Alley-Oops: The Orlando Magic Tweeted a Picture Showing Team Trade Secrets

Sometimes companies forget about even the most obvious protections for their trade secrets. For example, “don’t tweet out a picture of your secret business strategies.” The Orlando Magic recently did just that.

Earlier this month, a player’s agent tweeted a picture of the player signing a new contract with the Magic. But the picture also showed a dry-erase board listing the Magic’s off-season free-agent targets and trade possibilities. Now there are reports that the Magic’s general manager, who has since been fired, took the picture.

It goes without saying that the Magic don’t want the rest of the league knowing about their off-season personnel plans, which are arguably trade secrets if appropriately protected. But for some reason, they left those plans on a dry-erase board and then let an agent—who could potentially benefit from knowing that information—into the room. And then they allowed the contents of the board to be shared with the rest of the world. Not particularly savvy.

The lesson here is simple, and seemingly obvious: trade secrets need to be secret. They shouldn’t be left up on a dry-erase board. Or in papers on someone’s desk. This episode shows that even intelligent people can have a lapse of judgment. If you implement and enforce a trade-secrets policy that only allows storage of trade secrets in secure media, and limits disclosure of trade secrets to those who need them to do their jobs, you can minimize the “human error” element that led to this embarrassing gaffe.

The Cybersecurity Article that Every Executive Should Read Immediately

I love this article, titled Why America’s Current Approach to Cybersecurity Is So Dangerous. It should be required reading for all executives at companies at risk of a cyber attack — in other words, all companies. While the whole article is great, its core message can be reduced to a single sentence: People, not technology, are the key to reducing the risk of cyberattacks. I could not agree more, as I’ve written about before. Every company needs to ask: what can we do to create a culture of protection?

The article starts by identifying the problem:

We should be concerned that, as a society, our minds go mushy when it comes to “digital literacy,” “information security,” “online safety,” or whichever name we choose. In fact, that mushiness is a major reason why America’s current approach to cybersecurity is so dangerous. We’re ignoring the behaviors of the overwhelming majority of actual users, and therefore leaving the largest attack surface undefended. . . . To the extent we are all part of the contest in cyberspace, we’re essentially deploying our troops without armor, our submarines without sonar.

And as a result, “cybersecurity has transformed what is actually a ‘people problem with a technology component’ into its exact opposite.” Yes! Technology is not a panacea for preventing cyber attacks. Technology can’t protect your company’s biggest vulnerability: the people working there. “Until we embrace a vision of public cybersecurity that sees all people, at all ranges of skill, as essential to our collective security, there will be no widespread cybersecurity.” The same goes with your company. You can spend millions or more on tech-based protections, but if you ignore the human risk, your security is virtually certain to fail. And of course, if you are at risk of a cyberattack, you are at risk of trade-secret theft.

The article finishes with a great analogy between cybersecurity and public health:

We need to get better to increase our herd immunity against botnets. We need to see that cybersecurity—like all aspects of safety, security, and resilience—is a shared responsibility. Better devices and apps won’t save us, since there are myriad other ways that individuals—even highly trained ones—become the weak link allowing bad guys to access personal, corporate, and government information assets. And almost all efforts at online safety, while well-meaning, are so poorly designed as to preclude knowing whether they work. It’s not magic: As with health or safety education, we need to start with basic steps and repeatable behaviors—like hand-washing or looking both ways before crossing.

This is the key. In a mature organization that has fully embraced and achieved a culture of protection, the employees will treat cybersecurity as second nature. Good habits will have become routine. Unfortunately, I have yet to encounter a company that has reached this point. For a variety of reasons—dependence on technology first among them—just about all employees have a host of bad habits that put the company at risk.

Creating this culture is not easy. To the contrary, it will require repeated, sustained effort, initiated and supported from the very top of the organization down, over a long period of time. Nor will it guarantee that all cyberattacks will be thwarted. But I see no viable alternative. Any company that has not made employee-level protection a top priority is virtually certain to suffer repeated cyberattacks.

