Major League Trade-Secrets Theft

This morning, the New York Times reported that the FBI is investigating whether front-office employees of the St. Louis Cardinals hacked into the Houston Astros’ computer systems. Apparently, the Cardinals’ employees gained access to the Astros’ “internal discussions about trades, proprietary statistics and scouting reports.”

OLYMPUS DIGITAL CAMERA

Virtually all businesses have trade secrets and proprietary information, and baseball teams are no exception. One of the Cardinals’ senior executives, Jeff Luhnow, left the team for the Astros in 2012. While he was at the Cardinals,

The organization built a computer network, called Redbird, to house all of their baseball operations information — including scouting reports and player personnel information. After leaving to join the Astros, and bringing some front-office personnel with him from the Cardinals, Houston created a similar program known as Ground Control.

Once he left, others at the Cardinals allegedly hacked into the Astros’ computer system, using a low-tech method. Not surprisingly, these baseball executives don’t seem to be particularly tech savvy. They simply used the same passwords that Luhnow used when he was still with the Cardinals:

Investigators believe Cardinals officials, concerned that Mr. Luhnow had taken their idea and proprietary baseball information to the Astros, examined a master list of passwords used by Mr. Luhnow and the other officials who had joined the Astros when they worked for the Cardinals. The Cardinals officials are believed to have used those passwords to gain access to the Astros’ network, law enforcement officials said.

This is the first time I can recall this type of corporate espionage taking place between competing sports teams. It will certainly attract a lot of attention, and I’m eager to learn more details about what transpired.

But this case also has a very simple lesson for all companies. When you hire someone from a competitor, their former employer knows what password they were using at their prior job. Obviously, you don’t want them using that same password at your company. Consider assigning a new password. Or instruct the employee to use a different password than they used at their prior job. Either way, you need to make sure that passwords are changed regularly.

Can Periscope Broadcast Your Trade Secrets to the World?

Periscope is an app that allows users to broadcast live video using their smart phone. This technology has the power to transform the delivery of media and information. Essentially, every person can now effortlessly create live video content, whether it’s sharing a family event with those who can’t attend or witnessing a newsworthy event.

I keep hearing more and more about Periscope. For example, I’ve seen media members use it to share press conferences or behind-the-scenes info. At first blush, this may seem irrelevant to your company’s trade secrets. But that may not be the case.

Right now, through Periscope and similar apps, every one of your employees can instantaneously broadcast live video to the world. It’s much easier to share exactly what’s going on, in real time, at your company.

This raises multiple levels of concern. To start, employees may inadvertently transmit proprietary information. For example, an employee could be sharing a broadcast from work intended for his friends and family, while other employees discuss proprietary information within earshot. Even though there was no intent, this information was still shared outside the company.

Even worse, Periscope is a powerful tool in the hands of someone with malicious intent. There has long been a risk that malicious actors can easily capture video. But now, that video can be shared live. For example, an employee could surreptitiously broadcast a company meeting. Or live video of a proprietary process or system.

Periscope is another example of how rapidly evolving technology is constantly creating new risks to your trade secrets. Your trade-secrets policy needs periodic review to make sure it addresses new technology. Depending on the nature of your business, it may make sense to ban live broadcasts completely. Most importantly, you should discuss these issues with an attorney who can help you decide what protections are appropriate for your business.

 

 

The DOJ Announced Another Trade-Secrets Prosecution. What Does That Mean For Your Company?

There has been a lot of news coverage of the DOJ’s charges against Chinese professors for trade-secrets theft and violations of the Economic Espionage Act. Stories like this have become more common, as the DOJ has increased its focus on prosecuting trade-secrets theft. Often, these cases involve defendants with connections to foreign governments, and China in particular. As these cases have become more prevalent, the federal government has dedicated more resources to combating them.

Unfortunately, this will have little effect on most companies that fall victim to trade-secrets theft. The DOJ appears to have little interest in prosecuting run-of-the-mill trade-secrets theft, even though there may have been violations of a federal statute like the Economic Espionage Act. The DOJ simply does not have the resources to deal with the huge number of these cases. Thus, the vast majority of trade-secret misappropriation cases will be handled through civil lawsuits.

