ICAEW.com works better with JavaScript enabled.

Case law: Passing on confidential information 'off-the-record' can still breach confidentiality

Individuals and organisations receiving information in confidence should ensure it is not disclosed to third parties without authorisation, even if disclosed 'off-the-record, otherwise they risk a breach of confidentiality claim against them.

Legal Alert

This update was published in Legal Alert - May 2017

Legal Alert is a monthly checklist from Atom Content Marketing highlighting new and pending laws, regulations, codes of practice and rulings that could have an impact on your business.

An HMRC official gave journalists an 'off-the-record' briefing about tax avoidance schemes disclosing details of a particular taxpayer's affairs. The newspaper represented at the briefing published an article implying the taxpayer was involved in such schemes.

The taxpayer claimed breach of confidentiality under the Commissioners for Revenue and Customs Act 2005. In its review of the Act, the court also considered and applied the common law confidentiality rules that apply generally.

Under the common law, personal or confidential information obtained or received in the exercise of a legal power or in furtherance of a public duty (such as information given to HMRC) should not be used by the recipient for other purposes – for example, it should not be passed on to third parties.

The Supreme Court ruled that this principle was not subject to an exception where the relevant confidential information was passed on in confidence, for example, on an 'off-the-record' basis. It said that "an impermissible disclosure of confidential information is no less impermissible just because the information is passed on in confidence".

Private organisations and individuals should be aware the courts might apply the same approach to personal or confidential information obtained or received by them. For example, this may include information given to comply with employment, money laundering, corporate record-keeping, bribery or data protection rules. They should check that their policies, procedures and staff training ensure such information is not passed to third parties, or used for any other purpose than the purpose for which it was given, even on an 'off-the-record' basis.

Operative date

  • Now


  • Organisations receiving information in confidence should ensure it is not passed on to third parties without authorisation, even if passed on 'off-the-record, or they risk facing a breach of confidentiality claim

Case ref: R (on the application of Ingenious Media Holdings plc and another) v Commissioners for Her Majesty's Revenue and Customs [2016] UKSC 54

Disclaimer: This article from Atom Content Marketing is for general guidance only, for businesses in the United Kingdom governed by the laws of England. Atom Content Marketing, expert contributors and ICAEW (as distributor) disclaim all liability for any errors or omissions.