India: Protecting Trade Secrets & Confidential Data – A Growing Legal Battle

INTRODUCTION

As the relationship between employers and employees is becoming more and more complex, so is the nature of disputes between them. Amongst others, one such issue resulting into disputes relates to the issues concerning protection of employer's trade secrets and confidential information accessed or in possession of their employees. The recent lawsuit filed by Waymo against its competitor Uber in the United States in relation to theft of trade secrets demonstrates that such issues are being witnessed globally.

In the given circumstances, it is often witnessed that employee's appointment is subjected to execution of negative covenants (in the employment agreement) or a non-disclosure agreement. The purpose behind imposing such obligations (upon employees) is generally not meant to dissuade the competition but to protect such confidential information from being leaked to any third party or competitor, as it may be directly linked with the survival of the employer in the market and may also involve economic interest of the employer in gaining economic advantage over its competitors.

This article makes an attempt to examine the legislative framework and legal position concerning or relating to enforcement of non-disclosure obligations imposed upon employees in India.

GLOBAL OVERVIEW

Globalization playing a major role towards increased incidents of trade secret theft has developed a growing and persistent need to protect the confidential information of the corporates around the world, thereby inspiring the developed countries to develop certain laws to protect the trade secrets of these corporates. As a result, United States of America ("USA") brought into force, Uniform Trade Secret Act, 1979, Economic Espionage Act, 1996 and the Defend Trade Secret Act, 2016 to protect the trade secrets. The European Union ("EU") adopted a Directive on the Protection of Trade Secrets ("DPTS") on June 8, 2016 requiring EU countries to bring into force the laws and administrative provisions necessary to comply with the DPTS by June 9, 2018.

With respect to United Kingdom ("UK"), where trade secrets is deemed as a part of law of equity, judicial pronouncements have played a significant role in formulating the guidelines in this regard. The chancery division court in the matter of Coco v. A.N. Clark (Engineers) Ltd., has observed that three elements are normally required if, apart from contract, a case of breach of confidence is to succeed. First, the information itself, must have the necessary quality of confidence about it, secondly, that information must have been imparted in circumstances importing an obligation of confidence and thirdly, there must be an unauthorized use of that information to the detriment of the party communicating it.

INDIAN PERSPECTIVE

Unlike USA and EU, India does not have a separate legislation dedicated to protection of trade secrets and confidential information. Rather the Indian system is based on the common law practice and like UK, the legal position concerning non-disclosure of trade secrets in India have been substantially based upon the guidelines issued by the courts from time to time. However, in addition to the said judicial pronouncements, the following legislations constitute the statutory framework in India upon which an employer may rely to protect their data, trade secret and confidential information.

Information Technology Act, 2000 ("IT Act")

Section 43 of the IT Act creates liability on every person, who without permission of the owner/ incharge of a computer, accesses or secures access to such computer and downloads, copies or extracts any data or information from such computer or helps any third party in gaining access to such computer. Further, if such act is committed with a dishonest intention, the person so concerned may have to face imprisonment or fine or both.

Section 65 of the IT Act provides for punishment in cases of tampering with the computer source documents. Moreover, Section 66 of the IT Act provides for the remedy in relation to offences of hacking. In addition to this, Section 72 of the IT Act outlines the penalty in case of breach of confidentiality.

Indian Penal Code, 1860 ("IPC") Any data which is in tangible movable form for e.g. in a CD or a floppy and is moved with a dishonest intention out of the possession of its lawful possessor (without the consent of the lawful possessor) attracts the provisions of theft under Section 378 of IPC. However, scope of the said statutory provision has not been extended to cover a case of data theft, where the said data is an intangible property. Therefore, with respect to such data theft (where data is an intangible property), reliance may be placed on Section 405 of the IPC which deals with criminal breach of trust.

Indian Copyright Act, 1957 ("Copyright Act")

Section 2 (o) of the Copyright Act protects the database which comes under the purview of the definition of the term literary work. In Burlington Home Shopping Private Limited v. Rajnish Chibber, the Delhi High Court while restricting an ex-employee from using the client list in a database exclusively owned by the employer held that the compilation of addresses developed by anyone by devoting time, money, labour and skill amounts to a literary work wherein the author has a copyright. In view of the said provision and the observation made by the Court, it may be summed up that such database of employers qualifying as 'literary work' are offered protection under the Copyright Act.

ENFORCEABILITY OF NON-DISCLOSURE CONTRACTS

Whether construed as restraint of trade?

An agreement which restraints a person during the post-employment period is generally considered to be unreasonable restraint of trade and are struck down as per Section 27 of the Indian Contract Act, 1872 ("ICA"). While dealing with disputes relating to enforceability of restrictive covenants in the post termination period of the employment, the Indian courts have walked an extra mile to ensure that such clause do not have an effect on the livelihood of the employees and have held that generally they would fall within the mischief of section 27 of the ICA. However, the restrictions to the extent of 'non-disclosure' may be viewed as an exception to this rule. Though non-disclosure clause may be prima facie viewed as negative in nature, they are valid and enforceable by law. The Delhi High Court in Wipro Limited v. Beckman Coulter International S.A. held that a non-solicitation clause does not amount to a restraint of trade, business or profession and would not be hit by Section 27 of the ICA as being void. Similarly, in Mr. Diljeet Titus, Advocate v. Mr. Alfred A. Adebare and Ors., the Delhi High Court clarified that confidential information of the employer can be protected even in the post employment period.

Are all non-disclosure contracts / covenants enforceable?

Most of the employers today are witnessed to incorporate a very broad and voluminous definition of the term 'confidential information' in the contracts executed with their employees. However, doing so without taking into consideration the qualifications (as laid down by courts) whereby an information may qualify as confidential in nature, may not serve the purpose of such contracts / covenants. In view of the aforesaid, it is advisable for employers to ensure that the said covenants are drafted and executed in accordance with the following principles.

• In Lansing Linde Ltd v. Kerr, while determining what constitutes trade secrets and confidential information, the court held that a trade secret is information which, if disclosed to a competitor, would be liable to cause real or significant harm to the owner of the secret. It must be information used in a trade or business, and secondly, the owner must limit the dissemination of it or at least not encourage or permit widespread publication. It (trade secrets) can thus include not only secret formulae for the manufacture of products but also, in an appropriate case, the names of customers and the goods which they buy.
• In Faccenda Chicken Ltd v. Fowler, the court indicated that employee's contractual obligation to maintain confidentiality may only survive termination of his employment and be enforceable if such obligation does not amount to restrain of trade.
• In Sandhya Organic Chemicals Pvt. Ltd. v. United Phosphorous Ltd., the court while dealing with the period of confidentiality restriction imposed upon the employee held that an employee can not be restrained for all times to come to use his knowledge and experience which he gained during the course of his employment. Thus, the period of restriction as imposed upon the employee must be reasonable.
• It was held in the case of American Express Bank Limited v. Ms. Priya Puri, that routine day-to-day affairs of employer which are in the knowledge of many and are commonly known to others cannot be called trade secrets. A trade secret can be a formula, technical know-how or a peculiar mode or method of business adopted by an employer which is unknown to others.
• In the matter of Stellar Information Technology Private Limited v. Rakesh Kumar and Others, Delhi High Court has relied on the contention of the plaintiff while defining the confidential information. In this case, confidential information was broadly defined as information which has or could have commercial value or other utility in the business in which the company is engaged or contemplates engaging, and all information of which the unauthorized disclosure could be detrimental to the interests of the company, whether or not such information is identified as confidential information by the company. But the court made it clear that any information which is available in public domain will not qualify to be treated as a confidential information.
• In the matter of Krishan Murgai v. Superintendence Company of India (P) Limited, Delhi High Court relied upon other the judgment wherein it was observed that an employer in order to establish that he has an interest in protecting his trade secrets, must plead and show that such secrets include secret formulae or processes, or lists of information or know-how of the kind which could be regarded as a proprietary interest of the employer as imparted to the employee.

MECHANISMS TO SAFEGUARD

Confidential information / trade secrets are such critical business assets that every employer seeks to protect at any cost as it is directly connected with the survival of the employer in the business world. Keeping in mind the technological advancements, legislative framework and other similar factors, following safety measures may be adopted by employers to safeguard their confidential information.

• Contractual Obligations: In the absence of a dedicated statute in India offering such protection, it is very critical for the employers that the contractual obligation imposed upon the employees is enforceable and capable of restricting the employees from misusing the confidential data. However, the same may not be achieved if such provisions are drafted without taking into consideration the aforesaid principles laid down by the courts. Therefore, effective drafting of such provisions may said to be the key mechanism to safeguard employer's trade secrets.
• Marking Confidential Information: It is often witnessed that the employers do not mark trade secrets as 'confidential', which allows an employee to take a plea that he was not aware of the fact that such information is confidential. Therefore, it is advisable that all such trade secrets are marked as 'confidential information' as and when shared with the employees.
• Monitoring of Computer Access: In this technology driven era, where transfer of information has become an easy task, it is always beneficial for an employer to monitor the computer access of its employees from time to time. Further, checks and balances may be established using technology (electronic securities) in a manner that it may not be possible for the employees to share such data with any third party. Moreover, the access to the confidential information should provided on a need to know basis.
• Creation of Data Room: Communication through emails carries the risk of confidential files being transferred to third parties, therefore a secure workspace to share files may be helpful. Storage of such information at one place and allowing limited access to employees may restrict transfer of such data to unwanted parties.
• Security Policies: In order to avoid theft or misuse of confidential information, the employers should enforce and implement such security policies restricting any unauthorized usage of employer's data, thereby acting as a deterrent for all employees.
• Reminding Maintenance of Confidentiality: At the time of exit interview, the employee shall be reminded of his future obligation to maintain confidentiality to any third party including the future employers and the liability in case of breach of such obligation. In addition thereto, it is advisable to execute paper works (like termination letter / acceptance of resignation letter) with the employee incorporating the post termination confidentiality obligations of the employees, along with undertaking that the respective employee has not kept in his possession any confidential information belonging to the employer.
• Notifying the New Employer: In cases where the employer is aware of the fact that a departing employee is going to join a competitor, it may be advisable for the employer to issue a letter to such competing entity, outlining the contractual obligation imposed upon the departing employee with respect to the confidential information of the employer.

CONCLUSION

Despite being a signatory to the Agreement on Trade-Related Aspects of Intellectual Property Rights (TRIPS), India has no dedicated legislation dealing with the trade secrets / confidential information. Though, the release of draft 'National Innovation Act of 2008' looked like a step forward in this direction, however the same has not been enforced. In the absence of a specific statute governing such issues, it is a must for employers to adopt a very careful approach while drafting the confidentiality clauses and ensure that the same is capable of being enforced as and when needed. Further, other practical means (as detailed above) should be adopted at various stages to ensure that such trade secrets do not travel outside the domain of the employer.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.