Search

Protecting your business’s confidential information through confidentiality agreements (Part 1)

Updated: Jul 1



It is difficult to envision a business with no confidential information. For most businesses its confidential information is an asset. Therefore, as you found and grow your business, it is important to strategically plan for the protection of your business’s confidential information. And as your business grows, you will share and exchange confidential information with a variety of players such as your customers, suppliers, employees, service providers and others in the ordinary course of conducting your business. The most common method of protecting the confidentiality of such information is through contractual confidentiality obligations, and these obligations can be documented either in a stand -alone document or as a provision in a contract that covers other parts of a transaction. Having contractual obligations in writing not only enhances the protection of your business’s confidential information, but also helps avoid any confusion over what parties consider confidential, clarifies expectation regarding protection of confidential information, and makes it easier to enforce these obligations. However, the form of confidentiality agreement will slightly vary depending on the parties to the agreement (whether employees, service providers, vendors, or others) and the purpose of the disclosure. In Part 1 of this two-part series on confidentiality agreements, we briefly discuss some of the “dos” and “don’ts” regarding substantive provisions typically included in a confidentiality agreement with employees of a California business.

  • Parties to the Agreement: The preamble should identity the employer and employee who are parties to the agreement. In defining employer, DO consider including subsidiaries and affiliates if, under the structure of your business, these will be third-party beneficiaries—there is no downside to being over-inclusive.

  • Defining Confidential Information: This is the core provision of the agreement. Although typical practice is to include a laundry list of information as confidential and provide that the list is not exhaustive, we DO recommend tailoring this list to meet your legitimate business needs and ensuring the list is not over-broad. A court is more likely to enforce an agreement with a reasonable definition of confidential information. This also reduces the likelihood, that the agreement, because of its overly broad confidentiality obligations, constitutes an unlawful non-competition covenant under Section 16600 of the California business and Professions Code. While drafting the definition of confidential information, DO consider what information of your business makes the business distinctive and gives it an advantage over other similar businesses, and which if disclosed will harm its interests and growth.

  • Scope of disclosure and use restrictions: In drafting the disclosure and use restrictions, DO identify the information the employee can use or disclose in the ordinary course of performing his or her duties and to whom, and also the categories of confidential information that will require prior authorization before use or disclosure. A well-drafted employee confidentiality agreement will also have a provision that describes “permitted disclosures” which typically includes disclosures mandated by or made under applicable laws, regulations, or a valid order of a court of competent jurisdiction or an authorized government agency. Particularly, since May, 2016, the Defend Trade Secrets Act (“DTSA”) provides whistleblower protection from civil and criminal liability under the DTSA for employees who disclose a trade secret if the trade secret disclosure is made either: (1) In confidence and solely to report or investigate a suspected violation of the law to a federal, state, or local government official, or to an attorney; or (2) In a complaint or other document filed under seal in a lawsuit or other proceeding. Also, its typical to include an exception for protected under the National Labor Relations Act. DONOT include blanket restrictions on disclosures because such over-broad provisions will not be enforceable.

  • Proprietary rights: Employee confidentiality agreements typically include a provision regarding employer’s ownership of all work-product created by the employee during the period of employment and related to the employer’s business, including an assignment of those work-product consisting of copyrightable subject matter as “work made for hire” for employers. DONOT include an overbroad provision that requires employees to assign work product created during the period employee worked for your business but are unrelated to employer’s business and were developed by employee with their own equipment, on their own time, and not using employer resources – such a provision will be unenforceable under California Labor Code Section 2870. Also, DONOT try to expand the definition of work product to cover product developed after termination of employment unless the duration of such a clause is limited to a reasonable time after termination of employment and includes only those invention that relates to employer’s proprietary information— again, an overboard provision in this regard will be unenforceable under Section 16600 of the California Business and Professions Code.

  • Return of confidential information and employer’s properties: In addition to restrictions on use and disclosure and requirement of reasonable care to protect confidentiality during employment, employee confidentiality agreements should also provide for return or destruction of any confidential information in employees possession and return of all company property, upon termination (and require departing employees to certify such return and/or destruction) to demonstrate employer’s exercise of due care to prevent any unauthorized access or loss of confidential information after termination. While drafting this provision DO consider whether having both or only one of these options (i.e. return or destruction) makes most sense for your business from a logistical and information security standpoint.

  • Duration of obligations: Typically, an employee's obligation to not disclose confidential information persists as long as the information remains confidential, proprietary, or trade secret in nature, and does not expire after a certain amount of time.

  • Remedies: Besides creating confidentiality obligations through the written agreement, DO include a “remedies” provision that provides employer with the right to obtain an injunction or other equitable relief against employee’s breach or threatened breach of the confidentiality provisions of the agreement, with an acknowledgement from the employee that monetary damages will be inadequate to protect the value of employer’s confidential information.


A well drafted confidentiality agreement with employees can go a long way in protecting your business’s confidential information. However, as we tell our clients often, to ensure protection of your business’s confidential information, it is not sufficient merely to have in place effective confidentiality agreements with employees; DO develop and implement comprehensive policies procedures, and technical measures for protection of your business’s confidential information in consultation and coordination with your legal department, senior executives and staff and information technology experts, and apply them across your Company consistently.

17 views0 comments