Trade Secret

Creating A Trade Secret Protection Plan

There is no federal or state law entitled a “trade secret statute.”  Trade Secret law has developed within our state common law via a body of judicial decisions, each carving out a principle of law, that taken together, create what we know as Trade Secret law. Judges have interpreted the laws to create a set of guiding principles and system for protecting a business’ investment of its resources toward the creation of a competitive advantage in the marketplace.

Defining a trade secret is often a difficult task to do with precision.  Many states, including New York, rely on the definition of a trade secret set forth in the Restatement of Torts, 2^nd ed:  a trade secret is “a formula, pattern, device or compilation of information which is used in one’s business, and which give the business an opportunity to obtain an advantage over competitors who do not know or use it.”  Business information that may qualify for trade secret status includes product formulas, financial data, software, marketing strategies, research and testing data, business methods, business plans, manufacturing methods, customer lists, sales reports, and cost information. 

A trade secret may “exist in a combination of characteristics and components, each of which, by itself, is in the public domain, but the unified process, design and operation of which, in unique combination, affords a competitive advantage and is a protectable secret.”  This essentially means that even information that is otherwise publicly available in bits and pieces, it may become a protectable trade secret upon its aggregation into a format that has value (would have a cost to reproduce the same compilation).

The determination of whether particular information qualifies as a trade secret will turn upon the actual secrecy of the information and the affirmative steps taken to protect the secret.  Courts generally impose a standard of reasonable care on businesses seeking to protect trade secrets.  In the event of a dispute over alleged misappropriation, a trade secret owner may have to prove that (i) prior disclosures have been necessary for business reasons, and (ii) reasonable control has been exercised over any recipient’s use of the information.

It is important to develop a comprehensive security program.  However, it is even more important that the program be implemented and not just be something on a binder on every manager’s shelf.  Courts will emphasize real efforts over boilerplate forms or unenforced policy statements.  Protection efforts will be rewarded because legal protection of trade secrets will remain for as long as the owner continues to maintain the information as a secret.  Unfortunately, little protection is afforded to features of products that are observable or may be discovered by reverse engineering.  In those circumstances, it may be advisable to seek patent protection.

A trade secret protection plan is a comprehensive written policy for protecting trade secrets.  A written policy is not only evidence of your intent and effort to protect the secret, it also helps employees identify and protect the company’s trade secrets, demonstrates management’s commitment to that goal and provides notice to third–parties that you claim certain information as a trade secret.

Your plan does not need to “read” like a legal document that no one understands.  It is preferable that it not be an “off the shelf one size fits all” document downloaded from the internet.  It should be tailored to the business’ existing structure and procedures.  This is especially important in New York where the body of common law developed by the courts contains nuances that may be contradicted by some of these boilerplate forms.  For example, in New York, customer lists are not automatically protected as trade secrets.  Absent a contractual prohibition, former employees may solicit customers unless there was wrongful conduct.  A customer list only rises to the level of a trade secret where it contains detailed information and was obtained through considerable effort or expenditure, the customers are not easily found in outside sources and the employer took reasonable steps to protect the customer information. 

Identify all valuable trade secrets

The first step in developing a program is to identify the trade secrets that you intend to protect.  Consider the following factors to determine whether information should be regarded as a trade secret. The key inquiry is to look at the consequence of the information’s release. If the information were disclosed,

• Could it be commercially harmful to my business?>
• Could it be used by a competitor or the public to my detriment?
• Would it assist a would-be competitor in duplicating sales success?
• Would it short-cut a would-be competitor’s trial and error program?
• How much would it cost my competitor to create or obtain the information?
• Does it relate to a competitive advantage I have developed?

It is important to consider all forms of corporate information. These may include (1) technical, (2) scientific and research, (3) business and customer, (4) personnel, and/or (5) accounting and financial. (This is not an exhaustive list).

It is also important to consider information in all forms: (1) written, (2) oral, (3) magnetically recorded (computer readable), (4) graphic (photos, diagrams, plans, blueprints), (5) computer programs, and/or (6) reproductions/copies/ duplicates.

Use employee agreements

Implement employee agreements, employee policies, non–disclosure/confidentiality agreements, and reasonable non–compete clauses as appropriate for all employees.  New York law does not require payment of additional compensation in exchange for these agreements.  You should also require prospective employees to sign the agreements as a precondition to employment.  This actual implementation step will be key evidence of your affirmation efforts to protect the secret.  The agreements will provide your company with an additional cause of action in case of a breach by the employee.

Regularly educate your employees and consultants about your trade secret protection plan

Trade secrets may be inadvertently revealed.  They may be revealed in acts of malfeasance for personal gain or revenge (a disgruntled employee).  Educating employees about the importance of trade secret protection, and the consequences of violating the company’s secrecy procedures, helps to reduce the likelihood of disclosure.

Review the trade secret protection plan in your employee manual  periodically throughout each employee’s employment.  Make it a part of all new hire orientations and exit interviews. Regularly reenforce your company's policy that any disclosure of trade secrets may result in termination of employment and/or legal action.  Follow up with any discovered breaches and make that fact known to other employees.  Presentations to reinforce and update employees on the company’s trade secret protection goals and procedures can be included with annual sexual harassment training, safety training, and other such subject matter. Consider the cost of a small reward (a gift certificate or an afternoon off against the cost of just one meeting with your attorneys!)

At exit interviews, remind the employee of his or her legal obligations to maintain the company’s trade secrets and review the provisions of any previously signed confidentiality agreement. It may be prudent to have departing employees to sign written acknowledgement of continuing secrecy obligations. Require exiting employees to return all notes, papers and documents relating to the company within a specified period (48 hours) or when they pick up their final paycheck.

Educate your employees about the proper use of nondisclosure agreements with third parties.  This may require physically marking documents “confidential” as well as memorializing oral conversations in writing and deeming the subject matter a confidential communication.

Controlled Access

Disclosure of trade secrets should be limited to only those employees who require such information to perform their duties for the company (the familiar “on a need to know basis”).

Consider shredding paper trash and implementing “clean desk” policies where appropriate.  Employ physical and electronic security measure (e.g. lock gates and cabinets, use entry passes, create computer passwords, etc.).  Other ways you may control the access to your trade secret information include performing periodic trade secret audits, pre-screening employee speeches and publications, and developing a policy for handling unsolicited submissions by third parties.  (This will help the company avoid claims or even the appearance of misappropriation.)

Mark confidential documents

A trade secret protection plan must include a system for identifying and marking confidential documents. Mark all documents containing trade secrets with a legend such as:

THIS DOCUMENT CONTAINS CONFIDENTIAL INFORMATION OWNED BY [BUSINESS NAME], UNAUTHORIZED DISCLOSURE IS STRICTLY PROHIBITED AND MAY RESULT IN SERIOUS LEGAL CONSEQUENCES.

Physical security measures

Some trade secrets exist in the form where access can be secured: secret formulas, test results, confidential reports and not yet executed business plans are a few examples. Store such documents in a physically locked area and/or a restricted portion of the network hard drive.  Only management or those employees with a business–related reason should have access to the depository, secured area, or security protected computer files. Perform trade secret processes in a separate secured section of your facility with controlled access for employees and outside visitors. This serves not only to restrict or eliminate access by third parties and unauthorized employees, it deters trade secret theft and provides a way to track access to secret documents.  Require all persons who review or take secret documents to sign a log and indicate which documents were reviewed or taken.  Copying of trade secret documents should require management approval.

Electronic Security Measures

Passwords, encryption software, appropriate email and internet access controls, and access tracking software may be used to control access to computer files containing trade secrets, especially when transmitting or accessing via the internet.  Inconvenient as it is at times, it is important to change passwords regularly, especially upon the change of personnel who have access to the trade secret information.  It may be prudent to physically isolate and lock away back–up tapes, discs and other storage media and to store highly-sensitive confidential information on a stand-alone machine in a restricted area.  Sensitive documents should also bear a legend similar to that described above.  Carefully consider access to the company network from remote locations; weigh convenience against the risk of loss of the secrecy status of the data.

Restrict public access to your facilities

Be cognizant that certain secrets may be visible to anyone walking through your facilities or overhearing conversations. Are documents left in plain view? Are wastebaskets unattended? Consider that open access to areas where non-employees can see or learn of trade secrets does not evidence your affirmative steps to protect secrecy.  Reasonable steps may include a single visitor’s entrance with (1) log in and out when entering and leaving the premises (2) providing a written summary of visitor rules, (3) preventing audio recorders, cameras or phone cameras, (4) requiring visitors to wear security badges and (5) requiring visitors to sign a visitors’ agreement.

Use non–disclosure agreements with third-party vendors or consultants

All vendors, suppliers, consultants, and independent contactors (Independent professional advisors such as accountants, computer/IT/ software consultants and technical consultants) should sign a non–disclosure agreement if they have access to the facilities or to trade secret data.  A “fill in the blank” form may be used for many situations.  Preferably however, customized mutual non–disclosure agreements are utilized for joint ventures, major suppliers, major customers and the like. Be sure legends appear on confidential documents provided to such third-parties.

Intellectual Property Assignment by third – party vendors or consultants

In the absence of a written agreement to the contrary, federal patent and copyright ownership is favored for the invention or author.  New York law does not reliably grant ownership rights to inventions and other intellectual property made by vendors, consultants or other collaborators. Surprisingly, this is true, even where a business has specifically commissioned the work, provided conceptual ideas, and paid for it.

Non-employees involved in developing marketing materials, consulting on technical processes or software systems, or designing/improving manufacturing systems, should be required to sign a written agreement addressing the rights of the parties in the work product.  These will typically include assignments of all rights in the work product or technology subject matter.