User:Aintnotimefodat/sandbox

Introduction
Breach of Confidentiality is derived from the law of confidential information, which covers both private and business secrets. It is a common law tort that protects private information that is conveyed in confidence. In order to determine that a breach has occurred, the information must be of a confidential nature and the recipient had disclosed the information without authorization, in circumstances whereupon information was imparted under an obligation of confidence. In order for information to be considered confidential, it must not be part of public knowledge and has to extend beyond the objective knowledge of employees. Furthermore, it is essential for such information to contain some commercial value and conduct must be shown by the plaintiff that he or she regarded the information as confidential.

Digital Age
The sophistication and proliferation of modern technology, and the ways in which employees are using that technology, give rise to a host of challenges for employers, including how best to protect confidential information (Burmeister & Tilse, 2012). The introduction of national and international computer networks and the increasing computer literacy of employees have spread the points at which computer information is accessible and scattered control of such access widely within an organization. Indubitably, computer networks are also vulnerable to unauthorized access from people external to the organization (Jackson, 2003).

Confidential Business Information
Confidential Business Information is regarded as a trading commodity that business organisations worldwide aim to protect. According to the 1986 report on Trade Secrets by the Alberta Institute of Law Research and Reform and a Federal Provincial Working Part, Confidential Business information is: “Some identifiable business or technical information which is kept private for the purpose of economic gain. The creator of that information expends resources (and often considerable resources) of one kind or another to gain a competitive edge in product or services over a competitor. If the nature of the information were publicly known, the competitive advantage would be lost.” The type of business information reflected spans across 4 categories- specific product secrets, technological secrets, strategic business information and specialized compilations of business information (Jackson, 2003).

Australian perspective
Information protection in Australia is governed primarily by the Privacy Act 1988 but also supplemented by other pieces of legislation.

Privacy Act 1988
This Act was passed by the Australian Parliament in 1988 and commenced in 1989. It gave effect to the agreement to implement the Organisation for Economic Cooperation and Development (OECD) guidelines on the Protection of Privacy and Transborder Flows of Personal Data. The Privacy Act 1988 regulates the handling of personal information about individuals where it:
 * Regulates the collection, storage, use, disclosure, security and disposal of individuals’ tax file numbers
 * Permits the handling of health information for health and medical research purposes in certain circumstances, where researchers are unable to seek individuals’ consent
 * Allows organizations to have and to enforce their own privacy codes.

It includes:
 * 11 Information Privacy Principles (IPP) applying to handling of personal information by most Australia, ACT and Norfolk Island public sector agencies
 * 10 National Privacy Principles (NPP) that apply to the handling of personal information by large businesses, all health service providers and some small businesses and non-government organizations
 * Credit reporting provisions that apply to the handling of credit reports and other credit worthiness information about individuals by credit reporting agencies, credit providers and some third parties.

Protective Security Policy Framework 2010
The Protective Security Framework (PSPF) provides the appropriate controls for the Australian Government to protect citizens, information and assets; at home and overseas. This framework protects personnel security, information security and physical security.
 * Personnel security: Providing a level of assurance as to the honesty, trustworthiness, maturity, tolerance and loyalty of individuals who access Government resources.
 * Information Security: Agencies are to develop, document, implement and review appropriate security measures to protect information from unauthorised use or accidental modification, loss or release by:
 * Establishing an appropriate information security culture within the agency
 * Implementing security measures that match the information’s value, classification and sensitivity, and
 * Adhering to all legal requirements.
 * Physical Security: Agencies are expected to create and maintain an appropriate physical security environment for the protection of these functions and associated resources.

Privacy Amendment Act 2012 (Enhancing Privacy Protection)
The Privacy Amendment Act introduces significant changes to the Privacy Act 1977. These changes will commence after March 2014. The Privacy Amendment Act includes new privacy principles which regulate the handling of personal information by both Australian government agencies and businesses. These new principles are called the Australian Privacy Principles (APPs) which will replace the existing Information Privacy Principles (IPPs) that currently apply to Australian government agencies and the National Privacy Principles (NPPs) that currently apply to businesses.

The aforementioned amendments include:
 * 13 new APPs
 * APP 7 on the use and disclosure of personal information for direct marketing
 * APP 8 on cross-border disclosure of personal information

Legal Protection of Confidential Information
The Breach of confidence action is designed to protect the relationship of confidence between the confider and the confidee, rather than to protect the actual information itself. It allows one party who had parted information in confidence to another to obtain relief if the party without authority either uses the information or imparts it to a third party. It also exists outside any contractual relationships, which may impose an obligation of confidence with expressly or by implication[1] (Jackson 2003).

Remedies
The key remedy sought to prevent unauthorized use of confidential information is an injunction, which can be either interlocutory or final. The purpose of an interlocutory injunction is to preserve the subject matter of a dispute and to maintain the status-quo pending the determination of the rights of the parties[2]. Applicants must demonstrate that there is a serious question to be tried and that the balance of the convenience favours the granting of an injunction (Jacobs, 2005).