Are the inspection materials confidential information? List of confidential information

The concept of “confidential information” is very often encountered in legal practice. What does it mean and what types are there? Let's look at this next.

General concept

Before considering what types there are confidential information, you should understand in detail general features the concept itself.

So, to put it very in simple language, then the category of confidential information includes all those documented information that is stored at a certain enterprise or organization of any form of ownership, the distribution of which is undesirable for the person himself. This is due to the fact that such information, as a rule, represents data regarding certain features of the activities of a company or firm, the disclosure of which may harm its owner.

Speaking in legal terms, the first articles of the Law “On Information” state that the concept in question implies documented information, access to which is protected from full interference by Russian legislation currently in force.

Legislative regulation

The concept of confidential information, its types and characteristics are enshrined in certain regulations that are currently in force in Russia. Which ones are among them?

The main role in defining such a concept is played by the Law “On Information”, which establishes the concept itself both in the general and in the narrow sense. As for the types of confidential information under the laws of the Russian Federation, their full list is presented in detail in the provisions prescribed in Presidential Decree No. 188.

Among other things, confidential information may include information regarding a specific person - such data is called personal data. Regulation this concept is carried out on the basis of articles of the Law “On Personal Data”.

Ensuring the safety of confidential information obtained as a result of conducting activities of a certain nature in Russia occurs on the basis of industry legislation. In particular, these include the laws “On Notaries”, “On Advocacy”, “On Medical Confidentiality”, etc.

In addition to all this, special attention should be paid to the safety of information that represents the secret of the enterprise’s activities. These provisions are perfectly regulated by the Law “On Trade Secrets”.

Methods for regulating confidential information

In order to ensure proper safety of information constituting confidential information, the legislator has provided a certain list of measures and methods that allow this to be done.

Thus, the legislator notes that in order to ensure the safety of confidential information, it is necessary to clearly define what data is suitable for this. For this purpose, it is envisaged to establish the very concept of “confidential information”, its types, as well as a certain list of information that may constitute it.

In addition, to ensure the safety of information that constitutes a secret, the legislator provides for a certain procedure for issuing facts classified in this category, as well as certain prohibitions on actions, the presence of which may lead to a violation established mode security of information classified as classified.

Species

As for the main types of confidential information, in practice you can find a small number of them. All of them are listed in the contents of Presidential Decree No. 188, which was issued in 1997.

Personal data

In short, the type of confidential information that is personal data implies by its concept a certain range of data that directly relates to a specific person, referred to in legal practice as the subject of personal data. What information is included in this data group? First of all, they mean personal information - last name, first name, and patronymic. In addition, among the information constituting personal information, the legislator determines the address at which a person is registered or resides, place of birth and date, place of actual stay at a certain moment. The list of data that constitutes confidential information also includes information contained in a person’s identification documents (date and place of issue, series, number, etc.)

Among other things, in addition to the list of information constituting personal data, the legislator also defines the information that is known to employees of civil registry offices as a result of the performance of their professional duties.

The legislator determines special principles for processing data that constitutes personal information. Of course, all of them must be followed properly. Practice shows that this is precisely what ensures the safety of data.

Working with confidential information in Russian legislation requires compliance of all purposes for which the information provided by a person is processed with those that were declared as those for which the data was requested. In addition, their volume must fully correspond to that necessary to achieve the stated goal.

The legislator stipulates that all data that has been allocated to the group of information constituting personal information must be exclusively reliable. As for the authorities and specialists who process them, they should not use information that is not necessary to achieve their goal.

As for the process of storing data, it should be carried out only in such a way that the owner can be determined from the information provided. If we talk about the period during which the process of storing this type of confidential information from the classification discussed in this article should be carried out, then it should not exceed the time necessary to achieve the goal. After the allotted period, all data must be destroyed in accordance with the established procedure. The same should be done when there is no need to use the information.

Processing of personal data

There are certain rules for processing personal data that must be taken into account when working with them. So, this process carried out exclusively in accordance with all the requirements presented in the articles of the Federal Law “On Information”. In accordance with the provisions prescribed therein, data processing can only be carried out by the operator and only with the consent of the person himself.

IN certain cases this consent is not required. In particular, this applies to the moment when the processing of personal data is carried out to obtain statistical data or to study and confirm scientific statements. In some cases, this is required in order to protect the life and health of people, as well as some other interests classified as vital. In the event that a journalist is engaged in the implementation of his professional activity, then when the fact of his obtaining the information will not cause significant damage to the person who is the owner of the data, he can also use the information in his work.

