The Right to Information Act 200911 (Qld) (RTI Act) gives people the right to access documents in the possession or control of Queensland government agencies.2 This right of access is subject to some limitations. These limitations include information which is exempt from release under schedule 3 of the RTI Act.
Schedule 3, section 8 of the RTI Act provides that information will be exempt from release if its disclosure would found an action for breach of confidence.
The Basic Guide to Confidentiality3 will help decision makers determine if confidentiality is relevant to an application before considering the exemption provision in detail. Decision makers may also find What is confidentiality? An introduction for applicants and third parties4 helpful when communicating with applicants. Key decisions can be found in the Annotated legislation.5
An action for breach of confidence can be an action for:
When considering whether the breach of confidence exemption applies, it is useful to consider the following preliminary questions:
There is an exception to the breach of confidence exemption. Schedule 3, section 8(2) states that deliberative process information is not exempt information unless it consists of information communicated by an entity other than the State, an agency, or a person in the capacity of:
Deliberative process information is information disclosing—
—in the course of, or for the purposes of, the deliberative processes involved in the functions of government.7
Deliberative process refers to the processes of evaluating relevant evidence, expert opinion, and arguments about the merits of competing opinions for the purpose of making a decision related to the performance of the agency’s functions. It includes contributions to the formulation of policy, as well as the making of decisions under statutory powers.
For more information on deliberative process refer to the Deliberative Process guideline.
The breach of confidence exemption needs to be applied by considering a hypothetical legal action in which there is a clearly identifiable plaintiff who can bring an action to enforce an equitable or contractual obligation of confidence.8 In practice, this means it is important to consider the source of the relevant information.
For an equitable obligation of confidence, it will generally arise only where information has been communicated from a third party (who is the hypothetical plaintiff) to an agency or Minister. It will not ordinarily be relevant to internal departmental communications or to information communicated from the agency (or Minister) that has received the access application to a third party (except where it is comprised of a re-communication of confidential information).
To be subject to a contractual obligation of confidence, the relevant information must fall within the scope of the agreement. Like an equitable obligation, purely internal communications will generally not be included, except where they re-communicate confidential material. Depending on the circumstances, it may be relevant that information was communicated by the agency or Minister to the third party.
The breach of confidence exemption can relate to an action in equity for breach of confidence or an action for breach of contractual confidentiality.9
It will be important to identify which applies to the information in question, as each requires different criteria to establish. Where a breach of contractual confidentiality cannot be established, it may be necessary to consider if a breach of equitable confidentiality can be established.
Information is conveyed in confidence when one party (the confider) imparts the information to another (the confidant), on the express or implied understanding that the information has been provided for a restricted purpose.10
The confidant has an obligation to keep the information confidential and a failure to do so is referred to as 'breach of confidence'. The Courts will restrain a confidant or hold them accountable for any breach of confidence.11
In order to found an action for a breach of equitable confidence, the information must satisfy four elements and, in some circumstances, a fifth:12
The fifth element of detriment
There will generally be a fifth element where the entity claiming to be owed the confidence is another government body: Disclosure must cause detriment to the plaintiff. It is unlikely to apply in other circumstances.
These elements are cumulative; if any of them cannot be satisfied, the information cannot be subject to an equitable obligation of confidentiality.
The first element is that the specific information claimed to be confidential must be specifically identifiable as secret, rather than generally known or available.13 If it cannot be identified, then there can be no obligation, or threatened breach, of confidence.14 The more general the information, the harder it will be to show that it was imparted or received in confidential circumstances.15
An identifiable use of the specific confidential information—or circumstances from which a potential use of the information can be inferred—must also be identified.16 For agencies, this will generally be the documents or information claimed to be confidential, and release under the RTI or IP Act respectively.
When making their decision, decision makers must identify the specific information within documents that they consider is confidential.
The second element is that the information must have the necessary quality of confidence. Marking a document “Secret” or “Confidential” does not automatically give it the required quality of confidence. Decision makers must consider the content and substance of the information.17
To satisfy this requirement it must be shown that the ‘circumstances are of sufficient gravity’18 to warrant equitable protection:
... the principle of confidentiality only applies to information to the extent that it is confidential. In particular, once it has entered what is usually called the public domain (which means no more than that the information in question is so generally accessible that, in all the circumstances, it cannot be regarded as confidential) then, as a general rule, the principle of confidentiality can have no application to it. ...
The second limiting principle is that the duty of confidence applies neither to useless information, nor to trivia.19
For information to have this quality of confidence it must not be common knowledge or be in the public domain,20 or be mere 'trivial tittle-tattle'21. The fact that information is simple will not prevent it from being confidential,22 although being obvious or commonly known will.23 If information is partly common knowledge, it must also consist of some independent thought or be the product of some commercial twist to be confidential.24
Information may also have the necessary quality of confidence if it is possessed of sufficient ‘intrinsic importance'25 to attract the operation of an obligation of conscience binding the receiver not to disclose it. If information does not possess the necessary quality of confidence, it cannot form the basis of an equitable obligation of confidence.
The following types of information have been identified as not having the necessary quality of confidence:
Note
Decision makers need to consider whether parts of the document are already common knowledge or generally known, for example because the information has been mentioned in a media statement or in other publicly available information. The relevant business units or areas within the agency may be able to advise on this.
The third element is that the information must have been received in circumstances that import an obligation of confidence. Generally, an obligation of confidence is imposed at the time the information is imparted29 and it can be imposed expressly or by implication,30 based on the circumstances.
The existence and scope of any obligation of confidence will be determined both by what the entity receiving the information knew and what they ought to have known in the circumstances.31 For example, even when there is no express mention of confidentiality (or otherwise), certain kinds of discussions can be ones which are generally assumed by the participants will be treated as confidential.32
Decision makers will need to consider the circumstances surrounding the supply of the information to determine whether those circumstances as a whole imparted an obligation of confidence.33
Relevant circumstances could include:
The key to determining whether this requirement is satisfied ‘lies in determining what conscionable conduct requires of an agency in its treatment of information claimed to have been communicated in confidence’.37
In B and BNRHA,38 the Information Commissioner stated that this requirement must be considered on the basis of an evaluation of the whole of the relevant circumstances in which the information was imparted to the agency claiming to be bound. The relevant circumstances will include (but are not limited to) the nature of the relationship between the parties, the nature and sensitivity of the information, and circumstances relating to its communication.39
The courts have varied the extent and nature of the obligation depending on whether the information is personal, commercial, or government information. For example, the obligation not to disclose personal information is generally more extensive than the obligations attaching to trade secrets, which are different again from those attaching to government information.40
In relation to government information, Daubney J in Ramsay found that:
…In the case of information produced to and held by a government agency, it can be accepted that the public interest in having access to the particular information is one of the factors to be considered when ascertaining whether or not that information is held under an obligation of confidence. Indeed, it may be a factor to which considerable weight attaches. But it is not the sole determining factor. It needs to be weighed in the mix of all the relevant circumstances under which the information was imparted to ascertain whether the information is held subject to an equitable obligation of confidence.41
The fourth element is that there is an actual or threatened misuse of the information. A confidant's disclosure of confidential information inconsistent with the purpose for which it was received will be a breach of confidence.42
The same can be true for a third party who is given confidential information. If the third party knows it is confidential and still uses or discloses it in a way inconsistent with its confidentiality, they can be liable for a breach of confidence.43 This means if an agency receives information from someone other than the original confider that it knows is subject to an obligation of confidence it may need to treat it as confidential.
The decision maker will need to determine if release under the RTI Act would be inconsistent with the purpose for which it was received.44 This will depend upon the scope of the obligation of confidence.
