Businesses own proprietary information that can be useful to competitors. A constant source of anxiety for many business owners is that their proprietary information might be used by employees and contractors to start a new business or to be given to a competitor. The legal means of preventing such misappropriation are state and Federal trade secrets laws.
Recently, the Federal Defend Trade Secrets Act was enacted. This law was intended to provide a uniform Federal trade secret law since many trade secrets cases are heard in U.S. District Court. The new law has refocused interest in trade secrets and how to protect them.
To prevent misappropriation of their confidential information, business owners typically rely on non-disclosure agreements (NDAs) or confidentiality agreements. However, there are pitfalls to using generic NDAs. Those agreements are not sufficient to protect trade secrets and generally unenforceable. Furthermore, business owners take other actions to protect their trade secrets.
The most important fundamental to understand is that the onus of protecting trade secrets falls on the owner. State and Federal laws look at what the owner of the trade secret has done to protect it. The business owner must take certain steps to legally protect trade secrets. I will focus on two of those which are preliminary to enforcing trade secret rights.
A trade secret is information that is not generally known and not readily ascertainable through lawful means. Such information must also have independent economic value. Information may meet those elements but will not be legally a trade secret unless the owner takes “reasonable efforts” to keep that information secret. Reasonable efforts are of two types: confidentiality efforts and limiting access efforts. Business owners must make both efforts to protect their trade secrets.
Confidentiality efforts are the actions of a business owner to inform others that information is a trade secret and that should not be disclosed. This typically involves confidentiality agreements or NDAs signed by employees, contractors, and consultants (known as “disclosees”).
The NDA must identify what information is a trade secret. Generic NDAs are not sufficient because those NDAs don’t identify what trade secrets will or might be revealed by the owner. Most generic NDAs simply state that “confidential information” will be disclosed and must be kept confidential. Because the NDA doesn’t identify this “confidential information,” courts have held them to be unenforceable. Disclosees have successfully argued that they didn’t know that information disclosed to them were trade secrets.
NDAs must state what information is to remain confidential. This doesn’t mean that the business owner must give away the trade secrets in the NDA. What the owner must do is identify them so that the disclosee knows what information is confidential. The NDA could state “chemical formulas,” “customer lists,” and other identifiers as long as the disclosee is notified that such information is confidential.
NDAs are a common tool but employee contracts, employee handbooks, contracts, and license agreements are also acceptable. The disclosee should agree with to keep the information confidential by signing or otherwise acknowledging the NDA or other document.
Business owners should also label or stamp information as confidential. Information that is labeled gives immediate notice and the disclosee has no excuse for taking it.
The business owner must also make reasonable efforts to limit access to confidential information if that information is to be considered a trade secret. There are two aspects to limiting access. 1) Information is be divulged to employees and others only on a need to know basis. 2) Access must be controlled.
Owner should carefully designate persons to have access to trade secrets and ensure they understand (as explained above) that the information is confidential.
Confidential information should only be accessible to those specific persons who have a business need to know or use the information. Confidential information on a server should only be accessible to certain persons using their user names and passwords. The IT administrator for a business should make files or directories containing confidential information accessible only to authorized persons using the proper user names and passwords.
If confidential information is in a physical format, then it should be kept locked up. Old physical copies must be destroyed rather than thrown away. Limiting access can also mean controlling access to a business’s facilities and the use of alarms and surveillance.
Third parties given confidential information must agree to return it after the third party no longer needs it. The owner must follow up to ensure the information is returned.
These are only some of the actions that a business might take to ensure limited access to confidential information.
Why are reasonable efforts important?
Reasonable efforts are critical in a trade secret case. If the owner has not made reasonable efforts to maintain the secrecy of the information at issue, then the lawsuit goes no further. The defendant will likely be granted summary judgment and the court will not make a further determination as to the value of the information.
If the owner can show that the business made appropriate confidentiality and limited access efforts, then the courts will often grant a preliminary injunction to prevent further misappropriation during the pendency of the case. This may be as far as a such a case might proceed since a defendant won’t continue to litigate a case if the defendant can’t use the misappropriated information while the case is pending.
What to do
We encourage businesses to periodically inventory their intellectual property, including confidential information and the NDAs used by the business. If the business identifies information that it wants to keep confidential, then the business must implement a plan to keep it that way as outlined above.
If you would like to know more about trade secrets and how to keep them secret, please contact us. We also conduct intellectual property inventories for our clients.
Eric D. Morton, is the principal of Clear Sky Law Group, P.C. He can be reached at email@example.com and 760-722-6582 or 510-556-0367.