Confidentiality at Work Places with the Computerized systems
65
1 MZUMBE UNIVERSITY FACULTY OF LAW NAME: JACOB MOGENDI REG.NO: 10254/T.09 TOPIC: Enforcing Confidentiality Clauses in Tanzania; a Critical Analysis of the Legal Challenges Facing Employers and Employees SUPERVISOR: MRS. MWAJUMA KADILU, ADVOCATE. A DISSERTATION SUBMITTED IN PARTIAL FULFILLMENT OF THE REQUIREMENTS FOR THE AWARD OF BACHELOR OF LAWS (LL.B) DEGREE OF MZUMBE UNIVERSITY.
-
Upload
mzumbeuniversity -
Category
Documents
-
view
0 -
download
0
Transcript of Confidentiality at Work Places with the Computerized systems
1
MZUMBE UNIVERSITY
FACULTY OF LAW
NAME: JACOB MOGENDI
REG.NO: 10254/T.09
TOPIC:
Enforcing Confidentiality Clauses in Tanzania; a Critical Analysis of
the Legal Challenges Facing Employers and Employees
SUPERVISOR: MRS. MWAJUMA KADILU, ADVOCATE.
A DISSERTATION SUBMITTED IN PARTIAL FULFILLMENT OF THE
REQUIREMENTS FOR THE AWARD OF BACHELOR OF LAWS (LL.B) DEGREE
OF MZUMBE UNIVERSITY.
i
Certification
I, the undersigned, certify that we have read and hereby recommend for acceptance by
the Mzumbe University, a research entitled Enforcing Confidentiality Clauses in
Tanzania; a Critical Analysis of the Legal Challenges Facing Employers and
employees, in partial/fulfillment of the requirements for award of the Bachelor of Laws
of Mzumbe University.
Signature
___________________________
Supervisor
ii
Declaration
I, Jacob Mogendi, declare that this Research is my own original work and that it has not
been presented and will not be presented to any other university for a similar or any
other degree award.
Signature ___________________________
Date________________________________
Copyright
This Research is a copyright material protected under the Berne Convention, the
Copyright and Neighboring Rights Act [Cap 218 RE: 2002] and other international and
national enactments, in that behalf, on intellectual property. It may not be reproduced by
any means in full or in part, except for short extracts in fair dealings, for research or
private study, critical scholarly review or discourse with an acknowledgement, without
the written permission of Mzumbe University, on behalf of the author.
Copyright © 2012 Jacob Mogendi
iii
Acknowledgement
Completion of this work has been possible due to effort and assistance from a number of
persons. And therefore I wish to expressly acknowledge the assistance I got when
undertaking this research, the assistance without which my work would have been
relatively impossible. First of all I thank the Almighty God for keeping me alive and
healthy.
My warm thanks are due to my supervisor, distinguished member of Mzumbe University
–Faculty of Law and a member of Tanzania Bar –Mrs. Mwajuma Kadilu, Advocate, for
her guidance and excellent assistance in the research preparation and completion of this
work. Many stimulating discussion, constructive criticism and comments about this
study have contributed to the final shape and content of this work. However, I am solely
responsible for the contents or error in this work.
I am much obliged to Vice Commissioner for Labor- Ministry of Employment and
Labor Mr.Josephat Lugakingira for accepting my field attachment application despite
the delay of application, the great appreciation to resident labor commissioner - Temeke
Labor Office Rene Nkaya who assigned me to Miss Agnes Shio ,Advocate, Labour
Officer to work with me , I cannot deny the great role that she played to the availability
of the data that I got, she showed me practical means to get data and exposed me to
important people for data that were needed.
I am extremely grateful for Mr. Innocent L. Mgeta a distinguished member Faculty of
Law Mzumbe University for his advice and material assistance.
I am indebted to many friends, colleagues, teachers, librarians and others for their help
during my study. Their kindness and support are too numerous to list here. I feel obliged
to thank Airtel TZ the former Zain TZ, working with the company drew my
understanding a lot and added my practical experience at work which at last helped me
to secure this comprehensive research. I thank the company management and all my
colleagues in general. Finally I owe the greatest debt to my family members especially
Felister Nyanchini, Pius Nyanchini and Flora Mogendi to mention few.
iv
Dedication
Dedicated to my beloved mother Felister N Jacob and those who afforded me the rare
opportunity to consider to contemplate and to chronicle my view of this area of law.
v
List of Abbreviations
ADV- Advocate.
AIDS - Acquired Immuno Deficiency Syndrome
ATE - Association of Tanzania Employers
BP - British Petroleum
CRDB - Commercial Rural Development Bank
HIV- Hummane Immuno Virus
ICC - International Criminal Court
ICCPR- International Covenant on Civil and Political Rights
ICT Information Communication Technology
ILO- International Labour Organization
IT- Information Technology
NGO‘s - Non Government Organization‘s
OECD- Organization for Economic Cooperation and Development
TRIP—Trade Related Aspects of Intellectual Property Rights
U.K - United Kingdom
U.S.A – United States of America
UDHR- Universal Declaration of Human Rights
URT - United Republic of Tanzania
WHO-World Health Organization
vi
ABSTRACT
The problem of confidentiality clauses enforcement is critical nowadays. The problem
has been intensified by the computer technology and use.It is difficult to notice how our
dependencies are moving from the real world to the digitally networked world. Despite
number of enactments still there are legal challenges Facing Employers and Employees
in enforcing Confidentiality Clauses one of which being Identification of defendant.
The Objectives of this research were to know; the methods used by the employees or
employers associated in leaking the confidentiality clauses ,the means used by
employers and employees to avoid the breach of confidentiality clauses ,the means used
by employers and employees to keep confidential information, the legal challenges
facing employees and employers on the breach of confidentiality clauses, The legal
challenges brought by computer use at work place on the aspect of confidentiality
clauses also to investigate the causes for the breach of the confidentiality clauses and to
explore the reasonable penalties to be imposed.
This research was preceded by the following hypothesis;
That, the penalties imposed do not suffice /That, the law enforcers have little knowledge
on the aspect of confidentiality clauses /That, the breach of confidentiality clause is due
to unethical actions of the employers and employees/That, the increase use of computer
and internet, increases the breach of confidentiality clauses.
The research was planned to be purely doctrinal, however, during the course of research
the researcher found necessary to supplement findings by having information
Magistrates, Judges, Advocates, Human Rights Activist, Law teachers, Employers,
Trade unions officials, Information and communication Technology experts, employees
and International Organization Officials example International Labour Organization
(ILO)
In relation to library research, primary and secondary sources were obtained for the
purpose of this study. Various legislation both principal and subsidiary cases reported
were dealt with.
vii
The researcher used qualitative method to analyze data. This was useful to enable the
researcher to interpret data collected and finally make conclusion and recommendations.
Findings from the research inter alia shows that, penalties under different laws covering
confidentiality clauses are not sufficient also the knowledge of confidential information
sensitivity is not well fed to employees again the most of the methods of keeping data do
not comply with the current social change . This is due to the continuance of the problem
and means used to divulge confidential information like unauthorized interception on
computer.
It is concluded that, the use of computer properly is of vital advantage however the
opposite can be of great disadvantage to other party. The best computer programs should
be for the protection of confidential information.
Researcher inter alia recommends that, organization privacy policy be put in strict sense,
adoption of current methods like installing special programme in computer to record all
events on desktop in picture, surveillance cameras and to maintain friendly relations in
solving the disputes arising at work place.
viii
TABLE OF CONTENTS
Certification ....................................................................................................................... i
Declaration ....................................................................................................................... ii
Copyright ......................................................................................................................... ii
Acknowledgement .......................................................................................................... iii
Dedication ........................................................................................................................ iv
List of Abbreviations ....................................................................................................... v
ABSTRACT ..................................................................................................................... vi
List of Statutes ................................................................................................................. xi
List of International Instruments ................................................................................ xii
List of Cases .................................................................................................................. xiii
TABLE OF CONTENTS ............................................................................................. viii
CHAPTER ONE: ............................................................................................................. 1
1.1 GENERAL INTRODUTION ................................................................................ 1
1.2 Background of the Problem ...................................................................................... 2
1.3 Statement of the Problem ......................................................................................... 5
1.4 Hypotheses ............................................................................................................... 6
1.5.0 Objectives of the Research .................................................................................... 7
1.5.1 General Objective .................................................................................................. 7
1.5.2 Specific Objectives ................................................................................................ 7
1.6.0 Significance of the Research ................................................................................. 8
1.7 Literature Review ................................................................................................... 9
1.8.0 Research Methodology ...................................................................................... 16
1.8.1Area of Study .................................................................................................... 16
1.8.2 Unity of inquiry ............................................................................................... 17
1.8.3 Sample Population ........................................................................................... 17
ix
1.8.4 Sampling Techniques ....................................................................................... 17
1.8.5 Data Collection Methods ................................................................................. 17
1.8.6 Primary Data and Secondary Data ................................................................... 17
1.8.7 Data Presentation and Analysis ....................................................................... 18
CHAPTER TWO ........................................................................................................... 19
CONFIDENTIALITY CLAUSES UNDER DIFFERENT LAWS ............................ 19
2.0 Introduction ............................................................................................................ 19
2.1 Position of the Law on Disclosure of Confidential Information. ........................... 19
2.2 Personal Right to Privacy under International Instruments, the United Republic of
Tanzania Constitution and other Legislations. ............................................................. 24
2.3 Difficulties on How to Determine Confidentiality of Information. ....................... 28
2.4 Rights of Employers and Employees on Confidentiality. ...................................... 29
2.5 Computer and Privacy Protection ........................................................................... 30
2.6 Conclusion .............................................................................................................. 32
CHAPTER THREE ....................................................................................................... 33
RESEARCH FINDINGS ............................................................................................... 33
3.0 Introduction ............................................................................................................ 33
3.1 Methods used to keep Data and Leakage Ways ..................................................... 34
3.2 Legal Challenges Facing Employers and Employees on the Aspect ..................... 38
3.4 Computer use and the Enforceability of Confidential Clauses .............................. 41
3.4 Critical area on Confidentiality Clauses Enforcement in Tanzania ....................... 42
3.5 Conclusion .............................................................................................................. 43
CHAPTER IV: ............................................................................................................... 44
SUMMARY OF FINDINGS, CONCLUSION AND RECOMMENDATIONS ....... 44
4.0 Summary of Findings ............................................................................................. 44
4.1Conclusion ............................................................................................................... 45
x
4.2 Recommendations .................................................................................................. 46
REFERENCES ............................................................................................................... 49
xi
List of Statutes
Local Statutes
Arbitration Act [Cap 15 RE: 2002]
Bank of Tanzania Act, Act no 4 of 2004
Banking and Financial Institutions Act, Act no.5 of 2006.