In legal practice, situations often occur when the use of a person’s personal data without his consent is carried out in order to ensure compliance with the requirements prescribed by the contract and execution of its provisions. However, this is only possible if one of its parties is a business entity.

Trade secret

This is a special type of confidential information. The legal method of its protection and storage also differs in its specific features. What are they?

First of all, you should understand that a trade secret is information that represents features of the production of goods, as well as doing business, and if disclosed, the enterprise or organization will simply cease to receive income.

It should also be understood that, along with commercial secrets in legal practice, there are also official secrets. This concept can only be used in certain government services. It is classified information, protected by law in a special manner. As for its content, it, as a rule, concerns the features of public service, which are hidden from public view and have a closed or limited access regime.

The main provisions that relate to commercial and official secrets are regulated by the norms prescribed in the articles of the Laws “On Trade Secrets” and “On Official Secrets”.

For the disclosure by persons who are carriers of information constituting an official or commercial secret of information entrusted to them, they may be subject to liability of various types: criminal, civil, administrative, and also disciplinary, which is especially often used in various enterprises.

Documented information resources

This is one of the main types of confidential information, which is very often used by both legal entities and individuals. It has a special regime for ensuring the safety of the submitted data, and its design is presented in a special form.

Thus, a documented information resource is recognized as information of a certain nature, which is recorded on a material type medium with an indication of individual details, the list of which for each version of the document is presented separately in the legislation.

As for the type of storage medium for confidential information, paper is usually used. All recording of information on a medium must be carried out in strict accordance with the requirements specified in the document. Ownership rights can be established for these material media, which is carried out in accordance with the norms of civil law.

Professional and investigative secrecy

In Russia, as in other countries, there is a certain list of professions that, due to their characteristics, require individuals to process certain data that constitutes information prohibited from disclosure. Such groups of persons primarily include lawyers, notaries, medical specialists, etc. Access to data obtained by them in the course of performing their work duties is limited on the basis of the provisions presented in individual regulations, as well as in the Constitution of the state . For example, due to the nature of his activities, a notary knows about the peculiarities of concluding any transactions, as well as their content. However, a person who is engaged in notarial activities cannot in any way disclose to third parties the information he has received.

What types of valuable confidential information fall into this group? First of all, the legislator determines such information available in personal correspondence, telephone conversations, letters and other shipments that are made through post offices, telegraphs, as well as other messages taken from other sources. In this case, only the user of postal or, for example, telegraph services has the right to consent to the disclosure of data constituting In fact, there are certain types of confidential information at school, the safety of which is the responsibility of the institution's employees. These may include data presented in medical records, information about the fact of adoption, about the safety of the school building, which means its anti-terrorism protection, etc.

Special attention should be paid to another concept existing in legal practice - such as investigative secrecy. Information that was obtained during investigations, as well as during operational activities, is also not subject to disclosure, especially by persons who have direct or indirect access to it. Another type of information protected by law is legal proceedings. All employees of the court apparatus, and, in particular, those who are directly related to the consideration of the case, are obliged to ensure proper safety of information classified in this group. In the event that a person violates the established regime, resulting in the leakage of secret information, he may incur liability - disciplinary or criminal, depending on how serious the consequences of the act are and what form of guilt the action taken has.

Information about the essence of the invention

The legislator pays special attention to the issue related to ensuring the safety of information that constitutes the essence of inventions or any utility models. The security of information must be protected until it is officially announced, and information about the objects is published.

How exactly is the protection of the presented objects ensured? All measures that the state takes for this purpose are prescribed by the articles of the Civil Code, part 4.

This concept and type of confidential information provides for the special nature of its protection. In particular, it can be presented in a jurisdictional form, which is carried out with the participation of specialized government bodies, as well as the creation of a patent for this special invention.

Often, protection of new inventions is carried out in civil law. Experts in the field of jurisprudence note that it is applied, as a rule, in the case when the licensee knowingly or accidentally violates the rights specified in the contract and deliberately evades the obligations stipulated by its contents. As a rule, as a result of this form of protection, the injured party receives a compensation payment, the amount of which is equal to the amount of losses incurred.

