What is confidential information?
Confidential information is information disclosed by one party to another in any way that is designated as confidential. It can be communicated directly, indirectly, orally, in written form or by inspection of tangible objects like documents, prototypes, samples, production plants and equipment.
Reasons for confidential information
The success of a company is often reliant on a unique selling point (USP) to let it stand out amongst its competitors. Likewise, knowing how to recreate a competitor’s USP takes away their edge. Most businesses therefore classify any information as confidential that would enable a competitor to imitate a product or service.
This can be a set of secret ingredients in a soft drink, a piece of code in a program or the design schematics for an engine. One thing that almost all companies try to keep their competitors from finding out about is the list of their customers. Finding out who someone buys from that you are trying to sell to can be a big help in tailoring an offer to poach that customer.
Given the data-driven nature of today’s world, personal information can fall into the realm of confidentiality as well since it can be used for fraudulent purposes such as identity theft.
Basically, the definition of what is considered confidential information will vary from case to case. There are, however a number of criteria that can be applied to determine if something should be kept secret or not:
- Commercial value - does the information at hand play a role in generating profits for the company? If not, then it does not need to be hidden from the public.
- Public domain - if the information is already in the public domain, it can not be considered confidential.
- Reasonable protection - if a company does not take appropriate measures to hide the information, there is not much use in labelling it as confidential.
- Private disclosure - information can only be considered confidential after being communicated to others if it was shared in a confidential manner, that is to say: not in line at a coffee shop so that bystanders can hear it.
How to protect confidential information
As for the technical side of protecting confidential information, companies should, for example, look to store sensible data on secured drives, only grant access on a need-to-know basis and make sure to instruct employees to lock their screens and hide their notes when leaving their workplace, to name a few.
In situations when a company has to work with an external party it can become difficult to ensure that the contractor does not learn of any confidential information. For these situations, the hiring company will usually set up a non-disclosure agreement (NDA). While these agreements do not technically prevent the contractor from disclosing any trade secrets, they establish a number of penalties for doing so. Since these penalties are often very significant, they have a deterring effect.