So what should you do if you believe your company has been the victim of trade-secrets theft? The answer is simple: you need to consult with an attorney specializing in this area of the law as soon as possible. Time is of the essence, and even a delay of a day or two could cause serious problems. Your attorney can advise you of your options. If your case is a good candidate for federal prosecution, your attorney should let you know. More likely, your options will involve civil remedies. Either way, you will need to make important decisions very quickly.

New Hampshire Supreme Court Rules that Trade Secrets are Not Public Records

Companies that provide services to public agencies and entities are often put in a difficult position. To win business, they must include trade secrets as part of their bid. But most documents provided to public agencies are subject to disclosure under freedom-of-information laws. The New Hampshire Supreme Court recently addressed this issue in CaremarkPCS Health, LLC v. New Hampshire Department of Administrative Services (the opinion can be downloaded here).

Caremark submitted a bid for providing pharmacy benefit management services for New Hampshire’s health plan. As part of its bid, Caremark stated that certain information provided contained trade secrets. After Caremark won the bid, the final contract also indicated that Caremark had provided the department with trade secrets.

Soon after, two of Caremark’s competitors made public-records requests to inspect Caremark’s bid. Caremark filed suit and obtained an injunction prohibiting disclosure of the trade secrets (which were not identified in the opinion). The department appealed.

The New Hampshire Supreme Court addressed the question of “whether the [Uniform Trade Secrets Act] prohibits disclosure of trade secrets[.]” They answered this question in the affirmative and upheld the injunction.

The court focused on the portion of the UTSA providing that misappropriation occurs when someone discloses a trade secret without consent, if the trade secret was acquired under circumstances giving rise to a duty to maintain its secrecy or limit its use. The court ruled that the department had acquired Caremark’s trade secrets under such circumstances, for three reasons:

  • The request for proposal provided that the department would endeavor to maintain the confidentiality of those portions of the proposal “clearly and properly marked confidential”;
  • Caremark marked the information at issue as confidential and proprietary; and
  • The final contract provided that both parties were under a duty not to disclose trade secrets.

These three factors provide guidance if your company is in a similar circumstance. You need to have your attorneys carefully examine the RFP language, as well as the applicable state law, prior to submitting a bid. Then, you should mark any documents containing proprietary information and trade secrets. I would prominently affix “CONFIDENTIAL — TRADE SECRETS” on each page containing trade secrets.

Finally, do your best to negotiate the inclusion of confidentiality language in the final contract, as well as language requiring the governmental agency to inform you of any public records request that calls for the trade-secret documents (provided that those provisions are permissible under applicable law).

There is always risk when submitting trade secrets as part of a bid for a government contract. Not only could a court find that the documents are public records, but you are also relying on the government employees to recognize that requested documents were marked as containing trade secrets. Working with an attorney to implement protections like those discussed above can help minimize this risk. But in the end, you will need to make a business decision as to whether the chance of winning the contract is worth this risk.

When It Comes to Trade Secrets, Ignorance Is Not Bliss

Trade-secret misappropriation cases often involve bad actors who deliberately steal trade secrets. But perhaps just as frequently, trade-secrets are misappropriated by people who simply don’t know better. Many don’t even understand what a trade secret is, let alone that there are laws or other obligations prohibiting inappropriate use or disclosure of trade secrets.

I’ve personally seen this happen over and over. An employee leaves one company to join another in the same industry. He takes many of the documents he created at his old job. These documents contain trade secrets. In his mind, they are his documents. He created them, after all! And at his new job, he uses those documents on behalf of his new employer.

Now both companies have a problem. The former employer’s trade secrets are in a competitor’s hands. And the new employer has unwittingly exposed itself to significant liability.

Both companies are to blame for their problems. The first company did not educate its employees about their responsibilities and legal obligations regarding trade secrets and proprietary information, both while working for the company and after they leave. The second company failed to make sure that the new employee did not bring his prior employer’s trade secrets with him.