Employment and Labour relations Act, Act no.6 of 2004
Labour institutions Act, Act no 7 of 2004
Penal Code [Cap 15 RE: 2002]
Information Technology Act, 2000
Other jurisdiction’s Statutes
India Legislation
Information Technology Act, 2000
xii
International Instruments
Charter of Fundamental Rights of the European Union (2000)
Declaration of Human Rights (UDHR 1948)
European Convention on Human Rights (1950)
International Covenant on Civil and Political Rights (ICCPR 1966)
United Nations Convention on the Rights of the Child (1990)
United Nations Guidelines concerning Computerized Personal Data( 1990)
xiii
List of Cases
Coco v. A.N.Clark (Engineers) Ltd [1969] R.P.C. 41
Lancashire Fires Ltd v. SA Lyons &Sons [1996] FSR 629
Littlewoods Organization Ltd v. Harris [1978] 1 All ER 1026 (CA)
Morrison v. Moat (1851)9 Hare 241
Prince Albert v. Strange (1849) 47 ER 1302 (RR 479).
Reddy v. Siemens 2007 (2) SA 486 (SCA)
Saltman Engineering Co. Ltd. v. Campbell Engineering Co. Ltd [1963]3All ER 413
Trust Bank Tanzania Ltd v. Le Marsh Enterprises Ltd
1
CHAPTER ONE
1.1 GENERAL INTRODUTION
A confidentiality clause is a legally binding clause between employers and employees
which assigns severe penalties where certain information is revealed.1
A confidentiality clause is the most crucial provision in a non-disclosure agreement or
confidentiality agreement. It provides that the individual who enters into it with another
must not disclose certain pieces of information that he or she has been given access to
without the consent of the individual who has granted access to it. A breach of this
agreement may result in payment of damages or some other form of restitution2.
This work is all about checking the relationship which exists between the employers –
employee relations as duty of confidentiality is concerned; it will show the legal
challenges that face the parties in enforcing the confidentiality information.
This work is going to provide basic answers for many questions of whether the
weakness of law or non compliance of work ethics is or is the basic challenges that we
face in this aspect of confidentiality clauses enforcement. This study is going to be at
Dar es salaam City, where we believe that many employers and employees are centered,
the researcher visited different companies and organization to seek for clear information
on the subject, and researcher will use methods like questionnaire, interview and
observation.
The work will be as follows the first chapter as proposal, and then will be followed by
chapter two which will entail the legal perspective on the confidentiality clauses then
next chapter will be about the field observation and lastly recommendations.
1 Data Theft in Cyber Space Issues and Laws accessed on http:// www.wisegeek.com/what-is-a-confidentiality-
clause.htm at 20:00 hrs 4th January, 2012 2 Ibid
2
Therefore with expansion of modern technology it has been a critical problem where by
the computer use has been in some way changed to be an easy means to leak some
important information.
1.2 Background of the Problem
The problem of breach of confidentiality clauses is so common in working places such
as governmental institutions, Non Government Organization‘s and various Companies;
this is even more sparkled in this era of computer technology and internet usage.
Basically ,the employer owe a duty to keep the information of the employee being
health, education or family matters like wills and the amount of salary, This being the
case ,the employee as well has a legal duty to insure the office confidential information
does not get out. In this regard we experience a lot of complaints from employers and
employees regarding the issues concerning their personal or business confidence in
public; it is obvious that someone somewhere has breached a duty to owe the privacy of
another.
The law relating to breach of confidence has an erratic history. From earlier beginnings
it largely developed in England and spurt in the early to middle of the 19th
century, and
then lay relatively dormant until the late 1940‘s when it was realized that this was an
extremely useful area of law.
One of the most venerated and tenets of political philosophy since the time of the Greek
has been the dichotomy between private and public realms. From the age of Socrates and
Aristotle to the present day discussions of human nature and appropriate role of
government and individual have utilized the notion of boundary that marks what is
private and what is public3.
Almost the first page of the bible introduces us to the feeling of shame as a violation of
privacy, after Adam and Eve had eaten the fruit of the tree of knowledge the eyes of both
3 Richard C.T. and Anita L.A.(2002)Privacy Law, 2nd Edition, West Group .p 3
3
were opened and they knew that they were naked, and they sewed fig leaves together
and made themselves aprons.
Thus mythically, we have been taught that our very knowledge of good and evil –our
moral nature as men –in somehow, by divine ordinance linked with a sense and realm of
privacy4.
Some of the early cases involved patent medicines .It was obvious that a lot of money to
be made from these magic cures, bearing in mind that conventional medicine was still
fairy primitive at this time and the public at large was relatively ignorant and
uneducated.5 The term breach of confidence was not used at the stage and the breach of
faith was actionable per se and was not dependent upon the existence of a contract as in
case law, in the case of Morrison v. Moat 6 where the plaintiff had a medicine named
‗Morrison Vegetable Universal Medicine‟ where by the partner Moat had improperly
told his son of the recipe as against the agreement of privacy between them due to
dispute within the partners Moat and Morison this was seen as a breach of faith and of
contract by partner
The modern English law of confidence stems from the judgment of the Lord Chancellor,
Lord Cottenham in which he restrained the defendant from publishing a catalogue of
private teachings made by Queen Victoria and Prince Albert (Prince Albert v Strange)7
However, the jurisprudential basis of confidentiality remained largely unexamined until
the case of Saltman Engineering Co. Ltd. v Campbell Engineering Co. Ltd 8.in
which the Court of Appeal upheld the existence of an equitable doctrine of confidence,
independent of contract.
4 Milton .R.K (1966) Privacy and Law: A Philosophical Prelude, p 272. 5 Bainbridge,D. (2002)Intellectual property,5th Ed, Pearson Education Management.p274
6 (1851)9 Hare 241 7 (1849) 47 ER 1302 (RR 479). 8 [1963]3All ER 413
4
In Coco v A.N.Clark (Engineers) Ltd 9 Megarry, J .Developed an influential tri-partite
analysis of the essential ingredients of the cause of action for breach of confidence: the
information must be confidential in quality, it must be imparted so as to import an
obligation of confidence, and there must be an unauthorized use of that information to
the detriment of the party communicating it.
Globally computer development, unfortunately, and abuse of computers, or abuse of
data and information that are processed modern information technologies. The mass use
of computers in different circumstances, with the increasing use of telecommunication
equipment by increasing the number of users, enables a growing number of thieves, and
unauthorized persons (hacker) to break through the protective codes of authorized users
and their joining the system creates a lot of damage and cause unforeseeable
consequences, developed methods of protection, which prevent unauthorized use of
insurance on the basis of confidentiality. The paper will show the modern information
technologies to protect data and information with special emphasis on their legal
protection. Use of modern information technology enables the collection and processing
large amounts of data from various different areas of human activity10
In Tanzania the situation is not better the breach of confidentiality information do exist
either directly or technically by use of electronic means or either way foristance, The
Guardian, Tuesday 14, 2011 in its page for International Business News /Analysis
posted vacancies for Job in Oxfam where by the employer allowed the salary of a
particular post to be published, the same information posted in the website
www.oxfam.org.uk/jobs , something which at prima facie will create a breach of
confidence to an employee when gets the vacancy, but again it can also influence people
to know the status of the said member staff in income level.
9 [1969] R.P.C. 41, 10 Lawyer‘s club India Article, Data Theft in Cyber Space Issues and Laws accessed at
http://ieeexplore.ieee.org/xpl/freeabs_all.jsp?arnumber=5606114 on 25th Sept, 2011.
5
There some provisions in our laws which talk of confidentiality though still there are
extreme reports on breach of confidentiality clauses which is quite an interesting
question as to whether the weakness of the law ,poverty or the lack of job ethics that
make this subject continue. Good example of the provisions which stipulate this concept
are s101 11
which provide for an offence for disclosure of information of another relating
to business or financial affairs of another person and s.59 12
is actually of the same
wording, something to notice here is that the law creates an offence without giving out a
strong penalty this is an open loop holes which are present into our laws.
That it has been noticed recently that due to this cyber era, the computer theft has eased,
especially in the companies and in government institutions also the confidential
information are leaked as well, so to say the technology has brought challenges to
employers which through this study the researcher is going to pinpoint them critically
especially in Dar es salaam city where many companies, employers and employees are
situated in Tanzania.
1.3 Statement of the Problem
The problem of confidentiality clauses enforcement is critical nowadays. The problem
has been intensified by the computer technology and use.
It is difficult to notice how our dependencies are moving from the real world to the
digitally networked world. The next step in this evolution is the way that we are moving
from a society where work is tied to geography to one where geography has no meaning
in the sense that interception of confidential information can be made by a person
through access of a computer say in Canada while the confidential information breached
11 Employment and Labor relations Act, Act no.6 of 2004
12 Labour institutions Act, Act no. 7 of 2004
6
is in Tanzania. It‘s an evolution similar to how mobile phone networks transformed
telephone.13
In Tanzania different laws has tried to provide for confidentiality clauses these include14
,
Arbitration Act15
, Penal Code16
, Bank of Tanzania Act17
, Banking and Financial
Institutions Act18
, Employment and Labour relations Act 19
and Labour Institutions Act20
,
still the gap in law is seen as no single law amongst these which talk of the reasonable
penalty for the breach of the offence established.
In this study the researcher critically analyzed the laws which support confidentiality
and analyze challenges of the laws, challenges facing employers brought by the
computer technology and computer use respectively and the study came to give out the
steps taken to the challenges facing employers in enforcing the confidentiality clauses.