In addition to the forms of protection presented above for this type of confidential information, there is also an administrative procedure. It provides for a written appeal by the party whose legitimate interests have been infringed upon to a special body - the Chamber of the Patent Office, which belongs to the group of appellate bodies. The legislator provides for a rather lengthy process of reviewing the submitted application, which can last up to 4 months. Based on the results of the procedure, as a rule, the authority makes its decision in favor of the injured party. In fact, this practice is especially popular among holders of a patent that has been invalidated.

Protection of classified information

Types of confidential information and their protection are prescribed in the provisions of various laws, including a considerable number of industry ones. As for the protection of information, it provides for a set of certain measures that create obstacles to access to data. These may include the need to store documents containing secret information in special safes, transfer of electronic data via local network, limiting the list of persons to data, etc.

In addition to all this, if the established requirements are violated, the guilty person must suffer a punishment commensurate with the damage caused.

Every person at least once in his life has come across the concept of “confidential information”. It is a collection of data that is of particular value and known, as a rule, to a very narrow circle of people. Current legislation provides for punishment for the disclosure of such information, that is, a person is responsible for failure to maintain a trade secret.

It can be used at the discretion of the person possessing it, but the chosen method should not contradict legal norms. Due to limited access measures are taken to protect and protect such information from third parties. People often encounter problems in the workplace when they have to use documentation that is of particular importance to the company. Many companies warn their employees that even salary amounts are data that should not be shared.

In order to avoid various incidents and unpleasant situations, managers of enterprises and organizations are recommended to discuss in advance with each employee aspects that are secret. It is best to prepare a list of confidential information approved by governing bodies in advance. All personnel should be familiarized with this document and given free access to study. It is necessary to clearly classify all available data into separate groups, divided into:

1. Absolutely accessible information. Such information is not limited and is regularly published in specialized publications. An example would be one intended for external users.
2. Partially limited data, the opportunity to become familiar with which is available only to a specifically designated group of people.
3. Documents at the disposal of the head of the company or a specialist with appropriate authority. This information can be fully considered confidential.

So, company documentation can be classified depending on its purpose into industrial and commercial. The first contains all the information about the equipment, the special technology for manufacturing the product, the product itself, and so on. And commercial includes all agreements with counterparties, information about the presence of accounts payable and receivable and their amounts, correspondence with business partners. Accordingly, confidential information is also divided into two main groups (commercial and industrial).

Due to the continuous development of production, the emergence of new equipment and the introduction of technological innovations, security department employees are increasingly having to take measures to strengthen the security system. Currently, the majority of information is stored in electronic form, and all payments with partners are also carried out non-cash. This increases the number of various types of hacker attacks, sometimes leading to irreparable consequences. That is why technical protection is one of the most important tasks, the implementation of which is the responsibility of the best personnel of the company. Indeed, huge sums are spent on maximizing the protection of firms' internal networks. This is especially true for large corporations, where security is included in the list of strategic goals.

Unfortunately, in modern world the hunt for documents representing trade secrets is carried out with particular cruelty. After all, the struggle for power is present both at the state level and at the level of individual economic entities. Confidential information is an expensive commodity that is successfully sold on the market. Thus, managers can be advised to keep up with the times and spare no expense on improving the security system, so that they do not have to deal with the financial fraud of ill-wishers later.

Confidential information - information to which access is limited in accordance with the legislation of the country and the level of access to the information resource. Confidential information is made available or disclosed only to authorized persons, entities, or processes.

Russian legislation identifies several types of confidential information - state secret, official secret, commercial secret, medical (medical) secret, notarial secret, audit secret, lawyer secret, bank secret, tax secret, personal and family secret, secret of adoption, secret of meetings of judges, secret of investigation and legal proceedings, secrecy of insurance, etc. According to V. A. Kolomiets, currently about 50 types of confidential information are mentioned in regulatory legal acts at various levels.

The importance of information in everyone’s life and activities modern man It's common knowledge. It is also known how great the role of information is for the successful solution of a specific task and for achieving the set goals. Finding the exact answer to the question being solved and avoiding mistakes in decision-making is better achieved by those who clearly understand information space who, if necessary, has the opportunity to easily and timely obtain the information he is interested in.

44. Formation and modern definition of the concept of “state secret”

The concept of state secret is one of the most important in the system of protecting state secrets in any country. The policy of the country's leadership in the field of protecting secrets also depends on its correct definition.

