Newsletter and Subscription Sign Up

Can You Keep a Secret?

Published Wednesday Jul 27, 2011


Nearly every business-whether high- or low-technology-generates confidential information that gives it a competitive advantage. Depending on the business, that information may be marketing plans, costing structures and margins, or customer lists and pricing strategies. These assets can be trade secrets and are protected by statutes in virtually every state, including NH.

However, an employer needs to take action in the ordinary course of business to protect the company's assets and deter unfair competition by former and departing employees.

As the economy improves, employers should think about how vulnerable they are to employees taking their trade secrets elsewhere.

In the recent Deloitte 2010 Ethics and Workplace Survey, 32 percent of employees surveyed say that they are just waiting for the economy to turn around so they can look for employment.The first step in protecting assets is understanding what those assets are; how the law defines them; and what measures are required by law to protect them against disclosure.

What is a Trade Secret?

In NH (and about 40 other states), trade secrets are defined and protected by a statute known as the Uniform Trade Secrets Act (UTSA). The act defines the term "trade secrets" intentionally broadly, stating a trade secret is any "information, including a formula, pattern, compilation, program, device, method, technique, or process" that derives value from not being generally known to, and not being readily ascertainable by proper means by other persons who can obtain economic value from its disclosure or use; and is the subject of reasonable efforts to maintain its secrecy.

A simpler test, at least initially, is to ask, "Would I care if my main competitor had this information? Would he or she care if I had it?" If the answer is "yes," then the information could be a trade secret and a more specific investigation is required.

Other questions that might be asked to determine whether information is a trade secret include:
How much did the company spend (in money, time and effort) on the development of the information?
How easily could the information be duplicated, reverse engineered, de-compiled or otherwise lawfully or independently acquired?
How widely known is the information, and what would it require for another company to legitimately acquire it?

The courts have determined that a range of information can, under certain circumstances, constitute a protectable trade secret. This includes almost all manner of technical data; specialized manufacturing processes; cost margin information; marketing, pricing and acquisition strategies; specific manufacturing "ingredients;" customer lists; and other information that cannot be regarded as general know-how and skills acquired in the course of one's employment.

Measures to Maintain Secrecy

Once you have determined that your information is valuable and potentially a trade secret, UTSA requires that the company take "reasonable" steps to maintain the secrecy of the information.

The implementation of reasonable measures to maintain secrecy allows a company to counter an argument by an alleged misappropriator of trade secrets that she or he had no reason to suspect information was protected and valued. Although the specific measures used will depend on the business of the company and the nature of the information, here is a partial list of security measures to consider:
Provide a Trade Secret Policy that is known to and disseminated among employees;
Provide a Computer Use Policy, making clear that the employer's electronic resources, including e-mail, belong to the company and may be used only for company business purposes;
Create non-solicitation and non-disclosure agreements with employees and with third parties, such as licensees and vendors, which describe the information not to be disclosed with some specificity;
Create non-compete agreements with employees;
Employ oversight policies and procedures to prevent inadvertent disclosure of trade secrets by e-mail, seminars, speaking engagements, or at trade shows, by employees;
Stamp documents with trade secrets "confidential and proprietary";
Limit the number and use of documents and drawings reflecting trade secrets, and require the collection of said copies after use at meetings and the like;
Authorize passwords for access to copying machines and computers;
Advise employees, on a regular basis, concerning the company's trade secrets and confidential business information;
Use exit interviews to obtain documents from departing employees and to remind them of their obligations under agreements and the law not to disclose confidential business information.

Adopting these measures tells employees-and, if subsequently necessary, the courts-what is considered secret, and indicates that the employer is serious about prohibiting disclosure of sensitive information.

When Employees Leave

Of the measures listed above, several are especially important when a worker leaves to join a competitor. For example, the exit interview can pull together several of the threads of the company's overall objective of maintaining the confidentiality of its business information and trade secrets and protecting against disclosure by departing employees.

In addition, a departing employee should be advised about the company's trade secrets policy and handed another copy of the written policy. The departing employee should be told not to disclose information relating to the business and reminded of his or her obligations under the confidentiality and non-disclosure agreement.

If the human resources department typically conducts exit interviews, consider having a manager or co-worker who is more familiar with the departing employee's responsibilities, projects and knowledge of the company's business observe and participate.

Finally, the employee should sign an Exit Interview and Departure Acknowledgment Form, which essentially confirms the employee's obligations and acknowledges that he or she has returned all company information.

Increasingly common are arrangements in which employees have remote access to company information, use home offices or telecommute. In those cases, employers must collect laptops, company material from home computers, company-issued cell phones and the like.

If there is any concern that the departing employee will be competing unfairly or unlawfully, the employer will need to secure and preserve all these materials, including the hard drive of any work desktop computers and laptops. The departing employee should be advised, in writing, to secure and preserve the data on any home or personal computer for business. These are often invaluable sources of evidence.

Trade Secrets in the Digital World

As secrecy is the heart of this issue, be aware that courts require "eternal vigilance." Electronic storage and digital communications have created challenges, and raised significant questions, for businesses. Consider the recent case of Diamond Power International v. Davidson in which an employer, Diamond Power, sued an operations manager for trade secret misappropriation.

Diamond Power identified nine alleged trade secrets, including a Hardware Book File, a Parts Identification Library (PI Library), Parts Identification Configurator (PI Configurator) and a Field Weld Instruction Configurator (FWI Configurator). The manager challenged the existence of these trade secrets by asserting that Diamond had failed to take steps "reasonable under the circumstances" to protect these reports and functionalities.

Importantly, the Court evaluated the security extended over each report to determine whether Diamond's efforts were "reasonable under the circumstances." The evidence showed that Diamond had two networks: the general company network called the "P-Drive," and the "Oracle Network," consisting mostly of company financial information and reports. The P-Drive was available to all 350 Diamond employees, who were issued a user name and password and required to sign a "Computer Security and Non-Disclosure Agreement" with the company. In contrast, access to the Oracle Network required an additional password issued to only a limited number of employees based on the specific tasks required by their jobs.

The Court noted that the Hardware Book File, PI Library, PI Configurator and FWI Configurator were all available on the P-Drive, the general Diamond network. The Court noted, too, that Diamond did not instruct employees to maintain the secrecy of any files on the P-Drive; the employer had no policy or practice of labeling documents or files confidential "or otherwise communicating the confidentiality of the files directly to its employees." And it did not regulate the use of the files available on the P-Drive, even though employees regularly worked remotely and saved files on local or personal drives. The court held that these steps-standard user name and password protections, and employee non-disclosure agreements-were insufficient to confer trade secret status on the Hardware Book File, PI Library, PI Configurator and FWI Configurator.

The Diamond Power case suggests that protecting information and bestowing trade secret status is changing with time and technology. Password protection and an employee non-disclosure agreement are no longer sufficient when every employee has the tools and knowledge to transfer files to remote locations, or unrestricted systems and networks. Greater vigilance is required. Data encryption is becoming cheaper and more common, and employee access to information is becoming the norm. Employers that value sensitive data and innovation must respond with changes of their own-changes that recognize new technologies and a culture in which information access and sharing abounD.

All Stories