Trade Secrets In the News

news

Each week, I’m going to be posting links to news articles dealing with trade secrets from the prior week. If you want to get links to the articles throughout the week, follow me on twitter at @BlogTradeSecret, where I frequently tweet out links to trade-secrets articles. And also check out John Marsh’s excellent Trade Secrets Litigator blog, which has a wrap up of the week’s noteworthy trade-secret posts on Fridays.

Federal Circuit Addresses Uniform Trade Secrets Act Discovery Rule

In Phillip M. Adams & Assoc., LLC v. Dell Computer Corp., 2013 WL 1092719 (Fed. Cir. March 18, 2013), the Federal Circuit addressed the discovery rule applicable to Utah’s Uniform Trade Secrets Act (UTSA).

The plaintiff had patents and trade secrets relating to a process for detecting data-corruption defects in floppy disks. One of the defendants later created similar software, after which the plaintiff brought a misappropriation claim under the UTSA (and other patent-related claims).

Under the UTSA, a trade-secret claim must be brought within three years after the misappropriation is discovered or should have been discovered by the exercise of due diligence.

Here, the Federal Circuit applied the discovery rule, “under which a statute of limitations is triggered when a plaintiff first has actual or constructive knowledge of the relevant facts forming the basis of the cause of action,” to determine whether the plaintiff’s claim was time-barred under the UTSA’s three-year statute of limitations.

The Court focused on an email sent by the plaintiff, which showed that the plaintiff knew the defendant obtained the plaintiff’s detection program from one company (IBM) and passed it to another. The plaintiff’s email described this as a “potential theft.”

According to the Federal Circuit, this email showed the plaintiff’s constructive knowledge of the misappropriation. The Court noted that, as of sending the email, the plaintiff knew the defendant disclosed a trade secret that was either (1) “derived from or through a person who owed a duty . . . to maintain its secrecy” (if IBM was permitted to have the program) or (2) “derived from or through a person who had utilized improper means to acquire it” (if IBM was not permitted to have the program). Since both of these constitute misappropriation under the UTSA, the email demonstrated sufficient knowledge of a UTSA violation.

This case, along with many others interpreting the statute of limitations applicable to trade-secret misappropriation claims, emphasizes how important it is for a company to seek legal assistance as soon as it even suspects that its proprietary information has been stolen (or inadvertently disclosed). And it shows how important it is for attorneys to diligently and immediately investigate exactly when their client first learned of the potential misappropriation.

Trade Secrets in the Cloud: Stormy Weather?

Image

This is the first in a series of posts addressing trade secrets in the age of cloud computing.

As companies increasingly turn to the cloud to store content, I’ve been considering the implications for trade-secret protections. Mostly, I have been thinking about how companies should restrict sharing of data and documents through services such as Dropbox. I will be addressing these issues in future posts.

But an article I read recently on nbcnews.com titled Is your cloud drive really private? Not according to the fine print made me think of something entirely different: once in the cloud, companies are at the mercy of the cloud provider’s terms of service.

According to this article, several cloud providers’ terms of service allow them to actively search stored files. This includes Apple, Microsoft, and Verizon Online. While the article discusses terms of service in the context of  locating and preventing child pornography (which is obviously a critical effort), I wonder how these terms of service affect a company that stores confidential documents in the cloud.

To be classified as a trade secret under the Uniform Trade Secrets Act, reasonable efforts must be taken to protect the information. Is it reasonable to store a trade secret on a cloud server when the provider can actively search the stored documents?

I am not aware of any court decisions addressing this issue. But, as long as the cloud provider cannot share these documents with anyone else (unless a crime is being committed), it seems to me that the mere fact that the cloud provider itself can access documents should not make the use of cloud services to store trade secrets unreasonable. Companies have to be able to contract with third parties to provide routine services without threatening trade-secret protections.

Certainly, before selecting a cloud-storage provider, it is important to understand the provider’s terms of service.

As technology evolves and moves forward at warp speed, new and unique issues relating to trade secrets are sure to emerge. I’m going to try to keep up with these issues on this blog.

The Final Four . . . Categories of People That Threaten Your Trade Secrets

Image

Since everyone is focused on filling out brackets to identify the final four, let’s also take a look at  four important categories of people who threaten trade secrets: Employees, customers, vendors, and visitors.

Employees: No group poses a greater threat to trade secrets than employees. Virtually all companies with employees must share some proprietary information with them. And many of these employees will eventually work for a competitor. Thus, an employer can never be too vigilant about protecting itself from accidental—or worse, intentional—disclosure of trade secrets by its employees.