Florida’s Restrictive Covenant Statute: The Power of Presumption

Florida has one of the most employer-friendly restrictive-covenant statutes in the country, Section 542.335, Fla. Stat. For example, the statute prohibits judges from considering any hardship suffered by the person against whom enforcement is sought. The statute also contains a rebuttable presumption that a violation of an enforceable restrictive covenant creates irreparable injury. Yesterday, Florida’s Third District Court of Appeal (which covers Miami-Dade County) issued an opinion showing the power of this presumption. The opinion, in Allied Universal Corp. v. Given, can be downloaded here.

Allied manufactures and distributes water-treatment chemicals. Defendant Given worked as a regional sales manger for Allied and signed a non-compete agreement. As part of his employment, he received training regarding various aspects of Allied’s business. Given resigned from Allied to work for Univar, a company that competes with Allied. Allied filed suit and sought a temporary injunction, which the trial court denied on the grounds that Allied failed to show irreparable harm.

The appellate court focused on the rebuttable presumption of irreparable injury and described the evidence offered by Allied:

At the evidentiary hearing on the motion for temporary injunction, Allied presented unrebutted evidence of the existence of statutorily legitimate business interests to be protected and evidence that Given had substantial relationships with specific prospective or existing Allied customers. Allied’s president, Mr. Palmer, testified that his company had trained Given, over the course of Given’s six-year employment, in its manufacturing and production techniques, marketing strategies, and confidential pricing strategies. In addition, Given had knowledge of existing and prospective customers, and had been sent to several trade meetings to cultivate these contacts.

Thus, the court concluded that Allied had successfully shifted the burden to Given to establish the absence of irreparable injury. But Given “failed to present any such evidence.”

Interestingly, Given argued that because he had not yet begun actively working for Univar, he had not breached the noncompete and no damages were incurred. But he admitted that if he were not enjoined, he would start working for Univar. The court rejected this argument, noting that “the only focus at the preliminary injunction stage is to maintain longstanding relationships and preserve the company’s goodwill.” In the future, plaintiffs can use this language to highlight the need to maintain the status quo.

Given Florida’s employer-friendly restrictive-covenant statute, noncompete and related agreements are powerful tools for Florida companies seeking to protect trade secrets and proprietary information. Cases like Allied show how this statute makes it easier for an employer to obtain an injunction prohibiting violations of a restrictive covenant.

Another Federal Court: No Heightened Pleading Standard in Defend Trade Secret Act Cases

Previously, I wrote about a decision from the District of New Jersey that declined to apply a heightened pleading standard to Defend Trade Secret Act claims. Now, another federal court has reached the same conclusion. A copy of the opinion can be downloaded below.

In Aggreko, LLC v. Barreto, pending in the District of North Dakota, the plaintiff and one of the defendants, Elite Power, are competitors in the generator-renting industry. Defendant Barreto previously worked as Aggreko’s sales manager. Aggreko alleges that Barreto resigned under false pretenses, thereby hiding his intention to work for Elite Power. And on the way out, Barreto allegedly downloaded Aggreko’s trade secrets and confidential information. Aggreko sued Elite Power and Barreto for violations of the Defend Trade Secret Act, among other claims.

The defendants moved to dismiss, arguing that Aggreko failed to plead its misappropriation claims with sufficient particularity. The court rejected this argument:

All that is required at this stage of the proceedings is an allegation that Barreto misappropriated Aggreko’s trade secrets sufficient to put the defense on notice as to the nature of the claim. Aggreko has alleged Barreto wrongfully acquired its trade secrets and provided them to Elite Power. Aggreko describes its trade secrets as including customer lists and information regarding Aggreko’s operations, customers, business proposals, pricing strategy, client preference and history, and proprietary pricing models known only to Aggreko; a description which the Court finds is clearly adequate under Rule 8. The discovery process will provide the parties with the details relevant to the claims, most of which are known to Barreto.

In this case, it sounds like the plaintiff only offered high-level allegations of the trade secrets at issue. And those allegations survived a motion to dismiss. This, along with the case discussed in my prior post, should be encouraging to trade-secret plaintiffs who are leery of a possible heightened pleading standard in federal court.

Aggreko v. Barreto Order

Federal Court Denies Expedited Discovery In Defend Trade Secret Act Case

Trade-secret-misappropriation cases can move fast. Often, the plaintiff files a motion for temporary restraining order alongside its complaint. Sometimes, the plaintiff has enough evidence already to justify a TRO. Other times, the plaintiff needs to take discovery before the TRO hearing.

But the typical discovery deadlines in the rules of civil procedure are not well suited for these TRO proceedings. Thus, plaintiffs regularly seek expedited discovery. In my experience, the parties are often able to agree to an expedited discovery schedule, since defendants usually want to take discovery as well. But when the parties cannot agree, the court needs to get involved. A recent case out of the Middle District of Florida shows the importance of narrowly tailoring expedited discovery requests, particularly when asking a judge to permit this type of discovery.

In Digital Assurance Certification, LLC v. Pendolino, the plaintiff works with municipal bond issuers to comply with various SEC regulations. The plaintiff alleges that the defendant, a former employee, left to work for a competitor. And in his final week of work, according to the plaintiff, the defendant used a USB drive to access every document on the plaintiff’s shared drive. Thus, the plaintiff brought claims for violations of the Defend Trade Secret Act and the Florida Uniform Trade Secrets Act, among others, and filed a motion for a TRO.

In advance of the TRO hearing, the plaintiff filed a motion for expedited discovery. The court denied the motion. A copy of the order can be downloaded below.

The court first set forth the standard for determining whether the plaintiff had demonstrated good cause for expedited discovery:

Factors the Court considers in deciding whether a party has shown good cause include: (1) whether a motion for preliminary injunction is pending; (2) the breadth of the requested discovery; (3) the reason(s) for requesting expedited discovery; (4) the burden on the opponent to comply with the request for discovery; and (5) how far in advance of the typical discovery process the request is made.

Here, the court focused on the second factor, the breadth of the plaintiff’s requests. The court took issue with the scope of the plaintiff’s requests, noting that “while these matters may be relevant to the issues raised in DAC’s complaint, they go far beyond what is needed for the hearing on the motion for a temporary restraining order.”

Take away: When bringing a motion for a TRO, the plaintiff’s lawyers need to figure out quickly whether the parties will be able to agree to an expedited discovery schedule. If not, the plaintiff needs to draft discovery requests that are laser focused on the issues relevant to the TRO hearing. In my experience, judges will allow this type of discovery, as long as the requests are reasonable. Conversely, judges will protect defendants from overbroad discovery.

Digital Assurance Certification, LLC v. Pendolino

Trump and Trade Secrets: Signs of Encourgagement?

I’ve written several times about how Donald Trump’s rhetoric suggesting radical foreign-policy changes could threaten US companies’ trade secrets. See here and here. In particular, I’ve been concerned about Trump’s aggressive stance towards China, including statements about upending the “One China” policy.

Now that we’re several weeks into Trump’s presidency, we are seeing signs that his foreign policy won’t be so radical after all.

This New York Times Article, titled Trump Foreign Policy Quickly Loses its Sharp Edge, explains:

As Mr. Trump begins to shape his foreign policy, he is proving to be less of a radical than either his campaign statements or his tempestuous early phone calls with foreign leaders would suggest.

The article discusses how Trump’s actions as president differ from his campaign statements, including his recent affirmation of the One China policy. It also talks about how Cabinet members like Secretary of State Rex Tillerson and Defense Secretary Jim Mattis have emerged as persuasive voices, advocating for a more stable approach to geopolitical issues.

This is encouraging. I have been very concerned that Trump’s volatile, unpredictable style, combined with his lack of experience, would strain the relationships between the US and countries like China that have a history of state-sponsored trade-secrets theft. For now, it seems like there are voices of reason within his administration who have Trump’s ear. But at this very early stage of Trump’s presidency, substantial uncertainty remains.

Note: This is not a political blog, and I am not commenting on the more controversial issues discussed in the NY Times article. Here, I am solely focused on how the Trump administration’s actions impact companies’ trade secrets.

Federal Court: No Heightened Pleading Standard Under the Defend Trade Secrets Act

As more plaintiffs bring claims under the shiny new Defend Trade Secrets Act, we continue to learn about how courts are interpreting this statute. On Tuesday, the District of New Jersey answered an open question: whether the statute, in conjunction with Twombly/Iqbal, requires a heightened pleading standard for misappropriation. In Chubb INA Holdings, Inc. v. Chang, the DNJ declined to apply such a standard. A copy of the opinion can be downloaded below.

In this case, Chubb sued its former employee and its competitor Endurance, alleging that the former employee worked with Endurance to solicit a large number of employees from Chubb’s real estate and hospitality division. The goal was to hire enough Chubb employees to create a “turnkey” operation for Endurance. In the process, Chubb alleges, the former employees took Chubb’s confidential information. Chubb sued for, among other things, violations of the Defend Trade Secrets Act.

The defendants moved to dismiss, arguing that Chubb did not offer sufficient allegations of actual misappropriation, as opposed to inevitable disclosure. In denying this motion, the court found that Chubb alleged “more than the mere possibility of misconduct,” citing to Ashcroft v. Iqbal. The court also focused on the pleading standard:

Plaintiffs “need not make out specific allegations as to exactly how Defendants used or disclosed Plaintiff[s’] trade secrets; there is no heightened pleading standard for a misappropriation claim, and Plaintiff[s are] entitled to seek discovery to support [their] allegations setting forth a prima facie claim.”

The court was quoting from a case interpreting a New Jersey state-law claim for trade-secrets misappropriation.

This is obviously a plaintiff-friendly interpretation of the statute. It allows plaintiffs to plead misappropriation more generally, and then obtain discovery to sharpen the details.

Interestingly, the court’s approach here—relying on reasoning from a court in its state interpreting that state’s trade-secrets law—could result in state-by-state differences in how the DTSA is interpreted.

Chubb v. Chang MTD Order

Florida Loves Non-Compete Agreements

Florida’s restrictive-covenant statute, Section 542.335, is one of the most employer-friendly in the country. A recent case from Florida’s Fourth District Court of Appeal, Transunion Risk and Alternative Data Solutions, Inc. v. Reilly, shows how this statute favors an employer trying to enforce a restrictive covenant against a former employee. A copy of the opinion can be downloaded below.

This opinion is short on facts, but the plaintiff sued the defendant for violating a non-compete agreement and sought a temporary injunction. At the injunction hearing, the trial court ruled in the defendant’s favor after the plaintiff finished its case in chief, before the defendant put on any evidence.

The appellate court reversed. First, it looked at the likelihood of irreparable injury, citing the statute’s presumption of irreparable injury that arises when the plaintiff shows a violation of an enforceable restrictive covenant. Here, the appellate court reversed because the defendant did not present evidence:

As the trial court’s ruling was issued before Reilly presented any evidence, Reilly could not have met his burden of presenting evidence overcoming the presumption.

This doesn’t sound right. A defendant should have the right to rebut this presumption simply by cross-examining the plaintiff’s witnesses. That’s what the trial court apparently thought happened here. But the presumption so strongly favors the plaintiff that this appellate court was unwilling to allow the defendant to rebut it without putting on affirmative evidence.

The trial court also concluded that the plaintiff had an adequate remedy at law. But the appellate court reversed this finding, noting that even when a plaintiff has suffered actual money damages,

the continued breach of a non-compete agreement threatens a former employer’s goodwill and relationships with its customers, and nothing short of an injunction would prevent this loss.

This finding essentially eliminates the adequate-remedy-at-law prong of the injunction analysis in restrictive-covenant cases.

Finally, the appellate court reversed the trial court’s finding that the plaintiff had not demonstrated a substantial likelihood of success on the merits. On this point, the appellate court relied on the trial court’s “implied finding” that the defendant violated a restrictive covenant. So once a court finds that the defendant breached, the plaintiff has automatically shown a substantial likelihood of success.

This case shows how Florida’s restrictive-covenant statute provides employers with the upper hand in litigation. As a result, these agreements are a very effective tool for protecting proprietary information and trade secrets. All Florida companies should consult with an attorney to determine whether to implement these types of agreements.

Transunion Risk and Alternative Data Solutions, Inc. v. Reilly

“Just Doin Blow and Erasing Evidence”

As the Defend Trade Secrets Act—which would create a federal cause of action for trade-secrets theft—makes its way through Congress, critics have focused on the proposed statute’s ex parte seizure provision. In a nutshell, the statute would allow for the entry of ex parte orders to seize specifically identified repositories of evidence that are at risk of destruction.

I’ve responded to these criticisms multiple times before (see here, here, and here). The statutory protections (e.g., the party subject to the order is entitled to a hearing within 7 days) combined with federal judges’ reluctance to issue ex parte orders are, in my view, sufficient to prevent abuse.

Meanwhile, the threat of evidence destruction is real. A recent case shows how far defendants can go to allegedly destroy evidence of trade-secrets theft.

As described in Law360, a radio-controlled-vehicle company sued several former employees for violating restrictive covenants and misappropriating trade secrets, among other claims. The plaintiff filed a motion seeking sanctions against the defendants for destroying evidence.

According to the plaintiff, the defendants destroyed “scores of emails, texts, and documents that described their scheme to start at least one rival toy car and boat business.”

One of the defendants—who sounds like a real winner—apparently sent a text message talking about how he expected to get served with the complaint, saying “That’s what I’m trying to deal with now so I can’t go out, just doin blow and erasing evidence.”

In misappropriation cases, the evidence is almost always in electronic form. And it’s way too easy for defendants to destroy this evidence. While a plaintiff could seek sanctions (as the plaintiff here is seeking against the guy “doin blow”), a plaintiff would almost always rather have the actual smoking gun proving misappropriation.

The ex parte seizure provision is a powerful tool that may allow companies to preserve critical evidence.

What’s Worse Than Having Trade Secrets Stolen? Waiting Too Long to Do Something About It.

If you discover that your trade secrets have been stolen, you must act immediately. That’s the lesson from a recent case in the Middle District of Florida, Dyncorp International LLC v. AAR Airlift Group, Inc. A copy of the order can be downloaded below.

The Plaintiff, Dyncorp, has been providing aviation services to the State Department under a contract going back more than 20 years. Apparently, the State Department is now re-bidding that contract. The Defendant, AAR, is one of the bidders. Dyncorp alleges that AAR hired former Dyncorp employees and “coerced” those employees into disclosing Dyncorp’s trade secrets, which AAR used in its bid.

Dyncorp filed suit for, among other things, violating the Florida Uniform Trade Secrets Act. About three weeks later, Dyncorp filed a motion for preliminary injunction that sought to enjoin AAR from using Dyncorp’s trade secrets.

The district court denied the motion, finding that Dyncorp did not satisfy any of the injunction prerequisites. Of particular note, the court found that Dyncorp’s delay in filing suit showed that it had not suffered irreparable injury:

Dyncorp admits that it was notified of AAR’s alleged misappropriation of trade secrets in April 2015 but let more than four months pass without filing suit. Dyncorp attempts to explain the delay away by arguing that it complained to the State Department and AAR and conducted its own investigation during this time, but offers no explanation as to why those undertakings and this suit could not proceed simultaneously – particularly if, as Dyncorp asserts, it was facing the prospect of irreparable injury.

This case shows that once you discover—or even suspect—that your trade secrets are being improperly used, you must act fast. Any delay can be cited by a defendant as a reason for denying injunctive relief, just as AAR did here. While not every case will demand the immediate filing of a lawsuit, you need to at least consult with an attorney right away. Then, your attorney can advise you of your various legal options, and the risks and benefits of each.

Dyncorp v. AAR — Order Denying Preliminary Injunction

%d bloggers like this: