Protection of Trade Secrets in the Digital Age
Protecting trade secrets can be incredibly difficult in the digital age, with confidential information easily stored, sent and received electronically. Nevertheless, the most significant security breaches often arise from human behavior.
The Uniform Trade Secret Act (UTSA) requires a “trade secret” to be: (1) sufficiently secret to derive economic value, actual or potential, from not being generally known to other persons who can obtain economic value from its disclosure or use. The “trade secret” is also required to be (2) the subject of efforts that are reasonable to maintain its secrecy or confidentiality.
Customer lists, manufacturing processes, financial information and marketing techniques can all be protectable under the UTSA. However, basic prerequisites must be met. First, the “secret” must not be generally known and subject to protective steps. If all industry insiders know the secret, it is hard to show secrecy. Industry knowledge, something mobile employees regularly bring with them, is difficult to protect. This information must be “sufficiently secret to derive economic value, actual or potential, from not being generally known to other persons who can obtain economic value from its disclosure or use.
The owner also has the duty of keeping the secret. The law requires, “reasonable” efforts to maintain security. Fort Knox style techniques are not required, nor appropriate, for most situations. However, failure to take reasonable precautions can cause a lawsuit to be lost. Locks, passwords, software encryption, shredders and consistent procedures all help demonstrate that an organization has taken sufficient steps to keep information secret.
The UTSA also requires the taking or use of a secret to violate some duty to the trade secret owner, or otherwise constitute a wrongful act. Former employees may have acted in violation of a duty of loyalty to their former employer, violated a written contract such as a “non-compete” agreement, or acted contrary to an employer’s policy manual. It is important to note that misappropriation does not require evil intent. Trade secret misappropriation can occur where knowledge that is so intrinsically involved with the operation of a business that working for a competitor will inevitably disclose the secrets.
Careful consideration of what should be protected will help identify the protective measures that are appropriate for a situation. For example, passwords for computers will not necessarily protect actual blueprints or manufacturing process that should be screened from vendors and consultants, but consideration of those other pieces of property will then suggest locks, security passes and even confidentiality agreements for visitors.
If it becomes necessary to enforce trade secrets, having the third parties identified will expedite the speed at which a remedy can be sought. It is not enough to point to broad areas of technology and assert that something there must have been secret and misappropriated. The plaintiff must show concrete secrets that were disclosed.
Preparation on the business side greatly enhances the likelihood of protection if misappropriation occurs. Anticipation of intellectual property protection, including filing patent and copyright applications where applicable, often provides benefits when information is taken because this intellectual property may embody the information. Blending the legal disciplines of intellectual property, employment and unfair competition can maximize available remedies and enhance the goal of reducing the likelihood of trade secret misappropriation.