Therefore this research covered three aspects namely, weaknesses of the law governing
confidentiality clauses in Tanzania, the legal challenges facing employers and
employees due to the computer technology in enforcing the confidential clauses and
lastly the method used by employers to encumber the challenges in enforcing
confidentiality clauses.
1.4 Hypotheses
This research was preceded by the following hypothesis;
That, the penalties imposed do not suffice/
13
Lawyer‘s club India Article, Data Theft in Cyber Space Issues and Laws accessed at http://www.lawyersclubindia.com/articles/print_this_page.asp?article_id=383 at 20:00hrs October 2011. 14
Labor relations Act [Cap 15 RE: 2002] 15
Arbitration Act [Cap 15 RE: 2002] 16
Penal Code[Cap 15 RE: 2002] 17
Act no 4 of 2004 18
Act no.5 of 2006 19
Act no.6 of 2004 20
Act no 7 of 2004
7
That, the law enforcers have little knowledge on the aspect of confidentiality clauses/
That, the breach of confidentiality clause is due to unethical actions of the employers
and employees/
That, the increase use of computer and internet, increases the breach of confidentiality
clauses/
1.5.0 Objectives of the Research
From the above hypotheses the following objectives have been advanced and
categorized into general and specific objectives;
1.5.1 General Objective
The General objective is whether the laws enacted in Tanzania to protect confidentiality
clauses are sufficient and effective.
1.5.2 Specific Objectives
Specifically, the research found out the following;
i. The methods used by the employees or employers associated in leaking the
confidentiality clauses.
ii. The means used by employers and employees to avoid the breach of
confidentiality clauses.
iii. The means used by employers and employees to keep confidential information.
iv. The legal challenges facing employees and employers on the breach of
confidentiality clauses.
v. The legal challenges brought by computer use at work place on the aspect of
confidentiality clauses.
vi. To investigate the causes for the breach of the confidentiality clauses.
8
vii. To explore the reasonable penalties to be imposed.
1.6.0 Significance of the Research
Like all medical information, the results of genetic tests can potentially reveal personal
information such as current health status or susceptibility to an illness.
To show that protecting the confidentiality information is necessary to ensure that third
parties (employees, individuals, employers) cannot access personal information without
the consent of the individual to whom the information relates.
To help every organization know that has a need to keep certain information
confidential. HR typically is entrusted with maintaining sensitive employee data and
information relating to employee and management issues, and such information should
be confined to those with a need to know.
To educate employees on the importance to keep or maintain confidentiality during and
after employment tenure.
To show the gaps which are left in our laws for sake of enforcing confidentiality clauses.
Helps the employers and employees to know the means which are currently used by the
other organizations to prevent the breach of confidentiality clauses.
9
1.7 Literature Review
The literature on this study is very limited. Despite the wide range of journals, articles,
and textbooks relating to secrecy and confidentiality, particularly the ways the
confidential information are to be interpreted and kept, only a handful of them are useful
for purposes of this research. The existing literature is general, outdated, and
insufficient. Apart from statutes governing confidentiality clauses in Tanzania there is
no textbooks which could be relied upon by the author of this report, instead, foreign
literatures were resorted to which again are not pertinent sometimes in construing the
current position of law of Tanzania on enforcement of confidential clauses.
An employee owes a duty of confidence to his employer and this duty may be expressly
stated in the contract of employment, and in any case will be implied by law. It can be
said that an employee always has a duty of care to act in his employers best interest
together with a of good faith, and this will obviously include a duty not to divulge
confidential information about his employers best interests together with a duty of
good faith, and this will obviously include a duty not to divulge confidential information
about his employers business to others without the consent of the employer21
.
The law of breach of confidence began about 50 years ago .It become apparent that this
area of law was extremely well suited to protecting confidential information during the
development stages before other legal rights were able to afford protection.22
Where the information would be likely to be regarded by employees as confidential
information it is not essential that the employer specifically points out this in
Lancashire Fires Ltd v SA Lyons &Sons23
Lord Bingham MR commented that we do
not accept that it is incumbent on an employer to point out to his employee the precise
limits of that which he seeks to protect as confidential, particularly where as here, what
is new is an integral party of a process.
21 Bainbridge,D. (2002)Intellectual property,5th Ed, Pearson Education Management.p291 22 Bainbridge,D. (2002)Intellectual property,5th Ed, Pearson Education Management.p275 23[ 1996]FSR 629
10
Underlying many critiques of privacy is the peculiarly modern anxiety that the
empowerment of privacy is just one more wheel bolted onto the juggernaut of
individualism.
It is said that our age is the era of loss community, notable by the pre occupation of the
contemporary thought with personal alienation and cultural disintegration24
.
Attaching the pursuit of privacy rights to the modern canonization of individualism,
critics reason that privacy, beneath its benevolent exterior, is a threat to building and
maintaining community ,they argue that it embodies an anachronism, a vision of discrete
and autonomous person in an era that must judge such a view as life threatening.
They aver further that any sort of right to privacy that anchors such an attitude in legal
rules and principles ends up sanctioning social and political irresponsibility.
It undermines participation in the res publica, corrodes the sense of communal
responsibility and undermines social negligence at a time when the keyword is not
privacy but responsibility25
The problem of data theft which has emerged as one of the major cyber crimes
worldwide has attracted little attention of law makers in India , unlike U.K which has
The Data Protection Act, 1984 there is no specific legislation in India to tackle this
problem, though India boasts of its Information Technology Act, 2000 to address the
ever growing menace of cyber crimes, including data theft. The truth is that Indian IT
Act, 2000 is not well equipped to tackle such crimes as an example in protection against
breach of confidentiality and privacy of the data it provides that, any person upon whom
powers have been conferred under IT Act and allied rules to secure access to any
electronic record, book, register, correspondence, information document of other
24
Richard C.T. and Anita L.A.(2002)Privacy Law, 2nd Edition, West Group .p 19 25
Ibid.
11
material discloses it to any other person, shall be punished with imprisonment which
may extend to two years or with fine which may extend to one lakh rupees or both26
.
In Tanzania there some confidentiality clauses which are attached in the job contracts
which give the obligation to employees to keep secret of the matters pertaining the
company until he is allowed to do so, this can be exemplified in the Airtel employment
contract whose confidentiality clause reads the employee shall not, either during the
continuance of his or her employment hereunder or within 3 years thereafter ,except in
the proper course of his /her duties or in the event of prior written consent of the
company, divulge to any person whosoever ,any information concerning the business or
finances of the company or any of its dealings ,transactions or affairs which come to his
/her knowledge during or in the course of his/her employment and affairs which come to
his/her knowledge during or in the course of his or her employment and he /she shall not
communicate with any person or authority in connection with any matters concerning
the company without such consent as aforesaid specified.
The laws which entails about the confidentiality clauses in Tanzania, as clearly seen in
the background of the problem the laws set out the loop hole by not mentioning a
reasonable penalty for one who breach the law on that aspect, this is amongst major
challenge that faces the enforcement of confidentiality clauses, this research is going to
come up with suggestions on how to cover up this aspect well in our laws.
The question of data theft which is under the confidentiality clause has been settled
down a bit by some laws in different jurisdictions as a matter of example in India as
discussed.
Data is a valuable asset in this modern era of Information Technology (IT). Data is an
important raw-material for Call Centers and I.T. Companies. Confidential information
26
Information Technology Act, 2000 ,S.72
12
has also become an important tool and weapon for Corporate to capture larger market
shares. Due to the importance of Data in this new era, its security has become a major
issue with the I.T. industry. The piracy of data is a threat, faced by the I.T. players, who
spend millions to compile or buy data from the market. Their profits depend upon the
security of the confidential information27
The major issue regarding confidential information is its International character, for
example Systems may be accessed in USA, the data manipulated in China and the
consequences felt in India. The result of this ability is that different sovereignties,
jurisdictions, laws and rules will come into play which again is an issue in itself. Further,
collection of evidence in such circumstances become another issue as investigation in
three different countries, all of whom may not be in talking terms, is almost impossible
and poor technical know-how of our cops adds to the woes. Also, the lack of
coordination between different investigating agencies and a not-so-sure extradition
process is another head ache. However the biggest of all these issues is the lack of
specific laws in the country dealing with this crime, so even if the culprit is caught he
can easily get away by picking and choosing any of the of various loopholes in our
law.28
Concerns about workplace privacy are becoming more widespread as electronic
monitoring becomes more prevalent. It is easy to purchase and install a video camera,
and there's wide agreement that it is appropriate to install security cameras in stairwells
and parking garages. However, most would argue that it is not appropriate to install
cameras in areas such as bathrooms, dressing rooms and locker rooms. Many employers
argue that there are compelling business reasons to use video cameras to monitor their
employees, such as to help deter theft and other inappropriate behavior. Courts generally
perceive an employer's videotaping of open and public work areas as a logical and
27
Lawyer‘s club India Article, Data Theft in Cyber Space Issues and Laws accessed at
http://www.lawyersclubindia.com/articles/print_this_page.asp?article_id=383 28 ibid
13
lawful extension of activities that could be seen by a supervisor. But if an employer
targets a camera on one workstation, for example, a court may find the use of such
selective surveillance to be overly intrusive29
.
Many states have provisions that limit or prohibit video surveillance. And employers of
union workers may be required to bargain with the union to implement video
surveillance.
In addition, unnecessary monitoring can create poor employee morale. Furthermore,
employers that target certain employees or groups of employees for monitoring may
expose themselves to discrimination claims.
As David R Johnson and David post have pointed out ,‖events on internet occur
everywhere but nowhere in particular .communication are engaged in by on –line
personae who are human and real but ,who are not at the same time „unreal‟ in that they
might not be traceable to any particular person. No physical jurisdiction has a more
compelling claim than any other to subject these communications and events exclusively
to its laws” therefore is an obvious problem to trace the particular person who have
leaked the confidential information thus why some jurisdiction has tried to prevent it just
by putting some restraints in their employees contracts.
