Small businesses are ill equiped to manage trade secrets

WHAT IS CONFIDENTIALITY?
Confidentiality is the act of limiting disclosure of private matters; maintaining the trust that an individual has placed in one which has been entrusted with private matters.1

Legally, there are two basic requirements for protection of confidential information, namely 2
(a)The subject matter must be confidential, and
(b)The subject matter must have been communicated in circumstances which impose an obligation of confidence between the disclosing party and the receiving party

Finally, Confidentiality is also the status accorded to data or information indicating that it is sensitive for some reason, and that therefore it needs to be protected against theft or improper use and must be disseminated only to individuals or organizations authorized to have it3.

Secrecy and privacy are often used synonymously with confidentiality.

Is the matter of the transmission confidential?

We can reasonably think that information is confidential if the disclosure4:

Harms an employee's or third party's reputation or safety;
Harms the financial or competitive interests of the corporation;
Violates securities regulations for a public company;
Prejudices finalization of a project or transaction currently in progress or under negotiation;
Prejudices litigation, (e.g. which would breach solicitor/client privilege
Leaks a Trade Secret
Breaches with privacy laws
Etc

What kind of information?

SunCET's confidential e-mail transmission tools should be used everyday to send and receive personal information, trade secrets or to protect copyright.

Personal Information
Most countries in Europe and in America have adopted laws to protect personal information

Trade Secrets
Most developed Countries in the world have adopted laws to protect Trade Secrets. Employees send trade secrets every day in a non-confidential way by e-mail (ex: strategic plans, technical information or R&D information, production or quality control information, marketing, administrative or financial information)

Valuable Copyrighted information
Everyday, creators, designers, authors are submitting their work and need digital and legal protection to reduce illicit copies or to keep the commercial value of their work.

Has it been communicated in circumstances that impose an obligation of confidence between the disclosing party and the receiving party?
Why leaks occur?
Confidentiality breach can occur for a large number of reasons that are not addressed by the technologies proposed on the market.5 If we look closer to the risks of breach of confidentiality in E-mail, encrypted information can easily loose their confidential status because the most important risk of breach of confidentiality in an e-mail transmission comes from the senders and the recipients.

For example, the confidential information is not treated in a confidential way if the
Recipient does not agree to a confidentiality agreement and
Document is not identified as confidential and
Attached files are not encrypted permanently,
Sender does not have the tools and the administrative process to manage the confidential information,
Recipient is not aware of the confidential status of the information
Recipient does not know how to protect the information
If all reasonable circumstances are not imposing an obligation of confidence, the information can legally lose its confidentiality status.

The circumstances that impose obligation of confidence require technological, legal and administrative protections and measures.

In the Internet Technology (IT) world, confidentiality is performed by cryptography along with data integrity, authentication, and non-repudiation. Confidentiality that is achieved using cryptography makes use of encryption to render the information unintelligible except by authorized entities. The information may become intelligible again by using decryption.

The dominance of Internet Technologies in the Information security has a perverse effect: because most people hear that IT protects confidentiality, they believe that confidentiality is protected; it is a false assumption. It is wrong to believe that encrypted transmission protects efficiently confidential information.

Using encrypted e-mail do not means that information is disclosed in a confidential way. If all circumstances of the transmission do not impose an obligation of confidence between the disclosing party and the receiving party, then a judge could rule the information as public information.

THE SITUATION ON THE MARKET
It is getting widely known in the public that free non-protected e-mail is not enough to protect the rights of valuable information. Few people know that
The general principles of Information Security clearly state that it cannot be insured without using technical, administrative and legal protections alike.
If confidential information is sent in a non-confidential way, it can legally lose its confidentiality status.

Nevertheless, the general response of the security vendors has been to:
Propose medium and large enterprises, e-mail solutions that comprise encryption and secure socket layers technology to insure security6.
Focus on encryption services
Leave all administrative and legal measures required to protect confidentiality to consulting firms.
Neglect the needs of small enterprises to have access to affordable system offering reasonable circumstances that impose an obligation of confidence.

Small businesses are ill equipped to manage disclosures of trade secrets, personal information and valuable copyrighted information.