Confidential information – control it or lose it

The rise of the Information Age means the world is awash with information. Rather than being a devastating flood, however, the ability to collect and commoditise information provides a golden opportunity for businesses. The consequence of this is businesses must be more aware than ever about how to protect information. One of the key weapons in this regard is a breach of confidence claim. One of the ingredients for such a claim is that the information in question must be confidential – but what makes information confidential?

It’s all about control

For information to be confidential, a party must have the right to control the information, and the information must be inaccessible to the public.[1] An example of information that will be confidential are secret formulae (such as for a branded drink). Once information is in the public domain, it can no longer be confidential. Information that has been constructed solely from materials in the public domain may, however, be confidential. This arises when something new has been brought into being by the application of skill and ingenuity, and this innovative information is inaccessible to the public.[2]

Importance of taking steps to control information

The importance of taking steps to control information that might otherwise become public can be seen in the following cases:

  1. Douglas v Hello! Ltd (No 3)[3] (Hello!), which involved photos from the wedding of Michael Douglas and Catherine Zeta-Jones
  2. the recent case of The Racing Partnership Ltd and others v Sports Information Services Ltd[4] (The Racing Partnership), which dealt with information from races that were watched live and broadcast live.

A photograph is worth a thousand words…or a million dollars

In Hello!, the issue was whether photos taken at the wedding of Michael Douglas and Catherine Zeta-Jones were confidential. The couple entered into an agreement with the publisher for it to have exclusive rights to publish photographs of their wedding, to be taken by selected photographers. The agreement provided that the couple would undertake to use their best efforts to ensure that no other media would be permitted access to the wedding and no guests or anyone else present would be permitted to take photographs (this was before the days of Instagram and Snapchat!). The couple took steps to abide by this agreement, including by hiring security and ensuring guests signed confidentiality agreements. A rogue paparazzi managed to infiltrate the wedding, however, and sold photographs to a rival publisher.

The couple and their publisher sued the rival publisher for, amongst other things, breach of confidence. The key issue was whether the photographs the rival publisher was seeking to publish constituted confidential information. The Court found that the key determining factor was the manner in which the couple had arranged their wedding. The Court held that the couple had created an environment such that they were in control of any photographs taken at the wedding. This meant that any photographs taken during the wedding were subject to an obligation of confidence.  

Speed matters – with both horses and information

The recent case of The Racing Partnership involved a complex set of facts, but for the purpose of this article, what matters is that The Racing Partnership Limited (Racing) entered into an agreement with Arena Leisure Limited (Arena) to collect live betting and horseracing data from racecourses owned by Arena. Racing and Arena claimed against Sports Information Service (SIS) claiming that SIS was unlawfully collecting and distributing information from Arena’s racecourses, thereby misusing Racing and/or Arena’s confidential information. A key issue in the case was whether the information SIS was collecting and distributing was confidential.

The information in question related to non-runners, withdrawals, the off (i.e. the time the horses started racing) and the results of the races (together, Race Day Information). The Race Day Information was of value to off-course bookmakers, as it enabled them to take bets right up to the start of the race, and pay out winnings as promptly and accurately as possible after the conclusion of the race. To be of value to the off-course bookmakers, the Race Day Information had to be provided as quickly as possible. The value of the Race Day Information was short-lived, however, as the races were essentially broadcast live (other than for a slight broadcasting delay), meaning the information only had value for a very short period of time.

Just like in Hello!, steps were taken by Arena to protect its interests in information it could control. This included imposing restrictions on the use to which those who attended races could make of the information they acquired. These restrictions were published on Arena’s website and detailed on signs at the entrances to the racecourses. The restrictions were also part of the standard terms and conditions of entry to the racecourses and incorporated in the contracts with those that entered the racecourses (for example, upon purchase of a ticket).

Showing just how complex this area of law can be, there was a split in the Court of Appeal regarding the extent of the confidential nature of the Race Day Information. It was common ground in the judgment, however, that the steps taken by Arena to control the Race Day Information (either individually or as a compilation) resulted in the information being confidential for a brief period of time, until it became public knowledge.

Conclusion

These cases show that the key feature of confidential information is the ability to control information. If a party can control information, and based on this control, makes information inaccessible to the public (even for a brief period of time), then the information will likely be regarded as confidential.

People/companies can take steps to ensure information remains confidential by:

  • ensuring information is inaccessible to the public. This can be as simple as securely storing information away from the public
  • ensuring information that is provided to third parties is covered by a confidentiality agreement
  • where information is created in an environment that a party controls (e.g. a wedding at a private venue or a private racecourse), ensuring steps are taken to control the information created. This may include making sure parties are subject to contractual arrangements that restrict the use of information they are exposed to.

Footnotes

[1] Saltman Engineering Co Ltd v Campbell Engineering Co Ltd (1948) 65 R.P.C. 203; The Racing Partnership Ltd and others v Sports Information Services Ltd [2020] EWCA Civ 1300 [67]

[2] Coco v A N Clark (Engineers) Ltd [1969] RPC 41, at 47.

[3] [2007] UKHL 21

[4] [2020] EWCA Civ 1300.