Secrecy: the IP right most often used by SMEs

By Stefan Dittmer, Partner, Dentons, Germany, and James Pooley, Professional Law Corporation, USA, Members of the ICC Commission on Intellectual Property, International Chamber of Commerce (ICC)

Most kinds of intellectual property (IP), such as patentscopyrightstrademarks and designs, are rights granted by a government. But there is another right that depends only on the choice of an individual business: secrecy. The law protects someone who shares information in confidence with another, but does not require that it be registered with any agency. If there is a dispute, the legal system will sort it out.

Trade secrets have been part of commercial transactions for centuries, as a common and practical way for a business to maintain a competitive advantage. While other forms of IP are carefully limited to creative works that meet a very specific set of requirements, protection for secrets applies broadly to any information that is secret, that has some commercial value, and that the owner has taken some steps to maintain in confidence.

It is this breadth and flexibility of secrecy that make it so attractive, in particular to smaller organizations that may not have the budget to build a portfolio of registered IP rights. Every restaurant can have its secret recipes. Every beauty salon has its customer list and knows the individual preferences of its patrons. Every furniture maker has “tricks” to increase the efficiency or quality of the finished goods. More recently, secrecy has been identified as a means to protect unstructured data, for example, machine data produced in large quantities and used to fuel automation, or algorithms, another key component of the digital industry.

Trade Secrets: the other IP right, featured in an earlier edition of the WIPO Magazine, offers an introduction to trade secrets.

Historical background

The laws of most countries, following the standards laid down in the Agreement on Trade Related Aspects of Intellectual Property Rights (the TRIPS Agreement) protect obligations of confidentiality in business transactions.  The reality of continuing relationships means that the vast majority of those obligations are respected by the participants.

In the United States, trade secret laws had traditionally been a matter left to the individual states. A Uniform Trade Secrets Act was proposed to the states in 1979 and since then has been widely adopted, but with varying provisions that made enforcement on a national scale fairly complicated. In 1996, the federal government enacted the Economic Espionage Act, but it was limited to criminal remedies. Twenty years later, the US Congress passed the Defend Trade Secrets Act of 2016 (DTSA), which for the first time, gave trade secret holders the option to file civil claims in federal court, offering a number of procedural advantages over state courts.

Trade secrets have been part of commercial transactions for centuries, as a common and practical way for a business to maintain a competitive advantage.

In effect, the DTSA has harmonized the rules that apply to trade secret disputes, and the number of cases brought in federal court has surged. As is true in other areas of commercial litigation in the United States, a claim can be made based on circumstances that “plausibly” infer that the defendant has misappropriated a trade secret. After that, a broad array of “discovery” methods, including extensive document production and pre-trial taking of sworn testimony from witnesses, is used by both sides to uncover the relevant facts. Although this easy availability of discovery allows trade secret holders to more effectively enforce their rights, it makes litigation in the United States generally more expensive than in any other country. Coupled with the sometimes-uncertain outcomes and generous damage awards due to the availability of civil lay juries, this environment can be intimidating for companies from other jurisdictions that are used to the more modest cost and predictability of the civil law framework that does not allow for discovery or juries.

Almost at the same time as the DTSA was adopted in the United States, the Directive on the Protection of Undisclosed Know-How and Business Information (Trade Secrets) against their Unlawful Acquisition, Use and Disclosure (Directive (EU) 2016/943 of 8 June 2016, or “EUTSD” for the purposes of this article) entered into force.

Before that, the national laws of EU member states, similar to the laws of any major economy, protected trade secrets one way or another. However, the fragmentation of the legal landscape across the EU was identified increasingly as an obstacle to cross-border technology transfer and R&D or, more generally, innovation.

Pressure from industry and business associations, but also growing political support for the idea of harmonization, not the least the “Europe 2020 Flagship Initiative Innovation Union,” paved the way for adopting the EUTSD. It has been implemented by EU member states. Although full harmonization was not intended or achieved, companies doing business in the EU can expect to find national legal regimes in the member states that are reasonably identical or similar across the entire EU.

Inevitably, the process of introducing the EUTSD reignited the discussion as to whether secrecy is an IP right, after all. It is, in many aspects, an academic issue because even those who question the quality of secrecy treat it in many respects like an IP right. Contrary to the prevailing legal doctrine in the United States, the EU decided against qualifying secrecy as an IP right. As a consequence, Directive 2004/48/EC on the enforcement of intellectual property rights, better known as the Enforcement Directive, does not apply. While individual EU member states, notably Italy and Slovakia, decided otherwise, the practical relevance of this inconsistent approach is limited in that the EUTSD stipulates an enforcement regime quite similar to that of the Enforcement Directive.

