Elaborate on what "keeping this information confidential" entails

[balupton]

You are responsible for keeping this information confidential, including after you end your work for the Company.

This seems like it can have wildly varying interpretations and consequently expectations of what an employee's responsibility is regarding what an employer could consider confidential.

A lot of previous contracts I have turned down, have had confidentiality statements where I am not even able to reuse thoughts that the employer considers confidential - all those learned skills and processes, they are confidential business know-how, in your next role you must never use anything you learnt, or even do anything we do, as we'll suspect you learnt it from us! Naturally, that busts the idea-expression-divide, but it doesn't stop their legal team from applying the pressure like an intellectual zombie virus.

So could be nice if the implementation of this responsibility was covered much in the same way as the copyrightable materials in the prior segments, as no complaints on that 👌

It would also be nice to cover the difference between confidentiality obligations and and privacy obligations, as many contracts treat them as the same, even though their practical implementation is quite different. The way I think about it as so:

• privacy means the identities are confidential, but the stories are not, however if a story could reveal the identities, then you must alter the story or not tell it
• confidentiality means don't discuss the story and optionally the company too.

[mlinksva]

@balupton thanks for (congrats on?) making first public issue.

The confidentiality section is the least 'interesting' part of the agreement, in that it doesn't do anything innovative. We considered removing it to keep the agreement bare-bones (often confidentiality will be covered in employment contracts outside of an IP agreement) but left it in to keep as close as possible to the agreement used at GitHub.

I doubt there's much room to change it substantively, but if there are best practice examples of confidentiality language that is more clear, or related analysis, please share them here.

[ringztech]

I to agree

[mlinksva]

cac65ec (part of #44) is an update to the confidentiality section. It doesn't get into privacy vs confidentiality but is reorganized to be a little easier to follow and emphasizes the already present "...valuable to the Company because it is not publicly known" by adding "Information is not confidential if it is or becomes known or generally available to the interested public by no fault of yours, or you already knew the information independent of having received it from the Company."

[balupton]

If you are not sure if something is Confidential Information, you should assume that it is, until you can confirm otherwise.

Couldn't a company claim that everything is their confidential information? or that all of their IP that isn't open-source is confidential information?

As the confidentiality clause is more restrictive on the employee, this seems an angle that the employer could take.

[mlinksva]

Apologies for not updating here -- we removed the confidentiality clause from the v2 draft at b1706b7