Prevention and cure: Safeguarding employer interests in India

Protecting trade secrets and confidential information is central to the survival and growth of any business. When the same individuals who contribute the most to a company’s success also have access to the information that defines its competitive edge, there arises the risk of those individuals leaving with not just their experience and knowledge gained on the job, but also sensitive information and intellectual property capable of reshaping the competitive landscape.

There are numerous disputes in and around India that underscore this challenge, highlighting the difficulty in striking a balance between employee mobility and companies’ legitimate need to protect their trade secrets and intellectual property.

In this article, we assess the legal landscape around these issues, and suggest some measures for employers to address such risks proactively.

India lacks dedicated legislation governing trade secrets, and their protection is instead derived from a combination of contractual obligations, equitable principles under common law, and international commitments such as the Agreement on Trade-Related Aspects of Intellectual Property Rights (the “TRIPS”).

While the TRIPS obliges its member states to provide effective protection of undisclosed information, India has thus far chosen to rely on judicially developed principles of equity and breach of confidence. On the other hand, Section 27 of the Indian Contract Act, 1872 (the “ICA”) states that any agreement restraining a person from exercising a lawful profession, trade, or business is void to that extent, making India a relatively employee-friendly jurisdiction.

Employment contracts are susceptible to being set aside if their terms are unfair, unconscionable, or contrary to public policy. In American Express Bank Ltd. v. Priya Puri (2006 SCC On Line Del 638), the Delhi High Court held that the right of an employee to seek better opportunities cannot be curtailed, even if confidential information is at stake. The Court distinguished between proprietary trade secrets, such as technical know-how, formulae, or highly specialised tools, and general business knowledge or client contacts, which cannot be monopolised by an employer.

This said, Indian courts have consistently upheld confidentiality obligations, provided they are narrowly framed and proportionate to the employer’s legitimate interests. In Hi-Tech Systems & Services Ltd. v. Suprabhat Ray (AIR 2015 Cal 261; the “Hi-Tech Case”), the Calcutta High Court held that courts will step in to protect trade secrets and confidential information where misuse provides an unfair competitive advantage or confers a ‘springboard’ advantage over the former employer.

These decisions highlight the nuances in how restrictive covenants can be drafted and implemented in employment agreements so as to render them enforceable. Ideally, employers must adopt a multi-pronged strategy for protecting proprietary information, confidential information, and trade secrets. First, restrictive covenants that are narrowly tailored to safeguard proprietary information remain enforceable and should form a key part of employment contracts, provided they do not hinder future employability. Second, employers should implement robust preventive measures such as access controls, employee training, and clear confidentiality protocols to reduce the risk of misuse. Third, there must be a well-defined strategic action plan to respond decisively when confidential information, intellectual property, or trade secrets are leaked or threatened to be disclosed. This holistic framework would enable employers to safeguard intangible assets while ensuring that employees continue to enjoy professional mobility.

Businesses that wish to protect their proprietary information and intellectual property should begin by developing an understanding and awareness of which categories of information need heightened protection, and which categories of information can be more easily shared within the organisation. Further, this should inform their recruitment practices as well. Where candidates are engaged for roles with greater exposure to crucial proprietary information or trade secrets, proportionate background verification must be undertaken.

For each role, a careful assessment must be made, evaluating the type, volume, and sensitivity of data an employee may have access to, as well as the potential consequences of that data being leaked or misappropriated. Employment contracts should also reflect this assessment, incorporating tightly worded confidentiality, intellectual property and indemnity clauses. In roles involving heightened exposure to proprietary information, these protections can be reinforced through separate non-disclosure agreements, which provide flexibility to address risks that may not be fully covered by the employment contract.

Additionally, internal policies and clauses in the employment agreements, such as exclusivity, non-disparagement, and termination-for-cause provisions, further reinforce the standards expected of employees.

Preventive safeguards, however, should also extend beyond documentation and contractual obligations. Technical controls, such as surveillance tools and system monitoring, can act as early warning mechanisms to flag unusual or suspicious activity. At the same time, regular training sessions on confidentiality, intellectual property, and the legal and professional consequences of breach help instil a culture of compliance across the organisation. Such training sessions also ensure that employees are well-informed about the law as well as the employer’s reasonable expectations from them.

The Hi-Tech Case also underscores the importance of documenting and defining what qualifies as confidential information. The Court drew a clear line between public domain knowledge that does not merit judicial protection and proprietary trade secrets, such as unique databases, pricing information, and customised technological processes, which do. Preventive safeguards, therefore, should include clear contractual definitions and internal protocols for handling such information, to ease the evidentiary burden in the event of a dispute arising.

In the event of a leak and/ or breach, immediate containment is critical. Employers should suspend the concerned individual’s access to systems and premises, and notify internal and external stakeholders. A thorough internal investigation should be conducted, ideally with the assistance of data forensic experts. This involves preserving digital evidence, analysing system logs, tracing file transfers, and recovering deleted material where possible. Interviews with relevant employees and preparation of a detailed chronology ensure that the facts are well-documented. Forensic evidence not only aids decision-making but also enhances the employer’s ability to establish claims before courts or regulators.

Taking such actions in this manner can help limit dissemination and strengthen the basis for subsequent legal action.

Depending on the nature of the information and the impact on the employer’s business, the employer may be able to explore legal remedies such as injunctions. In the Hi-Tech Case, the Calcutta High Court granted quia timet relief, restraining ex-employees from misusing trade secrets, on the ground that waiting for actual damage would irreparably prejudice the employer. This illustrates the strategic value of seeking urgent injunctions when such a threat of misuse is detected, rather than relying solely on post-facto claims for damages.

In addition, well-drafted indemnity clauses provide a critical safeguard. By expressly requiring employees to indemnify the employer against losses, liabilities, or expenses arising from misconduct or breach of contractual obligations, such provisions create a direct contractual obligation to make the employer whole. This not only strengthens the employer’s bargaining position in settlement negotiations but also facilitates recovery of costs such as litigation expenses, third-party claims, and reputational damages, which might otherwise be difficult to translate into monetary terms. Courts have generally upheld indemnity provisions where they are reasonable, proportionate, and linked to identifiable risks, making them an effective tool for mitigating the financial and operational fallout of such breaches.

Statutory remedies under the Information Technology Act, 2000 (the “IT Act”) may be invoked where an employee’s actions involve unauthorised access or data theft. Section 43 of the IT Act provides for civil liability, while Section 66 of the IT Act criminalises unauthorised downloads and misuse of computer resources. These provisions complement contractual remedies, underscoring the importance of a multifaceted response strategy.

Indian jurisprudence reflects a delicate balance between protecting employers’ proprietary interests and preserving employees’ right to professional mobility. Confidentiality obligations and intellectual property protections have emerged as effective tools for employers in India to protect their proprietary data.

For employers, the lesson is clear: prevention through carefully structured contracts and compliance practices, coupled with swift and evidence-backed enforcement, offers the most effective means of safeguarding trade secrets in an era where human capital is both the greatest asset and the greatest risk.

About the authors: Siddhartha George is a Partner & Practice Head (Corporate Advisory Practice), Harini Sudersan is a Partner, Data Protection & AI, Shagun Singh is a Senior Associate, and Bharani Tadimalla is an Associate at Poovayya & Co.

Disclaimer: The opinions expressed in this article are those of the author(s). The opinions presented do not necessarily reflect the views of Bar & Bench.

If you would like your Deals, Columns, Press Releases to be published on Bar & Bench, please fill in the form available here.