Breach of Confidence – Rebutting The Presumption of Unauthorised Use
July 13, 2020
In any action to establish breach of confidence, the landmark case of Coco v AN Clark (Engineers) Ltd  RPC 41 (the Coco Case) and cited with approval in the Malaysian Federal Court case of Dynacast (Melaka) Sdn Bhd & Ors v Vision Cast Sdn Bhd & Anor  3 MLJ 417 is instructive.
The Coco Case ruled that the 3 key elements for a successful claim based on breach of confidence are:
(a) The information must possess the quality of confidentiality; (b) The information must have been imparted in confidence; and (c) There must have been some unauthorised use of that information to the detriment of the owner of the information.
As a matter of practice, there are evidential difficulties in establishing element (c), primarily because the plaintiff may not have unhindered access to evidence establishing the same. Evidence is further complicated by advances in technologies, where it may difficult or impossible to trace ‘unauthorised uses’ masked by digital means. Recognising this difficulty, the recent Singapore case of I-Admin (Singapore) Pte Ltd and Ors v Hong Ying Ting & Ors  SGCA 32 highlights a very interesting development in this area of the law.
The plaintiff is a Singapore-incorporated company in the business of outsourcing services and systems software, specifically payroll administrative data processing services and human resource information systems (Payroll and HR Systems). The defendants consist of 2 former employees of the plaintiff company, and the company they had founded.
In February 2013, the plaintiff came across the defendants’ company website, which advertised similar Payroll and HR systems in several countries within the geographical scope of the plaintiff’s services. In other words, the defendants were in direct competition with their former employer.
Thereafter, the plaintiff obtained an Anton Pillar order against the defendants and hired forensic experts to conduct investigations. The plaintiff discovered that some of its proprietary information had been accessed and stored by the defendants, and subsequently deleted.
As a result of the investigations, the plaintiff sued the defendants and alleged:
(a) In the course of the defendants’ employment, the defendants accessed and downloaded the plaintiff’s copyrighted and confidential materials concerning its Payroll and HR Systems, including:
Databases and materials constituting the technical infrastructure of the systems
Business development and client-related materials
Operations materials including internal guidelines and policies
(b) Then, the defendants used these materials to develop the defendants’ company.
The plaintiff’s case against the defendants was premised on copyright infringement and breach of confidence.
The High Court had dismissed the plaintiff’s claim of copyright infringement and this was upheld in the Court of Appeal.
Meanwhile, for the action on beach of confidence claim, the High Court found that while the defendants owed the plaintiff obligations of confidence, there had been no unauthorised use of its information.
The High Court rejected the plaintiff’s argument that the mere copying of or access or its data is sufficient to prove unauthorised use. While there may have been an intention to make use of its materials, the plaintiff still had not shown the defendants used its confidential information to create its own materials.
However, the Court of Appeal reversed the High Court’s decision concerning breach of confidence. The Court of Appeal modified the Coco Case test as follows- Once the plaintiff succeeds in proving that the information in dispute is (a) confidential and (b) imparted in confidence (including acquiring and/or accessing the information), it is presumed that there is a breach of confidence. The burden then shifts to the defendant to show that its conscience was unaffected.
The Court found that the defendants had failed to show that their conscience were unaffected by the following facts:
The mass deletion of the plaintiff’s confidential information in the defendants’ possession meant that they knew they were not allowed to be in possession of the information without the plaintiff’s permission.
After leaving employment, the defendants retained log-in credentials and abused them to access and download the plaintiff’s confidential information.
On the totality of evidence, the defendants had done nothing to rebut the presumption that their conscience were negatively affected.
The Court of Appeal ruled that the plaintiff succeeded in its claims for breach of confidence and equitable damages were awarded subject to assessment by the High Court.
In Malaysia, whilst we still adopt the traditional approach of the Coco Case test, the recent development in Singapore may persuade our courts to apply the modified approach in certain circumstances. This is because the modified approach gave owners of proprietary information, especially trade secrets, the necessary leverage in establishing their case against unscrupulous ex-employees. Therefore, it made it more difficult for ex-employees to ride on the resources developed by their former employers in setting up a competing business. They are also forced to innovate and set their products or services apart from their former employers’, which would benefit consumers and the economy.
However, we must be mindful that while the modified approach protects owners of proprietary information, the approach must not be abused so as to restrict ex-employees from competition. It must be reminded that the information protected by the law of breach of confidence are ‘confidential’ and ‘proprietary’ in nature, and therefore, not all information under the sun in the employer’s name are protected. For example, employer’s information that are freely available in the public domain could not be said to be confidential in nature.
To avoid potential disputes, a suggested solution for employers is to include non-disclosure provisions in employment contracts that sets out the types of information that must not lose its confidentiality upon termination of the employment.
For former employees, it may be prudent to ensure that upon or before departure, they have relinquished all accesses to any confidential information of their former employers in all devices, including their personal devices. If it is necessary to retain certain information, please seek express permission from the former employer.