Five years after legislation significantly improved trade secret protection in the US, Jim Pooley
tells IAM in an interview, more policymakers on Capitol Hill are advocating tough policing of
potential IP theft by Chinese entities - for good and not so good reasons
The current US Congress is still in its early days but if the first few months are anything to go by we can expect plenty of discussion and proposed legislation on the subject of IP theft and specifically on protecting their trade secrets.
Last week, Senators Grassley and Whitehouse issued the Stop Theft of Intellectual Property Act 2021. If enacted, this would see foreign nationals who engage in IP theft facing potential deportation from the US.
Another proposed bill comes from Senator Graham. He put out a news release last month about his introduction of “The Combating Chinese Purloining (CCP) of Trade Secrets Act”. Among other things, the bill would include “prohibition on applications for patent protections by US Patent and Trademark office” for foreign persons who misappropriate a trade secret.
“My legislation is designed to deter behavior, much of it from China, that results in the loss of trade secrets, intellectual property, and sensitive government research,” Graham announced.
Senators Van Hollen and Sasse have also had their say with their “Protecting American Intellectual Property Act”, which passed the Senate late last year and, last month, was reintroduced in the new Congress. That proposes levying economic penalties on companies or individuals who have been found to have engaged in the theft of US IP.
Whether any of these bills actually become law remains to be seen. It has only been five years since the Defend Trade Secrets Act (DTSA) was passed, handing rights owners a powerful new route to bring cases under federal law. There hasn’t been an indication yet that
this legislation hasn’t given US authorities enough powers to tackle the problem of IP theft - a message that trade secrets expert Jim Pooley reiterated in a recent interview with IAM.
“These [bills] were not generated from a sense of concern that trade secrets in general are not being sufficiently supported or that the DTSA is not working or that prosecutions under the Economic Espionage Act are somehow not hitting the mark,” Pooley remarked.
Perhaps not surprisingly, Pooley stressed that what had changed the dynamic are the geopolitical tensions between the US and the world’s most populous country. “China was a concern five years ago, now it’s an almost rabid concern on the part of a number of politicians for good reasons and not so good, in my view,” Pooley said.
“I think the elevated concern over China is largely justified but that part is more performative - that you want to be seen to be tough on China - and this is what has me worried because of the unintended consequences,” Pooley commented.
The danger, should some of the proposed legislations’ more radical ideas become law, is that it will prompt a tit-for-tat response.
“Whenever you take measures that are designed to punish and discourage behavior by a foreign country or coming from a foreign country, what you risk is that that country or other countries will enact similar legislation of their own,” Pooley stressed.
In recent years legislators on Capitol Hill have been making ever more radical suggestions around how the US could use the IP system to get tough on China’s leading tech players. In 2019 Senator Rubio even floated the idea of preventing Huawei from seeking damages in patent litigation after it emerged that the Chinese tech giant had asked Verizon to pay $1 billion in licensing royalties.
Graham’s proposal that transgressors should be prohibited from filing for US patents might raise alarm about a similarly harsh response affecting the legions of US companies that have significantly increased their Chinese patent portfolios in recent years. That may not be an appealing prospect for a business like Qualcomm which makes a huge chunk of its revenue from device makers in China.
The risk, Pooley underlined, is that ideas around a balanced playing field and rights owners being given due process in overseas courts, which have traditionally underpinned US policy, might be undermined if the US pursues lopsided measures.
“We want our companies that are engaged in litigation in China to be treated appropriately but what we’re risking here is that by putting up these kinds of barriers without due process we’re basically sending a contrary message,” he stated.
Pooley, who was a key voice in the passage of the DTSA, underlined that the legislation was working largely as was hoped when it was enacted in 2016. He pointed to the large number of trade secrets cases now being filed in federal courts and to developments in the case law such as the decision in Motorola v Hytera, which found that the DTSA could apply to IP theft outside of the US.
“At the moment we don’t need to fix the existing tool in some way to make it more effective,” Pooley insisted. “What I do think we need to do is, a little more broadly speaking around intellectual property, come up with a national strategy for innovation that will increase our competitiveness in a way that hoping additional blocking or punishment mechanisms might not.”
Pooley stressed that he is happy to see a focus on strengthening IP rights, particularly in trade secrets, but added that: “At the same time I worry that the long-term effects of these kinds of proposals may not be what we really want.”
