House Passes Defend Trade Secrets Act

Over the past few years, there has been much discussion and debate over the Defend Trade Secrets Act (DTSA), which amends the Economic Espionage Act to create a federal civil cause of action for trade-secrets misappropriation. Well, we’re on the verge of the DTSA becoming the law of the land. Several weeks ago, the Senate passed the DTSA by a vote of 87-0. Today, the House of Representatives passed the bill by a vote of 410-2. Now, it goes to the President for signature.

Since President Obama supports the bill, we are just days away from one of the most significant events in the history of trade-secrets law, the creation of a right to sue in federal court to remedy misappropriation. I’ve strongly supported this law, so I’m very pleased with this development. I look forward to litigating trade-secrets actions in federal court.

Would Your Employees Sell Their Network Password?

Sailpoint recently released its 2016 Market Pulse Survey, which examined employees’ roles in IT security. The results should terrify employers. The report can be downloaded here.

This report echos a theme I’ve been repeating here often: employees can be the biggest threat to your trade secrets. Consider the following findings:

  • 65% of respondents admitted using a single password across applications
  • One in three shared passwords with co-workers
  • More than 40% still had access to corporate network accounts from their prior job

And most disturbing:

  • 20% worldwide, and 27% in the U.S., would sell their corporate password to an outsider, often for less than $1,000
  • 26% admitted uploading sensitive information to the cloud with the intent to share outside the company

Some of these issues can be addressed through proper training regarding password hygiene and protection of proprietary information. But it’s more difficult to address malicious insiders who want to sell access to your system or disclose your trade secrets.

The malicious-insider problem requires proactive thinking. Consult with your IT team or an outside expert to implement solutions that monitor system usage and alert to irregular activity. Work with HR and management to identify employees who are dissatisfied with their jobs, or otherwise showing signs of higher risk. And make sure that each employee only has access to the proprietary information necessary for that employee’s job.

Also, restrictive covenants and non-disclosure agreements can both deter this type of wrongdoing and allow for more effective enforcement if misappropriation occurs. Consult with an attorney who specializes in trade-secrets law to determine what types of contracts and other legal protections are best suited to protect your company.

%d bloggers like this: