The Innovation Firm

For More Information, Contact:

Primer on Reasonable Steps In Protecting Trade Secrets

Primer on Reasonable Steps In Protecting Trade Secrets

  1. Contracts and agreements with employees, contractors, consultants, and businesses need to address the confidentiality of trade secrets. 

Internationally, contracts and agreements with employees, contractors, consultants, and businesses need to address confidentiality of trade secrets, which can also be referred to as “confidential information.”  Disclosing a trade secret to a third party without requiring that the third party maintain the confidentiality of the trade secret may remove that information from legal protection as a trade secret.  Businesses enter into a number of types of agreements that should incorporate a requirement that the other party to the agreement maintain the confidentiality of trade secrets that will be disclosed to them as part of the engagement.  Example agreements are employment agreements, nondisclosure agreements (NDA), Material Transfer Agreements (MTA), and consulting agreements. 

Beginning May 11, 2016, these contracts and agreements must provide notice in order to be entitled to the full remedies available under the DTSA.  Forms for each of these agreements need to be assessed and, to the extent necessary, revised to include the Notice Requirement of the DTSA.  An appropriate notice follows:

An individual shall not be held criminally or civilly liable under any Federal or State trade secret law for the disclosure of a trade secret that is made in confidence to a Federal, State, or local government official, either directly or indirectly, or to an attorney solely for the purpose of reporting or investigating a suspected violation of law. An individual shall not be held criminally or civilly liable under any Federal or State trade secret law for the disclosure of a trade secret that is made in a complaint or other document filed in a lawsuit or other proceeding, if such filing is made under seal. An individual who files a lawsuit for retaliation by an employer for reporting a suspected violation of law may disclose the trade secret to the attorney of the individual and use the trade secret information in the court proceeding, if the individual files any document containing the trade secret under seal; and does not disclose the trade secret, except pursuant to court order.

2.         Business trade secrets must be identified and catalogued. 

A regular inventory of trade secrets should take place to assure that the business knows the trade secrets that need protection.  Once a trade secret is identified, the company must safeguard the information in order to keep it confidential.  In addition, once a trade secret is identified, the company should assess, to the extent possible, 1) where is the trade secret located?  2) who needs to have access to the trade secret? and 3) how are others to be denied access?

3.         Access to trade secrets should be limited. 

Paper documents as well as electronic documents containing trade secrets should be labeled confidential on each page in the header.  Information technology (IT) security systems should be established to restrict access to confidential electronic documents that include trade secret information.  Tangible products containing trade secrets need to be labeled confidential.  Businesses may also consider classifying trade secrets in categories, such as confidential and highly confidential, and limiting access to specific individuals within the company based on the level of confidentiality.  For example, trade secrets on which the company relies for a competitive advantage in the marketplace should be labeled highly confidential and access limited to a select number of individuals within the company on a need to know basis. 

It is also important to limit both electronic and paper copies of documents containing trade secrets and to limit their circulation.  Documents containing trade secret information must not be left unattended in a conference room or on a photocopier.  Similarly, computer screens displaying trade secret information should not be visible to individuals nearby.  Privacy screens and timers that ensure computer screens are not visible can assist in preventing viewing of the screens.  Further, strong password protection, with separate passwords and encryption of particularly valuable information, is critical for computers and servers containing the information.  The use of a computer log-in program or a sign-in journal to track who accesses the trade secret information and when would also be helpful.  Likewise, disabling copying and downloading of trade secret information without a supervisor’s acknowledgment could be implemented to limit access and potential employee theft. 

Trade Secrets should not be stored on individual laptop computers or other portable devices, but rather on a secure server.  Only those who are permitted to see trade secret information and tangible objects should be allowed access to areas and servers where these trade secrets are located.  ID badges can restrict even employees from accessing parts of a business’s facilities, for example where new products are being developed.  Visitors should be escorted through facilities and not allowed into areas where confidential information is visible.  Public access, such as through tours of the company, should be limited or barred from areas where trade secrets are used.  In a situation where a tour has to go near a sensitive area, one should consider alerting the trade secret keeper of the tour date and time so that curtains, tarps, or other means can be used to hide or obscure trade secret information from view by those on the tour.  All visitors to the company should be required to identify themselves.  Because the identity of visitors could itself be confidential information, visitors should not be given a log identifying prior visitors to sign, but rather the receptionist should log their arrival. 