The definition of this concept is given in the Law of the Russian Federation “On State Secrets”: “State secrets are information protected by the state in the field of its military, foreign policy, economic, intelligence, counterintelligence and operational investigative activities, the dissemination of which may harm security Russian Federation».

This definition specifies the categories of information that are protected by the state, and that the dissemination of this information could harm the interests of state security.

The model for determining state secrets usually includes the following essential features:

1. Objects, phenomena, events, areas of activity that constitute state secrets.

2. The enemy (actual or potential), from whom the protection of state secrets is mainly carried out.

3. Indication in the law, list, instructions of information constituting a state secret.

4. Damage caused to defense, foreign policy, economy, scientific and technological progress of the country, etc. in case of disclosure (leakage) of information constituting a state secret.

For comparison we present brief definitions concepts of state secrets given by specialists from other countries.

The Criminal Code of the Federal Republic of Germany states that state secrets are facts, objects or knowledge that are accessible only to a limited number of persons and must be kept secret from a foreign government in order to prevent the danger of grave damage to the external security of the Federal Republic of Germany.

The Executive Order of the President of the United States of April 2, 1982 states that national security information includes certain information on national defense and foreign affairs that is protected from unauthorized disclosure.

In some countries this concept is expressed in other terms, for example, in Japan - “Defense Secret”.

What information can be classified as a state secret is defined in Decree of the President of the Russian Federation of November 30, 1995 No. 1203. This includes information (only sections are indicated): in the military field; on foreign policy and foreign economic activity; in the field of economics, science and technology; in the field of intelligence, counterintelligence and operational investigative activities.

Information cannot be classified as a state secret:

If its leak (disclosure, etc.) does not entail damage to the national security of the country;

In violation of applicable laws;

If concealing information would violate the constitutional and legislative rights of citizens;

To conceal activities that damage the natural environment and threaten the life and health of citizens. This list is contained in more detail in Art. 7 of the Law of the Russian Federation “On State Secrets”.

An important feature of a state secret is the degree of secrecy of the information classified as it. Our country has adopted the following system for designating information constituting a state secret: “of special importance”, “top secret”, “secret”. These marks are affixed to documents or products (their packaging or accompanying documents). The information contained under these stamps is a state secret.

What criteria are used to classify information, firstly, as a state secret, and secondly, as one or another degree of secrecy?

The answer to this question is given by the Rules for classifying information constituting a state secret to various degrees of secrecy, specified in Decree of the Government of the Russian Federation No. 870 of September 4, 1995.

Information of particular importance should include information the dissemination of which could harm the interests of the Russian Federation in one or more areas.

Top secret information should include information the dissemination of which could harm the interests of a ministry (department) or sectors of the Russian economy in one or more areas.

Secret information should include all other information constituting a state secret. Damage may be caused to the interests of an enterprise, institution or organization.

From these definitions one can see a relatively high degree of uncertainty in the characteristics characterizing one or another degree of secrecy of information constituting a state secret.

Attempts have been made to equate the degree of secrecy of information with the amount of damage (for example, in monetary terms) that may occur in the event of an information leak. However, they have not received any widespread dissemination or approval.

There is no clarity on this issue in the US Presidential Decree “National Security Information”. It says in part:

1. The classification “top secret” must be applied to information, the unauthorized disclosure of which could, within reasonable limits, cause extremely serious damage to national security.

2. The classification “secret” must be applied to information, the unauthorized disclosure of which could, within reasonable limits, cause serious damage to national security.

3. Classified “confidential” - the same thing, only the amount of damage is indicated as “damage to national security.”

As can be seen from the above, the difference between the three degrees of secrecy depends on the magnitude of the damage, which is designated as “exceptionally serious”, “serious” or simply “damage”.

These qualitative features - criteria for the degree of secrecy of information containing state secrets, always leave room for the voluntary or involuntary introduction of a subjective factor in the process of classifying information.

The concept, types and amount of damage have not yet been sufficiently developed and, apparently, will be different for each specific object of protection - the content of information constituting a state secret, the essence of the facts, events, and phenomena of reality reflected in it. Depending on the type, content and

the extent of damage, we can distinguish groups of certain types of damage in the event of a leak (or possible leak) of information constituting a state secret.

Political damage can occur in the event of a leak of information of a political and foreign policy nature, about the intelligence activities of state intelligence services, etc. Political damage can be expressed in the fact that as a result of an information leak, serious changes in the international situation may occur not in favor of the Russian Federation, the country’s loss of political priorities in some areas, deterioration of relations with any country or group of countries, etc.

Economic damage can occur when information of any content is leaked: political, economic, military, scientific and technical, etc. Economic damage can be expressed primarily in monetary terms. Economic losses from information leakage can be direct and indirect.

Thus, direct losses can occur as a result of the leak of secret information about weapons systems and the country's defense, which as a result have practically lost or have lost their effectiveness and require large expenses for their replacement or readjustment. For example, A. Tolkachev, a US CIA agent, a leading engineer at the Radio Engineering Industry Research Institute, gave the Americans a lot of important and valuable information. The Americans estimated the value of the information received from him at approximately six billion dollars.

Indirect losses are most often expressed in the form of the amount of lost profits: failure of negotiations with foreign companies, with which there had previously been an agreement on profitable deals; loss of priority in scientific research, as a result of which the opponent quickly brought his research to completion and patented it, etc.

Moral damage, as a rule, of a non-property nature comes from the leakage of information that caused or initiated a propaganda campaign illegal to the state, undermining the country’s reputation, leading to the expulsion from some states of our diplomats, intelligence officers operating under diplomatic cover, etc.

Definition of the concept

Confidentiality is a set of measures to prevent leakage and disclosure of certain information. The essence of this concept can also be understood by reading its translation from different languages. It sounds something like "secret" or "trust". Every year this category becomes more and more significant in various fields. Confidentiality can be considered a necessary condition for many types of activities, including medical, legal, auditing and others.

Legislative regulation

Confidentiality is a fairly serious topic that affects almost all areas of public life. That's why regulation this issue has been happening at the legislative level for a long time. Thus, in accordance with a special Decree of the President of the Russian Federation, the following types of information are considered confidential:

• all personal information identifying a person, as well as facts relating to his private life (exceptions include information provided to the media, as well as the signing of documents authorizing the dissemination of data);
• investigation and court records, as well as information about individuals protected under government programs;
• official secrets, which include data on the work of government agencies, scientific laboratories, and defense sector enterprises;
• information about such types of activities as medical, legal, auditing, judicial, investigative, and so on;
• trade secret, consisting of details about the production and technological process, as well as organizing the work of the enterprise as a whole;
• information about scientific developments until the receipt of patent documentation or before implementation.

Where information confidentiality is needed

Any field of activity requires keeping a certain amount of information secret. An example would be a commercial enterprise. Its employees do not have the right to disclose information about production technology, organizational structure and other aspects, which is fixed in the relevant clauses of the employment contract. Violation of this rule may result in a fine or dismissal.

Probably everyone has heard such a phrase as state secret. This is a whole range of information that is protected by government institutions and law enforcement agencies. We are talking about scientific, military, political, intelligence and other types of activities. By making these facts public, an individual can not only cause economic damage to the state, but also jeopardize its security. Serious penalties are imposed for such offenses.

In medical and other institutions of this kind, confidentiality must also be maintained. The staff has no right to disclose information about clients. The same applies to audit firms. Otherwise, the injured party may initiate legal proceedings.

What cannot be confidential information

The privacy policy does not apply to the following types of information:

• information specified in the constituent documents;
• details of the enterprise registration certificate;
• information about the organization’s property;
• information on compliance with safety rules and environmental responsibility standards;
• about the personnel composition, as well as the remuneration system for the work done;
• facts of established violation of the law;
• information about competitions, tenders and other events in which the fate of state-owned objects is decided;
• financial reporting of non-profit organizations.

Privacy protection

The confidentiality of data can be protected by its owner as follows:

• To begin with, it is worth compiling a list of information that falls into the category of “trade secret” in accordance with the law;
• establishing an internal procedure for protecting information by limiting the circle of persons who have access to it, as well as introducing liability for non-compliance with the rules;
• maintaining records of persons who have access to confidential data;
• introducing a clause on liability for distribution classified information in the employment contract, as well as commercial contracts with contractors;
• clear recording of all information on digital and paper media in order to prove its authenticity and ownership;
• immediate registration with the relevant authorities of the information that should be protected.

This list of activities can be supplemented at the discretion of the entrepreneur. The main condition is compliance with their legislative norms.

Conclusions

Privacy is objective necessity in modern conditions. Every person, as well as organization, has the right to keep certain information confidential. Violation of this norm entails administrative and, in some cases, criminal liability.

The terms of confidentiality largely depend on the type of activity in question. This rule should be followed in everything related to commercial or state secrets, as well as the private life of an individual, regardless of his social status and type of activity.

"Kadrovik.ru", 2012, N 7

In any company, there is confidential information that is especially carefully protected from employees who do not have access to it, as well as competitors and suppliers. However, it is quite difficult to determine the degree of data secrecy. As a result, all information related to the activities of the organization begins to be considered confidential. As a result, legal disputes arise both with employees and with other companies.

The list of relevant data is given in several legislative acts, however, the company can independently restrict access to some information. At the same time, the main document that allows you to determine whether information is confidential is Federal Law No. 98-FZ of July 29, 2004 “On Trade Secrets” (hereinafter referred to as Law No. 98-FZ). However, the list contained in this Law is incomplete, and other information about confidential information is contained in other regulatory legal acts.

List of confidential data defined by law

In practice, the confidentiality regime is determined by:

• a list of information constituting a trade secret; a list of confidential information in the organization;
• contractual regulation of relations with employees;
• contractual regulation of relations with counterparties by establishing relevant provisions in the contract;
• applying restrictive marks and a confidentiality stamp indicating its owner on material media of confidential information.

In addition to these measures, the company may, if necessary, use means and methods technical protection confidential information, as well as other measures that do not contradict the legislation of the Russian Federation.

The trade secret regime cannot be established in relation to the following information:

• contained in the constituent documents of a legal entity and documents confirming the fact of making entries about legal entities in state registers;
• contained in documents giving the right to carry out entrepreneurial activities;
• about environmental pollution, the state of fire safety, the sanitary-epidemiological and radiation situation, food safety and other factors that have a negative impact on ensuring the safe operation of production facilities, the safety of each citizen and the safety of the population as a whole;
• on the number and composition of employees, the remuneration system, working conditions, including labor protection, indicators of industrial injuries and occupational morbidity, and the availability of vacancies;
• about the debt of employers in payment of wages and other social benefits;
• about violations of the legislation of the Russian Federation and facts of prosecution for their commission;
• on the size and structure of income of non-profit organizations, on the size and composition of their property, on their expenses, on the number and remuneration of their employees, on the use of gratuitous labor of citizens in the activities of a non-profit organization;
• on the list of persons who have the right to act without a power of attorney on behalf of a legal entity;
• information, the mandatory disclosure of which or the inadmissibility of restricting access to which was established by federal laws before the entry into force of Law No. 98-FZ.

Let's consider the procedure for establishing a list in a specific company.

How to deal with an employee who discloses confidential information?

In many companies, the following measures are taken against an employee who discloses secret information: disciplinary action is imposed, damages are sought in court. Some employers simply fire the offenders, believing that disseminating confidential information is a serious offense. Indeed, such a possibility exists. According to paragraphs. "c" clause 6, part 1, art. 81 of the Labor Code of the Russian Federation, an employment contract can be terminated by the employer even in the case of a one-time disclosure of a trade secret that has become known to the employee in connection with the performance of his job duties.

If a dispute arises about the reinstatement of a person dismissed on the grounds in question, the employer bears the burden of proving all the circumstances of the disclosure of a trade secret. It is necessary to carefully consider all the circumstances of a particular case, analyze whether there are legal grounds for dismissing an employee suspected of disclosing confidential information, and also evaluate possible risks if the employee challenges the dismissal.

Let's take the following example: an employee used a flash drive to print a document on a printer. However, the employer considered these actions to be a disclosure of trade secrets, since the ban on the use of a flash drive to transfer confidential information was contained in the local act. However, the organization did not have an exact list of such secret data. As a result, the employee contacted the labor inspectorate, and after an inspection he managed to get the disciplinary sanction lifted.

Thus, when imposing a disciplinary sanction, the employer must:

• prove that the employee caused material damage to the organization;
• establish that the employee disclosed confidential data included in the list;
• confirm the fact of disclosure and familiarization of the employee with the list of confidential information.

If a company wants to recover damages in court (let’s say a manager quit and sold a confidential database to competitors), then it will need to assess material damage. The key condition for forming an evidence base is the availability of a list of confidential information.