The best way to limit this risk is to have all employees with access to proprietary information sign a noncompete agreement that contains nondisclosure obligations as well. At a minimum, all of these employees should sign a nondisclosure agreement. Also, proprietary information should only be shared with employees who need that information to perform their jobs. And it is critical to educate employees about their trade-secret obligations.

In future posts, I will be talking frequently about how to best deal with employees.

Customers: While customers are obviously the lifeblood of any company, they present hidden risks for disclosure of trade secrets or proprietary information. Take pricing information in an industry where prices are not widely known, for example. (In certain circumstances, pricing information can be a trade secret. At a minimum, pricing information is valuable in a competitor’s hands.) Customers could tell competitors about pricing in an attempt to negotiate a better deal. This problem can be addressed with confidentiality provisions in customer contracts.

Vendors: Companies often provide their vendors with confidential information. Like with customers, the risk here can be minimized with confidentiality language in vendor contracts.

Visitors: By visitors, I mean not only actual visitors to a company’s physical location, but anyone who can access the company’s information in person or remotely. For example, anyone who can access a company’s website is a visitor. To keep visitors from accessing proprietary information, implement a formal visitation policy, including making all in-person visitors sign in and be accompanied by a staff member at all times. And make sure to work with an IT professional to ensure that online visitors cannot access confidential information.

Ten Ways Businesses Can Protect Their Trade Secrets

Since the purpose of this blog is to provide information that makes it easier for companies to protect their trade secrets and proprietary information, let’s get started with a list of steps that businesses should take to protect their trade secrets:

  1. Noncompete agreements. Make sure all key employees (or, ideally, all employees who have access to proprietary information) sign noncompete agreements.
  2. Nondisclosure agreements. All employees should sign an agreement that requires them to keep the company’s proprietary information confidential. This can be included in the noncompete agreement. Have employees without a noncompete sign a stand-alone nondisclosure agreement.
  3. Trade-secrets policy. Either as part of an employee handbook or on its own, implement a formal trade-secrets policy. Have each employee acknowledge in writing that they received and reviewed the policy.
  4. Employee training. A formal trade-secrets policy is only effective if employees know about their roles and responsibilities with regard to the company’s trade secrets and confidential information.
  5. Exit Interviews. All companies should be conducting exit interviews with departing employees whenever possible. These interviews should address trade secrets and confidential information, including making sure the departing employee is aware of his or her contractual and other legal obligations. This is also a good opportunity to learn where the employee will be working next, which could alert you to the risk of confidential information being disclosed if the departing employee will be working for a competitor or starting their own company that will compete with yours.
  6. Vendor Agreements. Anytime a vendor has access to confidential information, the agreement with that vendor needs a confidentiality provision.
  7. Restrict access. Make sure that confidential or proprietary information is only accessible to those employees who need this information to carry out their jobs. Access can be restricted through IT systems (e.g., password-protected documents) or more conventional means, such as providing employees with a locking drawer they can use to store printouts of confidential documents.
  8. Computer passwords. Make sure that all employees know to lock their computers whenever leaving their desks. Require all employees to change their passwords periodically.
  9. Reply all. Not only is it brutally annoying to receive unnecessary “reply all” responses, but inadvertent use of “reply all” can circulate proprietary information to unintended recipients. Discourage employees from using “reply all” unless absolutely necessary. Consider using an add-on to your email software that requires employees to confirm before “replying all.”
  10. Data-loss-prevention software. Install software that monitors sensitive information and alerts to possible improper disclosure of this information.

While some of these steps require the assistance of an attorney, others can be taken immediately.

In future posts, I’ll examine these in more depth.

Welcome to the Trade Secrets Law Blog!

Hello there. In this blog, I hope to provide information about and insight into protecting trade secrets and proprietary information. I will discuss legal developments, including court decisions addressing the Uniform Trade Secrets Act, common-law trade-secret protections, and related topics such as noncompete agreements. I will also address practical issues companies face, and offer advice and guidance.

To give a bit of background, I am an attorney at the law firm of Meland Russin & Budwick, P.A. in Miami. I am a business litigator, with a focus on helping companies protect their trade secrets and proprietary information. I work with companies to identify their trade secrets and keep them secure. I also represent companies in trade secret, noncompete, and general business litigation.

I welcome any questions, comments, or suggestions; I can be reached at eostroff@melandrussin.com, TradeSecretsLawBlog@gmail.com, or (305) 358-6363.

Stay tuned…

%d bloggers like this: