Those interested in securing their company’s trade secrets – which should be all readers – need to remember the importance of good information security practice. Under applicable law, material qualifies as a trade secret only if its owner utilizes reasonable measures to keep it secret.
This involves identifying and enumerating such materials. They are often customer, supplier and employee lists, and know-how such as product formulas, operations manuals and customer pricing and purchase history. It involves material that offers a competitive advantage to its user but is not subject to patent protection, whether because of owner choice or legal unavailability. Even companies not viewed as high tech in nature invariably have several trade secrets.
Once the material is identified, it must be properly secured. While, this often involves written agreements and policies requiring confidentiality, this is only a starting point. Affirmative security measures are needed.
This means not only physical security such as locking file rooms, but also electronic security such as use of firewalls, intrusion detection hardware and possibly encryption, and limiting access to those with a need to know through electronic partitioning of databases and disabling USB ports where possible to prevent disgruntled employees or visitors from walking off with it. Trade secret disputes arise from both 3rd party hacking and employees walking off with sensitive material on paper or flash drives or sending via e-mail, when joining competitors or starting their own businesses. Both types of exposure must be properly addressed through technical and policy measures.
For public companies – and probably private companies raising money in private placements – the SEC requires disclosure of steps taken to secure such materials and an evaluation of the risk of their misappropriation. Our IP and privacy partners can work with you to craft a trade secret and data protection strategy that fits your company’s specific circumstances.