List of confidential information in a separate organization

Each organization compiles its own list of confidential information. As a rule, it includes:

• information about production and management;
• data on employee salary levels;
• personal data of employees;
• management decisions, production development plans, investment programs;
• minutes of meetings;
• confidential contracts;
• information about negotiations;
• information about personnel composition, staffing schedule;
• cost and prices;
• accounting reports, primary documentation;
• information about taxes and fees paid;
• auditors' reports.

Please note: personal data and confidential information are not equivalent concepts. The latter is broader and may include various financial statements, data on the organization’s personnel and other information that is protected by the company in accordance with the established trade secret regime.

Information constituting a trade secret (production secret) is information of any nature (production, technical, economic, organizational and others), including the results of intellectual activity in the scientific and technical field, as well as information about the methods of carrying out professional activities that have actual or potential commercial value due to their unknownness to third parties, to which third parties do not have free access legally and in respect of which the owner of such information has introduced a trade secret regime. Disclosure of information constituting a trade secret is an action or inaction as a result of which such information in any possible form (oral, written, other, including using technical means) becomes known to third parties without the consent of the owner or contrary to labor or civil law. legal contract (Decision of the Moscow City Court dated November 14, 2011 in case No. 33-36486).

The concept of personal data is established in the Federal Law of July 27, 2006 N 152-FZ “On Personal Data”. This is any information relating to a directly or indirectly identified or identifiable individual (subject of personal data).

That is, if confidential information may relate to both individuals and legal entities, personal data - only to individuals. The list of confidential data classified as such at the legislative level is given in the appendix.

It is necessary to pay attention to the fact that information recognized as confidential by the company may not be classified as such. Accounting documents provided to company participants only for review may be classified as confidential (Resolution of the Federal Antimonopoly Service of the Volga Region dated April 5, 2005 N A12-12462/04-C56). A similar conclusion was made in the Resolution of the Federal Antimonopoly Service of the Far Eastern District dated 05/16/2007, 05/08/2007 N F03-A73/07-1/1090 in case N A73-9822/2006-9, in which the court recognized that neither the norms of the Federal Law dated 21.11 .1996 N 129-FZ “On Accounting”, nor Art. 89 of the Federal Law of December 26, 1995 N 208-FZ “On Joint-Stock Companies” does not provide for the mandatory provision to the shareholder of copies of primary accounting documents, turnover sheets of analytical accounting and an electronic database accounting program society. At the same time, for example, information about the fulfillment by taxpayers of their obligations to pay taxes is not a tax secret and can be disclosed (Resolution of the Federal Antimonopoly Service of the West Siberian District dated July 27, 2010 in case No. A27-25441/2009).

Thus, the employer must independently compile a list of confidential information and establish it in an administrative document, depending on the importance of this information. However, the recognition of data as confidential may be challenged in court. At the same time important point also include not only establishing the list of confidential information itself, but also the procedure for its protection.

Procedure for protecting confidential information

In accordance with Art. 10 of Law N 98-FZ, measures to protect the confidentiality of information taken by its owner must include:

• determination of the list of data constituting a trade secret;
• restricting access to such information by establishing a procedure for handling it and monitoring compliance with this procedure;
• accounting of persons who gained access to confidential information and (or) persons to whom it was provided or transferred;
• regulation of relations regarding the use of data constituting a trade secret by employees on the basis of employment contracts and contractors on the basis of civil law contracts;
• affixing on tangible media containing confidential information, or including in the details of documents containing such information, the stamp “Trade Secret” indicating the owner of such information.

In order to protect the confidentiality of information, the employer is obliged to:

• familiarize, against signature, an employee who needs access to such information to perform his job duties with a list of information constituting a trade secret owned by the employer and his counterparties;
• familiarize the employee, against signature, with the trade secret regime established by the employer and with the penalties for violating it;
• create an employee necessary conditions to comply with the established regime (Article 11 of Law No. 98-FZ).

An employment contract with the head of the organization must provide for the obligations of this employee to ensure the protection of the confidentiality of information owned by the organization and its counterparties, and responsibility for appropriate measures.

