A lot of what companies think of as secret is no secret at all.
Vendors often have a totally unrealistic view of the secrecy and novelty of their own information, Knight says.
Software vendors often ask an organisation to sign a confidentiality agreement before discussing pricing or contract terms and conditions. The risk for the organisation is that such an agreement may limit the flow of information between it and its consultants or others engaged to help it negotiate better pricing and contract terms and conditions.
Knight says this issue looms particularly large in the IT industry, where request for tenders (RFTs) are likely to spell out an information-processing or business problem and request a solution. In such circumstances vendors frequently come up not just with confidential information about products and prices, but also confidential ideas which are solutions to problems.
Organisations confronted with this issue should make clear to vendors very early in the tendering or negotiating process that they might choose to share certain information coming out of that process with others.
"That might be very offensive to an IBM or a Unisys who will say: Â'No, we don't want you to tell the other vendors how we solved this problem.'," Knight says. "But it's a commercial issue. I'll tell you what [changes their minds] - and I act for suppliers as well as customers - is to ask them: Â'Do you want to tender or not?' Usually they want to tender, because it's not that secret."
In agreeing to your conditions the vendor may insist that information to be shared, if it must be shared, should only be disclosed to a specified, closed set of people. That's fine, Knight says.
In a recent decision, Maggbury Pty Ltd v Hafele Australia Pty Ltd, the High Court even found that a non-disclosure agreement can be a "restraint of trade", and hence void if unreasonable in scope, duration or geographical restriction, to the extent that it exceeds the protection afforded by the general law in respect of genuinely confidential information.
A secret is not a secret if it has ever been shared.
The holder of a secret need only have to have disclosed that information to a single other person without imposing an obligation of secrecy, to have forever compromised their claims for its confidentiality.
"It's got to be a real secret that nobody else knows, but if they've already tendered it to all and sundry all around the world, it's gone. And it only has to be gone once to be gone," Knight says.
Information can also lose its confidentiality if the person claiming the benefit of confidentiality has failed to diligently enforce that confidentiality, or even if an employee has carelessly, or maliciously, published the information. In the latter case the "owner" of the information may lose all rights in relation to the information, except against the employee.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.