The Court of Appeal has upheld the High Court’s decision that a director and minority shareholder was not personally liable for a breach of confidence because he did not know (nor suspect) that there was a duty of confidence (despite the company signing an NDA, and the director being involved in an initial meeting).
Facts of the case
In Kieran Corrigan & Co Ltd v Timor, the claimant developed a tax scheme proposal and wanted to meet with two tax advisers, who both worked at different companies within the same group company. A non-disclosure agreement (“NDA”) was signed between the claimant’s firm and the group company of both tax advisors.
Following the signing of the NDA, the claimant met with a director (and minority shareholder) of the group company. During these conversations, the claimant provided details of a tax saving scheme that he had developed and how it might work in practice.
The claimant later discovered that this scheme had been used by a separate company, for which the director was also a minority shareholder. The claimant’s firm went on to issue proceedings against the group company, the director and the two tax advisors.
At first instance, the High Court ruled that the group company and two tax advisors had misused the confidential information in developing the scheme for the director’s other business, but found that the director was not liable in his personal capacity because he was not aware of the detailed workings of the scheme nor that it derived from the claimant.
The claimant appealed the decision, but the Court of Appeal upheld it.
Breach of confidence
To decide whether there has been a breach of confidence, courts will usually apply the three-limb test established in Coco v Clark, which sets out three requirements that must be met:
- The information itself must have the necessary quality of confidence.
- The information must have been given in circumstances which involved an obligation of confidence (e.g. the presence of an NDA).
- There must be an unauthorised use of that information.
The findings of Kieran Corrigan & Co Ltd v Timol on first instance were that the director had not actually used the claimant’s confidential information when he approved the scheme and therefore did not meet the third limb of the test.
Namely, that (whilst the director had previously been exposed to this information) he did not know the technical workings of the scheme. He approved it on the basis of it making good commercial sense, and was not aware that it had been developed using the confidential information.
The claimant appealed stating that liability should be strict, i.e. once information (that has met the necessary quality of being confidential) is received by a person in confidence then authorisation to misuse that information should cause them to be liable.
The Court of Appeal rejected the claimant’s argument on the basis that the director could not be liable if he did not know (nor was there reasonable suspicion in his own mind) that the scheme used the claimant’s confidential information.
Although it seems odd to consider that an NDA has not purported an obligation of confidence on the director/shareholder of a company, this finding matches the general principle that the corporate veil should not be pierced unless there is impropriety (which will be a relief to directors, and a shame to claimants).
Subsequent evidence, however, has come to light regarding what the director may have known, so this matter is now set for a re-trial. The High Court will re-question the director’s liability with reference to the new evidence. If this shows that he knew that the scheme came from the confidential information, and still approved it, then he is likely to be found liable.
NDAs are commonplace for companies to use when there is a likelihood of confidential information being discussed. Accordingly, it is important to have a full understanding of the obligations involved as well as what might constitute a breach. This case emphasises: (i) the strength of the corporate veil; and (ii) the need to consider carefully the provisions you put in place to protect your information. For example:
- who do you need to be parties to the agreement – is it just the group company, or the subsidiaries underneath it, or perhaps even key individuals (although including individuals as a party to a business-to-business agreement should be reserved for exceptional circumstances);
- what restrictions you want to impose on that information, including how the other party(s) may distribute that information (both internally and externally);
- what is the process for ensuring (key) personnel are aware of the obligations of confidentiality;
- how are oral disclosures noted and protected as confidential information; etc.
If you have any questions as a result of this article, please contact: [email protected]
Article Contributor, Louise Tindall, Graduate Apprentice Solicitor