The recognition of data as confidential can be challenged in court

In this case, the company can take the following actions:

• implementation of a permit system for accessing performers (users, service personnel) to information and work and documents related to its use;
• restricting personnel access and unauthorized persons in protected premises and premises where information and communication means are located, and storage media are stored;
• taking notes of meetings;
• restriction of access of users and service personnel to information resources, software processing (transfer) and data protection;
• accounting and secure storage of paper and computer storage media, keys (key documentation) and their circulation, excluding their theft, substitution and destruction;
• redundancy of technical means and duplication of arrays and storage media;
• information copy protection, application certified products her protection;
• use of secure communication channels;
• cryptographic transformation of data processed and transmitted by means computer technology and connections.

It is very important to establish in the local act of the organization not only a list of confidential information, but also the procedure for its use.

In relations with employees, companies usually use two tactics: protecting interests in court, protecting interests in pre-trial proceedings by terminating a contract with an employee. Let's consider the first method. As an example, we can cite the Determination of the Moscow City Court dated December 22, 2011 in case No. 4g/8-10945/11. Resolving the stated claims, guided by Art. 81 of the Labor Code of the Russian Federation, the Federal Law "On Trade Secrets", the court came to the conclusion that the dismissal of the plaintiff is legal and justified, since he disclosed a trade secret. The plaintiff sent documents to a third party by email to which third parties did not have free access and in respect of which the employer introduced a trade secret regime.

In court, the company proved the following facts: familiarization of the employee with the provisions “On Trade Secrets”, compliance with the procedure for bringing to disciplinary liability, the fact of sending documents to the deputy general director to a third party - information about contractors, information about the timing and methods of providing services, and the amount of remuneration.

But, if confidential information is not transferred to third parties, the fact of copying information without transfer to third parties cannot be regarded as disclosure. Thus, in the Ruling dated December 12, 2011 in case No. 4g/8-10961/2011, the Moscow City Court came to the conclusion that the information copied by the plaintiff onto a flash card constituted a trade secret of the company, but there was no evidence that this information was transmitted by her The defendant did not provide information to third parties, and the plaintiff denied committing such actions. The court also did not receive evidence of the plaintiff sending the specified information to the electronic mailboxes of third parties, as well as the facts of posting on the Internet. Upon examination home computer the plaintiff and the removal of copied information from it, the defendant did not record such facts. There were no notes about this in the information deletion act. The employee’s actions, as a result of which the specified information becomes available to other employees monitoring compliance with the trade secret regime in the organization, cannot be qualified under paragraphs. "c" clause 6, part 1, art. 81 Labor Code of the Russian Federation. In such circumstances, when confidential information was not disclosed to third parties, an individual may be reinstated at work with compensation for the period of forced absence.

Dissemination of unclassified information does not constitute disclosure of confidential information. This conclusion follows from the Decision of the Moscow City Court dated November 14, 2011 in case No. 33-36486. The court came to the conclusion that information about the availability of equipment, its cost, and information about distributors do not constitute a trade secret, because placed in price lists, catalogs and booklets. Thus, confidentiality was not violated. A similar conclusion was made by the Moscow City Court in its Ruling dated October 18, 2011 in case No. 33-33741. In resolving the dispute and partially satisfying the claims, the court reasonably assumed that the obligation to prove the existence of a legal basis for dismissal and compliance with the established procedure for dismissal rests with the employer. The employer did not provide evidence that the B2B system contained confidential information, nor evidence that the plaintiff disseminated data constituting a trade secret.

Of course, many companies cannot prove their case in court, since the regulatory framework does not contain a specific list of documents that can be used to confirm losses associated with the illegal disclosure of confidential information. In addition, it is very difficult to assess the material component, for example, leaks of information about counterparties or financial indicators, as well as the fact of disclosure itself. After all, disclosure can be made both in writing and orally. In this regard, many companies are forced to use methods of punishing negligent employees such as disciplinary action.

However, sometimes companies prefer not to wash dirty linen in public and part with such employees on good terms. In such situations, it is preferable to formalize the dismissal by agreement of the parties, provided for in Art. 78 Labor Code of the Russian Federation. One of the significant advantages is that it is almost impossible to challenge such dismissal, since there is a mutual agreement between the parties.

In conclusion, it should be noted that the integrity of the trade secret, the protection of the interests of the organization and the possibility of restoring justice in court depend on how clearly the company defines the list of confidential information, as well as the procedure for protecting it.

Application

Example list of confidential data List of information classified as confidential (official) information in the central office of the Federal Agency for Railway Transport and its subordinate enterprises and institutions, approved. By Order of the Federal Agency for Railway Transport dated January 24, 2011 N 18