James Pooley, member of the Center for Intellectual Property Understanding and former deputy director general of the World Intellectual Property Organization, understands the full seriousness of cyberespionage.
Pooley agrees that COVID has created a riskier environment because employees are away from their usual offices. But the problem is not entirely current, he notes, explaining that a new risk environment emerged in the last 15 to 20 years, as we moved into an information-based economy, where the asset base shifted from tangibles to intangibles.
In addition, “the imperatives for sharing information and trusting other people went up like crazy because of globalisation”, he says. Supply chains have become longer and more complex, as companies shifted to vendors abroad and therefore have to manage their operations at a distance.
During the early-1970s, “all that a company needed to do to protect its information assets was to guard the photocopier and watch who went in and out the front door, because there were no networks, no internet and records were stored on paper”, says Pooley. But, over the last decades, digitalisation coupled with globalisation has changed the playing field. Some of the most valuable assets have become intangible, opening up a whole new world to hackers.
So how does sensitive data end up in the wrong hands? Pooley argues that swathes of valuable information is lost because of employee inadvertence. In rough numbers, he says, “some 80 to 85 per cent of information loss occurs through employees, as opposed to hackers worming their way in from outside”. While organisations can spend effort and money on secure IT infrastructure, they neglect employee behaviour at their peril.
“I see it over and over again,” says Pooley. “I get hired as an expert to critique the protection systems for companies in litigation over trade secrets, because they have to prove they took reasonable steps to prevent the things from happening.” What he sees is companies neglect to train their employees on how to identify and handle confidential data.
Meanwhile, hackers look for the weakest link in a company’s information chain, for instance when employees use the public wifi of a restaurant near their office for work purposes. He mentions the 2014 hack of Target, when the company’s heating and air conditioning contractor was used as an entry point by hackers, who exploited the vendor’s weaker system to gain access to the Target system.
“It's just astonishing to me that more companies don't pay better attention to these issues, but there we are,” says Pooley. “Maybe I'm a Cassandra, but remember, Cassandra was right.”
How can companies train their employees to be more vigilant? “Preventing bad behaviour is usually about awareness, because people want to do the right thing and they want their jobs to be preserved,” he says.
When Pooley advises companies, he begins with a high-level strategic examination of what the company’s most important information assets are, what risks or vulnerabilities they face and what mechanisms there are to reduce these risks.
“Being really attentive to where the risk points are will alert you to pay special attention to areas that are likely to be used as points of entry,” he says. Companies need to set up policies and procedures to ensure their IP is protected and training employees is a big part of that.
“I worked with one company that built a consumer product primarily manufactured in China, so there were obvious leakage risks connected to that.” As they went through the process of developing a comprehensive system to protect their IP, Pooley asked for all the senior managers of the company to get together in one room to discuss the matter. Even though this was not easy to arrange, he insisted.
Once all senior managers came together, including the supply chain managers who talked about issues they experienced directly, sharing information triggered insights for managers across the board.
“‘Wait a minute, I don't think I've ever really looked at the non-disclosure agreement that we have with company x and when it expires.’ All of a sudden, they're seeing vulnerabilities, where they hadn't really thought about them before,” says Pooley. “No one expected the specialty arm of the organisation that dealt with all these companies in China would have something to say to the other business units, but vulnerabilities can overlap.”
Are silos and inefficient communication partly to blame for companies’ vulnerability when it comes to countering cyberthreats? Pooley argues organisations need to confront the fact that separate units within their business may have set up unnecessary walls. In reality, information flows and risks are usually shared across the business.
Part of the solution could be found through automation, he says, because automation includes behavioural analytics and insight tools that help companies monitor what exactly it is employees do on their platforms. However, using these tools always has to be balanced with individuals’ expectations of privacy.
Pooley concludes: “The message that I often give is cyberespionage is scary and ugly, and we need to do everything we can to prevent it and deal with it. But if we're not managing our employees in a smart way, it's almost like we’ve left a couple of doors open.”
Intellectual property (IP) protections are one of the few structural issues covered in the phase-one trade agreement between the United States and China. The combination of new commitments under this agreement and growing domestic pressure to strengthen protections for domestic innovators has led some observers to suggest that China may be moving toward more robust IP protections. Others, however, point out that previous commitments have failed to curb large-scale IP theft. Jonathon Marek interviewed James Pooley, former deputy director general of the World Intellectual Property Organization, regarding developments and trends in China.
