[Substantially revised 29 October 2018]
I’ve had occasion to revisit something I explored a while ago.
Here’s a relatively standard set of exceptions to the definition of Confidential Information, with my shorthand term for each exception noted in brackets:
- at the time of disclosure is, or thereafter becomes, generally available to and known by the public other than as a result of, directly or indirectly, any act or omission by the Recipient or any of its Representatives [Public];
- at the time of disclosure is, or thereafter becomes, available to the Recipient on a non-confidential basis from a third-party source, provided that such third party is not and was not prohibited from disclosing such Confidential Information to the Recipient by any contractual obligation [Disclosed by Another];
- was known by or in the possession of the Recipient, as established by documentary evidence, prior to being disclosed by or on behalf of the Disclosing Party pursuant to this Agreement [Already Known]; or
- was or is independently developed by the Recipient, as established by documentary evidence, without reference to or use of, in whole or in part, any of the Disclosing Party’s Confidential Information [Independently Developed].
Overlap in Coverage
My first question is how the Already Known exception relates to the Disclosed by Another exception. For the Public and Independently Developed exceptions to be other than redundant, the Already Know exception would have to exclude information that’s public or independently developed. That would seem to leave only information received from another. If that’s the case, it would be redundant to include both the Already Known and Disclosed by Another exceptions.
The Already Known exception applies only to information that’s in the possession of the recipient on receiving what would otherwise be confidential information. By contrast, the other exceptions focus on the type of information and apply both before and after the recipients receives the information in question. It would seem that the Already Known exception is an anomaly, and an ill-conceived one at that.
Information from New Employees?
It’s possible that the Already Known exception isn’t entirely subsumed by the Disclosed by Another exception. But the only suggestion I’ve heard to that effect is that the Already Known exception includes information known by a new employee. For several reasons, that’s no reason to preserve the Already Known exception:
First, if that scenario were to fall under the Already Known exception and that were the only difference between the Already Known exception and the Disclosed by Another exception, it would be clearer to scrap the Already Known exception in favor of one I’d call the New Employee exception.
Second, I propose that this scenario would fall under the Disclosed by Another exception. After all, if Ms. X quits Acme and subsequently sends Acme confidential information to Widgetco, this scenario would fall under the Disclosed by Another exception. It would be odd to require a different exception if Ms. X were to give the same information to Widgetco after having become an Widgetco employee.
Third, usually the Already Know exception isn’t expressed to as to limit it to disclosure that’s not in breach of a contract obligation. That’s odd.
And fourth, for the reason discussed above, the Already Known exception would cover only information received from a new employee before the recipient receives the related information from the disclosing party. That potentially disadvantages the recipient.
What I Do Instead
Given the problems described above, in my form of confidentiality agreement I have in effect eliminated the Already Know exception and bifurcated the Disclosed by Another exception:
- information that, when the Disclosing Party discloses it to the Recipient, is already in the possession of the Recipient or any of the Recipient’s Representatives as the result of disclosure by a Person not then under an obligation to the Disclosing Party to keep that information confidential;
- information that, after the Disclosing Party discloses it to the Recipient, is disclosed to the Recipient or any of the Recipient’s Representatives by a Person not then under an obligation to the Disclosing Party to keep that information confidential;
I could have combined the two, but I thought it best to have one exception to address the notion of information that is already known, simply because people would expect to see such an exception.
Why do I feel free to deviate from what seems to be the most prevalent way the exceptions are treated? Because the standard treatment appears not to make sense. The standard treatment could well be yet another defective product of the copy-and-paste machine: I’ve found no detailed discussion of interplay of the exceptions to the definition of Confidential Information. (If you know of any, do tell.)
And I didn’t dream up my version: you can find comparable examples without looking too hard. For example, the exceptions quoted in the following tweet by @amk351 largely track mine.
The same goes for the version in this comment on LinkedIn by Jim Brashear.
8 thoughts on “Exploring Two Exceptions to the Definition of Confidential Information”
1. Technically you’d be adding to the receiving party’s burden of proof by adopting the new “already known …” exception: The receiving party would have to show, not merely that the information in question had already been in the possession of the receiving party (the usual approach), but additionally that this came about “as the result of disclosure by a Person that was not then under an obligation to the Disclosing Party to keep that information confidential[.]” That might be a relatively-easy burden to carry, but it’d still be one more item on the proof checklist.
