We address the issue of confidentiality in a language-based security approach. We study the design of flexible information flow policies that generalize non-interference, the *non-disclosure* policies. Such policies can be statically enforced on concurrent languages by means of refined type and effect systems. Non-disclosure controls information flow in programs that include declassification, which we express by means of a *flow declaration* construct that implements a local information flow policy. We generalize our approach to tackle the largely unexplored topic of controlling information flow in a global computing setting. New forms of security leaks that are introduced by code mobility are revealed.