The Four Things that Companies Need to Know About Protecting Trade Secrets
Keeping Your Trade Secrets Secret
It is critical for new businesses (and established ones) to have their technical and business leadership and legal counsel identify trade secrets and develop a plan to protect them. Companies should revisit these plans regularly and at every important moment in the company life cycle. While every industry presents unique challenges and every company is different, there are four things that every company should know about protecting their trade secrets.
So What Do I Need to Know?
1. It is best to determine who owns what, right from the start.
Early-stage projects often involve ongoing collaboration between multiple entrepreneurs, joint venturers, and consultants. It is all too common — and problematic — for a new venture to launch without clear documentation of intellectual property rights. Another common scenario is a new venture that uses (perhaps unwittingly) trade secrets belonging to a former employer of one of the developers. These scenarios can lead to costly litigation but can be avoided with reasonable foresight and planning. Remembering to ask, “What are we using for this project, where does it come from, and who owns it,” is essential to avoid unpleasant surprises down the road.
2. A trade secret cannot be protected if it cannot be identified.
It may seem like common sense, but the law does not protect what cannot be identified. Both the Uniform Trade Secrets Act — enacted in almost every state and the District of Columbia — and the federal Defend Trade Secrets Act broadly define “trade secret.” With minor variation among jurisdictions, a trade secret is “information . . . that: (1) [d]erives independent economic value . . . from not being generally known to the public or to other persons who can obtain economic value from its disclosure or use; and (2) is the subject of efforts that are reasonable under the circumstances to maintain its secrecy.”
This broad definition cuts both ways: while it increases the scope of information that is potentially protectable, it also places the burden on information owners to identify trade secrets with “reasonable particularity.” Otherwise meritorious lawsuits filed to protect trade secrets have failed because neither the company nor its counsel could identify the actual secrets sought to be protected. Companies should perform trade secrets inventories early and regularly and should involve both the relevant technical and business stakeholders and the company’s legal counsel.
3. Non-disclosure agreements matter.
British writer Samuel Johnson summarized it best: “To keep your secret is wisdom; but to expect others to keep it is folly.” Rather than simply expect others to keep secrets, a trade secret owner should require well-drafted non-disclosure agreements (NDA).
- There is no such thing as a good “standard form NDA.” A vendor developing a proof of concept needs a different NDA from a potential investor or a consulting firm. Confer with your counsel about what you need to protect — it could take less than an hour to have an NDA properly tailored to your specific needs for the particular transaction.
- Your company should develop and follow consistent NDA policies. Common pitfalls like forgetting to sign an NDA just one time, not being able to locate a signed NDA, and forgetting to carve out trade secrets from an expiration clause could all vitiate your trade secret protection.
- NDAs are advisable for everyone coming into contact with your trade secrets, including consultants, lenders, investors, vendors, distributors, customers, and employees. A simple, well-articulated policy will minimize the risk that information is shared before an NDA is in place.
4. When it comes to data security, redundancy is a good thing.
Security can take many forms, and trade secrets require integrated, overlapping security measures to be effectively protected. Some security is meant to give notice that something is off-limits, in essence a “no trespassing” sign. Other security measures are meant to prevent the intentional and motivated malefactor from gaining access, such as encrypted data stored behind a network firewall. An effective plan should incorporate both types of security.
In today’s fast-paced, decentralized, work-from-home world, multiple collaborators often remotely interact with shared trade secret information across multiple platforms using different personal devices and connections. Remembering to ask “What are our trade secrets?” and “How are we protecting them?” is now more important than ever before.
Like any other valuable property, trade secrets should be identified, inventoried, and safeguarded. Savvy companies (at any stage of their life cycle) should consider bringing together their business, technical, and legal teams to ensure that their secrets stay secret.