2. Ken’s additional proof burden would require the receiving party to prove a negative, as opposed to requiring the disclosing party to prove a third party’s breach of a previous confidentiality obligation.
3. Ken writes: “If the two exceptions cover the same thing, either one exception should be eliminated or they should have mutually exclusive timeframes.”
Orthogonality is nice, but it needn’t be a religious dogma. An NDA’s exclusions from confidentiality are purely pragmatic: Their only purpose is to serve as alternative proof checklists for showing that confidentiality obligations don’t apply to particular information.
It can be OK for proof checklists to overlap. That happens, for example, when a plaintiff tries to prove a breach of warranty and fraudulent misrepresentation: In each case, the plaintiff must show (i) that the defendant made a statement; (ii) that the statement wasn’t true; and (iii) that that the plaintiff suffered compensable damage as a result. In the case of a breach of warranty claim, that’s pretty much all that has to be shown, whereas more is required to prove fraudulent misrepresentation.
(To use a pictorial analogy: On the southern outskirts of Austin, where I happen to be at the moment, U.S. Highway 290 and Interstate 35 are separate freeways; they converge and coincide for several miles as they run through the downtown area; and then they diverge again as you get north of downtown. The same can be true for “proof paths” that we create by drafting contract provisions — we shouldn’t categorically despise overlap.)
I agree with DC on this, and would go on to say that your use of “then” in the first bullet is ambiguous in that it could refer to the time when the disclosing party discloses it to the receiving party or when the third party discloses it to the receiving party. Information can be not subject to specific nondisclosure requirements as to one person (usually a sin of omission) but not yet public and therefore may be protected by contractual obligations imposed on others.
I’d also argue, on the overlap point, that since the exceptions are usually, as in the standard clauses, hedged by temporal and procedural requirements. So, for example, information could be known to the recipient because they developed it themselves, but they don’t have documentary evidence that they developed it, only that at some point before the counterparty’s disclosure they knew it. Happens, for example, with lab notebooks: you might not be able to put your hands on the one that documents the discovery but there may be others that depend on it and from which you can see that the party already knew the info.
Incidentally, when I’m representing the disclosing party I usually add the word “contemporaneous” before “documents” or “documentary evidence” to make sure there’s no post-hoc fiddling.
I’ll ponder your point about “then”. Regarding your overlap point, I’m not sure how it relates to this post, as I don’t say anything about the “independently developed” exception.
I agree with Vance and D.C. Vance’s example of the proof problem for the “already known” exception that could apply to information that, long ago, was “independently developed” was exactly the one I was thinking of before reading his post.
It appears that your preference is driven by expediency; mine is driven by logic. I’d rather keep my logic and perhaps make whatever adjustments are compelled by expediency.
“. . . not then under an obligation to the Disclosing Party . . .” Conceivably the Disclosing Party could have shared the Confidential Information with a third party, which, as permitted by that separate NDA between Disclosing Party and third party, shared the Confidential Information with one of its representatives (perhaps a financing source). That financing source does not have a direct obligation to the Disclosing Party (it’s confidentiality obligation is to the disclosing third party). Wouldn’t you want to broaden your language above to preserve the confidentiality of Disclosing Party’s information that Recipient may have received from that financing source?
Along the lines Kevin raises, any insight into information subsequently obtained pursuant to a third-party NDA? (That is, “information that, after the Disclosing Party discloses it to the
Recipient, is disclosed to the Recipient or any of the Recipient’s
Representatives by a Person THEN UNDER an obligation to the
Disclosing Party to keep that information confidential.”) So, Recipient properly got the info from another party bound by confidentiality obligations, where Recipient qualified as a Representative for example. Is that disclosure properly excluded from coverage under the Recipient’s NDA, so long as it is bound by whatever terms govern the third-party discloser?
Hi Sam. I’m afraid I’m not in a position to dive back into this issue at the moment. But when I do, I’ll consider your comment!