Unpacking three recent Court of Appeal Orders on confidentiality

Last year, we reported on the UPC’s approach to the protection of confidential information. At that point in time, guidance from the UPC’s Court of Appeal (“CoA”) with regard to confidentiality was still limited. Fast-forward, the CoA has recently rendered various orders in relation to the protection of confidential information, in Sun v Vivo, Ericsson v Asus and Merz v Viatris.

The legal framework

The protection of confidential information is secured by Article 58 of the UPC Agreement (“UPCA”) and further implemented in Rule 262 and Rule 262A of the Rules of Procedure (“RoP”). While Rule 262A RoP provides for the possibility to request confidentiality restrictions in respect of the other party, Rule 262 RoP provides for the possibility to request confidentiality vis-à-vis the public.

Article 58 UPCA

Article 58 UPCA stipulates that, to protect the trade secrets, personal data or other confidential information of a party to the proceedings or of a third party, or to prevent an abuse of evidence, the Court may order that the collection and use of evidence in proceedings before it be restricted or prohibited or that access to such evidence be restricted to specific persons.

Rule 262A RoP

On the basis of Rule 262A(1) RoP, a party may make an application to the court for an order that certain information contained in its pleadings or the collection and use of evidence in proceedings may be restricted or prohibited or that access to such information or evidence be restricted to specific persons. This provides for confidentiality vis-à-vis the other party to the proceedings.

An application on the basis of Rule 262A shall be made at the same time of lodging a document containing the information or evidence and shall provide a copy of both the unredacted and redacted document, if applicable (Rule 262A(3)).

The Court may allow the application considering in particular whether the grounds relied upon by the applicant for the order significantly outweigh the interest of the other party to have full access to the information and evidence in question (Rule 262A(5)).

By way of guidance with respect to the number of persons having access to confidential information, Rule 262A(6) states that the number of persons having access to the confidential information shall be no greater than necessary in order to ensure compliance with the right of the parties to the legal proceedings to an effective remedy and to a fair trial, and shall include, at least, one natural person from each party and the respective lawyers or other representatives of those parties to the legal proceedings.

Rule 262 RoP

As mentioned, while Rule 262A RoP arranges confidentiality applications between the parties, Rule 262 RoP arranges for confidentiality vis-à-vis the public.

In principle, decisions and orders made by the Court shall be published and written pleadings and evidence, lodged at the Court and recorded by the Registry shall be available to the public upon reasoned request to the Registry, on which the judge-rapporteur will take a decision after consulting the parties (Rule 262(1)(a) and (b)). However, following Rule 262(2) RoP, a party may request that certain information of written pleadings or evidence be kept confidential and provide specific reasons for such confidentiality.

When a party lodges a request that parts of written pleadings or evidence shall be kept confidential, he shall also provide copies of the said documents with the relevant parts redacted when making the request.

A member of the public that wants to access the information kept confidential, may lodge an application for an order that information excluded from public access may be made available to the applicant (Rule 262(3)).

Guidance from the Court of Appeal re Rules 262 and 262A RoP

Sun v Vivo, 26 January 2026 (Appeal no’s: UPC_CoA_755/2025, UPC_CoA_757/2025, UPC_CoA_791/2025, UPC_CoA_793/2025)

In the recent order in Sun Patent Trust (“Sun”) v Vivo, the Court of Appeal addresses confidentiality regimes under Rule 262A.

Background

In first instance, Sun brought two infringement actions against Vivo based on (alleged) standard-essential-patents (SEPs). Sun argued that its determination of the terms of a proposed license were in accordance with FRAND terms. As part of its argumentation, Sun referred to a comparable licenses analysis – submitting a copy of the respective license agreements.

With its submission, Sun filed two identical applications for its license agreements to be treated as confidential information pursuant to Rule 262A:

• The first application aimed to limit the access to the license agreements to the legal team of Vivo, external experts and, under certain circumstances, no more than three employees of Vivo to be named by Vivo.
• In the second application Sun asked the court to further restrict access and limit the so-called confidentiality club to an "external eyes only" (EEO) regime. Under this regime, access would be restricted to the external legal counsel and the external experts.

The LD Paris ordered that three employees of Vivo should be granted access to the confidential information; to which Sun appealed.

In the appeal, Apple filed an application to intervene and requested that the impugned orders be set aside and that an attorney's eyes only or EEO regime be applied to Apple’s confidential information contained in Sun’s submission.

EEO regime and principles for establishing a confidentiality club

In its order, the CoA considers whether a confidentiality club with an EEO regime is at all possible, and what the principles for establishing a confidentiality club should be.

First, it considers that the Trade Secrets Directive (EU 2016/943) is not directly applicable to the proceedings before the UPC. However, it is apparent that the wording of Article 9 of the Trade Secrets Directive is identical to the wording of Rule 262A. Therefore, when interpreting Rule 262A, the CoA will use principles similar to the principles underlying the Trade Secrets Directive.

In this view, the CoA considers that – in line with Article 9(3) of the Trades Secrets Directive – when deciding on the measures for the protection of confidential information and when assessing their proportionality, the Court must take into account

(i) the need to ensure the right to an effective remedy and to a fair trial,

(ii) the legitimate interests of the parties and, where appropriate, of third parties, and

(iii) any potential harm for either of the parties and, where appropriate, for third parties, resulting from the granting or rejection of such measures.

In addition, the CoA considers that the number of persons having access to the confidential information shall not be greater than necessary in order to ensure compliance with the right of the parties to an effective remedy. In line with Rule 262A(6), as a general rule, the number of persons having access shall at least include one natural person from each party, in addition to the respective lawyers or other representatives of those parties to the legal proceedings.

Furthermore, referring to recital 25 of the Trades Secrets Directive, a party being a legal person should be able to propose who the natural person which access to the information should be, to ensure the legal persons proper representation. This means that, in principle, a party may choose. However, as the CoA recalls, whether the person proposed by a party may be granted access to the confidential information must be determined on the basis of the relevant circumstances of the case, including the role of the person in the proceedings, the relevance of the confidential information to the performance of that role and the trustworthiness of the person keeping the information confidential. In this respect, the CoA refers to its earlier order in Daedalus v Xiaomi, in which case Daedalus sought access for its US attorneys, which was granted by the CoA.(UPC__CoA_621/2024, order of 13 February 2025, point 12, Daedalus v Xiaomi)

In Sun v Vivo, Vivo seeks access for three of its employees. The CoA states that the fact that a natural person is an employee of a party, is, as a general rule, not sufficient to deny access. The exclusion of employees would severely restrict the freedom to choose a suitable person. In addition, an employee is often better positioned to present the view of the respective party compared to external persons. Access for an employee will thus often be essential to ensure compliance with the right to an effective remedy and to a fair trial. As a general rule, the interest of the party having access for, at least, one employee will outweigh the interest of the party applying for confidentiality.

Although the general rule formulated by the CoA will limit the cases in which an EEO regime will be applied, EEO regimes are not to be disregarded in full. Rather, it appears the application of an EEO regime will be reserved for exceptional cases and/or cases in which the parties mutually agree to apply such regime.

Measures to prevent use of confidential information outside of the proceedings

An argument against granting access to confidential licensing information for one or more employees, is that the employee(s) in question may use the information in subsequent negotiations with the third party whose confidential information has been obtained. Both Sun and Apple relied on this to prevent access for Vivo’s employees.

The CoA considers that, to remedy potential harm for third parties whose confidential information may be disclosed when access is granted to certain license agreements, a licensing bar may be put in place for the employee(s) to whom access is granted. This licensing bar prevents the employee’s involvement in patent licensing negotiations with the third party for at least a certain period of time. According to the CoA, the application of a licensing bar thus prevents the confidential information from being used in subsequent negotiations. A licensing bar facilitates compliance and provides all parties with a greater degree of legal certainty, as it is easier to verify and establish if a certain employee is involved in negotiations, than to determine if that employee uses the confidential information it had access to.

In this case, the CoA orders that three employees of Vivo are to gain access to the confidential information and are barred from future negotiations with counterparties of the license agreements, including counterparties not part of the proceedings, for a period of two years. The CoA considers that the interest of Sun to exclude the risk that three employees would (even inadvertently) use the confidential information and gain an unjustified advantage, outweighs the interest of Vivo in being able to use its three employees in negotiations with these counterparties – even if, as was argued by Vivo in this case, those three employees are the only employees who can realistically be used in such negotiations in view of their skills, experience and know-how. If that is the case, then Vivo could (should) simply have decided to limit the number of employees gaining access to the confidential information.

On a last note, the CoA clarified that liability for breaches of the confidentiality regime works differently for the parties on the one hand, and their (external) representatives on the other. In case of a breach, the parties are subject to a penalty payment which may be imposed by the Court for each violation. This is not the case for external representatives of the parties. However, the CoA stresses that, of course, this does not mean that the external representatives would not have the obligation to ensure that each member of the legal team, e.g. including the support staff of the representatives, is bound by the provisions of the confidentiality order (referring to the code of conduct adopted pursuant to Rule 290.2 RoP as well as the requirements of the proper administration of justice, failing which the Court may exclude said representative from the proceedings by way or order under the conditions set forth under Rule 291.1 RoP).

Ericsson v Asus, 26 January 2026 (Appeal no. UPC_CoA_632/2025.)

This appeal case between Ericsson v Asus shows similarities to the Sun v Vivo appeal case discussed above.

