Latest Thinking

Confidentiality Provisions Under Heightened Government Scrutiny

Employers use a number of workplace documents containing provisions requiring employees to maintain the confidentiality of specified company information.  These documents may take the form of employment or separation agreements, handbooks, codes of conduct, or policies governing internal investigations or settlement of disputes.  In recent years, several governmental agencies have scrutinized such confidentiality provisions in a variety of contexts, finding that even standard confidentiality requirements may trespass on employees’ rights to disclose information to the government or to other employees. 

For instance, the National Labor Relations Board (NLRB) has invalidated a number of confidentiality provisions for infringing on employees’ rights to discuss wages with co-workers under Section 7 of the National Labor Relations Act (NLRA), even where such confidentiality provisions make no specific mention of wages.  In addition, with the enactment of Defend Trade Secrets Act (DTSA) in May of this year, employers now must provide notice of the statute’s immunity and anti-retaliation provisions in contracts governing the use of trade secrets or other confidential information. In this article, we examine key developments impacting confidentiality provisions in workplace agreements and policies, and provide recommendations for employers in drafting such provisions in order to reduce the risk of challenges to their enforceability. 

Reporting Misconduct to Government

Both the Equal Employment Opportunity Commission (EEOC) and Securities Exchange Commission (SEC) have scrutinized confidentiality provisions in recent years, reasoning that such provisions may discourage or prohibit employees from reporting suspected misconduct to the government.  For instance, in EEOC v. CVS Pharmacy, Inc., No. 14-cv-863 (N.D. Ill. 2014), the EEOC challenged the confidentiality provision in CVS’s separation agreement as unlawfully limiting communications with the EEOC in violation of Title VII.  One provision in that separation agreement defined confidential information to include “wages and benefit structures,” “duties of [CVS] employees,” “information pertaining to . . . charges,” “information that could affect [CVS’s] business,” and “personnel [information],” which the EEOC argued were “categories so broad that they cover essentially all information that could ever be relevant to an EEOC investigation.”  EEOC Opposition at 14, CVS Pharmacy, Inc., No. 14-cv-863.  Additionally, CVS conditioned the disclosure of confidential information on CVS’s prior written authorization to share such information, which the EEOC found contrary to the right to “assist or participate[ ] in any manner in an EEOC investigation.”  Id. at 15. 

While CVS’s separation agreement did contain a sentence under the paragraph “No Pending Actions; Covenant Not to Sue” stating that nothing in that paragraph was to interfere with the employee’s right to participate or cooperate in a governmental proceeding or investigation to enforce discrimination laws, the EEOC found this carve out insufficient to counteract the “broad and ambiguous” language elsewhere that would “deter reasonable employees from fully exercising Title VII rights.”  Id. at 15-16.

Courts have not evaluated the EEOC’s arguments on the merits, as both the district and circuit courts dismissed the EEOC’s claims due to its failure to conciliate.  See EEOC v. CVS Pharmacy, Inc., 809 F.3d 335 (7th Cir. 2015).  Nevertheless, to avoid litigation, employers may wish to consider including carve outs in confidentiality provisions that expressly permit employees to disclose confidential information to governmental agencies, as well as removing requirements to obtain employer authorization prior to such disclosure.

The SEC also has assumed an aggressive enforcement posture with respect to confidentiality provisions.  Last year, it launched its first enforcement action against an employer for violating Rule 21F-17 of Dodd-Frank. See In re KBR, Inc., Exchange Act Release No. 74619 (Apr. 1, 2015).  Rule 21F-17 states, in relevant part, that “[n]o person may take any action to impede an individual from communicating directly with the [SEC] about a possible securities law violation, including enforcing, or threatening to enforce, a confidentiality agreement . . . with respect to such communications.”  In its enforcement action, the SEC targeted confidentiality agreements that KBR used during internal investigations.  Because the confidentiality agreements required witnesses to provide notice to and obtain pre-approval from KBR before discussing information from the investigation with outside parties, and further stated that violation of the agreement could result in discipline up to and including termination of employment, the SEC found that these requirements potentially discouraged employees from reporting securities violations to the SEC.

