Confidential information in Malaysia is a vital component of various industries, including finance, legal, technology, and healthcare. By definition, it comprises any data or knowledge that is not accessible to the general public. This includes trade secrets, financial data, personal information, and proprietary business strategies.
What is Confidential Information in Malaysia?
The definition of confidential information differs depending on the industry as well as the specific company. Having said that, there is no statutory definition for confidential information in Malaysia, presenting an advantage businesses can capitalise on.
Courts have judicially defined confidential information as any knowledge that is not publicly available or within the public’s knowledge. Once this information is made public, it is no longer afforded protection as confidential information.
Confidential information generally encompasses trade secrets such as:
- Manufacturing processes
- Secret formulas
- Ingredients and recipes
- Clients’ and suppliers’ lists and details
- Price list
- Trading policies
- Business strategy or plan
- Financial and business data
- Designs and drawings
Typically, the determining factor for confidential information is whether the disclosure of such information would cause harm to the company’s business and reputation and if the information bears the quality of confidentiality.
Confidential Information vs Trade Secrets
Well-known brands like KFC© and Coca-Cola© popularised the term “trade secrets.” The term refers to confidential information that encompasses manufacturing or industrial secrets. Both brands have safeguarded their trade secrets for decades, limiting access to their well-loved recipes to protect their market position.
Read More: Service Level Agreement in Malaysia
The Significance of Confidentiality
Confidentiality holds great significance for businesses, particularly small and medium-sized enterprises (SMEs), as it provides a competitive advantage in the market. This could result from specific information, such as a market-based pricing structure, an innovative business or marketing strategy, or a dependable customer list with repeat purchases and similar factors.
Keeping relevant information confidential is the next best move if a company’s competitive advantage cannot be safeguarded by means of a registrable right (such as a patent, copyright, or design).
Read More: Malaysia’s 7 Personal Data Protection Principles: What It Means To Your Business
Measures to Safeguard Confidential Information in Malaysia
Protecting confidential information requires a multi-faceted approach that includes legal, technical, and administrative measures. Examples include signing a non-disclosure agreement (NDA) and implementing strict security protocols like physical security measures, password protection, and selective access control. Moreover, meticulous employee training and document management are also essential.
For employee contracts, vendor agreements, joint ventures, and more, it’s highly recommended to draft and sign an NDA. This agreement should outline the parties’ respective obligations regarding the transfer of any confidential information. By signing an NDA, parties are required by their contractual obligations to keep confidential information private.
In regard to personal information, this type of information (any data that can identify an individual, such as name, address, and contact details) is protected by the Personal Data Protection Act (PDPA) 2010, which regulates the collection, use, and disclosure of personal data.
Read More: Amendments to Malaysia’s Personal Data Protection Act Explained
What Happens if There Is a Breach of Confidence?
Individuals with access to confidential information bear a duty of confidentiality. This means that they cannot disclose the information to third parties without the owner’s consent. The duty of confidentiality originates from the case of Coco v AN Clark (Engineers) Ltd [1969] RPC 41.
In this case, the court establishes three crucial elements for a breach of confidence, which are:
- that the information was of a confidential nature;
- that it was communicated in the circumstances importing an obligation of confidence; and
- that there was an unauthorised use of the information.
In the event of a breach of confidence, the owner may take legal action against the party responsible for misusing the information by claiming damages or seeking an injunction. However, damages may not be sufficient as it can be challenging to determine the loss incurred by the owner.
To sue for damages, the owner must provide evidence to show that the other party has utilised the confidential information to the owner’s disadvantage, such as injury to the business’s reputation or goodwill. Meanwhile, to receive a permanent injunction, the owner needs to correctly identify the confidential information and establish a real risk of future harm.
Keep Your Confidential Information Private
While one may be granted an injunction or damages by the court, it is important to note that once confidential information becomes public, it can no longer be considered confidential. Thus, it is best for the owner to limit the number of people who have access to the information and take effective measures to ensure its confidentiality.
Dedicated to helping businesses secure their intellectual property, our experienced corporate and commercial lawyers prepare corporate and commercial agreements to ensure the utmost confidentiality. Above all, we aim to provide reliable legal support by offering expertly crafted contracts that deliver enhanced protection for your private information.
