All employers should protect themselves against trade secret theft. Alice Stagg covers some key scenarios, both when you're vulnerable to your trade secrets being stolen and when you might be sued by someone else for using their confidential information illegally. She also outlines some practical actions to think about.

I'm going to cover some of the key scenarios. Both when you might be vulnerable to your trade secrets being stolen and when you might be sued by someone else for using their confidential information illegally. I'll summarise the current legal framework in the UK and the changing regulatory landscape in this area following the passing of the Defend Trade Secrets Act in the US and the Trade Secrets Directive in the EU. I'll finish by outlining some practical actions to think about.

To start. How are you protecting yourself against trade secret theft by employees and ex employees? This is the classic situation. Technical advances mean that it's easier than ever for information to be copied. Surveys show high proportions - upwards of 50% - of departing employees take and plan to use confidential information from their previous employer in their new jobs.

Imagine Anita, one of your longest standing employees. She's just resigned and you've found out she's joining a competitor. You think she's copied not only the new marketing materials which you've been working on for the last few months and which have only been released to a few key accounts, but also some target client lists and your highly sensitive margin information. You know that your current standard employment contract includes a confidentiality clause, but you think when Anita first came ten years ago, it might have been as a temp and you can't remember whether her permanent offer was ever formalised in writing. What can you do?

Trade secrets in the UK are protected by contract and under the common law.

Under the common law, the trade secrets owner has to show three things:

  • First, that the relevant information has the necessary quality of confidence.
  • Secondly, that the information was disclosed to the defendant in confidence.
  • And thirdly, that the defendant has used or disclosed the information without permission, or has threatened to do so.

If you satisfy this test, then there are three primary remedies available to you: one - an injunction to prevent further misuse and disclosure. Two - damages. And three - alternatively, an account of profits.

During employment, an employee is bound to keep all information confidential. But after employment, only high grade confidential information can usually be protected. Day to day business trivia cannot be kept confidential at all.

So during employment, more 'standard' confidential information, such as know-how and customer prices, is protected. But not after employment. Only truly confidential trade secrets can be kept confidential both during employment and afterwards. In Anita's case, only the information about your profit margin may truly be considered a trade secret. If you'd been able to insist that she took a period of garden leave before starting her new job, you would have had time to complete your planned release of your new marketing materials and to follow up with your targets. But you would only have been able to do so if she'd agreed an employment contract containing a garden leave clause. And there's nothing like that in place.

How can you stop these problems from arising?

  • You should ensure that confidential information is only available to those employees who need to know it.
  • You should regularly review whether all employees are engaged on proper employment contracts, especially those who have been promoted over time into key positions.
  • As to how you might address trade secrets protection in those contracts - you might want to identify specific confidential information. You might also want to consider restrictive covenants as well as garden leave, bearing in mind the differences between local laws in these areas if you operate internationally.

But, it is not only ex employees. What about contamination by new hires? This is where a new employee brings confidential information from their previous job and contaminates their new organisation's systems with it. A current high-profile case in the US involves Waymo, a subsidiary of Alphabet, Google's parent company, and Uber in relation to driverless car technology. Waymo alleges that one of its former managers - Mr Levandowski - downloaded more than 14,000 highly confidential files before he left, which allegedly relate to Waymo's proprietary LiDAR system. When the system is installed in a vehicle, it enables the vehicle to see its surroundings. Mr Levandowski now works at Uber - Waymo argues Uber's equivalent system too closely resembles the Waymo system and has sued Uber for trade secrets violation, amongst others.

What might help avoid these problems? You should train new hires about what confidential information is and the systems they should follow to ensure third party rights are respected.

Another tricky issue is how to deal with ideas that are developed by third parties or crowdsourced. A recent UK case involved two individuals working in the music industry who came up with the idea for a talent show called "The Real Deal". In 2009, they pitched the idea to Sky using a deck of PowerPoint slides. Sky was initially encouraging but ultimately decided not to commission it. In 2010, plans for Sky's show "Must Be The Music" emerged. It had the same director plus various features that were similar, although there were some differences. When the case came to court, the judge found that the pitch and ideas on the one hand plus the slide deck on the other were confidential information. But there had been no breach. The judge recognised the similarities between the shows, but he believed Sky's witnesses when they said they had come up with their show independently.

Would your business be able to evidence its development processes? Your research and creative departments should be properly documenting their activities. They should know and be able to prove what they've developed in-house, as compared to what they have asked commercial partners or members of the public to contribute.

Turning to the changing legal landscape in this area.

The American Defend Trade Secrets Act was passed in May 2016. Two months later, the European Trade Secrets Directive came into force.

Looking first at the US. Given the potential damages available, you may consider the US an attractive jurisdiction. For example, last year Zillow Group, a real estate website, settled a trade secrets claim which had been made against the company and two executives who had originally worked at the claimant for 130 million US dollars.

What does the Defend Trade Secrets Act or DTSA offer? It created a federal, private, civil cause of action for trade secret misappropriation. Previously, companies had to sue in state courts, where the laws differ from state to state. For example, there may be different definitions of a trade secret, different rules on limitation and different remedies. The DTSA doesn't pre-empt existing state trade secret laws but gives companies an important alternative. They can now also take action in the federal court.

Amongst others, the DTSA introduces a new civil seizure mechanism. On an ex parte application by the trade secret owner, the court 'may issue an order providing for the seizure of property' so long as such a seizure is 'necessary to prevent the propagation or dissemination of the trade secret'. There are limits on when such civil seizure may be ordered. For example, there must be exceptional circumstances and the trade secret owner must show that immediate and irreparable injury will occur if seizure is not ordered.

The DTSA also gives immunity to whistleblowers where they have made a disclosure to a government official or to an attorney for the purpose of reporting or investigating a suspected violation of law.

So the DTSA offers you a potentially new powerful cause of action. And many companies, like Waymo as I mentioned before, are testing this. But in order to be able to take advantage, you must take certain actions - such as advising your employees of the existence of the whistleblower immunity. You should be taking appropriate steps to update your employment policies.

  • In Europe, there are also major changes in hand. The European Trade Secrets Directive came into force in July 2016. The Directive sets out a minimum level of trade secrets protection that each Member State must meet. This is not a particularly high bar, and in some areas will fall below the protections which many jurisdictions currently offer. It does not, for example, introduce any criminal acts in relation to trade secrets, nor does it impact each Member State's employment law.
  • From a UK perspective, as in so many areas, there is a genuine question as to what impact Brexit will have. The deadline for Member States to implement the Directive into domestic law is 9 June 2018. This is still well before even the earliest suggested date as to when the UK might leave the union. Will the government decide to go ahead and implement the Directive regardless? It's very hard to predict. The Directive doesn't significantly alter current English law and trade secrets owners might welcome the common law being clarified and codified. But it remains to be seen to what extent any further EU harmonisation is politically acceptable in the UK - even the most uncontroversial developments.

If the government decides against implementation, then trade secret owners operating in the UK will still benefit from the protections offered by the existing English law which I summarised earlier. This gives largely the same protection as the Directive in any case, but of course not the advantages of harmonisation.

The primary difference is that in the UK, there is no statutory definition of a 'trade secret'. The idea of 'the necessary quality of confidence' which I referred to previously has been developed through judgments of the court.

By contrast, the Directive requires that for information to be a trade secret, it must fulfil three criteria. The information must:

  • One - Be secret in the sense that it is not generally known among or readily accessible to persons within the circles that normally deal with the kind of information in question;
  • Two - Have commercial value because it is secret; and
  • Three - Have been subject to reasonable steps under the circumstances to keep it secret.

So, to benefit from the protection offered by the Directive, either because the UK government does implement it, or because you're operating in other member states, what do you need to do?

One of the most important elements of the Directive is this requirement that 'reasonable steps' need to be taken for information to be considered confidential. In addition to the actions which I've mentioned already in relation to your employees and employment policies, you should consider:

  • Undertaking an internal audit of confidential information, to determine what trade secrets need protecting. Ensure that all relevant materials are marked confidential.
  • Reviewing the measures that are currently in place, and determining whether they are likely to constitute 'reasonable steps'.
  • Considering any security measures that should be put into place to guard trade secrets, such as physical security measures and cyber security.
  • Finally - ensuring that these 'reasonable steps' are well documented, in the event they need to be proved.

It's been a real pleasure presenting this podcast. Thank you for listening. Please do let me know if you have any questions about how you can best protect your business and the legal developments in this area.

Download podcast

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.