It is beneficial to be proactive in preventing misappropriation of trade secrets.  For example, when outsourcing production of products, care should be taken to choose different vendors for different parts so that no single vendor is provided the capability to produce the final product.  For vendors and competitors, special areas can be set aside near the entrance to the business, including the provision of bathroom facilities in order to prevent any need for movement past the entrance to areas where valuable information may be visible or stored.

One might think that it goes without saying that confidential trade secret information should not be discussed in public spaces, including airplanes and elevators or when talking about confidential trade secret information while on a cell phone in a public space, but these indiscretions can and do occur.  It is essential that an attitude of secrecy be engrained, starting from the top position in any business.

4.         Conduct Regular Employee Training.

Employees should be trained on a regular basis about trade secret awareness, nondisclosure of trade secrets to individuals outside the company, prohibition of discussing trade secrets in public spaces as well as the need to inform a corporate officer of any concern of trade secret misappropriation.  Businesses should consider setting up a hotline for whistleblowers so that any suspected trade secret misappropriation can be reported without fear of retribution.  Additionally, an employee handbook should describe the type of information that is confidential and identify the appropriate legal counsel or manager to contact with questions. 

Employees should be continuously reminded of their confidentiality obligation that is implied from the employment relationship and may also be included in their employment agreement as well as the consequences if they fail to uphold their obligations.  The obligation of confidentiality applies not only to tangible and electronic information provided to the employee, but also to trade secret information known and developed by the employee working at the company. 

A company can use its trade secret inventory to ensure that employees return trade secret materials before leaving the company and to remind them of their confidentiality obligations that survive beyond leaving the company. Likewise, a company should not let a departing employee keep an old laptop, tablet, or cell phone, at least not without having first imaged and then cleaned the device.  The use of BYODs (Bring Your Own Device to work) should be limited and again require agreement from the employee that such devices will be imaged and cleaned before the employee leaves the company.

Audits of trade secret protection practices should be considered and conducted on an unannounced basis so as to be sure to understand the real handling of trade secrets by the company.  Maintaining records of these audits and any corrective actions can be advantageous. 

5.         Take Swift Action In Response To Real or Possible Threat of Trade Secret Misappropriation.

If trade secret information is mishandled by an employee, let the employee know and take disciplinary action if needed.  If the company becomes aware that trade secret misappropriation has occurred, take immediate action to terminate the relationship with the vendor, consultant, or employee and take legal action including possible ex parte seizure of the misappropriated trade secrets under the DTSA.

6.         Certain key personnel could be required to sign a restrictive covenant agreement or a non-solicitation agreement.

The DTSA and the EU Directive do not restrict the employer and employee from entering into an employment agreement related to trade secrets. 

Businesses can consider the possibility of including noncompetition agreements, which restrict a former employee or former owner of a business from competing, and non-solicitation provisions, preventing solicitation of former colleagues to join in a new venture, in agreements including employment and acquisition agreements.  In the U.S., there are states and courts that restrict enforcement of noncompetition agreements in employment agreements.  Other restrictive covenants, such as prohibitions against  a former employee contacting prior customers, may be viewed more favorably in a U.S. court as they do not directly prevent the employee’s ability from earning a living.  In addition, restrictive covenant agreements that restrict a former employee from contacting or soliciting prior colleagues at the company the former employee is leaving may also be viewed more favorably in a U.S. Court.

Conclusion

It is important to conduct business in ways that adopt “reasonable steps” to protect trade secrets.  These steps include taking inventory of the business’s trade secrets, determining the level of protection to put in place, preventing circulation of the trade secrets beyond a need to know, marking trade secrets as confidential, and entering into agreements that provide confidentiality obligations.   Policies demanding that trade secret information be kept secret must emanate from the top of the business and be disseminated broadly.  Business practices need to be reviewed continually and compliance with established practices audited.  Merely having a policy is not enough, business must follow its own formalized procedures for protecting trade secrets in order to demonstrate that the business intended to maintain the technology as a trade secret (see CVD, Inc. v. Raytheon Co., 769 F.2d 842 (1985)) and implement systems that remain current in view of ever-changing technology being used to bypass confidentiality systems previously considered sufficient.

Written By:

J. Dana Hubbard, Head of Patents, Life Sciences, MilliporeSigma

Susan G. L. Glovsky, Principal, Hamilton Brook Smith Reynolds

Christine M. Wise, Associate, Hamilton Brook Smith Reynolds

 


  1.  
Overview
  1. Contracts and agreements with employees, contractors, consultants, and businesses need to address the confidentiality of trade secrets. 