There are three primary tools for preventing this situation: contracts, training, and exit/intake interviews. Employees with access to proprietary information should sign a non-disclosure agreement that requires them to keep the information confidential. The agreement should provide that all information belongs to the company even if created by the employee, and must be returned upon termination of employment. And the contract should acknowledge that the employee is not bringing any proprietary info or trade secrets from her prior job.

But employees too often don’t read contracts before signing them. That’s where training comes in. During the on-boarding process, and periodically thereafter, use training sessions to reiterate your trade-secret policy.

Finally, use exit interviews to again instruct the departing employee about his post-employment obligations. Consider having him sign an acknowledgement that he has returned all info and is aware of these obligations. When hiring a new employee, talk with them up front about what info they have from their prior employer. Be sure to consult with an attorney if that discussion raises concerns.

I really believe that many misappropriation cases can be avoided by simply making sure that employees understand these issues. Too often, they do not.

 

Sometimes, a Non-Solicitation Agreement Is Enough

I’ve had a string of injunction hearings in trade-secret and restrictive covenant cases the last two months, which has prevented me from writing regularly. In several of these cases, the defendants signed nonsolicitation and nondisclosure agreements that did not include a noncompete. This type of contractual protection is worth considering.

Recently, there has been a lot of negative press about noncompete agreements that large companies like Jimmy Johns and Amazon have forced upon low-level employees. These situations show that a noncompete is not always necessary. When deciding what contracts you will require your employees to sign, think about each employee’s role and what level of protection you need.

For lower-level employees with limited or no access to your proprietary information, a nondisclosure agreement may be sufficient. Sales or customer-relations employees would likely require a nonsolicitation agreement as well. Generally, it’s worth considering whether to limit noncompetes to those employees who have ongoing access to (or perhaps created) your trade secrets.

There’s a tangible benefit to leaving out the non-compete clause. In my experience, judges are far more comfortable preventing a former employee from soliciting employees, as compared to preventing them from working in an entire industry. I like being able to say “Your honor, we are not asking you to prevent John Doe from working in this industry. In fact, we have no problem with him continuing to work for his new employer. All we are asking is that Mr. Doe not be permitted to use our confidential information or solicit our clients.”

In the end, if you only need to prevent solicitation, including a non-compete can do more harm than good.

Of course, non-compete agreements have their place. Figuring out which agreements to implement is a critical decision that you should not make alone. Consult with an attorney who can help craft an overall strategy for protecting your trade secrets.

3D Printing: A Gateway to Trade Secrets Theft?

I read a very interesting and important article recently on PwC’s emerging technology blog about the intersection of 3D printing and trade secrets. I meant to write about it sooner, but one of the occupational hazards of practicing trade-secrets law is that you can get very busy very quickly.

This article focuses on manufacturing. It starts by talking about how a manufacturing company’s trade secrets often reside in multiple locations throughout the company, including product-specification documents, CAD drawings, and equipment configurations. “To gain access to a company’s secret sauce, thieves must patiently collect trade secrets from a variety of sources as well as try to reverse engineer products through trial and error.”

But now, 3D printing is exploding in the manufacturing sector:

According to a PwC survey of US manufacturers, two of three companies are already adopting 3D printing in some way. In our survey, we estimated that the global 3D printer market will soar to $6 billion by 2017, from $2.2 billion in 2012. From the printing of jet engine parts to soccer cleats, the technology is being hailed by some as a revolution in how more and more products will be developed, produced, and even sold.

And while 3D printing offers manufacturing efficiencies and technological advantages, it brings serious risks as well:

To realize the transformational benefits of 3D printing, you must encode the 3D printer with explicit instructions on how to design the product, including what materials to use, and when and how to use them. Today, intricate trade secret knowledge that took many years and millions of dollars to develop is typically scattered across the organization. As 3D printing is adopted, that information will be housed and concentrated in digital files that, like any other digital document, can be hacked.

All companies using 3D printing that involves proprietary information need to focus very closely on protecting this information. The article finishes with some very good advice to this end:

Like it or not, 3D printing provides the perfect portal for cyberthieves and exposes manufacturers to a level of risk that most are simply not prepared to deal with right now. The projected boom in 3D printing is a great reason for manufacturers to get serious about protecting their trade secrets today.