In avoidance of the side effects where by the ex employees breach confidential clauses
the employers can safeguard their confidential information by making the following as
Australia employers has put them in practice;
1. Ensure that employees are subject to contractual restraints extending beyond the
term of their employment agreement which spell out in as much detail as possible
the nature of the information which the employer considers to be confidential.
29 Naomi Cossack, Margaret R. Fiester, John Sweeney, (2006) Prompted resignation, surveillance, confidentiality
accessed at http://findarticles.com/p/articles/mi_m3495/is_10_51/ai_n27011518/ on 01st Jan, 2012, 20:00hrs
14
2. Ensure that employers impose positive obligations on employees to deliver up or
destroy all documents in their employees' possession and otherwise permanently
delete all records (including electronic records) which contain the employer's
confidential information upon termination of an employee's employment.
3. Consider imposing a post-employment restraint on employees to prevent them
from developing a business in competition with their former employer for a
specified period of time30
.
However the following remark of Lord Denning 31
was recently quoted with approval
by the Supreme Court of Appeal in Reddy v Siemens32
.it is thus established that an
employer can stipulate for protection against having his confidential information passed
on to a rival in trade. But experience has shown that it is not satisfactory to have simply
a covenant against disclosing confidential information. The reason is because it is so
difficult to draw the line
Between information which is confidential and information which is not; and it is very
difficult to prove a breach when the information is of such a character that a servant can
carry it away in his head. The difficulties are such that the only practical solution is to
take a covenant from the servant by which he is not to go to work for a rival in trade.
Such a covenant may well be held to be reasonable if limited to a short period33
.
From Lord Denning line of view is that not every information kept is confidential
information, information to be confidential needs to be identified as confidential and
observed as confidential by all the parties, there is no use of an employer to say the
information is confidential while he pass the same to third parties as per Lord Denning it
30 Davies Collison Cave Darron Saltzman and Timothy Creek (May 10 2011) Damages awarded for misuse of
confidential information by former employees to create competing product , accessed at
http://www.lexology.com/library/detail.aspx?g=05034234-c785-4165-97fb-42103db88571 on 20 sept,2011 at 6.00
am 31 Glyn Marais (2009),Crime Prevention Asset Forfeiture and Collateral Damage to Creditors 1st Edition 32 2007 (2) SA 486 (SCA) 33 From The Littlewoods Organization Ltd v Harris [1978] 1 All ER 1026 (CA) 1033c-d
15
is wealth for one to have a restraint of trade not to be employed by rival trader who need
use the information rather than restraint not to pass confidential information ,because
some information can easily be taken by his head no need of document hence difficult to
prove breach.
There as well several ways in which the data can be trapped away from the computer in
this cyber era most of the confidential information are kept in the folders in a computer
and even in emails over internet so when website is accessed cookies record and track
and store to the users computer and browser ,if a user returns to the website ,in this way
the cookie can tell the website that this is the same computer that was here some time
ago, thus tracking the movement of users of particular computers.
Cookies can be set in the metatag of a web page as well as being set and read using Java
script (a computer language), generally speaking cookies contain code or other data that
uniquely identifies a users computer ;this enables the site to track and profile the users
activities on that site as well as other sites. The cookies may itself not contain personally
identifying information but the website may know the identity of a user whose browser
sends the cookies for instance a website that collect the users names or email addresses
from an on line enquiries, registration or sales is readily able to connect personally
identifying information to a cookie sent by users browser and to the other information
obtained about the user34
.
But a gain it has been evidenced that the information can leak through html-enabled
email programmes example Microsoft outlook in this instance the sender of an email
message can include personally identifying information about the recipient hidden in the
code of e-mail .when the reader reads the message or access a page mentioned in the
34 Lim,Y.F (2007) Cyberspace Law Commentaries and Materials, 2nd Ed, oxford university press, London
16
email a cookie is set and the site then receives details of the person associated with the
cookie.
Generally the literature shows that still the problem of confidentiality clauses
enforceability is a critical challenge in this cyber era. The literature are obviously
concentrated on the employers side where most of literatures entails the breach of
confidentiality clauses by an employee but forgetting about the breach by the employers,
this research is going to deal with all these parties equally in a sense that the breach by
employers to employee will be analyzed and breach by employee to employer will be
checked to know well the methods applied and come up with good data and ways to
reduce if not to eliminate the problem.
1.8.0 Research Methodology
This research was carried out in specific areas which are directly involved to the
problem in question; also the researcher employed different types of data collection as
here under explained.
1.8.1Area of Study
This research was done in Dar es Salaam city by visiting different government offices,
Non Governmental Organizations (NGO‘S), companies and international organizations
for data, it was centered in Dar es Salaam due to the fact that, it is believed to be a place
which has a lot of companies and offices as well as many employees and employers
hence it was a wealth place for this research.
17
1.8.2 Unity of inquiry
For the purpose of this research 25 respondents were questioned, the number can be
seen as small but the people who were asked are so resourceful in this topic ,hence there
were no need to take many respondents ,on top of that observation method was used to
ascertain the information.
1.8.3 Sample Population
The sample populations were the Magistrates, Judges, Advocates, Human Rights
Activist, Law teachers, Employers, Trade unions officials, Information and
communication Technology experts, employees and International Organization Officials
example International Labour Organization (ILO)
1.8.4 Sampling Techniques
The sampling technique was specific, because the researcher needed to have specific
details for people who directly have knowledge on the aspect and are wealth in aspect of
confidentiality clauses as opposed to random sampling.
1.8.5 Data Collection Methods
To make this research effective the researcher employed both primary data collection
method and secondary data collection method which enhanced the desired results.
1.8.6 Primary Data and Secondary Data
Primary methods involved interviews, questionnaires and observation, the aim of using
questionnaire was to help the researcher to deal with the problem of access to the
respondents. The purpose of using interview was to help the researcher to get clear
information from the individuals since it is face to face interaction, observation method
18
was of essence because the researcher could have a direct picture of the problem hence
get data to write. On the other hand secondary data were through literature review,
media material and internet sources, the researcher visited and construed published
resource materials which cover confidentiality clauses in Tanzania and other
jurisdictions to get all the materials the research bought some books; visited library and
internet so as to enable him to get reliable information.
1.8.7 Data Presentation and Analysis
The researcher used qualitative method to analyze data. Qualitative analysis refers to
non-empirical analysis. According to Miles and Huberman35
qualitative analysis consists
of three concurrent flows activity: data reduction, data display and conclusion drawing
and verification. Data reduction refers to the process of selecting, focusing simplifying,
abstracting, and transforming the data that appear in transcription, in this research,
writing summaries and teasing themes were employed to reduce data. The second
activity is data display. A display is an organized, compressed, assembly of information
that permits conclusion drawing; this was done using charts that were drawn to
categorize data. This was useful to enable the researcher complete the third stream of
data analysis, which is conclusion drawing and verification.
35
M.B Miles and A. M Huberman(1998) An Expanded Source Book-Qualitative Data Analysis p11
19
CHAPTER TWO
CONFIDENTIALITY CLAUSES UNDER DIFFERENT LAWS
2.0 Introduction
This chapter tries to exhaust different laws covering the aspect of confidentiality issues
both Internationally and domestically by referring to different sources moreover the
chapter explores the aspect of computer technology in relation to privacy, Generally the
researcher has put these details under the following subtitles ; Position of the Law on
Disclosure of Confidential Information, Personal Right to Privacy by Some Laws,
Difficulties on How to Determine Confidentiality of Information, Rights of Employers
and Employees on Confidentiality, Computer and Privacy Protection and lastly chapter
conclusion.
Employers and employees face different legal challenges in enforcing confidentiality
clauses as part of this chapter, the challenges are expressed by measure of right and
duties over privacy issues as addressed under different laws.
2.1 Position of the Law on Disclosure of Confidential Information.
The disclosure of information to employees/workers or third parties in Tanzania has
always been a matter which depended largely on the relationship between the employer
and the employees as well as the employer‘s goodwill towards the employees.
Information disclosure in Tanzania is examined in this research. It is demonstrated that
the situation regarding the disclosure of information to employees and employers has
changed substantially since the commencement of the Employment and Labour
Relations Act36
no.6 of 2004 and Labour Institutions Act37
no. 7 of 2004. The research
also reports the views of management and of worker representatives of a number of
surveyed organizations regarding the disclosure of information. Some inferences are
36 Act no.6 of 2004 37Act no. 7 of 2004
20
drawn from the findings of the research, the organizations and people visited are
Magistrates, Judges ,Advocates, Human Rights Activist, Law teachers, Employers,
Trade unions officials, Information and communication Technology experts, employees,
International Organization‘s Officials for example International Labour Organization
(ILO) and Association of Tanzania Employers‘ (ATE).
It is sad to concede that in Tanzania there is no comprehensive privacy legislation.
While ICT has stormed Tanzania and the citizens are deploying ICT in everyday life the
framework for privacy protection in these emerging technologies is not known. Of
course this does not mean that right to privacy is not recognized in Tanzania Of course
this does not mean that right to privacy is not recognized in Tanzania. The United
Republic of Tanzania (URT) Constitution 38
defines privacy as follows:
„…Every person is entitled to respect and protection of his person, the privacy of his
own person, his family and of his matrimonial life, and respect and protection of his
residence and private communications…
Article 16(1) and (2) of United Republic of Tanzania Constitution of 197739
provides for
right to privacy. Article 16(2) of URT constitution provides for possibility of other laws
to encroach the right to privacy. The said article stipulates clearly that the law maker
will enact law to stipulate how privacy right may be protected, pursued or encroached by
government agents. Unfortunately this requirement has not been put into
implementation. Ironically in Tanzania there are more laws restricting privacy than laws
protecting privacy.40
38
(Cap 2 R:E 2002]S.16 (2) 39 Ibid
40 Ubena J (June 8, 2010) Law as the Lifeblood of Human Being: Tanzania Lag on Privacy Law at
http://tanlex.wordpress.com/2010/06/08/tanzania-lag-on-privacy-law/
21
Employment and Labour Relations Act41
clearly establish breach of confidentiality
clause as an offence under s.101 (1)42
.However under subsection 2 of the same section
it provides some exceptions which are if information disclosed are in compliance of this
Act, which are; 43
The Act went further to establish a penalty under subsection 4 of
s.10244
further to that the Labour Institutions Act, no.7 of 2004 under s. 59 (1) and (2)
tell the same as in Act no.6 of 2004.