An obligation of confidence can be waived by express or implied consent of the confider.45 Agencies may need to consider contacting the confider to determine whether they would object to disclosure of the information. This is particularly the case where the information’s age or character would indicate it may have “lost the sensitivity or value to the confider which made it worthy of protection as confidential information in the first place”.46
The reasoning in Ramsay raises doubt as to whether a fifth element of detriment applies to non-government entities. However, where the party claiming to be owed the obligation of confidentiality is a government entity, then the general approach is that the criteria of detriment must be satisfied in order to establish that the information is subject to an equitable obligation of confidentiality.
An action for breach of contractual confidentiality requires that there is contract in place. A contract is a specific type of legally binding agreement, and does not include other kinds of agreements, such as Memorandums of Understanding or deeds.
If the agreement is not a contract or the confidentiality clause is not legally binding—for example, if the parties are still negotiating or the clause has expired—there can generally be no breach of contractual confidence.47
It is also necessary to consider if there has been an exchange of consideration between the parties in relation to the contract. In the absence of some form of consideration, then a confidentiality clause will not be capable of supporting an obligation of confidence.48
The contractual obligation of confidence will generally arise from the terms of a confidentiality clause contained in a written agreement. Decision makers will need to consider the information and the relevant confidentiality clause to determine if the clause applies, as some confidentiality clauses may be limited by subject matter, author, date, or other factors.
In B and BNRHA the Commissioner said:
An express contractual obligation of confidence ordinarily arises in circumstances where the parties to a disclosure of confidential information wish to define clearly their respective rights and obligations with respect to the use of the confidential information, thereby enabling the parties to anticipate their obligations with certainty.
In some circumstances a contractual obligation of confidence can be implied between parties who do not have a subsisting contractual relationship.49 For example, where confidential information is provided to one party as part of seeking to enter a business arrangement, which is not successful, and the receiver later uses the information themself.50
Some confidentiality clauses may also exclude RTI from the clause's application; if so, release under the RTI Act cannot found an action for breach of contractual confidence.
The agreement to keep information confidential must be supported by consideration. If there is no consideration, it cannot amount to a contractual obligation of confidence.51
Consideration, put simply, is the 'price' of the contract. It does not have to be money or material goods.52 It can, for example, be an action to be carried out or a mutual promise,53 but it must not be something that predates the agreement.54
The confidentiality agreement can apply to information specified in the agreement—which can include other contracts or non-contractual agreements—and/or to the terms of the contract itself, but these cannot pre-date the contract.
The specifics of the agreement need to be considered to determine if they cover the information being considered. It will also be necessary to consider any other relevant parts of the contract, to identify if anything renders the confidentiality agreement inoperable in the circumstances. For example, the confidentiality agreement may have ‘carve out’ provisions, ie exceptions to the confidentiality agreement. These will not render it inoperable except as is provided for in those clauses.55
Carve outs may, for example, provide that the confidentiality provisions do not apply if an application is made under access legislation such as the RTI Act, or to information that has been made public, for example published by the parties on a website. The mere presence of carve outs does not undermine the operation of the agreement so that the parties can no longer be considered bound by an enforceable obligation of confidence.56
The confidentiality agreement must still be in operation at the time the information is being considered. If it contains an expiry date which has passed, for example, the confidentiality agreement will no longer apply.
Adani Mining Pty Ltd v Office of the Information Commissioner & Ors,57 found that no public interest considerations can be considered when applying schedule 3, section 8(1) of the RTI Act to contractual obligations of confidence imposed upon a government agency—apart from the possibility of disclosure arising from the nature of ‘responsible government’.58
However, it may be a relevant consideration if there is evidence that demonstrates that:
These actions would constitute “an improper attempt to avoid public disclosure and to frustrate the public interest [set out in the RTI Act]”.60 The person asserting that these actions occurred, however, must prove them; otherwise it should be assumed that the parties acted lawfully.61
Current as at: November 26, 2021