This echoes a theme repeated often on this blog: all companies need to take inventory of their trade secrets and the ways they are (and are not) protecting them. And this must be an ongoing process — as new technologies like 3D printing emerge, trade secret protections can become outdated and inadequate very quickly. Now is the time to start this process by speaking with an attorney who can work with you to craft protections appropriate for your company.

Guest Post: Bankruptcy Court Rules That Debtor Did Not Sell Its Trade Secrets

By Solomon Genet

As a semi-regular guest-author on this blog, I try to stick with bankruptcy-related trade-secret issues.  The bankruptcy court’s January 2015 decision in In re NMFC, LLC is worthy of note. There, the court determined whether the debtor still owned its trade secrets. A copy of the opinion is linked below.

The South Carolina bankruptcy court had to decide whether certain trade secrets were either: (1) sold by the chapter 7 bankruptcy debtor pre-petition as part of a lender-imposed UCC sale to a buyer; or (2) outside of the assets sold, and therefore property of the debtor’s bankruptcy estate.  The bankruptcy court examined the language of the Bill of Sale, which included the following items being sold: intellectual property used by the debtor “in the manufacture, sale or other commercialization of performance fibers.” In other words, the court had to decide whether this definition include the debtor’s trade secrets. The trade secrets at issue related to the development of battery technology.

The bankruptcy court focused on the term “commercialization.” It ruled that since, when the sale occurred, the pre-petition debtor (1) was only having preliminary discussions about applications for its trade secrets; (2) had not yet established how a product would be created or what properties, in terms of weight, size or otherwise, it would have; and (3) had not yet set up a trial schedule for the product or drafted a patent; the trade secrets were not yet at the stage of “commercialization.”  Therefore, these trade secrets were not sold to the third party and they instead belonged to the debtor’s estate.

This appears to be a harsh result against the buyer, but is a good lesson for the purchasers of trade secrets in the marketplace: make sure the purchase contract explicitly defines the trade secrets being conveyed.

In re NMFC, LLC

Solomon Genet is a partner at Meland Russin & Budwick, P.A. in Miami, FL. He specializes in complex commercial litigation, business insolvency, and financial-fraud-related matters in the State and Federal courts.

Are IT Employees Your Weakest Link?

This morning, I read this article about how an IT worker at an investment-management firm tried to frame one of his co-workers:

Back in September 2013, executives at a well-known Coral Gables investment management firm got a shocking e-mail from a tech employee demanding to be promoted.

Jeffrey Bau threatened to leak “sensitive information” that would spur clients to “withdraw” their business from Bayview Asset Management.

But Coral Gables police detectives say Bau never sent the e-mail – in fact, it was a former co-worker scheming to frame Bau.

It’s not clear what motivated the IT worker. But he was sloppy. According to the article, he used his credit card to pay for the VPN connection he used to send the email.

While it sounds like the company’s sensitive information was not actually at risk, this article highlights a major security problem when it comes to protecting proprietary information: your IT employees/consultants.

These employees typically have complete access to your servers, including all proprietary information and trade secrets stored there. Thus, these employees have a unique ability to cause damage.

I litigated a case dealing with this issue. One of my client’s disgruntled IT employees downloaded a huge amount of customer data, including sensitive personal information, to a hard drive. He then threatened to make that info public. Although we were able to obtain an ex parte injunction and recover the hard drive before any damage was done, it was a harrowing experience for the client.

It is critical that your company implements protections to mitigate the risk that these employees will abuse their power to your detriment. For example, all IT employees or consultants should, at a minimum, sign a confidentiality agreement.

The confidentiality agreement you are using for other employees may not work for your IT employees. Consult with a lawyer who can help decide whether the IT employees’ agreements need to be altered in light of the unique access that IT employees have. Consider putting in a liquidated damages provision for unauthorized disclosure of any company information.

By the way, you may have noticed that I haven’t posted in a few weeks. I’ve been dealing with multiple evidentiary hearings, including for an emergency injunction. since I last posted. This hasn’t left me with much time for blogging. Hopefully, I’ll be posting more frequently starting soon.

Professors Invent Threat of “Trade Secret Trolls”

I’ve written several times in the past about the proposed legislation to create a federal cause of action for trade-secrets misappropriation (see herehere, and here). I also wrote a response to a letter signed by a number of professors who opposed this legislation. Now, Professors David S. Levine and Sharon K. Sandeen have written a law review article titled “Here Come the Trade Secret Trolls.” This article misses the mark by a mile.

Here is the article’s core argument:

The [proposed federal] Acts are most likely to spawn a new intellectual property predator: the heretofore unknown “trade secret troll,” an alleged trade secret owning entity that uses broad trade secret law to exact rents via dubious threats of litigation directed at unsuspecting defendants.

The use of the term “troll” is meant to evoke patent trolls, who have been the subject of much scorn. But the so-called “trade secret troll” is far different than a patent troll. The latter actually own patent rights, which they wield to seek licensing fees. The article’s mythical trade-secret troll is simply someone willing to bring a frivolous lawsuit to extort an undeserved settlement. I suspect the authors chose this term to piggyback on the negative attention heaped on patent trolls, thereby arming the legislation’s opponents with a pejorative term that may scare legislators or their constituents.

Putting titles aside, the article can’t reconcile its core argument with the fact that, as the authors acknowledge, “trade secrecy has been generally free of similar trolling behavior.” In other words, there is no epidemic of frivolous trade-secret lawsuits under the current state-law framework. (Certainly, there are weak misappropriation cases, just like with any cause of action. But I haven’t seen any evidence to suggest that such cases are disproportionately filed.)

The authors try to make the point that the proposed federal acts would transform trade-secrets law such that threatening and filing frivolous lawsuits would become commonplace. Yet the article does not really explain why this is so. It gets closest when discussing the proposed ex parte seizure provisions. But as I mentioned in my response to the professors’ letter, this risk is highly overblown. Convincing a federal judge to enter ex parte relief is no simple matter. And the defendant will have the right to challenge any seizure order very soon after its entry. Federal judges will not be amused if they have been manipulated into entering unnecessary ex parte orders.

The article fears that “trolls” will be able to threaten an ex parte seizure, which will be sufficient to scare a defendant into paying up before the suit is filed. Yet any innocent defendant will know that the likelihood of such an order being entered is slim. Further, simply sending the letter would undermine an attempt to get an ex parte seizure order. If the plaintiff was able to send a demand letter, thereby putting the defendant on notice of the possible claim, then a judge would be highly skeptical of a claimed need for an ex parte order.

The article also argues that unsettled interpretative questions relating to the acts will fuel frivolous lawsuits. But the article forgets that creating a federal cause of action will quickly lead to a much more robust body of published caselaw interpreting the statute. While there are very few published trial-court-level decisions in state courts, U.S. district court orders are widely available.

Frankly, state courts are much more susceptible to frivolous trade-secrets suits than federal courts. Take Florida, for example. Here, state court judges have to deal with remarkably bloated dockets. In fact, I’ve had multiple cases where it took months to get an emergency injunction hearing. State-court judges generally don’t have law clerks. And in Florida, judges often rotate between civil, criminal, family, and dependency divisions. This latter point is critical: judges often don’t spend enough time in the civil division to develop a familiarity with trade-secrets law. All of these issues lead to uncertainty, which would seemingly aid the unscrupulous litigant looking to extort a settlement. Yet, as the authors themselves acknowledge, we simply have not seen this so-called trolling.

There’s no question that frivolous lawsuits would be filed under the proposed federal legislation, just as like every other cause of action. But there is absolutely no credible reason to believe that such suits can’t be remedied with the typical mechanisms deigned to ferret out meritless claims, like Rule 11 motions.

As I’ve argued in the past, the proposed legislation has tangible benefits that aid trade-secrets owners in protecting their critical proprietary information. The arguments lobbed up in opposition—including the manufactured risk of “trolling”—don’t hold up to careful scrutiny.