Skip to content
Join our Newsletter
Sponsored Content

Are NDAs necessary? Understanding the legal obligations of confidentiality in business

In the absence of a non-disclosure agreement, the law will impose a duty of confidence in appropriate circumstances
Even in the absence of a non-disclosure agreement, the law will impose a duty of confidence in appropriate circumstances.

"The construction industry is inherently risky, but the risks can be managed," says Norm Streu, associate counsel at Harper Grey LLP. "On a successful project, risks are allocated efficiently, and challenges are managed effectively."

As a leader in B.C.'s construction industry for nearly three decades, Streu has been engaged in many of the largest construction projects undertaken in Western Canada and has helped resolve many of the industry’s most complex disputes. 

"Sound legal advice plays an essential role in anticipating, allocating and managing risks," says Streu. “For example, understanding legal confidentiality requirements is essential to managing your risk.” 

A non-disclosure agreement (“NDA”) is often the starting point to any business discussion. 

It is common practice to protect yourself with an NDA before sharing information on an opportunity or giving another party access to your non-public information. A well-written NDA makes the obligations of confidentiality clear and establishes strong remedies for a breach.

But what happens when you aren’t under an NDA? Here, there is a common misperception. It is often assumed that if no NDA is in place, no legal obligations arise. The assumption is that since nothing has been signed, no legal obligations of confidentiality can exist.

This common perception is, however, incorrect. Even in the absence of an express agreement, the law will impose a duty of confidence in appropriate circumstances.

The duty of confidence is a principle of law that a party who receives information from another party in confidence cannot take advantage of it. It is a broad legal principle that if you are given information in confidence, you must not make use of it to the detriment of the person who gave it to you without obtaining their consent.

Most frequently, this duty has been applied to the use of confidential information to take a corporate opportunity. An example of this might be the sharing of information on an innovative new product. Where the confidential information is used improperly, the wronged company may seek an injunction against the party using the information to their advantage. The company may also require that the party give up any profits arising from the use of the confidential information or compensate the company for the loss of profits it would have obtained.   

There are three elements that must be present for there to be a breach of a duty of confidence:

1. The information must be confidential

There is a low threshold on the type of information capable of constituting “confidential information”. For example, it can include information that has been put together based on publicly available information by someone applying independent thought. In this case, what makes it confidential is the fact that someone dedicated effort and intelligence into assembling the information. 

In determining whether information is confidential, the law takes into account factors such as:

  • the extent to which the information is known outside the business; 
  • the extent to which it is known by employees and others involved in the business; 
  • the measures taken to guard the secrecy of the information; 
  • the value of the information to its holder and to its competitors; 
  • the effort or money expended in developing the information; 
  • the ease or difficulty with which the information can be properly acquired or duplicated by others; and
  • whether the holder and taker of the secret treat the information as a secret. 

Based on these factors, confidential information can include: 

  • specifications and designs of products,
  • internal workings of technology and products, 
  • licensing arrangements, 
  • sales or financial data, 
  • business or marketing plans, 
  • unpublished patent applications, 
  • software algorithms, and 
  • identity of suppliers, manufacturers, and customers. 

What is not included in this scope is the general skill, knowledge, and experience that an employee may gain during their employment with the company or information generally known within a particular industry. 

2. The information must be communicated in confidence

Not all circumstances where information is communicated will give rise to the obligation of confidence. Courts will consider industry practices to determine what a reasonable person would consider to be information being communicated in confidence. In other words, it is not necessary for the confider of the information to communicate that the information is confidential. 

Third parties that receive information that they should have known was obtained through a breach of confidence can also be held liable to the same extent as the person that directly received the information. 

3. The information must be used improperly

This refers to the improper use of the information to the detriment of the party communicating it. In the commercial context, one of the most common ways confidential information is used improperly is when the recipient uses the information as a “springboard” or “head start” to accelerate a design or product in competition with the company that shared the information. However, what constitutes misuse is broadly viewed and tends to capture any non-permitted use that causes a form of detriment to the confidant. 

The use of an NDA is an essential practice to ensure commercial confidentiality. However, if no NDA is signed, do not assume that you have a green light to use confidential information freely. Conversely, if no NDA is in place, don’t assume that if someone wrongfully uses your confidential information you do not have legal recourse.

For more legal expertise on matters such as the use of confidential information, visit