This seemingly coordinated effort on both sides of the Atlantic to improve trade secret enforcement was the subject of a study by the International Chamber of Commerce published in 2019.

Recent reform and upgrading of trade secret laws has not been limited to the EU and the United States. In 2018 and again in 2019, China made significant amendments to its Anti-Unfair Competition Law to expand the definition of a protectable trade secret and to increase penalties for theft, including the availability of punitive damages. China further refined its law to address the trade secret owner’s challenge of developing sufficient evidence by declaring a “preliminary” showing of misappropriation sufficient to trigger a requirement that the defendant prove independent development of the information.

Trade secrets and SMEs

What does all of this legislative activity directed at strengthening trade secret laws mean for SMEs? There are two general consequences. First, the subject of protecting competitive advantage by secrecy has received more attention than ever before, with the result that more resources are available to assist SMEs in managing this often-overlooked aspect of intellectual property. Second, businesses of all types and in all countries are challenged to take advantage of this easy-to-use approach, not only to protect their own data, but to avoid unwanted exposure to the trade secrets of others.

Protecting an SME’s competitive advantage by using secrecy requires awareness of what information needs to be protected to retain that advantage, and of the measures available to reduce the risks to its secrecy. Legislation poses virtually no limit to the kind of information that can be claimed as a trade secret; it can be any kind of information, as long as “it is not, as a body or in the precise configuration and assembly of its components, generally known among or readily accessible to persons within the circles that normally deal with the kind of information in question” (the TRIPS Agreement, Article 39), and derives from its secrecy some actual or potential commercial value. Of course, the information must be distinct from individual skill, which is outside the scope of legal protection.

Protecting an SME’s competitive advantage by using secrecy requires awareness of what information needs to be protected to retain that advantage, and of the measures available to reduce the risks to its secrecy.

The more challenging aspect is to identify and apply security measures that are “reasonable,” since every control brings with it a certain cost, either in money or efficiency or both (consider, for example, the annoyance of dealing with two-factor authentication, in which you have to wait for a unique code to be sent to your phone). What is reasonable under the circumstances will be decided ultimately by a court taking into account a company’s risk environment, the value of the information, the threat of loss and the cost of measures to mitigate the risks.

To identify its most important trade secrets, the business should consider the value of the information, measured by the investment made to develop it, the potential advantage it provides over the competition, the potential damage from loss of control, its exposure to any form of reverse engineering (which is, in principle, allowed in most jurisdictions), and/or the likelihood that a competitor might independently discover or develop it.

Once information has been identified as a valuable trade secret, the company needs to carry out realistic risk assessments to determine appropriate security controls. Introducing different classes of information with corresponding security measures can be useful to structure the process of managing trade secrets. Other parts of this process may include labeling the information in accordance with its classification, restricting access to those with a need to know, applying other physical and electronic safeguards and using properly drafted confidentiality (or non-disclosure) arrangements in situations where information must be revealed to a supplier or other business partner.

In the EU, the adoption of Regulation (EU) 2016/679 (General Data Protection Regulation) helped to raise companies’ awareness for data security. Technical and organizational measures, mandatory under the General Data Protection Regulation (GDPR), Article 32, to protect the secrecy and integrity of personal data, can also be “reasonable steps under the circumstances” to preserve the confidentiality of trade secrets.

SMEs, for the very reason that they often rely on secrecy rather than registered rights to protect their IP, are particularly prone to the threat of becoming targets of industrial espionage. For them, it is essential to not only apply high levels of cyber security, but to update and upgrade them regularly to remain on top of technical developments. After all, what is “reasonable under the circumstances” is subject to change due to technical progress and the relative value and threat variables, which may change over time.

While cyber-crime is on the minds of many businesses, the most prevalent threat to the preservation of secrecy are individuals who, while employed by the company (or by a trusted supplier), legitimately hold or have access to the information, but leave the company and carry the information to their new employer. In addition to contractual confidentiality obligations that should be standard in any employment agreement, IT surveillance within the limits of employment and data privacy legislation, frequent training on applicable duties, and a diligent exit process, including exit interviews, can help mitigate the risk. So can an established and well-communicated practice of strict enforcement in cases of security breaches. And not to forget that third party information illegally brought into the company by new hires also poses a threat to the company’s position, making it important that recruiting and on-boarding processes are reviewed.