Internationally, contracts and agreements with employees, contractors, consultants, and businesses need to address confidentiality of trade secrets, which can also be referred to as “confidential information.”  Disclosing a trade secret to a third party without requiring that the third party maintain the confidentiality of the trade secret may remove that information from legal protection as a trade secret.  Businesses enter into a number of types of agreements that should incorporate a requirement that the other party to the agreement maintain the confidentiality of trade secrets that will be disclosed to them as part of the engagement.  Example agreements are employment agreements, nondisclosure agreements (NDA), Material Transfer Agreements (MTA), and consulting agreements. 

Beginning May 11, 2016, these contracts and agreements must provide notice in order to be entitled to the full remedies available under the DTSA.  Forms for each of these agreements need to be assessed and, to the extent necessary, revised to include the Notice Requirement of the DTSA.  An appropriate notice follows:

An individual shall not be held criminally or civilly liable under any Federal or State trade secret law for the disclosure of a trade secret that is made in confidence to a Federal, State, or local government official, either directly or indirectly, or to an attorney solely for the purpose of reporting or investigating a suspected violation of law. An individual shall not be held criminally or civilly liable under any Federal or State trade secret law for the disclosure of a trade secret that is made in a complaint or other document filed in a lawsuit or other proceeding, if such filing is made under seal. An individual who files a lawsuit for retaliation by an employer for reporting a suspected violation of law may disclose the trade secret to the attorney of the individual and use the trade secret information in the court proceeding, if the individual files any document containing the trade secret under seal; and does not disclose the trade secret, except pursuant to court order.

2.         Business trade secrets must be identified and catalogued. 

A regular inventory of trade secrets should take place to assure that the business knows the trade secrets that need protection.  Once a trade secret is identified, the company must safeguard the information in order to keep it confidential.  In addition, once a trade secret is identified, the company should assess, to the extent possible, 1) where is the trade secret located?  2) who needs to have access to the trade secret? and 3) how are others to be denied access?

3.         Access to trade secrets should be limited. 

Paper documents as well as electronic documents containing trade secrets should be labeled confidential on each page in the header.  Information technology (IT) security systems should be established to restrict access to confidential electronic documents that include trade secret information.  Tangible products containing trade secrets need to be labeled confidential.  Businesses may also consider classifying trade secrets in categories, such as confidential and highly confidential, and limiting access to specific individuals within the company based on the level of confidentiality.  For example, trade secrets on which the company relies for a competitive advantage in the marketplace should be labeled highly confidential and access limited to a select number of individuals within the company on a need to know basis. 

It is also important to limit both electronic and paper copies of documents containing trade secrets and to limit their circulation.  Documents containing trade secret information must not be left unattended in a conference room or on a photocopier.  Similarly, computer screens displaying trade secret information should not be visible to individuals nearby.  Privacy screens and timers that ensure computer screens are not visible can assist in preventing viewing of the screens.  Further, strong password protection, with separate passwords and encryption of particularly valuable information, is critical for computers and servers containing the information.  The use of a computer log-in program or a sign-in journal to track who accesses the trade secret information and when would also be helpful.  Likewise, disabling copying and downloading of trade secret information without a supervisor’s acknowledgment could be implemented to limit access and potential employee theft. 

Trade Secrets should not be stored on individual laptop computers or other portable devices, but rather on a secure server.  Only those who are permitted to see trade secret information and tangible objects should be allowed access to areas and servers where these trade secrets are located.  ID badges can restrict even employees from accessing parts of a business’s facilities, for example where new products are being developed.  Visitors should be escorted through facilities and not allowed into areas where confidential information is visible.  Public access, such as through tours of the company, should be limited or barred from areas where trade secrets are used.  In a situation where a tour has to go near a sensitive area, one should consider alerting the trade secret keeper of the tour date and time so that curtains, tarps, or other means can be used to hide or obscure trade secret information from view by those on the tour.  All visitors to the company should be required to identify themselves.  Because the identity of visitors could itself be confidential information, visitors should not be given a log identifying prior visitors to sign, but rather the receptionist should log their arrival. 

It is beneficial to be proactive in preventing misappropriation of trade secrets.  For example, when outsourcing production of products, care should be taken to choose different vendors for different parts so that no single vendor is provided the capability to produce the final product.  For vendors and competitors, special areas can be set aside near the entrance to the business, including the provision of bathroom facilities in order to prevent any need for movement past the entrance to areas where valuable information may be visible or stored.

One might think that it goes without saying that confidential trade secret information should not be discussed in public spaces, including airplanes and elevators or when talking about confidential trade secret information while on a cell phone in a public space, but these indiscretions can and do occur.  It is essential that an attitude of secrecy be engrained, starting from the top position in any business.

4.         Conduct Regular Employee Training.

Employees should be trained on a regular basis about trade secret awareness, nondisclosure of trade secrets to individuals outside the company, prohibition of discussing trade secrets in public spaces as well as the need to inform a corporate officer of any concern of trade secret misappropriation.  Businesses should consider setting up a hotline for whistleblowers so that any suspected trade secret misappropriation can be reported without fear of retribution.  Additionally, an employee handbook should describe the type of information that is confidential and identify the appropriate legal counsel or manager to contact with questions. 

Employees should be continuously reminded of their confidentiality obligation that is implied from the employment relationship and may also be included in their employment agreement as well as the consequences if they fail to uphold their obligations.  The obligation of confidentiality applies not only to tangible and electronic information provided to the employee, but also to trade secret information known and developed by the employee working at the company. 

A company can use its trade secret inventory to ensure that employees return trade secret materials before leaving the company and to remind them of their confidentiality obligations that survive beyond leaving the company. Likewise, a company should not let a departing employee keep an old laptop, tablet, or cell phone, at least not without having first imaged and then cleaned the device.  The use of BYODs (Bring Your Own Device to work) should be limited and again require agreement from the employee that such devices will be imaged and cleaned before the employee leaves the company.

Audits of trade secret protection practices should be considered and conducted on an unannounced basis so as to be sure to understand the real handling of trade secrets by the company.  Maintaining records of these audits and any corrective actions can be advantageous. 

5.         Take Swift Action In Response To Real or Possible Threat of Trade Secret Misappropriation.

If trade secret information is mishandled by an employee, let the employee know and take disciplinary action if needed.  If the company becomes aware that trade secret misappropriation has occurred, take immediate action to terminate the relationship with the vendor, consultant, or employee and take legal action including possible ex parte seizure of the misappropriated trade secrets under the DTSA.

6.         Certain key personnel could be required to sign a restrictive covenant agreement or a non-solicitation agreement.

The DTSA and the EU Directive do not restrict the employer and employee from entering into an employment agreement related to trade secrets. 

Businesses can consider the possibility of including noncompetition agreements, which restrict a former employee or former owner of a business from competing, and non-solicitation provisions, preventing solicitation of former colleagues to join in a new venture, in agreements including employment and acquisition agreements.  In the U.S., there are states and courts that restrict enforcement of noncompetition agreements in employment agreements.  Other restrictive covenants, such as prohibitions against  a former employee contacting prior customers, may be viewed more favorably in a U.S. court as they do not directly prevent the employee’s ability from earning a living.  In addition, restrictive covenant agreements that restrict a former employee from contacting or soliciting prior colleagues at the company the former employee is leaving may also be viewed more favorably in a U.S. Court.

Conclusion

It is important to conduct business in ways that adopt “reasonable steps” to protect trade secrets.  These steps include taking inventory of the business’s trade secrets, determining the level of protection to put in place, preventing circulation of the trade secrets beyond a need to know, marking trade secrets as confidential, and entering into agreements that provide confidentiality obligations.   Policies demanding that trade secret information be kept secret must emanate from the top of the business and be disseminated broadly.  Business practices need to be reviewed continually and compliance with established practices audited.  Merely having a policy is not enough, business must follow its own formalized procedures for protecting trade secrets in order to demonstrate that the business intended to maintain the technology as a trade secret (see CVD, Inc. v. Raytheon Co., 769 F.2d 842 (1985)) and implement systems that remain current in view of ever-changing technology being used to bypass confidentiality systems previously considered sufficient.

Written By:

J. Dana Hubbard, Head of Patents, Life Sciences, MilliporeSigma

Susan G. L. Glovsky, Principal, Hamilton Brook Smith Reynolds

Christine M. Wise, Associate, Hamilton Brook Smith Reynolds

 


  1.  
For More Information, Contact

Primer on Reasonable Steps In Protecting Trade Secrets

Back to the Top