The SEC’s basis for finding a Rule 21F-17 violation has not been tested in court, as KBR settled the action.  Yet, multiple courts have acknowledged, at least in the False Claims Act (FCA) setting, that public policy interest in reporting wrongdoing to the government allows employees to provide confidential information to the government in breach of their confidentiality agreements.  See, e.g., United States ex. Rel. Cieszyski v. LifeWatch Services Inc., No. 13-cv-4052 (N.D. Ill. May 13, 2016).

Neither the EEOC nor SEC appears to be challenging the validity of confidentiality provisions that seek to protect proprietary business information such as financial data or customer lists that are unrelated to any suspected misconduct.  Nor did the SEC question the employer’s ability to protect information covered by the attorney-client privilege.[1]

Right to Communicate with Co-workers

The NLRB has scrutinized workplace agreements and policies with respect to employees’ rights to disclose confidential information to co-workers and other third parties.  Section 7 of the NLRA has long protected employees’ rights to engage in “concerted activity,” which includes the right to discuss wages and other terms and conditions of employment with employees, union officials, the NLRB, or the media.  Under Lutheran Heritage Village-Livonia, 343 N.L.R.B. 646 (2004), maintenance of a workplace rule that does not explicitly restrict Section 7 activity nevertheless violates the NLRA if employees would “reasonably construe” it as prohibiting Section 7 activity.  There, the NLRB upheld a facially neutral handbook rule prohibiting harassment and abusive language, finding employees would reasonably construe it to have the purpose of ensuring a “civil and decent workplace” rather than to restrict Section 7 activity. 

Recently, the NLRB has applied the “reasonably construe” test of Lutheran to invalidate several facially neutral confidentiality provisions.  For example, in Schwan’s Home Service, Inc., 364 N.L.R.B. No. 20 (June 10, 2016), the NLRB held that Schwan’s confidentiality agreement violated Section 7 rights by prohibiting employees from using “confidential information” to the benefit of employees or third parties, or to the company’s detriment, where “confidential information” included information pertaining to the wages, commissions, performance, or identities of employees.  Based on this definition, the NLRB concluded that employees would reasonably understand the confidentiality agreement to preclude employees from disclosing the terms and conditions of employment to permissible parties.  In Flex Frac Logistics, L.L.C. v. NLRB, 746 F.3d 205 (5th Cir. 2014), the Fifth Circuit upheld a similar ruling where the only reference to wages in the definition of “confidential information” was the term “personnel information,” finding that this term “implicitly included wage information.” 

Memorandum GC 15-04 by the NLRB’s General Counsel (Mar. 18, 2015), sets forth examples of confidentiality provisions in handbooks that the NLRB General Counsel considers per se unlawful and facially lawful.  The NLRB General Counsel’s views further underscore the need for employers to carefully word confidentiality provisions to avoid enforcement actions by the NLRB.   Per se unlawful provisions include generalized statements such as “[d]o not discuss ‘customer or employee information’ outside of work,” or blanket prohibitions on disclosing non-public information or employer details.  By contrast, facially lawful provisions tend to enumerate specific business information, without mention of employee information or anything that would reasonably be considered a term or condition of employment.  Examples of facially lawful provisions include those that prohibit unauthorized disclosure of “business secrets” or the disclosure of “confidential financial data, or other non-public proprietary information,” including “information regarding business partners, vendors or customers.”  NLRB precedent further suggests that a savings clause may be effective if it explicitly provides that the otherwise suspect confidentiality provision does not apply to employees who communicate with others about terms and conditions of employment, and immediately follows the arguably offending provision.  See Tiffany Co., No. 01-CA-111287 (N.L.R.B. Aug. 5, 2014).  But see Am. Red Cross Blood Servs., No. 08-CA-090132 (N.L.R.B. June 4, 2013) (savings clause fails to cure overbroad confidentiality policy without specific mention of right to discuss terms and conditions of employment). 

