One of the principal duties of corporate directors and officers is the duty of confidentiality. That’s not just my personal opinion; it’s supported by case law, corporate governance treatises, law review articles, and more. Generally viewed as a subset of the duty of loyalty, the duty of confidentiality means that directors and officers are expected to keep their knowledge of the company to themselves or, at a minimum, to disseminate it on a strict “need to know” basis.
My conviction (all puns intended) was reinforced some years ago, when Rajat Gupta, the former CEO of McKinsey and a member of the board of Goldman Sachs, among others, was convicted of insider trading for spilling secrets he learned in Goldman’s board room to Raj Rajaratnam. Following his conviction, there was a flurry of activity among corporate governance nerds (present company included) as to the appropriateness and reasonability of asking directors and officers to enter into confidentiality agreements with the companies they served. It seemed to me at the time that asking a member of your board – a person charged with oversight of your company, and effectively your boss – to sign a confidentiality agreement might be viewed as insulting or worse.
Events, both recent and not-so-recent, are changing my mind. To start with the not-so-recent, in my many years of in-house practice, I came across the occasional director or officer who, to put it bluntly, was a media whore. They love seeing their names in the paper and being quoted as authorities. I get that; I’ve been quoted in some publications, and it’s very nice. However, in at least one case, a director’s leaks to a reporter resulted in my getting calls from that reporter, literally demanding that I provide information, some of which was clearly privileged, arguing that if it was good enough for a board member it was good enough for me. (I declined.)
More recently, I have come across two press reports of directors leaking information. First, I read that General Motors has sued one of its board members, a former UAW vice president, “claiming he leaked confidential information to a rival company and to the [UAW], a move the auto maker says added billions to its labor costs.” And barely a week later, I read that the former CEO of Campari, who remained a board member, had been accused by French regulators of leaking inside information. There are probably more instances, but even one instance is too much if it’s your company or your client.
There may be any number of reasons for breaches of director confidentiality. Obviously, financial or reputational rewards are among the key reasons. But I also suspect that, in at least some cases, the directors may not realize that what they’re doing is wrong. An informal survey I conducted a few years ago supports this. Specifically, I did some benchmarking about director onboarding programs, and what I found was that while most companies did a great job educating new directors about the business, they did little or no training in fiduciary duties. Perhaps in the past, when many new board members had served on other boards, due to the “old boys’ club” or otherwise, companies assumed that their new board members knew all that stuff. In an era when new directors are increasingly first-time directors, this assumption is unwarranted.
So where does this leave us? I still believe that asking a board member to sign a confidentiality agreement is awkward, but I’m more willing to consider it. A more palatable alternative may be to include director confidentiality in a company’s corporate governance guidelines or principles. Director education programs also provide good forums to emphasize the importance of keeping things to yourself. However, regardless of the method, it’s madness not to think about this.