In short, Ericsson filed an appeal against panel review orders of the LD Milan, in which the LD Milan applied a confidentiality regime which was not restricted to EEO. In its appeal, Ericsson – with again Apple as an intervener – requested to partly set aside the panel review orders and apply an EEO regime with regard to some specific license agreements which it wanted to submit and rely on in the proceedings against Asus – the background of this request being that the third parties who were a party to the respective licenses, allowed disclosure under an EEO regime, but not under the confidentiality regime that was currently imposed by the LD Milan. Asus objected against the EEO regime and wanted to ensure access for one of its employees.

Similar to its assessment in Sun v Vivo, the CoA states that, as a general rule, the interest of the party in having full access for at least one of its employees outweighs the interests of the applicant, even if the imposition of an EEO regime would be preferable from the perspective of safeguarding confidentiality. Furthermore, even though Article 9 of the Trade Secrets Directive – to which Ericsson and Apple referred – does not preclude the application of an EEO regime, this does not mean that the CoA is required to impose an EEO regime. The CoA again refers to the measure of imposing a licensing bar on the employee in question as being a suitable safeguard to balance the interests of the respective parties.

Like in Sun v Vivo, the CoA considers it necessary to impose a licensing bar on the Asus employee gaining access to the confidential information. A statement from the Asus employee that he is not involved in outbound licensing negotiations, and will continue to ensure that he will not be involved either directly or indirectly in licence negotiations with Apple in the future, was not considered a sufficient safeguard by the CoA. On the other hand, this statement supports the CoA’s finding that the licensing bar on this employee is not a disproportionate limitation of his or ASUS’s rights and freedoms. Therefore, the CoA rules that the employee from each party will be allowed access to the confidential license agreement, but only if the employee will not participate in or advise upon any patent licensing negotiations with the counterparties to the agreements. The period is set at five years from the of the CoA’s order – which is in accordance with the duration of the licensing bar requested by Apple, which was not contested.

Merz v Viatris, 26 January 2026 (Appeal no. UPC_CoA_917/2025.)

In Merz v Viatris, the Court of Appeal addresses the interrelation (or lack thereof) between Rule 262 and Rule 262A RoP.

Background

Merz applied for admission of a new piece of evidence, requesting that the Court would order the evidence in question to be kept confidential and not be made accessible to the public pursuant to Article 58 UPCA and Rule 262(2) RoP.

When uploading the evidence in the CMS, Merz applied the so-called “HC code” (i.e. the code for Highly Confidential materials). Uploading a document under this HC code prevents access to it by the other party. However, this HC code is for use with an application under Rule 262A RoP for confidentiality in respect of the other party – not for use with Rule 262 RoP which arranges for confidentiality towards the public, as the CoA clarifies.

Division between Rules 262 and 262A RoP

The Court of Appeal stresses – as it had done before – that Rules 262 RoP and 262A RoP should not be confused: only Rule 262A RoP allows the Court to restrict the use of confidential information by the opposing party and its representatives.

A request under R. 262.2 RoP that certain information of written pleadings or evidence be kept confidential vis-à-vis the public, does not automatically grant provisional protection against the disclosure of information by the other party. The Court of Appeal refers to its earlier decision in Strabag v Swarco (UPC_CoA_70/2025, order of 1 August 2025, Strabag vs Swarco et al, paras 19 and 20).

As stipulated by Rule 262A RoP, an application for a confidentiality order pursuant to this rule, shall be made at the same time as lodging a document containing the information or evidence. It is in such a case that the party lodging a confidential document shall use the HC code in order to restrict access by the other party.

If a party uploads a document under HC code, thereby restricting access to it by the other party, while there is no simultaneous application pursuant to Rule 262A RoP, a legal basis for uploading under HC code is lacking and also contrary to the legitimate interest of the other party to have unrestricted access to the documents lodged by the other party without delay. Absent an explicit request for a confidentiality order pursuant to Rule 262A RoP or a statement that the information is protected under a previous order pursuant to Rule 262A RoP, the Court will not treat a document as potentially confidential vis-à-vis the other party and will routinely change the HC code, giving the other party access to the information.

This order of the CoA proves once more that Rules 262 and 262A are not to be confused and shall be applied in line with their purpose, i.e. for Rule 262 restricting access of certain information vis-à-vis the public, while Rule 262A restricts access to certain information to specific persons. Concurrent requests based on Rule 262 and 262A are possible and should certainly be considered.

Conclusion

These recent orders from the CoA have provided further clarification on the UPC’s approach to protecting confidential information. Key take-aways are the important distinction between confidentiality as against the public (Rule 262 RoP) and between parties (Rule 262A RoP), with the latter generally requiring that at least one natural person of a legal person (which can be an employee) is granted access in addition to external representatives, subject to safeguards such as licensing bars to prevent misuse. Unless parties mutually agree to apply an “External Eyes Only” regime, it must be assumed, in view of these recent CoA orders, that application of such a regime by the UPC will be limited.