely because it isn’t practically actionable. But our North American cousins — and those on the private side of the investment banking wall — can get very worked up over it.

Not make unnecessary copies

Not the sort of thing to argue about, but not necessary either: you can xerox the information a thousand times if that floats your boat, and that won’t cause me any more damage than had you only xeroxed it once — unless you then give it to someone you shouldn’t. It is not the act of copying it that causes the loss, but your subsequent carelessness with the copies. But, still, would you strike that out of a draft? No.