Permitted Disclosees - Definition and Exclusions

Contract Type:

The Receiving Party may disclose the Confidential Information to its employees, directors, officers, agents, subcontractors and professional advisors (the “Permitted Disclosees”) who: (a) need to know the Confidential Information for the Purpose; (b) are informed of the confidential nature of the Confidential Information; and (c) agree to act in accordance with the obligations of confidentiality and non-use set out in this Agreement. The Receiving Party shall ensure that all Permitted Disclosees comply with the obligations of confidentiality and non-use set out in this Agreement and shall be liable for any breach of this Agreement by its Permitted Disclosees."


This clause specifies that:

1) The party receiving confidential information (the Receiving Party) under the agreement may disclose or share that information with certain designated people within their organization (Permitted Disclosees) who:

(a) Require access to the information to achieve the permitted purpose for which it was shared under the agreement. I.e. the purpose that was consented to by the disclosing party.

(b) Are informed about the confidential nature of the information by the Receiving Party before access is granted. I.e. it is impressed upon them that it is sensitive data shared under legal obligations of non-disclosure outside of the Receiving Party organization and limited agreed purpose.

(c) Personally undertake to keep the information confidential and only use it for the purpose consented to under the agreement that permitted its initial disclosure. I.e. they make a legally binding commitment to the same obligations as the Receiving Party has under the agreement.

2) The Receiving Party is entirely responsible and liable for ensuring all Permitted Disclosees do maintain strict confidentiality and only use the information as originally permitted. The Receiving Party faces consequences for any breach by their Permitted Disclosees.

3) In short, confidential information can be shared with certain dedicated contacts within the Receiving Party on agreed conditions, but accountability for their actions remains with the Receiving Party. Disclosure outside of agreed parameters would constitute breach.

Key purposes and rationale for including a permitted disclosees clause are:

1) Trusted access: Allowing disclosure to specifically designated essential contacts within the Receiving Party fosters their ability to work with and apply the confidential information as intended under the agreement, but only when and how consented. Opportunity is balanced with control.

2) Accountability: Maintaining the Receiving Party's liability for their Permitted Disclosees' conduct deters irresponsible designation of contacts or lack of oversight. It encourages close management and impression of obligations to minimize risks of secondary disclosure or breaches. Responsibilities are clearly allocated.

3) Limited spread: Strict parameters around which roles or individuals may be given access, for what purpose and on what conditions aim to contain confidential information to those who genuinely need it for the intended use under the agreement - no further. Disclosure is kept confined and controlled.

4) Formality: Imposing undertakings of confidentiality and consequences for breach on Permitted Disclosees reflects the gravity of information shared and the legal duty of care over its management. The sensitivity of data exchanged is reinforced through procedural formality.

5) Shared understanding: Specifying obligations and accountability over Permitted Disclosees aligns expectations between parties over how confidential information may and may not be handled within the Receiving Party's organization. No unilateral assumptions are relied upon. Openness prevails.

6) Resolution: clear allocation of responsibility for Permitted Disclosees gives a direct line of recourse in the event of any secondary disclosure or breach. Fault can be promptly addressed and closed. Disputes are more easily avoided.


History of the clause (for the geeks)

Early commercial exchange relied primarily on general duties of confidence between close partners whose organizations remained simple, with secondary disclosure uncommon and oversight relatively straightforward. However, as trade expanded across geographies and more complex corporate structures emerged, information security grew challenging to maintain through spontaneous trust or limited procedure alone - irresponsibility retained opportunity without reasonable mechanism for containing spread of sensitive data or ensuring accountability in dispersed networks. Mere personal bonds proved insufficient at scale.

Into the 19th century, some agreements began restricting disclosure of confidential information to specific authorized contacts as a matter of prudence where closer partnership was impractical, recognizing that limiting spread and attaching consequences beyond unilateral control were required to facilitate open exchange where familiarity stayed wanting. While limited, these concepts acknowledged that shared purpose was served through balancing opportunity and risk, not concentrating benefit through control alone where oversight reached its limits. Equity looked to environment as much as terms where these were silent - to shared standards in governance rather than assertion of claims beyond scope of influence. Effect followed where interests aligned through balance, not supremacy.

By the early 20th century, confidentiality provisions commonly incorporated permitted disclosees terms to instill procedure around information exchange between complex organizations, enabling freer flow of sensitive data between partners operating at a distance yet aligning understanding and accountability to contain threats from irresponsibility at source where possible. However, legitimacy and effectiveness still relied substantially on context - on shared recognition that continuity found strength through limiting spread to what was reasonably necessary for intended purpose, and accepting liability for poor oversight, not entitlement without consequence. Compliance alone did not fulfil duty or overcome selective response where will or capacity to govern stayed wanting. Responsibility demanded environment as much as rules here.

Mid-century, as corporate entanglement intensified globally yet personal connection waned further, strict frameworks emerged to tightly control information spread through imposing conditions on permitted disclosure and asserting strong consequences for breach, aiming to protect interests where trust in environment alone seemed inadequate. However, at their most prudent, even prescriptive terms recognized that regulation cannot contain irresponsibility or govern events beyond reasonable influence - responsibility relies on conscience and capability in users, not mechanism alone. Compliance must be achievable to be lawful or ethical; and credibility follows where provision finds fairness. Containment depends on circumstance, not decree.

Today, extensive regimes govern permitted secondary information disclosure but prudent terms recognize understanding, not process alone, achieves reasonable control - that oversight reaches through shared purpose and responsible practice, not dictates divorced from practical wisdom or care for reciprocal consequence. At their best, these clauses represent quest for partnership through fair terms that facilitate disclosure where required yet curb excess beyond need - balancing power and restraint. While designating procedure, they rely on insight into shared limitations and circumstance in users to determine adequacy. Where these clauses prevail, mutual reliance emerges through willingness to integrate provision with duty to govern spread for collective wellbeing, not concentrate benefit through demand without accountability.

Continuity follows where permitted disclosure meets prudent conduct, not evasion of liability for poor management. Judgement informs where compliance alone does not. Prosperity relies on environment as much as mechanism; authority attaches through responsibility, not decree - and governance finds adaptation not imposition. In the end, restraint secures interest through care for surroundings and consequence, not supremacy of rights. Wisdom sustains where controls do not.