Legal protection of confidential information according to Russian law

In a large number of organizations, there is no clear understanding of what information relates to confidential information and how to enforce their legal protection. At the same time, the risks of leakage of confidential information are often and threaten the existence of the business. Such risks are associated with violation of the safety and integrity of confidential information, possible attacks on business, industrial espionage, hostile actions by competitors or employees of the organization, bringing to responsibility for violation of the rules for handling personal data and a number of other confidential information and a number of other unfriendly actions.

To minimize such risks, methods of information protection are used technical (monitoring the integrity of the IT infrastructure, protecting software and web applications, etc.) and legal focus (developing legal approaches to protecting information).

To disclose an understanding of what the term “confidential information” includes according to Russian law, it is necessary to refer to the provisions of the Federal Law N 149-FZ dated July 27, 2006 “On Information, Information Technologies and Information Protection”, which divides information into such types as:

1. freely available information;
2. information provided by agreement of persons participating in the relevant relationship;
3. information that is subject to provision or distribution in accordance with federal laws;
4. information distribution of which in Russia is restricted or prohibited.

The confidential information may include a database of clients, personal data, various know-how, production secrets and developments, data on concluded contracts and their provisions, as well as much other information requiring legal protection.

It is obligatory to respect the confidentiality of information, access to which is limited by federal laws, which determine the conditions for attributing information to information constituting a trade secret, official secrets, and other secrets, the obligation to respect the confidentiality of such information, as well as responsibility for its disclosure.

A more detailed list of information classified as confidential is determined by Decree of the President of Russia of 06.03.1997 No. 188 “On Approving a List of Information of a Confidential Character”. In particular, such confidential information includes:

1. facts, events, and circumstances of the private life of a citizen, allowing to identify his personality (personal data);
2. constituting the secret of the investigation and legal proceedings;
3. official information, access to which is restricted by state authorities (official secrets);
4. information related to professional activities, access to which is limited (medical, notarial, lawyer's secret, the secret of correspondence, telephone conversations, mail, telegraph or other messages, and so on);
5. information related to commercial activities, access to which is restricted (trade secret);
6. information on the nature of the invention, utility model or industrial design prior to the official publication of information about them;
7. information contained in personal files of convicts, as well as information about the enforcement of judicial acts.

When carrying out business activity conceived it’s necessary to protect information of any nature (production, technical, economic, organizational and others), including the results of intellectual activity in the scientific and technical sphere, as well as information about the ways of carrying out professional activity which have real or potential commercial value due to their unknownness to third parties to whom third parties do not have free access and in respect of which the holder of such data is entered commercial secrecy.

Of particular importance for businesses is the legal settlement of issues regarding the protection of trade secrets and other important confidential information of commercial and other value.

Article 10 of the Russian Federal Law of July 29, 2004, N 98-FZ “On Commercial Secrets” establishes such measures to protect confidentiality as:

1. determining the list of information constituting a commercial secret;
2. restriction of access to such information with the establishment of the procedure for handling this information;
3. registration of persons who have access to information;
4. regulation of relations on the use of information constituting a commercial secret by employees on the basis of employment contracts and counterparties on the basis of civil law contracts;
5. application to tangible media containing information constituting a commercial secret of the “Commercial Secret” stamp.

These measures can be taken in the presence of a number of necessary documents taken by the owner of confidential information.

Taking into account the requirements for measures to protect confidential information and relevant documents, BRACE Law Firm provides a range of services for the protection of confidential information. When drafting these documents, we take into account the direction and features of the business, the company's business profile, which provides such a service for the legal protection of confidential information, as well as a detailed study of possible cases of breach of confidentiality of information with the establishment of proportionate measures of responsibility for such violations and the development of measures aimed at violating privacy mode information.

Legal services

BRACE Law Firm renders the following services in the specified direction:

1. Preparing of confidential information regulations and policies for the protection of confidential information;
2. Drafting other internal documents aimed at introducing a regime of confidential information, including an order of CEO to familiarize employees with the provision of confidential information, instructions for handling confidential information, a register of persons who have access to confidential information;
3. Due diligence of the current regime of confidential information in the company with the development of specific recommendations;
4. Analysis regarding compliance with the General Regulations on the protection of personal data (General Data Protection Regulation, GDPR);
5. Preparation and legal expertise of draft labor and civil law contracts containing confidentiality clauses, development of a model confidentiality clause and non-disclosure agreement (NDA);
6. Drafting other necessary legal documents.

Related services

• Drafting and legal expertise of contracts according to Russian law
• Drafting documents aimed at compliance with anti-corruption legislation
• Legal support of foreign companies in Russia
• Preparation and alignment with the law internal policies and other local acts according to Russian law
• Legal support of online trading
• Legal support of product promotion and advertising campaigns
• Legal support of personal data protection and processing