Thanks to recent improvements in trade secret laws around the world, SMEs have more options and opportunities to increase enterprise value and prevent loss of data assets by using the IP right that is entirely in their control: trade secrets.

The Defend Trade Secrets Act has been in effect for a year, with more than 300 complaints filed in that time. James Pooley looks back on how the law has performed and analyses which issues need to be clarified.

On May 11 2016 President Obama signed into law the Defend Trade Secrets Act (DTSA), capping several years of hearings and negotiations that eventually led to an almost-unanimous vote in Congress. The primary aim of the statute was to provide industry with the option of asserting civil claims for trade secret misappropriation in federal courts. Although trade secret law had traditionally been the province of the states, their varying rules and procedures were seen as increasingly mismatched to the needs of businesses that operate in the global, information-based economy. Allowing cases to be filed in federal court was expected to increase the effectiveness of protecting data assets.

The basic approach was to adopt the standard definitions and remedies provided in the Uniform Trade Secrets Act (UTSA), which since 1979 had been embraced (although with variations) by 47 of the 50 states. As a result, the new law also aligns very well with Article 39 of the 1995 Agreement on Trade-Related Aspects of Intellectual Property (TRIPS), which also was patterned on the UTSA. As with most legislative efforts, however, some special concerns led to the enactment of unique provisions.

The most hotly debated of these was a procedure to permit ex parte applications for orders to seize items that contain a trade secret. In an environment where valuable data can be downloaded to a small device and taken across borders, industry wanted a quick remedy when evidence surfaced that such a theft was threatened. But adapting a process that has worked well in the context of counterfeit goods turned out to be awkward, since separating the improper from the legitimate is harder to do with information. In the end, Congress agreed on a number of strict requirements and limitations designed to prevent abuse, looking much like the restrictions which over the years have been placed on the use of Anton Piller orders.

A second special feature was the creation of an exception for whistleblower disclosures, by granting immunity under state or federal trade secret law to any individual employee, contractor or consultant who reports in confidence to the authorities information about wrongdoing within an organization. This provision was animated by a lack of reliable protection under current laws, whose ambiguity tended to discourage reporting of crimes. But its focus on law enforcement stood in contrast to the near-simultaneous adoption by the EU of a much broader whistleblower exception in the Trade Secrets Directive.

Another change from the UTSA, reflecting a concern about labour mobility, places a limitation on what sort of injunctive relief judges can issue against departing employees. The so-called “inevitable disclosure doctrine,” under which an employee might be blocked from taking on an identical job for a direct competitor, was rejected. Instead, federal courts may place conditions on a new job – such as working in a different area of the company – but only based on evidence of the employee’s behaviour from which it can be inferred that the former employer’s secrets are at risk of misuse.

What can we observe from the first year’s experience with this new option for trade secret litigation? In general, the law appears to be performing as intended, although in some areas, such as whistleblower protections, it has been rough going. Ex parte seizures have not proved the scourge that critics feared. While federal filings are popular, state courts remain even more so, and probably for good reason. And some intriguing and impactful questions remain so far unanswered.

Take-up meets expectations

Since the DTSA came into effect there have been over 300 cases filed, with a few dozen rulings on early-stage issues. Because direct filing in federal court was not previously available, there are no comparative statistics. But most experienced practitioners observe that the take-up has been substantial, confirming the assumption that businesses would often choose federal protection if they had the choice. However, many more cases continue to be filed in state courts, where localised disputes – imagine an insurance agent moving across town to another brokerage, for example – are handled effectively.

In general, the law appears to be performing as intended, although in some areas, such as whistleblower protections, it has been rough going

Indeed, the generally enthusiastic early adoption of the DTSA may not continue for the long term. Although cases involving actors and witnesses in other states or countries will usually benefit from a federal forum, due to common rules and nationwide service of process, federal courts are not always the best place for a plaintiff to file a trade secrets claim. In part this is because in the federal system a case is assigned to a single judge for the duration, so the judge tends to focus on early disposition. In contrast, most state court systems divide and distribute their work, and early motions tend to be resolved by one judge letting the case continue through to a trial before a different one.

Pleading the case

In trade secret cases, at the outset the plaintiff typically has more speculation than evidence about what has happened and the extent to which its information is in peril. Since the US has a tradition of very broad discovery rights, courts long ago settled into an approach for handling this information asymmetry by allowing cases to be filed based on a reasonable suspicion that misappropriation has occurred, with discovery left to fill in the gaps. When the DTSA was new, concern was expressed that federal courts might apply a “heightened pleading standard” required typically in cases of fraud. That fear has not played out, however, as the few courts where initial pleadings were challenged on that basis have rejected the argument and confirmed that a short statement of facts demonstrating a “plausible” theory of liability is enough.