Statutory Notice Requirements

The DTSA further constrains workplace confidentiality agreements by requiring employers to provide notice to employees of the act’s immunity and anti-retaliation provisions, designed to protect individuals who may need to disclose trade secrets.  These provisions, specified in detail below, must be “in any contract or agreement with [employees, consultants, and contractors entered into or updated after May 11, 2016] that governs the use of trade secrets or other confidential information.”  18 U.S.C. § 1833(b)(2).  Employers have two means by which to comply.  They may include the requisite language directly in such agreements, or insert a cross-reference in the agreements to a policy document that includes the employer’s procedures for reporting a suspected violation of law.  Employers who fail to include this notice will not be able to seek punitive damages or attorneys’ fees under the DTSA.  Note, however, that the DTSA does not prevent employers from seeking such relief under state law.

Practice Pointers

In light of these recent developments, employers should revisit their workplace agreements and policies to ensure that their confidentiality provisions conform to a number of requirements.  First, employers might wish to include carve outs accompanying confidentiality provisions explaining that it is always permissible to report suspected illegal activity to the government.  A carve out might state that the employee is permitted to disclose “confidential information” to governmental agencies for purposes of participating in or assisting with an investigation conducted or managed by such agencies.  In the context of internal investigations, employers should additionally make clear, preferably orally and in writing during the Upjohn warning, that while the attorney-client privilege protects communications between attorneys and employees, it does not prohibit disclosure to the government of any facts underlying the investigation, provided that those facts were not learned exclusively through privileged communications.

Second, in all contracts with employees, consultants, and contractors that discuss trade secrets or confidential information entered into or updated after May 11, 2016, employers might state that the employee has been notified, in accordance with the DTSA, that (i) individuals shall not be held liable for trade secret disclosure (a) made in confidence to a government official or attorney solely for reporting or investigating a suspected legal violation, or (b) made in a document filed under seal in a proceeding; and (ii) individuals who file employer retaliation lawsuits for reporting suspected violations of law may disclose trade secrets to their attorneys and use trade secret information in a court proceeding if they file the trade secret documents under seal and do not disclose the trade secrets except pursuant to court order.  Employers might alternatively incorporate similar language into a company policy, and reference the policy in all relevant agreements, provided that parties to such agreements also receive the policy.

Third, employers should ensure that confidentiality provisions are consistent with employees’ Section 7 rights.  For example, employers may wish to include a savings clause immediately following a provision which requires confidentiality of an employer’s wage or benefit policies, stating that the provision does not interfere with employees’ rights to discuss terms and conditions of employment with co-workers or governmental agencies. 

Finally, employers should be cautious of accusing whistleblowers of illegally revealing confidential information, as courts have held that employees may share employers’ confidential information if required by law or justified by policy.  For instance, the Sarbanes-Oxley Act (SOX) mandates whistleblower disclosures under certain circumstances, and courts have rejected employers’ attempts to enforce confidentiality agreements where enforcement would frustrate the purpose of the FCA.  Accusing an employee of breaching a confidentiality agreement could be seen as an attempt to take adverse action against an employee whose intent was to reveal misconduct, inviting claims that the employer violated anti-retaliation provisions of statutes such as SOX, Dodd-Frank, or the FCA.

[1] The SEC did not address attorney-client privilege in its enforcement order.  Rule 21F-17 itself exempts from coverage agreements concerning information covered by the attorney-client privilege. See 17 CFR § 240.21F-4(b)(4). 

Reprinted with permission from the August 1, 2016 edition of the New York Law Journal © 2016 ALM Media Properties, LLC. Further duplication without permission is prohibited. All rights reserved.