These two Acts has put a clear path to justice as it puts liability to any party may be
employer or employee as the case may be. However it is a challenge still that the penalty
mentioned in some case might not be enough as for instance a person divulge
information in exchange of say 5 million Shillings while the penalty is not to exceed one
Million shillings in this regard it may be easy for a person to breach on a good cash.
The Tanzania Communication Regulatory Authority (TCRA) under s.2445
has a duty to
maintain confidentiality on the information obtained due its duty performance and also it
has placed confidentiality requirements on service providers /operators for all
information they get from the customers.
The Bank of Tanzania Act46
under section 16 clearly stipulates the duty of confidential
information47
.This Act also stipulates the obligation to both employer and employee
duty to confidentiality clause.
41 Act no.6 of 2004 42 It is an offence for any person to disclose any information relating to the financial or business affairs of another
person if that information was acquired in the performance of any function or the exercise of any power under this
Act.
43 (a) to enable person perform or exercise a power under this act (b) in accordance with any written law (c) for
proper administration of this Act (d) for purposes of administration of justice.
44
Any person convicted of an offence under s. 101 shall be sentenced to a fine not exceeding one million
shillings. 45
Tanzania Communication Regulatory Authority Act ,Act no. 2003 46 Act no.4 of 2006
22
Banking and Financial Institutions Act48
stipulates that ―Every Bank or financial
institution shall observe, except as otherwise required by the law the practices and
usages customary among bankers, and in particular, shall not divulge any information
relating to its customers or their affairs except in circumstances which, in accordance
with the law or practices and usages it is necessary or appropriate for the bank to
divulge such information”49
.
On top of that the Act went further and stating that ―Every director and every member of
a committee, auditor, advisor, manager, officer and employee of the bank or financial
institution shall, before assuming his duties make a written declaration of fidelity and
secrecy which shall be witnessed by the chief Executive officer or the Secretary of the
bank or financial Institution concerned”50
.
However this Act appears self satisfactory whereby it even impose a strong penalty on
the defaulting party as it stipulates that ―Any person who contravenes the provisions of
this section commits an offence and shall be liable on conviction to a fine not exceeding
twenty million shillings or to imprisonment for a term not exceeding three years or to
both“51
.
The laws regarding Banking are in most cases strict as compared to general law
governing employment, something which makes the problem go higher to non banking
organizations.
I know not so many Tanzanians are aware of how Communication Service providers are
using consumers‘ personal information. They are using such information for marketing
47 Unless for the purposes of performance of his functions, when so required by the law or authorized by the board ,no
member of the board or staff of the Bank shall disclose any information relating to the Bank or to any transaction or
customer of the bank acquired in the course of employment or discharge of his duties. 48 Act no 5 of 2006. 49 Ibid s.48(1) 50
Op cit s.48(2) 51
Op cit s.48(6)
23
purposes. They also use such information to evaluate their businesses. Hence
monitoring and surveillance in Tanzania is rampant particularly online surveillance.
As that is not enough one will be surprised as the surveillance is not done by website
owners or communication service providers only but even employers are reading
employees e mails, this for sure is surveillance. Thus employees‘ privacy is not secured
in Tanzania.
It is important to this of privacy in broad perspectives. We should not limit ourselves to
privacy infringement in traditional sense like where the policy come to a person‘s home
and search the premises or where a person is stopped by police and searched. You here a
person saying you are interfering with my personal integrity.
We need to retain such integrity even online. But that has been made difficult by our lag
in enacting Privacy legislation in Tanzania. We have to blame ourselves for such lag.It is
worth of note that so long we visit websites so long we use ICT facilities, so long we use
our credit cards, our Internet banking, we shop in the supermarkets then we are not
going to be left alone.
We will be able to balance national security and other interests with privacy only if we
enact privacy legislation. In this way our privacy online will be guaranteed52
52 Ubena J (June 8, 2010) Law as the Lifeblood of Human Being: Tanzania Lag on Privacy Law at
http://tanlex.wordpress.com/2010/06/08/tanzania-lag-on-privacy-law/
24
2.2 Personal Right to Privacy under International Instruments, the United
Republic of Tanzania Constitution and other Legislations.
The right to privacy is internationally guaranteed as many international instruments
mention this right, the following are instruments that ascertain the privacy; under the
Universal Declaration of Human Rights (UDHR 1948) provision which provide for
privacy stipulates ―that No one shall be subjected to arbitrary interference with his
privacy, family, home or correspondence, nor to attacks upon his honour and
reputation. Everyone has the right to the protection of the law against such interference
or attacks53
.
The United Nations Convention on the Rights of the Child, This was adopted on 20
November 1989, and entered into force on 2 September 1990. It includes the following
provisions on privacy;
1. No child shall be subjected to arbitrary or unlawful interference with his or her
privacy, family, home or correspondence, nor to unlawful attacks on his or her
honour and reputation.
2. The child has the right to the protection of the law against such interference or
attacks.54
53 UDHR 1948, Article 12 accessed at http// www.un.org/en/documents/udhr/index.shtml on 21st May 2012.
54 The United Nations Convention on the Rights of the Child. Article16 accessed at
http://www.unhchr.ch/html/menu3/b/k2crc.htm on 11 May 2012 , 20:00hrs
25
The International Covenant on Civil and Political Rights (ICCPR 1966)55
.It includes the following provisions on privacy or confidentiality under Article 17;
1. No one shall be subjected to arbitrary or unlawful interference with his privacy,
family, home or correspondence, nor to unlawful attacks on his honour or
reputation.
2. Everyone has the right to protection of the law against such interference or
attacks'.
Furthermore, The European Convention on Human Rights (1950)56
which inter alia
under Article 8 speaks of Right to respect for private and family life thus;
Everyone has the right to respect for his private and family life, his home and his
correspondence. There shall be no interference by a public authority with the exercise of
this right except such as is in accordance with the law and is necessary in a democratic
society in the interests of national security, public safety or the economic well-being of
the country, for the prevention of disorder or crime, for the protection of health or
morals, or for the protection of the rights and freedoms of others.
Again The Charter of Fundamental Rights of the European Union (2000)57
under Article 7 stipulates on Respect for private and family life ,whereas it stipulates
that ;
Everyone has the right to respect for his or her private and family life, home and
communications.
It goes further and Article 8 speaks of Protection of personal data
55 The document is at http://www.unhchr.ch/html/menu3/b/a_ccpr.htm Accessed on 19th May 2012 at 20:00hrs 56 The document is at http://conventions.coe.int/Treaty/en/Treaties/Html/005.htm 57 Greenleaf G.W. & Waters N. (Eds.) (1994-) 'Privacy Law & Policy Reporter', monthly, available from
http://www.austlii.edu.au/au/other/plpr/index.html accessed on 12th May 2012.
26
1. Everyone has the right to the protection of personal data concerning him or her.
2. Such data must be processed fairly for specified purposes and on the basis of the
consent of the person concerned or some other legitimate basis laid down by
law. Everyone has the right of access to data which has been collected
concerning him or her, and the right to have it rectified.
3. Compliance with these rules shall be subject to control by an independent
authority.
Also under The United Nations Guidelines concerning Computerized Personal Data
Files, This was adopted by the General Assembly on 14 December 199058
The OECD Guidelines59
Organization for Economic Cooperation and Development's
Guidelines on the Protection of Privacy and Transborder Flows of Personal Data
(OECD, Paris, 1981), this speaks of the data security which involve confidentiality
.However note that the OECD is all about economic development, not about social
issues or civil liberties.More over Guideline 5 of the International Guidelines on
HIV/AIDS and Human Rights calls on States to enact or strengthen laws that ensure
privacy and confidentiality and ethics in Research involving human rights subjects and
this invariably includes the duty to ensure that testing on humans and body tissues and
fluids is done in a humane and ethical manner60
.
The Joint ILO/WHO Guidelines on Health Services and HIV/AIDS summarily captures
the different facets of HIV testing that ―The acceptance of HIV testing depends on
58 Bygrave L. (1998) 'Data Protection Pursuant to the Right to Privacy in Human Rights Treaties' International
Journal of Law and Information Technology, 1998, 6, 247-284, at
http://folk.uio.no/lee/oldpage/articles/Human_rights.pdf
59 Better Policies for better Lives; OECD Guidelines on the Protection of Privacy and Transborder Flows of
Personal Data http://www.oecd.org/document/18/0,2340,en_2649_201185_1815186_1_1_1_1,00.html 60Richard Elliott( 2010) International Council of AIDS Council Organisation Guideline 5 of the International
Guidelines on HIV/AIDS and Human Rights Available at
http://www.icaso.org/publications/Advocates_Guide_EN.pdf accessed on 20th November 2011 at 20:00hrs
27
improved protection from stigma and discrimination as well as assured access to
integrated services for prevention, treatment and care. Confidentiality is very important
as far as encouraging people to undergo HIV testing61
.
It inspires faith and confidence in persons infected by the scourge and dilutes the fears of
stigma and discrimination. There must be legal and administrative mechanism
prohibiting the disclosure of information relating to the one‘s health status except upon
ones consent or legal authorization. Those medical practitioners and those responsible
for conducting tests or providing health services to victims must comply with ethics
requiring non disclosure of information. Heath sector employees and employer should
provide a maximum privacy for people‘s confidential information.
Domestically, the Constitution of United Republic of Tanzania62
which under A.16 (1)
inter alia states that Every person is entitled to respect and protection of his person, the
privacy of his own person, his family and of his matrimonial life .
The same said under the Constitution of Zanzibar of 1984 provides for the confidential
and voluntary aspect of HIV by guaranteeing the right of every individual to privacy and
Personal security albeit in general terms. Article 15(1) thereof states inter alia thus:63
The Occupational Safety and Health Act, 2005 Act No. 8 of 2005 also provides for
testing and confidentiality of testing by providing thereof for medical examinations by
employer for Purposes of establishing fitness to work.