What are the key changes in Chinese intellectual property (IP) protections since the phase-one trade agreement? How credible are these commitments compared to previous ones in the absence of an independent judiciary to adjudicate claims?
The Judicial Interpretation from the Supreme People’s Court regarding trade secrets gives good reason to expect at least some modest progress. There are quite a few provisions, but two specifically may be key indicators of whether China is making real progress toward providing safe, effective, and robust mechanisms to enforce trade secrets.
The first of these is shifting the burden of proof (Article 8). Bringing a claim for trade-secret misappropriation can be prohibitively difficult if the court expects the plaintiff to marshal and present sufficient evidence at the outset of the case because China does not have a civil discovery procedure. Therefore, the idea is to set a minimal threshold requirement of initial proof to ensure that the case is reasonably grounded, following which the defendant would have the burden of establishing independent development of the trade-secret information. This notion was not new with the phase-one agreement; it had been introduced as an amendment (with immediate effect) in the 2019 revision of the Anti-Unfair Competition Law. Article 8 of the Judicial Interpretation states that the trade-secret holder first must submit “preliminary evidence” to prove the elements of the claim, and then if the accused infringer claims independent development, “it should provide proof.” The challenge here is to understand what is meant by “preliminary” evidence. In practice, will this come to look like the U.S. threshold of “reasonable suspicion” based on a plausible, but circumstantial, set of allegations? Or will preliminary evidence in effect be subject to the same assessment as at trial? We will not know whether the intent of Article 1.5 of the phase-one agreement, which requires changes in this vein to the burden of proof, has been implemented until there are sufficient examples of actual decisions.
The second key indicator in the Judicial Interpretation is found in Articles 14 and 15, which appear to describe indirect misappropriation. This could be significant because China has in practice only punished misappropriation of a form close to slavish copying. Obviously, improperly gained information can be used to influence the development of a competing product that may look nothing like the original. And there is substantial value in so-called negative trade secrets consisting of experiments through which what does not work, or what works less well, is determined. Although Articles 14 and 15 are not clear (at least in the translation that I read), it is possible that they could be interpreted to allow a court to find that a trade secret has been “used” if it has been “modified” or if “business activities” have been “adjusted” according to the plaintiff’s secret. Again, we will not know whether this portion of the Judicial Interpretation will be followed in that way unless and until we have enough examples of published case reports.
What is the likelihood that China ever makes it fully down the path toward protecting foreign IP? Will there always be significant risks to foreign firms as a result of the Chinese political and economic model?
There can be no doubt that China has been moving toward a more robust IP-protection regime for several decades. This has been in part an assumed obligation of membership in the World Trade Organization (WTO) and in part a classical reaction to the need to construct a framework to provide sustained incentives for domestic innovation. But China’s path, unlike that taken by, for example, Japan, Taiwan, and South Korea, has been strictly controlled by its Communist government, which has tilted the economic playing field to favor Chinese companies.
Therefore, in a sense the very significant and rapid progress made by China since the 1980s in constructing a world-class IP system is a bit like wax fruit: it looks good, but can you eat it? China’s current system, which in practice favors domestic players, must evolve to apply fairly to all litigants, in accord with the principle of national treatment. Moreover, China will move fully down the path toward protecting foreign IP only when its judicial system is sufficiently transparent that one can be confident of even-handed application of the rule of law. Although some within the Chinese judicial system are pushing for such reforms, I do not expect this kind of change will happen in the foreseeable future.
What future policy reforms or other developments would indicate that China will increasingly take trade-secret protection seriously? To what extent might these reforms be influenced by international pressure?
I believe that we need to see fulsome implementation by China of leading reforms, such as reversing the burden of proof and finding misappropriation based on indirect use rather than copying. That sort of demonstration naturally requires more transparency, and in particular the regular publication of judicial opinions. In my view, although there is some internal pressure on China to move in that direction (largely from professors who would like to have access to the reported data to inform their research), domestic forces will never be enough to effect meaningful change. This is simply because the government does not see a compelling reason to give up the inherent advantages of opacity.
Therefore, I believe that change will only come from external influence. As a multilateralist, I hope that such influence is exerted by countries operating through institutional frameworks such as the WTO, but of course there is room for unilateral action by the United States or the European Union, each of which can apply pressure relative to the size of its market.
If China does not fully implement the changes it has promised, or the pace of progress slows due to heightened tensions, what unilateral or multilateral policy measures would be most effective in getting things back on track?
