Welcome to SME Network.net Network of Small and Medium Entrepreneurs of India

Frequently Asked Questions on Trade Secrets

What are trade secrets?
"Trade secrets" is the legal term for confidential business information. A good non legal definition of a "trade secret" is a secret belonging to a business. This information allows your company to compete effectively. Examples of trade secrets include customer identities and preferences, vendors, product pricing, marketing strategies, company finances, manufacturing processes and other competitively valuable information.

Under the Uniform Trade Secret Act, information must meet three criteria to qualify as a trade secret. First, the information must not be "generally known or readily ascertainable" through proper means. Second, the information must have "independent economic value due to its secrecy." And third, the trade secret holder must use "reasonable measures under the circumstances to protect" the secrecy of the information. These requirements are explored throughout these frequently asked questions.

0.2 Why protect trade secrets?
Failure to adequately protect your company's proprietary information will allow your competitors and ex-employees to reduce your profits. The trade secret laws will help prevent such misfortune if your company acts in accordance with its requirements.

Imagine if your top employee left your company. The employee had learned every major area of your company. S/he was an invaluable asset to the company. Now imagine if that employee set up his/her own business in direct competition with you or became an employee of your toughest competitor. You can stop this individual if your company protected its business information properly under the trade secret laws. Proper protection requires action today to be ready for tomorrow.

What technology is protectable by trade secrets?
Under the Uniform Trade Secret Act information must not be generally known, not readily ascertainable, have independent economic value due to secrecy, and be the subject of reasonable efforts to protect secrecy. This includes essentially any confidential business information such as customer lists, financial information, employee data, production cost or sales data, and documents memorializing important negotiations.

How long is a trade secret protectable?
Information is protectable as long as the information fits the definition of trade secrets. This can be moments or decades.

What specific type of protection is offered by a trade secret?
Trade secret law prevents wrongful taking of confidential or secret information. Independent development and reverse engineering by another party are defenses to claims of trade secret theft.

What is the geographic scope of protection of a trade secret?
Trade secret protection is a state right. A vast majority of states, including Minnesota, have adopted the Uniform Trade Secret Act. Other states have a law or laws similar to the Uniform Act. Foreign countries have similar laws, although, the particular country should be checked before reliance is placed on trade secrets in a foreign country. The rights will seem to be national or international in scope, since registration of trade secrets is not required and since most states and foreign countries protect trade secrets.

How important is trade secret protection?
Trade secret protection is a must for virtually any business. It's most often not addressed until an employee or competitor obtains and uses against you valuable secret information, thereby stealing your sales, customers, technology base, damaging financial information, or other.

What is misappropriation of trade secrets?
Trade secret law prevents misappropriation, wrongful taking, of trade secret information. A wrongful taking can occur in a variety of manners. For example, the taking of information would be wrongful when the taking is a: breach of contract, breach of fiduciary obligation, theft, or other legal wrong.

What remedies are available when trade secrets are misappropriated?
Control of the information can be recovered along with payment of damages. Attorney fees and/or exemplary (e.g., punitive) damages can be recovered in an exceptional case. Criminal penalties are available in cases of theft.

What is the Uniform Trade Secret Act?
Trade secret laws are state granted rights. Minnesota, along with most other states, has adopted the Uniform Trade Secret Act. The Uniform Trade Secret Act attempts to make the trade secret laws the same from state-to-state. These frequently asked questions follow the Uniform Trade Secret Act.

What states have adopted the Uniform Trade Secret Act?
Nearly all states have adopted the Uniform Trade Secret Act (UTSA). The UTSA has been adopted by 38 jurisdictions.

What is meant by "not generally known?"
Information known to someone or known to non-competitors is still capable of being a trade secret. In fact, more than one competing company can claim trade secret rights in the same information independent of one another. Information generally known to one's competitors is not a trade secret.
Trade secret protection can be lost through publishing the secrets. Be careful in disclosing information if secrecy of the information is important. Trade secrets are often lost through disclosures in the absence of a confidentiality agreement.

What is meant by "not readily ascertainable?"
Information that is readily ascertainable is not capable of trade secret protection. The method of manufacturing your product (perhaps a new shoe design) is not a trade secret if someone can learn how to make your product by simply examining the product.

What is "reverse engineering?"
Reverse engineering is the determination of someone else's trade secret information via examination and testing of publicly available information. While the amount of effort needed to reverse engineer can show the information is readily ascertainable, this defense applies even when the reverse engineering is difficult and the information is not readily ascertainable. Reverse engineering is a complete defense, since it shows the information, trade secret or otherwise, was properly acquired from public sources of information.

What can one do if the information has or may become "generally known or readily ascertainable?"
Your company may still protect the information even if the information is or might become generally known or readily ascertainable. Patents (design and utility), copyright, and trademark laws will provide protection for certain information even when the information is generally known or readily ascertainable. Contracts can also provide rights that exceed the bounds of trade secret law. A decision to pursue patent protection instead of trade secret protection is an involved decision that should be discussed with competent counsel. Such a decision, however, turns in part on your likelihood of succeeding on showing the information "is not generally known or readily ascertainable."

What is meant by "independent economic value due to secrecy?"
To be a trade secret the information must have some value due to its secrecy. This criteria is almost always proven when secrecy is proven, since companies typically do not put forth effort in a lawsuit to protect and recover control of valueless information.

What is information that is "wealth creating" or "wealth preserving"?
The value of the information may be wealth creating such as your customer list and customer preferences. The value of the information may also be wealth preserving such as knowing which mistakes to avoid. Perhaps your company made a mistake in a marketing strategy. Knowing to avoid the mistake is of value, since it preserves wealth. Your company stands to gain competitively if your competitors make the same mistake. Wealth preserving information and wealth creating information should both be closely guarded secrets.

What must one do to protect trade secret information?
A trade secret holder must use "reasonable measures under the circumstances" to protect the confidentiality of the information. The better this step is performed the less likely the trade secret holder will have problems in the future and the future problems will be more easily resolved.
Under this requirement, one may tend to compartmentalize or itemize activities, since any discussion must consider each particular activity separately. To compartmentalize places undue stress on the words "reasonable measures" to the exclusion of the words "under the circumstances." Instead of compartmentalizing, one should consider each specific activity as a single part of a larger whole - that whole being the total circumstances surrounding the treatment of the information. (See Example 1 immediately below).
Example 1:
Assume all employees of a company signed a non-disclosure agreement. Assume that every day those employees promise to never identify a single customer to anyone outside the company. Further assume one other fact completes the whole of the circumstances surrounding the customer list. Every month the board of directors sends a copy of its customer list to all of the company's competitors. The customer list is not a trade secret even though the protective acts outnumber the facts showing lack of protection 2 to 1. The facts showing the entire circumstances are more likely to be interpreted as lack of protection despite the protective efforts.

What is the difference between physical security measures and notice measures?
Measures that a company can take are often considered in both notice measures and physical security measures. Notice measures are those measures that put persons who come in contact with the information on notice that the information is to remain secret. Physical security measures are those measures that prevent people who do not need-to-know the information from coming in contact with the information (e.g., confidentiality barriers). Example 1 above shows notice measures, but a complete lack of physical security. Notice measures and physical security measures often overlap even though they are discussed separately below.

How important are notice measures?
Recently, a jury was asked whether any of them thought an employee should be responsible for keeping information confidential when the employer had not expressed a desire to keep the information confidential. No juror raised a hand. All those with access to confidential information must be given notice as to what information is to remain confidential. A good use of notice measures involves frequent and clear instruction on confidentiality. Below are some manners in which to express the need for confidentiality.

How important is physical security?
In one suit the alleged trade secret holder allowed the employees that smoked to block open a door. The customer list was maintained, unsupervised, on a table next to the door. Visitors to the business were allowed to sit down and pour over the customer list unsupervised. Obviously, the lawsuit concerned recovery of the customer list. The alleged trade secret holder was a publicly traded company

What should one consider when choosing appropriate notice measures?
Pay attention to clarity and regularity of the communications. Don't assume all your employees have a memory as good as your own. Too much assertion of confidentiality is better than not enough. Excessive assertions will indicate that confidentiality is extremely important to the company. Choose procedures that will be easy to show to a court (i.e., leave a paper trail wherever possible). Remember the jury that wanted the employer to clearly express to the employee the manner in which the employee was to behave. And finally, don't overlook providing notice to non-employees.

What notice procedures may be used?
Any communication that identifies either what information is confidential or how to handle confidential information will work as a notice measure. Employee handbooks, newsletters, and signs are common examples. These communications do not need to be cold or stale, but may be dressed up in the form of Thank Yous, Slogans, or even graphically presented. Creativity in the mode or manner of expression does not need to be suppressed and may improve the ability of the listener to remember.
The number and types of procedures are limitless. The goal here is to express to everyone orally, in writing, through actions, and any other methods of communication which information is to be confidential. Choose those procedures which are most easily assimilated into your business. Not all procedures are necessary, since two or three carefully chosen procedures may be enough. Several specific examples are discussed below.

How should one use non-disclosure agreements ?
Non-disclosure agreements should be signed before a person sees, hears or otherwise learns confidential information of the company. In the case of a new employee, the agreement should be signed before the first day of work. If they sign after they start working or otherwise obtain access to the information, they should be given something of value in exchange for their signature (this may be necessary to make the contract binding). The agreement may contain, in addition to a non-disclosure provision, a provision requiring the employee to not compete with the employer for a period of time following the termination of employment. Non-disclosure agreements are not used with just employees, but rather anyone who has access to the confidential information.
A distinction needs to be made between agreements, which have been read, and those, which have not. An agreement that has not been read may provide contract rights, but does not provide significant notice value. Agreements in Minnesota may also need to specify specific types of information that needs to remain confidential. Vague contracts provide little, if any, notice. Consider agreements for everyone who may have contact with sensitive information. Give the signer of the agreement a copy and place the other in the file.
Signed contracts, along with audits, are perhaps the most powerful tools in trade secret law. Beyond notice, contracts can be used to broaden the trade secret holder's rights and provide basis for asserting misappropriation (i.e., breach of contract). A well prepared non-disclosure/ non-compete contract is a must. Court's seem to decide for trade secret holder's in the presence of a contract and against the holder in the absence of a contract.

Should the company formally adopt a confidentiality policy?
The company should adopt a statement of policy. The policy may provide that: "information not generally known or readily ascertainable that would have value if it was secret will be maintained secret absent a greater need to the contrary. All situations where there is doubt as to how to treat particular information will be construed in favor of treating the information as secret. The company will determine those times when such information will not be treated confidential on a case-by-case basis." The company should adopt this or a similar statement.

How should documents be marked?
Most computer systems will automatically print "confidential" on each page once properly programmed. A rubber stamp stating "confidential" can be placed on each person's desk that commonly sees confidential material. Consider the use of red ink with such a stamp. A clear marking of "confidential" on a document provides very good notice.

How can one use positive and negative reinforcement?
Oral and written admonishments and instruction should be used with persons not properly following confidentiality procedures. More serious sanctions should be applied when the infractions are more serious.
Rewards may be given out to those who find actual and potential information leaks. This may include a reward for blowing the whistle on others failing to follow confidentiality procedures. Employees often have a better understanding on the particulars of how information is treated in the company than management. Reward the sharing of their knowledge.

How can one use written acknowledgments?
Memorandums expressing the need to treat information confidentially and requiring an acknowledgment by the employee's signature should be regularly distributed. The memorandums should include a statement that the employee recognizes and will follow the company's confidentiality procedures. The more the memorandum explains the procedures and identifies the protected information, the greater the value of the memorandum. The signature can be used to verify that all employees have signed and returned the memorandum. Provide a copy to the signer and keep the original in the file.

What should be done at meetings?
Meetings should regularly include a statement regarding confidentiality. You might wish to mention that specific information on the company is not to be given out or ask if anyone is aware of potential leaks. You may wish to have counsel speak to your employees at such a meeting.

When should discussions be held with individual persons?
At minimum, discussions about confidentiality should be held at the beginning of the relationship, periodically throughout, e.g. annual reviews, when a problem occurs, and at the termination of the relationship. Each discussion may include a signed statement that the confidentiality procedures were clearly explained to them, that they will follow the procedures, that they will return all information to the company when they no longer need it for the business with the company and that if they ever desire to disclose or use information that might be confidential they will request the company's permission first.

What should one consider when choosing appropriate physical security measures?
With physical security measures, like notice measures, one needs to pick those measures that are right for one's own business. Determine how information flows into, through and out of one's company. Place physical security barriers wherever reasonable. Seek to preclude access by all those who do not have a need-to-know the information. The more comprehensive the security measure one uses, the less likely one will encounter a breach in security. Moreover, if a security problem develops, one will be in a better position to recover the sensitive business information. Consequently, over-protection is better than under-protection.

What physical security measures may be used?
One may use any physical security measure that restricts access of the information to those who have a need-to-know the confidential information. The information cannot be taken by those who cannot gain access to the information. Below are some suggested physical barriers.

What are some procedures for direct control of the information?
The location of information should be separated into different areas (e.g., file cabinets, rooms or buildings). Only people that have a need-to-know the confidential information should have access to the relevant area and hence the information in that area. As an example, the accounting department or accounting books can be locked up in a room or drawer. Only people having a need for the information should have a key. Signs stating "employees only", "authorized personnel only", "restricted access", "private" or similar phrases will help discourage people from getting into these restricted access areas.
A variant of this procedure is used when outsourcing. Companies that out-source various portions of their business often separate the confidential information among multiple vendors. No one vendor is given sufficient information to be able to recognize or use the confidential information.
Computers provide several methods by which confidential information can be restricted to those people who have a need-to-know the information. Passwords are one method. Separate computer systems are another. A computer system may give off a warning when someone tries breaking passwords, identifying both the problem and the computer terminal being used.
Confidential information should be put away when not in use. A blanket may be thrown over a machine. A drawer may be closed and locked. The company may require that desks be cleaned at the end of every day.
The disposal of confidential information should be carefully handled. Don't forget that garbage can be inspected by people looking for your information. A shredding machine should be used on confidential documents. Machines built according to trade secret knowledge should be disassembled.

How should visitors be treated?
Remember visitors to your company do not necessarily know your procedures. Checking people in with a logbook at the receptionist's desk suggests to the visitor that they will be monitored. Consider recording name, company, date, time, purpose and person the visitor is seeing.
Some companies do not permit visits absent an appointment. This permits the company to schedule visits at times known to all employees and allows everyone to be prepared for the visit.
All visitors to your company should be escorted at all times. The escort should keep the visitors eyes off confidential information, which preferably is maintained out of sight. The escort may wish to ask the person to treat all things they see and hear as confidential.
In large companies visitors are difficult to distinguish from employees. Visitors should wear badges identifying them as a visitor.
Employees should be instructed to approach any non-employee that is not being escorted and offer assistance in finding the person they seek.
Confidentiality agreements may be warranted depending upon the extent of access.
How should the premises be controlled during off hours?
Smaller companies often do not enjoy the benefit of having 24 hour in-person security at every door. All doors should be locked when and where in-person monitoring is not possible. Lights that activate based upon movement, cameras, and alarms are also good deterrents both inside and outside the facility. Check these systems regularly. Employees have been known to deactivate these systems for convenience, such as blocking open a door for the convenience of smokers.

What is meant by "under the circumstances?"
Reasonable measures under the circumstances include all facts and circumstances surrounding the information and its treatment. Happy, loyal employees are more likely to keep information confidential. Certain types of information in a company may "obviously" be secret. Methods of communicating the information may show secrecy (whisper versus speech). The employer needs to make its desires known though oral and written communications, physical barriers, actions, and any other method of communicating. Protection of trade secrets involves creating an environment of confidentiality. Protection is not simply a checklist of protective measures. Employees are people that will generally act in a manner appropriate for their environment.

What is a trade secret audit?
Confidentiality audits are important to conduct at regular intervals. A confidentiality audit is an assessment of the confidentiality procedures in your company and the effectiveness of those procedures. You can begin by preparing an explanation of the procedures in place. From the explanation, counsel will come into your company for a short period of time to gather any remaining information and to physically observe the situation. Based upon all the information from the audit, counsel will prepare a legal opinion and provide you with counsel's thoughts regarding your program. The charge will depend upon the size of the company and the preparation work done before counsel's visit. Larger companies take more effort to analyze than small companies. The legal opinion can be used as persuasive evidence in trial should litigation become necessary.

Why is a trade secret audit important?
In court, the trade secret holder needs to prove it used reasonable measures under the circumstances to protect its information. The trade secret holder stands in a strong position if they consulted with counsel about protection of its information.

Is it reasonable to instruct oneself on the law when counsel is readily available?
The trade secret holder's position is greatly enhanced if they have a recent review by counsel, stating that the measures are reasonable under the circumstances. That is, it is unreasonable to require the company to second guess a legal opinion absent a showing that the trade secret holder knew the legal opinion should not be trusted. Such an exception is very difficult to show, making the opinion very powerful evidence.

How does the expense of an attorney impact what is reasonable under the circumstances?
The cost and benefit of using counsel determines what is reasonable. Reasonableness may be judged in view of following the most cost effective alternative.
A company using the information on this web page can greatly minimize the amount of involvement of counsel in arranging the procedures. A well-written explanation of the protection program further minimizes the involvement of counsel. A trade secret holder can be quite organized and minimize the cost of counsel, making the cost quite small.
The benefit lies principally in three areas. First, audits help by preventing problems before they occur, since well protected information is less likely to be misappropriated. Second, audits help minimize litigation when problems arise, since well protected information is less likely to be challenged in court as to whether it is adequately protected. Third, audits ease an attorney's effort needed to prove one's case, since the information used for the audit and resulting opinion is virtually all the evidence that needs to be submitted on perhaps the most costly-to-prove element of a trade secret lawsuit. The cost savings to the trade secret holder alone in one incident will warrant the cost of a hundred or more trade secret audits. Is it reasonable under the circumstances to not have an audit performed, when the costs associated with the decision greatly exceed the cost of having the audit performed?