All these legislations provide for confidentiality; however the problems still persist due
to unethical actions by the people but again due to absence or insufficient penalties
stipulated under the laws.
61 Holvast J., Madsen W. & Roth P. (2000-) 'The Global Encyclopaedia on Data Protection Regulation',
Looseleaf, Kluwer Law International. P 271 62 [Cap 2 R:E 2002] 63 Every person is entitled to respect and protection of his person, the privacy of his own person, his family and of his
matrimonial life ...
28
2.3 Difficulties on How to Determine Confidentiality of Information.
Confidentiality clauses as previously explained that are an implied clauses that are
between employer and employee, the issue arise of whether what is termed as
confidential is real confidential or not, an information to be confidential the following
should be in place Confidentiality clauses can assist in creating certainty by defining
what amounts to a business secret and bringing its existence to the mind of the
employee. Where it is clear that the employee does possess confidential information, the
courts have been robust in upholding restraints. It will not assist the employee to claim
that there are less restrictive ways to protect the information. It may not even help to
assert that the restraint, when read as a whole, is unreasonable as to extent.
The following remark of Lord Denning was recently quoted with approval by the
Supreme Court of Appeal in Reddy v Siemens64
.
“It is thus established that an employer can stipulate for protection against having his
confidential information passed on to a rival in trade. But experience has shown that it
is not satisfactory to have simply a covenant against disclosing confidential information.
The reason is because it is so difficult to draw the line between information which is
confidential and information which is not; and it is very difficult to prove a breach when
the information is of such a character that a servant can carry it away in his head. The
difficulties are such that the only practical solution is to take a covenant from the
servant by which he is not to go to work for a rival in trade. Such a covenant may well
be held to be reasonable if limited to a short period.” 65
In the same aspect Article 39 (2) of Trade-Related Aspects of Intellectual Property
Rights (TRIP) does require that the undisclosed information to be protected be secret. It
then gives a binding definition of the secrecy requirement:
64
2007 (2) SA 486 (SCA) 65
From The Littlewoods Organization Ltd v Harris [1978] 1 All ER 1026 (CA) 1033c-d
29
―Natural and legal persons shall have the possibility of preventing information lawfully
Within their control from being disclosed to, acquired by, or used by others without their
consent in manner contrary to honest commercial practices so long as such information
- is secret in the sense that it is not, as a body or in the precise configuration and
assembly of its components, generally known among or readily accessible to persons
within the circles that normally deal with the kind of information in question;
- has commercial value because it is secret; and
- has been subject to reasonable steps under the circumstances, by the person lawfully in
control of the information, to keep it secret".
2.4 Rights of Employers and Employees on Confidentiality.
The most delicate area for the worldwide harmonization of the law of confidential
information shall probably be the interpretation of honest commercial practices
regarding employees who depart from a company. The employee undoubtedly enjoys a
right freely to use his personal capacities, in-born or acquired skill, zeal, exactitude and
memory. Now in his memory, some confidential information of his former employer
will not fade away before he has been able to put them to use in the service of his new
employer, or for himself if he works independently. To which extent is the employee
prevented to have recourse to the confidential information he has been acquainted with
by virtue of his employment? Practical, if not very refined test would be to prohibit any
use of information that is taken away on documents or electronic supports. This test was
applied in a recent computer software case in the United States: in view of the striking
similarity between both programs, the trier of facts could not believe that the particulars
of the "old" program belonging to the former employer that were on a disquette in a
drawer three offices down the hall of the desk of the developer of the "new" program
had not been put to his disposal by the employee who had just changed his job.
Nonetheless, the employee should enjoy the opportunity to use documents if they
embody information that is generally known or easily accessible. Further, the employer
30
may legitimately obtain an injunction against the use of one secret formula, even if kept
in the mind of the departing employee. Hence, there is no ready-made standard to reach
a solution in every instance. The basic principle is, however, that employment is not a
"soul-destroying business"
An employee may compete with his former employer and do researches on his own or
on behalf of a new employer. The sensitivities of various countries in that area shall be
delicate to harmonize.
2.5 Computer and Privacy Protection
The revolution in communication and data processing that is occurring in the United
States and much of the world including Tanzania has created a realm of activity
popularly referred as ―cyberspace‖
The most conspicuous offshoot of the new information technology is the internet; the
internet is internationally linked system of computer networks in which the data flows
.The information super highway is a metaphor for the communication links of the
internet while ―cyberspace‖ is a metaphor for the medium whereby data processing and
communication between the computer networks occurs. Not only is there no central
entity that manages the linked computer network of the internet ,the nature of
cyberspace also means that ―data ―is not in any geographical location but in space –the
electronically linked computer networks66
.
Currently the most popular way to access the internet is through the World Wide Web
(the web) the web consist of millions of websites; each website is separate but inter
linked and each website may have hundred of web pages. With proper software internet
users may create own WebPages and post in digital form sound, images and text on the
webpage .Internet users may also view the images ,read the text and listen to the sound
of other websites .Web browser‘s are used to access information on the web.
66
Richard C.T. and Anita L.A.(2002)Privacy Law, 2nd Edition, West Group. P.398
31
The information super Highway ,cyberspace, and the internet are possible because of
digital technology .the use and importance of computer technology to the Tanzania and
the world has magnified the privacy issues that are raised by Arthur Miller and other
writers in the 1970.
The central feature of the revolution in communications and data processing from analog
to digital technology, Analog technology is based upon replication of form of
communications or image that is transmitted .The replicated phenomena is transmitted in
continuous uninterrupted form example in analog based telephone communications, the
sound wave produced by the voice is transmitted by an electronic signal with the same
frequency as the voice. The whole replicated conversation is transmitted by an electronic
signal with the same frequency as the voice. The whole replicated conversation is
transmitted with analog technology.
Digital technology takes samples of the actual sound wave or image or text and converts
the samples into arithmetic quantities that are expressed in binary digits or bits with
eight bits forming one ―byte‖ 67
Digital technology has dramatically increased the capacity to access data because
computer data based may be matched or linked and data instantaneously acquired .Once
information is Keyed into one computer it may be transmitted to another computer
without having to re-key the data.
Digital technology makes it possible to merge and mix data.68
The unprecedented capacity for loss of informational privacy is the result of special
features of digital technology in three phases of data processing, data acquisition, data
merging and data profiling.
67
Henry H.P, Jr (2001) Law and Information Superhighway.p.20 68
Richard C.T. and Anita L.A.(2002)Privacy Law, 2nd Edition, West Group p.399
32
2.6 Conclusion
It is well established that the laws, internationally and domestically cover an aspect of
confidentiality however there are some challenges on its implementation such as the
prohibition on use of confidential information especially acquired knowledge in due
process of working, but most important is to avoid ruining of the others business, there is
a need to set standards of the said confidential information .again laws need to provide
strong penalties for the offence and not just establishing an offence.
However referring Posner‘s economic Theory presumes that privacy is not something
that is desired for its own sake .Privacy is valued as a means to produce income or some
other benefit69
.
Hence there is a need of having a comprehensive legislation on privacy matters.
69 Richard .A.P(1979) Utilitarianism, Economics and Legal Theory also in his earlier book titled Right of Privacy
(1978)
33
CHAPTER THREE
RESEARCH FINDINGS
3.0 Introduction
This chapter intends to give out the field results, which a researcher upon applying
different methods of data collection and interpretation he came out with some
observations which are categorized in the following subtitles Methods used to keep Data
and Leakage Ways, Legal Challenges Facing Employers and Employees on the Aspect,
Steps taken by Organizations to Prevent Leakage of the Confidential Information,
Computer use and the Enforceability of Confidential Clauses, the critical area on the
problem of confidentiality and lastly the conclusion of the chapter.
This research took a case study of Dar es salaam therefore the researcher interviewed
employees at the Ministry for Labour and Employment especially labour officers,
secretaries ,the researcher went further and sent questionnaires to different organizations
for employees and employers such as Mic Tanzania commonly Tigo Tanzania ,Airtel
Tanzania, Barclays Bank, CRDB Bank ,IT specialists, Magistrates ,BP Tanzania
employees ,Keko Pharmaceuticals Ltd,International Labour Organization (ILO) also the
researcher went further interviewing Health officials like nurses and doctors in Massana
Hospital and Mbezi Beach Health Center at Doctors Plaza ,the researcher valued each
and every persons contribution and maintain anonymity in his research.
The researcher went further by interviewing some security agencies employees,
Association of Tanzania Employers (ATE) and successful he got the important data to
this research. However the researcher used much of library search and used Internet
browsing to get some more data to help in his research, from those sources the
researcher came out with the following results;
34
3.1 Methods used to keep Data and Leakage Ways
The ways which are mostly applied in keeping data are still local as opposed to modern
means in particular at government offices, the technology is not yet exploited into
practice though there are some movement towards the use of new technology to keep the
data in most safe ways, the observations shows that common methods used in keeping
confidential information are;
i. special registry books
ii. folders in hard copy
iii. Tape recording, video and surveillance camera
iv. Folders in soft copy
v. Emailed document
vi. Files according to confidentiality of the matter.
Special registry book, is a special book where the records of a particular document are
recorded, the recording is done once the document is received signed by both the
deliverer and the receiver. This helps to know that particular document is received and
kept in a certain place by a particular person and exactly time of particular information is
received. This is common in both Government offices and the private companies,
whereby the data shows that all twenty five (25) respondents, confirmed use of this
method.
Folders in hard copy, there special folders in hard copy form which are kept on special
shelves in special chambers, this is again used in both government and private
institutions ,in government this is the main means of storing data however in private
companies is an alternative means to store data as mainly they use soft copy.
The communication via e-mails are also used to keep special confidential information
where by the attachments kept on emails and the whole e mail, however can be hacked
35
and divulge information to third parties. E mails are very commonly used by private
companies, most of the e mails they contain a special clause which requires
confidentiality to be maintained however many employers and employees do overlook
the clause and transfer information to third parties. Fifteen (15) respondents commented
positively on the use of emails as a fast and modern means to keep data in the modern
commercial world however ten (10) respondents criticized the use of this particular
method to store data as they argue that is not well secured in terms of privacy as it is
easy one to hack somebody‘s account and divulge information without any physical
presence at the company.
Tape recording, video and surveillance cameras are amongst the ways used by
organizations to keep and protect the security of confidential information. The special
recordings of communications by tape recording or video are taken as a means to keep
the confidential information.
Tape recording, is used to keep information especially in media and security agencies
,however the video and surveillance cameras are most preferable means of keeping data
and act as security system as well ,most of the private companies use surveillance
cameras for the security purposes ,this include data security it is easy to identify a person
responsible for omission of particular thing when recorded by using the surveillance
camera. Twenty (20) respondents supported the use of surveillance camera however five
(5) questioned much on the aspect of privacy, and limits of surveillance.
Folders in soft copy, due to technological development, the use of computer system,
there special data base created for particular information, and the confidential
information are kept in special folders. Fifteen (15) respondents confirmed use of this
method, However the left number most especially government agencies lag behind the
technology and concentrate much on the hard copy.
36
Folders in accordance to confidentiality of the subject, there are the folders which are
specifically used for keeping confidential matters and there confidential folders are kept
due to sensitivity of the information. This is common in government agencies especially
in security agencies.
However the first two are the most commonly used in government institutions, the rest
mostly used in private institutions where the use of computer technology is at large
extent used as compared to government entities. But still whatever way used to keep
data (confidential information), the leakage of the information exists. This is so because
it is observed that the ways used to leak the said confidential information are through;
i. Unauthorized interception on computer
ii. Former employee who either retired or resigned
iii. Data theft
iv. Face to face with secretary for corruption.
The unauthorized interception on computer Cyber criminals often obtain valuable
information by intercepting and monitoring communications sent via the internet or
other information networks. Electronic mail messages can easily be intercepted by third
parties, thereby enabling them to obtain bank account numbers, password, access code
and various other form of confidential information, a good example is a complaint rose
by Louis Moreno Ocampo the International Criminal Court (ICC) prosecutor that there
some hacking of some personnel‘s and witnesses emails which lead to disclosure of
confidential information70
.
However there is legal and unlawful interception, lawful one permitted by the law while
unlawful interception is not permitted by law and it is among cyber crimes, though the
challenge arises as to the balance on freedom of expression and unauthorized
70 16th March 2012 Sunday News, 1st page.
37
interception, this cover the disclosure of confidential information of various states by
wiki leaks.
Use of ex –employees of a certain organizations ,the question of resignation and retiring
of some employee comes as a way to breach the confidentiality clauses ,the ex-employee
who knows some confidential information if not bound well with the confidentiality
clauses it attracts infringement of privacy as they will be easily a pass way to dispose
such information ,some companies confidentiality clauses do real bind the employees
even after their end of employee tenure for example in Airtel Tanzania confidentiality
clauses to its employees as it stipulates that reads “the employee shall not, either during
the continuance of his or her employment hereunder or within 3 years thereafter ,except
in the proper course of his /her duties or in the event of prior written consent of the
company, divulge to any person whosoever ,any information concerning the business or
finances of the company or any of its dealings ,transactions or affairs which come to his
/her knowledge during or in the course of his/her employment and affairs which come to
his/her knowledge during or in the course of his or her employment and he /she shall not
communicate with any person or authority in connection with any matters concerning
the company without such consent as aforesaid specified.”
Data theft through unlawful devices and unlawful programs as the organizations and
government developed ways to keep the confidential data by electronic technology;
criminals frequently use sophiscated technology to intrude in these protected systems so
as to commit crimes. This may happen by criminals using skimming devices to capture
all the data contained on the magnetic strip and thereafter, with assistance of a computer
terminal, download such data and use them for any unlawful activity including fraud
acts.
Face to face with Secretary and corruption attempts, this is a way which mostly used by
unloyal and unethical workers in regards to leakage of the confidential information as
38
the secretaries or office assistants who to a large extent knows a lot of the confidential
matters of the organization can be blackmailed by money or anything in kind to betray
his employment contract on the aspect on confidentiality clauses.
In this regard is obviously observed that in whatever means used to keep the confidential
information still leakage may occur whenever any of the way used to get the data.
3.2 Legal Challenges Facing Employers and Employees on the Aspect
The legal challenges that arise on the aspect of enforceability of confidentiality clauses
by employers and employees, many cases are;
i. Identification of defendant
ii. Admissibility of electronic evidence.
iii. Corruption attempts
iv. Influence of alcohol
When the confidential information are leaked it is a challenge first to identify the
defendant, the actual person who breached the clause, this is so because the breach is
done mostly in secret manner.
Generally, before the year 2000, electronic evidence was inadmissible .In the year 2000
in the High court commercial division, Nsekela J, in the case of Trust Bank Tanzania
Ltd v. Le Marsh Enterprises Ltd71
the court saw the need for the judiciary to be ready
to adopt changes caused by technological revolution engulfing the world and it
proceeded to extend the definition of banker‘s books to include evidence emanating
from computer. Despite such observations by learned Judge –no significant changes
were made to existing law till 2007.were the significant development was the
amendment to the Evidence Act by Act no.15 of 2007,the Evidence Act was amended
71
Case no. 4 of 2000
39
by ;adding s.40 on admissibility of electronic Evidence in criminal proceeding .In this
regard for civil cases the challenge is still ahead.
Challenge to find evidence to a person who leak information via word of mouth only
without use of documents.
Corruption attempts put ahead a very challenging obstacle to obtain justice, the people
are paid to leak the information and this sometimes go higher as compared to their
salaries.
Some breach the confidentiality clauses under the influence of alcohol; it is a challenge
to master a person from his alcohol drinking behavior, therefore others take advantage of
alcoholism to obtain confidential information from the people who are drunk.
3.3 Steps taken by Organizations to Prevent Leakage of the Confidential
Information.
The steps taken by the employers to prevent the leakage of confidential clauses are;
i. Installing surveillance cameras
ii. Password ( authentication )
iii. Education on the importance of keeping confidentiality clauses.
iv. Termination without pay (summary dismissal)
v. Legal proceedings for those who disclose confidential information.
vi. Special entrance door card.
vii. Special Programme on computer to records events on desktop.
Most of the private companies has put forward the first two ways plus the rest ways
however the government bodies is very much invested in the three last ways though
some government offices use the first two ways too.
40
Surveillance cameras, these are special camera which are installed to record the video
for a particular area 24 hours, these enables to record all activity that take place in there
so if the leakage occurs or any attempt to theft appears it is easy to identify the defendant
for easy legal action, it is a commonly used in private companies and some government
offices as well.
The use of passwords is a method used to allow some people only, an access to the door
of certain special room which keeps confidential information even the computer access
and pass code for the folders keeping the confidential information.
The education on the enforcement of confidentiality clauses, it is observed that some
employees or employers are not aware of ways used to leak the confidential information
as there some cases where by the information are trapped unknowingly by a third party
in presence of the employee or employer this mostly is by computer interception and
data theft .for this it has been seen there is a need to give education to the people who
handle the confidential information be employer or employee.
Upon the noticing of a person who breached the confidentiality clause, the summary
termination takes place at once followed by legal action, this is a step adopted to prevent
the leakage, however this applies only to an existing employee for a parting or resigned
is a challenge.
Legal action is taken only when there is an evidence to identify the offence and the
person so responsible.
Special card for entrance and exit, the organization and some individuals has now taken
step to security of people and property and data in particular by using new technology of
installing special doors which require identification of a person before entrance and exit
so the system records who and at what time he entered and left the room in assistance of
surveillance cameras it is easy to recognize the people who breach confidence.
41
Special Programme on a computer which shows exactly the documents opened at a
particular time and by who, therefore it is easy to have an evidence of breach of
confidence.
3.4 Computer use and the Enforceability of Confidential Clauses
With the coming of mobile phones and internet, ICT application in Tanzania got many
clients. And the concern of about information security was and yet is more alarming.
There are hackers, malicious programs like computer viruses, worms, just to mention a
few.
Attackers are assumed to have various levels of expertise, resources, and motivation.
Attackers can either be insiders or outsiders. Relevant expertise may be in general
semiconductor technology, software engineering, hacker techniques, or the specific
system. Resources may range from personal computers and inexpensive card
reading/coding devices to very expensive and sophisticated engineering test,
measurement devices, and replica of Company vending devices. They may also include
software routines, some of which are readily available on the Internet. Motivation may
include economic reward, resentment, or notoriety of defeating high-grade security72
The attackers mentioned might be employers or employees or any person with
connection with any of the two so as to grab particular information.
The development of technology has led the intensive use of computer at work places
especially on very sensitive matters concerning business .The computer keeps
information in a special data base created by the organization, which may either require
special password to access the information.
72
Job A.C, 2000 …Framework for Evaluation of Information Security Systems, A Case Study of Tanzania Electric
Supply Company (TANESCO). Available at
www.icsa.cs.up.ac.za/issa/2005/Proceedings/Full/062_Article.pdf- last visited on 01/02/2011
42
Also on the other hand the changing ways of leakage becomes a problem as the
computer use intensify the problem as the ways of which are used are a bit challenging
as a person can interrupt certain confidential information without even physical presence
at the scene through interception but again the lack of knowledge amongst the
employees where by a person can easily disclose his/her password to a third party or just
leave another employee or third part use his computer without his presence.
Just observation, due to computer illiteracy, the secretary in a certain office was able to
allow a person to put his flash on the office computer and took some confidential
information, which a secretary did not realize the intention as she did not know what he
was doing, so if the secretary could have sufficient skills on the computer, she could
have prevented the leakage.
Therefore it is obviously seen that the use of computer technology sharpens the problem
and even makes very hard to control and avoid.
3.4 Critical area on Confidentiality Clauses Enforcement in Tanzania
From the researchers data and interpretation the problem seen is both the law and the
practice, this is so because the law under the Employment and Labour Relations Act73
,
stipulates the penalties of which in some cases is not able to give a real deterrence for a
kind of loss so caused from the offence, however the strict laws on banking are so
because they deal with money but even in some other organizations the confidential and
very important information can be leaked and cause moral or financial loss to a great
extent ,is my call to the government to make strict laws on the aspect of privacy.
The practice also shows that the employers assist on one way or other to leakage of
confidential information, as they fail to give education to their employees on privacy,
also the issue of corruption which paves a way to employers silence on the offence.
73
Act no 6 of 2004, s.102(4)
43
As one of the respondent said, the law might be present but if at all our people are not
educated we cannot prevent leakage of information.
The education on confidentiality clauses need to be given to employees so as to master
their true habits ,thus unintentional breach will be covered ,whoever breaches will be
presumed to have an intention thus attracts heavy penalty.
3.5 Conclusion
The findings shows that the methods employed to keep data especially in many
government offices do not comply with the current social change unlike private
institutions, however despite that the problem of breach still exists and as such we need
a strong legislation which will speak reasonable penalties so as to reduce the increase of
the problem, the refresher training should take part from time to time to update
employees on the aspect of privacy issues and to make sure that the organization policy
are put into real action.
44
CHAPTER FOUR
SUMMARY OF FINDINGS, CONCLUSION AND RECOMMENDATIONS
4.0 Summary of Findings
Generally, ―Enforcing Confidentiality Clauses in Tanzania with Critical Analysis on the
Legal Challenges Facing Employers and Employees, can be summarized as follows, the
respondents whom I used, that is 25 respondents amongst whom 20 respondents said
that the problem is still increasing and even worse through the use of computer, it is
observed that lack of privacy knowledge and even smooth legal consequences
contributes to the increase of the problem.
It was observed that the penalties under different laws are not sufficient to end the
problem, the Banking and Financial Institutions Act74
at least put a strict penalty on the
person who committed an offence but again it is of course due to the reason that the
Financial Institution and Banks are institutes which deals with money, at this juncture it
is not appropriate to put strict laws only for Banks as the leakage of confidential
information occurs in different organizations and cause a great loss to particular
organization.
It was observed that the knowledge of confidential information sensitivity is not well fed
to employees, of importance the knowledge on the subject matter especially the negative
effects of such information to the organization. However some institutions are very strict
to the provision of information to outsiders whereby you need to write a special
application expressing reasons for the information you need and to promise not to use
such information otherwise, after the confirmation by the organization leadership then
the person will be allowed to take the information and only for the purpose asked for,
74 Act no. 5 of 2006.
45
unlike many institutions where by the staffs can easily divulge the information even
unknowingly.
4.1Conclusion
There Legal challenges face the employers and employees in enforcing the
confidentiality clauses in Tanzania, and is observed that the computer use has intensified
the problem.
Despite the initiatives undertaken there is yet still a problem particularly on the legal
system. The legal infrastructure in Tanzania is yet to incorporate Information Security as
an area worth legal safeguard. In this way it is not surprising to find hackers or those
defrauding the IT system walking away unpunished by the law.
It is therefore prudent and sound that the initiatives should not only be on technical area
put also the legal infrastructure should address such matters related to information
security in Tanzania.
The problem is not absence of provisions of law but its loose nature to the extent that the
penalties put for an offence on breach of confidentiality clauses does not discourage the
continuance of the problem on the other hand the poor knowledge on information
keeping by employees and some employers also add to the problem, this includes poor
job ethics by the employee for example the alcoholism is seen as other factor which
contribute the presence of the problem, the corruption song is still the major challenge as
mostly people receive something in kind for the information they share to the third
parties.
The hypotheses proves the problem existence, as little penalties, unethical actions,
computer use seem to be the great reasons for the extension of the problem.
46
The organization privacy policy are not put into implementation by some organizations
this leaves a chance to the organizations staffs to have an opportunity to divulged the
confidential information. Lastly in some organizations it clearly observed that the
information is not kept in a precise manner as in regards to this cyber era.
4.2 Recommendations
Keeping in mind the research findings and conclusion by the researcher, he goes further
recommending on the topic namely ―Enforcement of confidentiality clauses in Tanzania
A critical analysis on the legal challenges facing employers and employees”. Taking
into account the current technological advancement, the researcher recommends the
following. It is important to this of privacy in broad perspectives. We should not limit
ourselves to privacy infringement in traditional sense like where the employer come to a
employees‘ home and search the premises or where a employee is stopped by employer
and searched. You hear a person saying you are interfering with my personal integrity.
We need to retain such integrity even online. But that has been made difficult by our lag
in enacting Privacy legislation in Tanzania. We have to blame ourselves for such lag75
.
It is worth of note that so long we visit websites so long we use ICT facilities at work, so
long we use our credit cards, our Internet banking, we shop in the supermarkets then we
are not going to be left alone. We will be able to enforce successful employees and
employers confidentiality clauses and other interests with privacy only if we enact
privacy legislation. In this way our privacy online will be guaranteed.
75 Ubena J (June 8, 2010) Law as the Lifeblood of Human Being: Tanzania Lag on Privacy Law. at
http://tanlex.wordpress.com/2010/06/08/tanzania-lag-on-privacy-law/
47
It is suggested that the privacy policy of different organization be put into action and the
refresher training amongst the employees be provided time to time to shape them with
the proper methods on how to observe job ethics and also materials like brochures and
some adverts to be put on desks of the employers and employees just to remind them of
the keeping the confidentiality clauses.
Further recommends that the organization privacy policy shall be put into a strict sense
and in action. The ways of keeping the confidential information is of great seriousness
and only with special permission confidential information is shared, on the other hand
the penalties are extended and the summary dismissal is provided for the persons who
have committed the offence.
Further requests the education to be provided to the employees and employers on the
privacy importance from time to time also emphasizes reasonable use of passwords and
surveillance cameras to be used identifying the defendants.
Encourages the use of proper ways to identify the cyber criminals over the
confidentiality clauses to be adopted by the employers meanwhile the employers to be
careful in disclosure of their employee‘s confidential information to third parties as the
use can be against the employees wish hence breach of confidentiality clause.
Calls upon the employers and employees have a table talk on employees‘ benefits and
salary increment and maintain friendly relations in solving disputes arising at work
place.
Generally information security is secured by Information security program, blending
best management practices with key physical and information technology safeguards.
Drilling down to the critical building blocks of information security, covers security
policies, awareness, administration, models, mechanisms, and architectures; availability,
48
backup, recovery, and business continuity planning; firewalls; user authentication;
cryptography; network concepts and security76
Lastly the employers should take proper and reasonable steps to prevent the occurrence
of the problem for example to install special computer programs to record the events on
the desktop containing confidential information. However this should be done only on
the computers with confidential information so as to balance freedom of privacy to an
employee.
76 http://www.tgdlc.go.tz/Index.php?id=news_course last visited on 01/02/2012.
49
REFERENCES
Books
Bainbridge,D. (2002)Intellectual property,5th
Ed, Pearson Education Management
Bainbridge,D. (2009)Intellectual property,7th
Ed, Pearson Education Management
Henry H.P, Jr (2001) Law and Information Superhighway, 1st Edition oxford
university press, London
Holvast J., Madsen W. & Roth P. (2000-) 'The Global Encyclopaedia on Data
Protection Regulation', Looseleaf, Kluwer Law International
Ian J. Lloyd (2008), Information Technology Law, 5th Ed, oxford university press,
London.
Lim,Y.F(2007)Cyberspace Law Commentaries and Materials, 2nd
ed, oxford
university press, London.
M.B Miles and A. M Huberman(1998) An Expanded Source Book-Qualitative Data
Analysis
Milton .R.K (1966) Privacy and Law: A Philosophical Prelude, 1st Edition, West
Group
Richard C.T. and Anita L.A. (2002) Privacy Law, 2nd
Edition, West Group
50
Articles and Journals
Araujo and I. Araujo (2011)Developing trust in Internet commerce Proceedings of
Conference of the Centre for Advanced Studies on Collaborative Research.
Better Policies for better Lives; OECD Guidelines on the Protection of Privacy and
Transborder Flows of Personal Data : Available at
http://www.oecd.org/document/18/0,2340,en_2649_201185_1815186_1_1_1_1,00.ht
ml
Bygrave L. (1998) 'Data Protection Pursuant to the Right to Privacy in Human
Rights Treaties' International Journal of Law and Information Technology, 1998, 6,
247-284
D. Banisar (1999), Privacy and data protection around the world. Proceedings of
the21st International Conference on Privacy & Personal Data Protection.
Davies Collison Cave Darron Saltzman and Timothy Creek (May 10 2011) Damages
awarded for misuse of confidential information by former employees to create
competing product.
Glyn Marais (2009), Crime Prevention Asset Forfeiture and Collateral Damage to
Creditors 1st Edition Lawyer‘s club India Article, Data Theft in Cyber Space Issues
and Laws.
Naomi Cossack, Margaret R. Fiester, John Sweeney, (2006) Prompted resignation,
surveillance confidentiality.
Richard Elliott( 2010) International Council of AIDS Council Organisation Guideline 5
of the International Guidelines on HIV/AIDS and Human Rights Available at
http://www.icaso.org/publications/Advocates_Guide_EN.pdf accessed on 20th
November 2011 at 20:00hrs
51
Ubena J (June 8, 2010) Law as the Lifeblood of Human Being: Tanzania Lag on
Privacy Law at http://tanlex.wordpress.com/2010/06/08/tanzania-lag-on-privacy-law/
Websites
Data Theft in Cyber Space Issues and Laws accessed on http://
www.wisegeek.com/what-is-a-confidentiality-clause.htm
http://findarticles.com/p/articles/mi_m3495/is_10_51/ai_n27011518/ on 01st Jan, 2012,
20:00hrs
E-Security and Cyber Crimes Training Workshop at http://agumba.biz/index.php?id=33
Howard Shila, Effectiveness of Informatics Policy Instruments in Africa, Tanzania.
Available at
http://www.uneca.org/aisi/tanzania.htm visited on 03/11/2011
National Information and Communications and Technology Policy
http://www.tanzania.go.tz/policiesf.html
http://tanlex.wordpress.com/2010/06/08/tanzania-lag-on-privacy-law/
http://www.tgdlc.go.tz/Index.php?id=news_course last visited on 01/02/2012