The answer to this question depends very much on what one understands as getting things back on track. It is probably unrealistic to expect that China, without a fundamental change in government, will ever change its court system in a way that would allow us to be fully confident about the implementation of the most important reforms. If by being on track we mean being diplomatically engaged in active discussions about these issues, then I would say that direct economic pressure—perhaps not as drastic as some of the tariffs that have been levied by the United States, but of the same nature—is the most effective means for keeping China at the negotiating table and talking productively. Progress may be measured in inches, but if the parties are engaged, then it is a way of being “on track.”
What is the role of the World Intellectual Property Organization (WIPO) in trade-secret protection, especially with respect to China?
Having spent five years at WIPO, much of it engaged in attempting to facilitate negotiations to improve international IP systems, I am of the view that the organization is highly unlikely to play a meaningful role in securing improvements in China’s trade-secret-protection regime. In large part, this is because the concerns we have with China are about enforcement of the laws, not so much about their content. And enforcement in general is a forbidden subject at WIPO because it is largely perceived to invade the sovereignty of the member states’ judicial systems. This issue is both too diplomatically sensitive and arguably outside WIPO’s mandate. Additionally, there is the problem that trade secrecy in general is largely misunderstood in the international diplomatic community. Among many countries, any discussion of trade secrecy often focuses exclusively on Article 39(3) of the Trade-Related Aspects of Intellectual Property Rights (TRIPS) Agreement. Many believe that this article, which requires protection of pharmaceutical test data, was an unfortunate giveaway to the drug industry. More broadly, the notion of secrecy simply seems inconsistent with the general idea of transparency and so has a sinister connotation.
This debate suggests that WIPO’s primary contribution to protecting trade secrets in China could be to provide a forum to facilitate better understanding of the role of robust protection in enabling technology transfer. This issue itself is a subject of broad interest, particularly among developing countries. If there were a more sophisticated view of the role that secrecy plays in accelerating innovation, it might over time provide very helpful context for a continuing examination of the shortcomings of China’s trade-secret regime.
Given the rather decisive defeat of the Chinese-backed candidate for director general earlier this year, how will China work to influence WIPO in the years to come?
One can conclude from China’s promotion of its own candidate for director general at WIPO, following several successful campaigns for the lead spot at other UN agencies, that China has shifted rather dramatically from a lead-from-behind approach of exercising its influence to a much more aggressive posture that looks like a broad grab for power at the United Nations. This is occurring at a time when the United States has retreated somewhat from its traditional multilateral engagement, which has significant implications for the structures and mandates of multilateral institutions. Notwithstanding its failure in the WIPO elections, I have no doubt that China will continue to assert leadership, at least behind the scenes, where it exerts very powerful influence over a number of other developing countries. On this point, it is important to keep in mind that stopping something from happening at WIPO takes very little political power (as is probably true at most other UN agencies). In general, I would expect China to continue to assert itself at WIPO in ways that will help the country maintain control over the speed and substance of domestic IP reforms. If the United States wishes to understand how that will play out in the coming years, not to mention have any influence over the process, it must engage vigorously in the organization.
The Journal spoke with Jim, who shared his thoughts on the importance of trade secret protection in the global economy and how the Defend Trade Secrets Act (DTSA) has affected this practice area in the two years since it was signed into law. The following is an excerpt from the discussion.
Thank you for joining us, Jim. Can you give us a little background about where you grew up and whether there were any signs in your childhood that indicated an interest in intellectual property law?
I grew up in Wilmington, Delaware, where I think everyone in the community was affected to some degree by DuPont and the chemical industry. But I wasn’t very interested in science myself. I've frequently told people that my high school teachers would be very amused to find out what I've been doing as an adult.
I loved college geology because it got me outdoors, but the chemistry of it was a challenge. So, there wasn't anything about my upbringing that anticipated what I ended up doing. I was just very lucky to have landed in Palo Alto, CA, in the early 1970s after law school.
What would your classmates most remember about you from high school?
Well, they probably would remember me mostly as a Boy Scout. That was my main activity.
They would also remember me because my buddies and I created a feature-length movie our senior year. We went out and rented a camera and bought some 16-millimeter film and did a kind of James Bond spoof built around the school. It was a ton of fun.
Since then, you have developed world-renowned expertise in trade secret law. How did you decide to specialize in this area of law?
I certainly didn't plan that. I arrived in Palo Alto in the summer of 1972, having received a summer-job offer from an 11 lawyer firm, which is now Wilson Sonsini.
As Silicon Valley was developing, people were often leaving one company and moving to another, and very frequently, there were lawsuits against the people who left to do these startups. There weren’t so many lawyers around Palo Alto at that time, so I ended up working on these trade secret lawsuits simply because I was there, and I was a trial lawyer working with companies where these issues came up a lot.
After I had been doing this about seven years, I noticed that there was a common theme to every one of these cases, which was that someone had done something really dumb. And so it occurred to me that if people understood the basic rules of the road in leaving one company to go to another, and respecting the integrity of the trade secrets that they'd left behind, these lawsuits just wouldn't happen anymore.
Working with a publisher that I met on one of my cases, I decided to write a book on trade secrets, which was published in 1982, and six weeks later, a very big trade secret case broke, IBM-Hitachi, a criminal case where Japanese executives were being taken in handcuffs to the federal courthouse in San Jose. When the media needed someone to comment on what was going on, my book happened to be on their desk. So, it was another case of being in the right place at the right time. I started providing a lot of public commentary on trade secrets, and between that and the experience that I had developed, I just fell in love with this practice area. I eventually started teaching it, and then wrote a treatise.
It's now been a little over two years since the federal DTSA was signed into law. You recently testified before the House Judiciary Committee in D.C. as to whether the DTSA was working as intended. In your view, what were the problems that the DTSA was designed to solve?
The main issue was the patchwork nature of the laws and procedures that faced anyone who needed to enforce their trade secret rights. There was an array of state laws which varied to some extent and were administered at state- or county-level courts, making it a real challenge for companies that had actors in multiple states or internationally to address their concerns.
Many years ago, trade secret cases tended to be local, in part because information traveled only on paper, but once we moved into the computer age, and particularly the networked era, that old system of dealing at a state or local level with trade secret disputes wasn't working very well.
And so, the main reason for bringing federal civil law into the picture was to provide trade secret owners an opportunity to use the federal system, with its nationwide service and its common rules.
Now, when the act was first being considered, most of the focus was on a specific provision of the act that addressed ex parte seizures. That was something useful for a narrow set of circumstances, where you had some specific secrets that were about to be taken from the jurisdiction or destroyed unless you got very fast relief.
Do you believe the DTSA has accomplished its goals?
Yes, it has, or I should say it's well on its way to doing that. One of the expected advantages of having this federal system installed as an overlay – not as a substitute – in state-law adjudication of trade secrets was to achieve some level of harmonization. If you get harmonized rules and approaches, then enforcement of rights becomes more predictable and easier. We are starting to see federal courts look to the decisions of state courts that use the Uniform Trade Secrets Act, and state courts are now referring to federal court decisions. And federal judges in different districts throughout the country are referring to each other's decisions.
Plus, I think it's fair to say that those who thought that it might overwhelm the federal system are happy to see that there hasn't been an avalanche of cases. There's been a noticeable, but modest, increase in the workload of the federal courts over trade secret cases.
Do you foresee the need for any further tweaks or changes to make the DTSA even more effective?
There is one unsettled area that I think could benefit from greater attention, either legislatively or perhaps through the courts, and that has to do with the extra-territorial application of the DTSA. It's not entirely clear to what extent the DTSA applies to trade secret misappropriation that happens outside the U.S.
Section 1837 of the Economic Espionage Act, into which the DTSA was inserted, states the intent of Congress to apply the law extra-territorially as long as at least one act in furtherance of the offense happened in the U.S., or the offender is a U.S. citizen or permanent resident. And as you can tell from my emphasis on the words "offender" and "offense," that section is a little bit awkward to apply in a civil cause of action. In Sections 4 and 5 of the DTSA that were not codified, but were part of the bill, Congress found that any misappropriation of U.S.-based trade secrets occurring overseas must necessarily have an impact in this country, on our economy, lost jobs, etc.
If you take that expression by itself, that may be enough under existing Supreme Court jurisprudence to indicate that the law should be applied extra-territorially in a general way, but we don't know yet. We really don't have a definitive ruling from the courts, but we know that from the way trade secrets have to be distributed around the world as part of modern commerce, misappropriations happen overseas. And so, it will be very important over time to get clarity on the extent to which the DTSA can provide a robust tool for owners of secrets that happen to have been misappropriated outside of the U.S.
In your congressional testimony, you cited a National Science Foundation Census Bureau survey in which companies rated the importance of different types of IP laws in protecting their competitive advantages. According to the survey results, trade secrets were rated number one, rated at more than twice the level of patents. Did those results surprise you?
They did not surprise me. The first reason is that they were consistent with a similar survey that had been done in 2000 that indicated secrecy was at the forefront of measures taken by companies to protect competitive advantage. And it also was consistent with my own observations in working with companies regarding their intellectual-property and commercialization strategies. In many industries, like pharma and biotech, patents form an existential part of doing business, but for many other industries, they are simply one of a series of tools that are available.
And even in pharma and biotech, the secrecy of research and development is enormously important. It's important in order to preserve competitive advantage. It's important in order to be able to ever get a patent because you have to treat it as a trade secret to begin with.
As important as patents are, there is only a narrow band of information that qualifies as a patentable invention that's novel and not obvious, whereas trade secret law applies to protect any kind of information that's helpful to a business. And so the coverage is massively greater in terms of applying to information assets of modern business.
Over the past 40 years, we've shifted from a tangible asset-based economy to an intangible asset-based economy. In other words, data have become the primary asset of business these days, and data are protected mainly by secrecy. So no, the results of that survey did not surprise me, and I see it only going in a similar direction in terms of the impact of secrecy as a management tool going forward.
In light of IP-rights challenges, patentability restrictions such as Alice, and stricter damage standards in patent matters, it seems that the value of obtaining patents has taken a hit. Should companies re-evaluate the importance of trade secrets in their IP-protection strategies?
Yes. In industries where patentability issues have been hit pretty hard, looking at secrecy as an alternative way to protect information assets is extremely important.
In speaking to friends who are running intellectual property programs inside major companies, many of them have overseen a shift in the way that the company deals with their patent program. Everyone in the past had a patent committee that looked at disclosures and decided what to patent. Generally speaking, when something was determined not to justify patenting, it more or less fell to the cutting-room floor. These days, the approach is how you're going to protect these innovations if not through the patent system. How are we going to make sure that somebody in the organization is assigned to that task so that these assets get properly managed.
What are some of the decision points for a company to consider in determining whether to protect IP with patents, as opposed to trade secrets, understanding that once a trade secret is disclosed, the trade secret is gone? In addition, for some ideas and technologies, if you are going to sell it in the marketplace, that would be a big concern for using trade secrets if a competitor could take a look at it, reverse-engineer it, then figure it out on their own.
If you are putting out a product or service that reveals to the world the secrets of its composition, then you've lost it. You might have some first-mover advantage, but that's basically it.
And so, in situations where the innovation can be seen immediately or is relatively easy to reverse-engineer, you are much better off trying to find a way to use the patent system because you can get that extra period of protection.
On the other hand, we have the situation where innovations that are commercialized in secret, like process technology, are typically better protected by secrecy than by patenting because if you patent it, then you teach the world what it's all about.
In the 1940s, DuPont developed a revolutionary method for processing titanium dioxide and decided to maintain it as a trade secret rather than seek a patent. And that was, in part, because if someone else was using the process, particularly in a foreign country, there would be no way that they could find out. And so the best way to protect it was to keep it a secret, and they successfully did that for decades and decades, way longer than they would have had any patent protection. And they were able to spin off the business for a couple of billion dollars a few years ago. So, in the cases where you have technology that cannot be easily reverse-engineered, that's a very important reason to use secrecy instead of a patent.
Of course, there are some innovations that have such a short shelf life that patenting would almost be a waste of time. By the time you get the patent, it's no longer an advantage. So, one of the things that companies look at is: How long do we expect to be able to exploit this?
No matter how broadly trade secrets are used and applied, patents offer a unique kind of strength because patents allow you to exclude anyone else in the country from practicing the innovation, whereas with trade secrets, you take the risk that someone else is going to come up with the same thing and may even publish it. And so, you may lose the benefit at any time. So, patents are stronger, and particularly if you're preparing to license some of your technology or want to be able to do that, it's a good thing still to wrap it in a patent because it's generally easier to value.
For companies that decide to pursue trade secret-protection strategies for certain assets, are there any particular trapdoors or cautions that they should avoid to make their trade secret-protection strategies more effective?
The most important idea, and the most significant driver of success, is paying attention to the management of these assets. Many companies tend to think about them as kind of soaked into the woodwork, and they don't pay enough attention to the importance of active engagement.
These assets are volatile; they are vulnerable to loss. Studies have shown that 80 percent to 90 percent of information loss happens through employees or contractors who are trusted with access to these very important assets.
The biggest trapdoor for businesses is failing to focus on information security risk management. So much can be done in this area just by ensuring that you have the right policies and procedures in place, you're doing the right training, you have the right people involved running the program, you’re reviewing it for effectiveness over time, and so on. It doesn't take a whole lot of effort, and in any event the effort aligns with most companies' existing risk management and compliance programs.
At Stout, our team is involved in determining damages in disputes involving many different types of intellectual property. It appears to us that remedies for trade secret damages are still pretty wide open compared with damage remedies for other types of IP. Do you foresee that the DTSA might impose some stricter discipline in the determination of trade secret damages?
That's a very good question, and I think it's quite possible that we will see more frameworks and restrictions on trade secret damages simply because we have federal courts handling these cases under federal law. I would not be surprised if over time, we see some very illuminating commentary in the issued opinions of federal courts on what are the boundaries and touchpoints for calculating damages in trade secret cases.
Having said that, it's really important to remember the basic difference between patent damages and trade secret damages. Patent damages are based on the analysis of rights created under a federal statutory framework, and so, the issue has attracted a great deal of attention and analysis over the years, all grounded in the statute.
Trade secret damages ultimately and historically are grounded in the common law of tort, and tort law is designed mainly to provide full compensation to the victims of a wrong. Remember: Patents are a no-fault system. Trade- secret misappropriation is about fault, and so, that fundamental aspect of the law of secrecy informs how courts generally look at damages. So, you will see judges being very flexible in favor of the plaintiff because that's fundamentally how the law is supposed to work.
The DTSA provisions on damages are a direct reflection of the rules under common law, which provide the greatest recovery possible under several different theories: plaintiff’s loss, defendant’s gain, or a “royalty” measure. The plaintiff has a choice and can use one or two or three of them as long as they aren’t duplicative, and that means that, generally speaking, you can get what looks like very big verdicts that aren't constrained by some finer points of law, as you do with patents.
What should companies understand about the distinctions and differences between internal trade secret theft, such as theft by departing employees, and external trade secret theft, such as competitive espionage or hacking?
In general terms, the external, hacking-related espionage theft is more limited and harder to control than the internal issues. There's only so much you can do about hacking. It's important to address issues around information systems, your network, and to ensure that you've done as much as you can afford to do to install systems that allow rapid detection and response when you have a problem. But as we all know, there's a technological arms race where cyber hackers are concerned, and there's a limit to how much you can assure yourself that you are fully protected.
In contrast, we have frequent losses from internal operations through those whom we trust on a day-to-day basis that have access to our information. The most obvious example is the regular employee who is allowed access to the company's systems through a smartphone or a tablet or personal computer. And they take this everywhere they go, often using it to engage in robust sharing of everything that's happening in their life because they've been trained by social media to understand that sharing is good.
This is the same population that we have to deal with when they come in the next morning with those smartphones that they now use to access the company's networks as well as external ones. So, figuring out how to address the behavior of the workforce that has access to the secrets and training them to understand what the company considers to be confidential and their role in protecting it is, in my experience, far more effective in terms of mitigating the risk of loss than another program directed at cyber security.
Good advice. You are currently participating in a Sedona Conference Working Group on trade secrets, whose mission is to develop a set of guidelines to help federal and state judges do a better job in handling trade secret cases, and help companies do a better job in managing their intellectual assets. Can you give us a progress report on the activities of this working group?
The progress is very good, but we are still in the early stages. We are focusing on two topics to begin with. The first one relates to the issue of trade secret identification. The second one is about the employee life cycle. In other words, addressing the protection of secrets throughout the time that an employee comes, is recruited into the company, is trained, is supervised, and ultimately exits the company, and how companies should be looking at managing those issues.
At the end of a multiyear process, we expect to have a number of consensus-view statements on best practices for litigation and for managing information security within the company.
From 2009 to 2014, you served as deputy director general of the World Intellectual Property Organization. What were your impressions of the relative importance of intellectual property protection in the U.S. compared with other countries?
IP protection has always been very important to us as an economy, playing a critical role as a supporter and an accelerant for innovation in most industries. Over the years, the U.S. has been a leader in the international effort to promote the use of strong intellectual-property laws as a way to achieve economic development.
History teaches that countries that have thoughtful, robust intellectual property systems are much more likely to nurture domestic-innovation economies. And so, if they want to go in that direction, they need to embrace IP. You see it happening right now in China, where 15-20 years ago, there was a lot of concern that the Chinese economy was basically copying and not innovating. Now China has some leading world-class companies in many industries. And they have built a very strong patent system to support its domestic economy. This happened decades ago in Japan. It then happened in Korea.
In your recent congressional testimony, you sounded an alarm regarding 28 U.S.C. Section 1782, in which you suggested there is a danger in allowing foreign litigants to have access to testimony and other evidence from U.S. courts for use in foreign proceedings. You called this practice a one-way street for the acquisition and export of U.S. information. Please explain your concerns and what you think Congress should do to allay those concerns?
At a general level, I called this a one-way street because we offer this opportunity for foreign litigants to come here without insisting that they provide the same kind of access to evidence in their own countries. I think that the original assumption behind the statute was that if other countries saw how transparent and open we were about access to evidence, that they would institute similar procedures in their own countries, and we would achieve some level of reciprocity.
That has not happened, though, and there is no reciprocity built into this statute. The experiment has failed in terms of encouraging other countries to provide similar mechanisms so that U.S.-based organizations can get access to information in those jurisdictions. There is not a level playing field.
My more specific concern had to do with the maintenance of secrecy and confidentiality of information that's being handled in foreign jurisdictions. The assumption in most countries is that information that comes into a court is going to be publicly available.
This is certainly true throughout much of Europe, and it's one reason why the Europeans have drafted and promulgated the EU Trade Secrets Directive, one part of which requires that member states enact laws that will provide protections for confidential information that is produced in litigation.
And so we have this fundamental insecurity that exists in many other countries for information that's being handled by courts and, of course, by government agencies. Because 1782 applies very broadly to any court tribunal, and that includes, we now know, agencies of foreign governments, the information that's being sent over through Section 1782 necessarily is put at some level of risk.
What I suggested to Congress is that it require the federal judges who hear these petitions to engage in some analysis of the risk to the information and to require that protections be instituted in foreign jurisdictions for its use. This would be done as a condition of making the information available – get assurances that it will be protected when it gets to the foreign country. Some judges do that now on an ad hoc basis, but there's nothing in the statute that requires it.
Looking into your crystal ball, which industries or markets do you foresee as being most likely to face future IP challenges, and what do you see those challenges as being?
Any company that has to deal globally with secure information faces very high levels of risk in most other countries in the world. One of the reasons trade secret protection works well in the U.S. is that we have fairly easy access to proof. If you suspect that some secret has been stolen, you can start litigation and then get the information you need to prove what happened. In most of the rest of the world, you can't do that.
And so I hope over time that as a result of various actors, governments, and industry speaking about these issues and engaging in dialogue, we can find a way for companies, when they suspect they have a problem, to find and get access to the information wherever it is. This can happen in different ways.
I'm not suggesting that other countries adopt the U.S. system of litigation discovery, which has, in many ways, overburdened us, but there are ways, even in civil-law systems, to set up frameworks and protocols for the victim of a misappropriation to be able to get access to data, either through some form of seizure process or lowering the standard of proof that is required to initiate an action, and requiring the defendant to come forward and prove that it developed the information independently.
If we want to fully support companies that drive the global economy, we have to find ways to more realistically enforce trade secret rights.
Any last words of caution for our readers?
We just saw the Waymo v. Uber (“Waymo”) case, which is a reminder of the importance of managing risk around these very important assets. When Uber hired this fellow, [Anthony] Levandowski, away from Waymo, it took on a level of risk that it should have appreciated was almost existential for the company.
And yet, what it did about it actually exposed the company to more risk. Now, I'm not trying to make the point that Uber screwed up, but it's a reminder of the things that can go wrong in a rapidly evolving technological landscape, which is something that applies to an awful lot of companies these days.
When you hire away smart, experienced talent from a competitor, you face the risk that your valuable data assets may be tainted in some way, which could be a potentially massive problem. It is imperative to have careful management of these issues because they just don't come up in the same way that patent and copyright and trademark issues do – kind of clean and predictable. They tend to sneak up on you when you're not watching, or perhaps distracted by the excitement of an acquisition. Once you’ve been infected with someone else’s confidential data, extracting it can be complicated and expensive.