In other ways, however, the tendency of federal courts to closely examine pleadings has shown up in the early DTSA decisions. In one case, a motion to dismiss was granted for failure expressly to plead that the trade secrets related to a product or process in interstate commerce, which is practically speaking a low bar but nevertheless a jurisdictional requirement under the statute. In another case, however, a judge dismissed a complaint for failure to plead in sufficient detail the basis for the plaintiff’s assertion that it had made “reasonable efforts” to protect its secret information. While that is also a necessary element under state laws, most state courts have allowed plaintiffs to plead it with very little evidentiary support.

To date we have not seen the courts address in any comprehensive way the basic question of how trade secrets – which are the only IP right not described through a government registration process – are to be defined in litigation. Because the scope of discovery depends to a great extent on understanding exactly what is the subject matter of the dispute, we can probably expect this issue to emerge over time as a common subject for early case management.

Since the DTSA came into effect there have been over 300 cases filed, with a few dozen rulings on early-stage issues

On one aspect of DTSA pleading there seems to be clear agreement: when a complaint alleges misappropriation that was complete before the statute became effective, the DTSA does not apply. However, if the complaint alleges new acts of misappropriation in the same transaction, the DTSA will apply to those acts, while the prior acts will be covered by relevant state law.

Ex parte seizures

While the legislation was pending before Congress, some opponents, primarily academics, expressed concern that the provisions for ex parte seizures would become “routine” and subject to abuse by powerful trade secret holders to extract unjustified settlements. In actual practice those fears have not been realised. Very few plaintiffs have even requested this extraordinary form of relief, and it has been granted publicly in only two cases, with another two reportedly under seal.

Indeed, because one requirement of the procedure is that “normal” injunctive relief provided under Federal Rule 65 is demonstrably insufficient, the effect seems to have been to focus attention of the courts on that process. It turns out that Rule 65 in practice is broader and more flexible than some had imagined. As some DTSA cases have shown, where the proof is strong, plaintiffs may be able to secure the functional equivalent of an ex parte seizure under pre-existing authority: judges can issue immediate orders to restrain misuse and disclosure, and even to require surrender of devices containing secrets.

Extraterritorial reach

Federal statutes are presumed to operate only within US territory unless it clearly appears that Congress intended otherwise. The DTSA legislation did not contain an express statement of extraterritorial effect. But anyone reading the bill as it was passed would probably conclude that Congress wanted it to apply to foreign misappropriation of domestic commercial secrets. The bill included a section on the “Sense of Congress” stating that “[t]rade secret theft occurs in the US and around the world, and, wherever it occurs, harms the companies that own the trade secrets and the employees of the companies.” Another section required regular agency reports on the “scope and breadth of the theft of trade secrets of US companies occurring outside of the US” and what can be done to “reduce the threat of and economic impact caused by” such foreign theft.

Because the scope of discovery depends to a great extent on understanding exactly what is the subject matter of the dispute, we can probably expect this issue to emerge over time as a common subject for early case management

As an alternative to considering those strong but indirect statements from Congress, courts might turn to a portion of the pre-existing Economic Espionage Act of 1996 (EEA), the federal criminal statute that was amended to allow for the provisions of the DTSA. The EEA includes a provision expressly declaring its extraterritorial effect, but only when an “act in furtherance of the offense” occurred in the US or the “offender” was a US citizen or permanent resident. Because these terms are normally used to apply only to criminal laws, one could argue that the section does not apply to civil claims, or that if it does the reach of the DTSA is similarly restricted by required connections to the US.

So far only one court has touched on the issue of extraterritorial effect of the DTSA, and it read the EEA provision as applying equally to the civil claim. However, it was a collateral issue in the case and did not receive close analysis. Given the prevalence of foreign misappropriation, coupled with the potentially more powerful remedies now available in federal court, we can expect this issue to be squarely addressed before long. Answering the question whether the DTSA applies fully, conditionally, or not at all to conduct outside the US could have a profound effect on cross-border litigation over trade secrets.

Employee mobility

The DTSA’s limitation on judicial power to restrain departing employees from accepting a new position has so far received close attention in only one case, but with clear effect. An executive working for a defence contractor took a job with a competitor serving the same government agency. When his former employer sought an injunction that would prohibit his doing business for that agency, the court found that such a restriction in theory would not amount to an impermissible restraint on accepting employment. And although the DTSA also forbids injunctions in conflict with state law protecting labour mobility, the applicable state rule provided an exception when necessary to protect trade secrets. The court’s order granting injunctive relief stands as an example of the DTSA’s effective balance of legitimate, competing interests.

Relation to state laws

The vast majority of cases filed so far under the DTSA have coupled that claim with a parallel misappropriation claim under the law of the state in which the federal court sits. In some cases the two laws may have meaningfully different standards, depending on the extent to which that state’s law varies from the DTSA. A common example would be the limitations period, which is three years under the DTSA but can extend to as long as five or six years under some state laws. Other variations include the availability of royalties as an alternative to injunction, the definition of what constitutes a trade secret, and allowable damage theories. No federal court has yet expressed that this simultaneous assertion of different laws to cover the same claim is problematic; however, we are still in the early stages of most DTSA cases, and as they proceed closer to trial we can expect to see courts require elections or otherwise resolve the conflict.

It turns out that Rule 65 in practice is broader and more flexible than some had imagined. As some DTSA cases have shown, where the proof is strong, plaintiffs may be able to secure the functional equivalent of an ex parte seizure under pre-existing authority

Other state laws are often asserted along with a trade secret claim. Enforcement of a noncompetition contract or other restrictive covenant is a common example. But where alternative legal theories can be asserted under state law for what amounts to the theft of information – business torts such as conversion, breach of confidence and unfair competition – the issue becomes potentially more complicated. That is due to a section in the UTSA that declares the “displacement” of such claims in favour of the single statutory cause of action. Most states have interpreted this section broadly, making it impossible in those states to assert the alternative claims. When the DTSA was being considered, some commentators speculated that federal courts hearing DTSA claims might allow the displaced theories because the DTSA itself has no similar “displacement” provision. But in the only case that has directly confronted the issue, the court reasoned that alternative claims displaced by the law of the relevant state could not be revived merely by bringing them together with a DTSA claim in federal court.

Whistleblowers

Protection for whistleblowers under the DTSA was expressed as “immunity” from liability under any state or federal trade secret laws. That term has special significance under US Supreme Court decisions, requiring that district courts promptly determine whether a defendant enjoys the privilege and if so dismiss the case. However, most immunities are immediately apparent by a person’s undeniable status, such as a government official. DTSA immunity is qualified not only by the requirement that the individual disclose information in confidence to law enforcement or to an attorney, but that the disclosure be made “solely” for the purpose of “reporting or investigating a suspected violation of law.”

In the only case that has construed this provision, the employee had taken confidential documents and provided them to his attorney, who asserted that he was reviewing them for possible disclosure to the authorities. The employer filed for an injunction requiring the documents to be returned, and the employee moved to dismiss on grounds of immunity. The judge issued an order that the documents be surrendered to the court, and he refused to dismiss the case, noting that it was not possible on the record to conclusively determine that reporting to law enforcement was the employee’s “sole” objective.

Critics of the decision have argued that immunity must be determined as a first priority, and that it undercuts the purpose of the statute to subject a whistleblower to any litigation risk or expense. Some have suggested that courts will develop a procedure similar to that used in connection with challenges to personal jurisdiction, in which discovery is allowed only on the relevant predicate facts, which then can properly inform a motion to dismiss.

The year ahead

Trade secret owners and their counsel appear to have embraced the DTSA eagerly, seeing in the federal forum a familiar and more reliable environment for resolving disputes. But even though one case has already gone to trial (resulting in a verdict for the plaintiff), most cases are still in relative infancy. As they mature we can expect substantial progress in the developing federal jurisprudence. If all goes well, federal courts will influence not only each other but also the continuing development of state laws that closely align with the DTSA, leading to the greater harmony and efficiency in trade secret enforcement that Congress intended.

Published in the George Mason Law Review, Volume 23, Number 4, Pages 1045-1078

If you have strategic responsibility for intellectual property, then you may already feel the ground shifting beneath you. Patents have held sway during our professional lifetimes not only as a marker of innovation, but as the main way in which companies protect and exploit their competitive advantage. Not any more. Like an old style of dress, trade secrets are coming back into fashion and turning heads...

What kind of intellectual property (IP) is most often relief on by business to protect competitive advantage? Most people would answer with one of the best known areas of IP: patents, copyrights, trademarks or designs. But they would be wrong. The most common form of protection used by business is secrecy.

Why then do trade secrets receive less attention than the other areas of IP?

linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram