Trade secrets have historically been protected by a patchwork of various state statutes. With the passage of the Defense of Trade Secrets Act (DTSA) on May 11, 2016, trade secrets now have uniform protection under federal law by a powerful set of enforcement tools that can be used in federal court nationwide. The DTSA also grants whistleblower immunity to those who disclose trade secrets to the government for the purpose of reporting suspected illegal conduct.

The DTSA imposes an obligation on employers to notify all employees and contractors that they are entitled to whistleblower immunity. This notice must be provided in every contract with an employee or contractor that governs the use of a trade secret or other confidential information. Applicable contracts may include employment applications containing contractual language, employment agreements, restrictive covenants, non-disclosure agreements, compensation agreements, separation agreements, BYOD agreements that contain confidentiality language, and confidentiality stipulations (entered in lieu of protective orders in court).

If an employer fails to provide the required notice, the DTSA precludes awards for exemplary damages or attorney’s fees in any action against an employee to whom notice was not provided. In view of the many eight- and nine-figure verdicts rendered in recent trade secret cases, this penalty can be substantial.

The DTSA does not articulate specifically what must be included in the notice. While more detail is better than less, anything short of a full verbatim recitation of all of the immunity provisions in the DTSA creates the risk that such notice will be challenged as insufficient. Accordingly, the only way for an employer to eliminate this risk entirely is to provide the complete text of the immunity provisions in the DTSA with every contract that governs the use of a trade secret or other confidential information.

In an apparent recognition of the difficulty of including all of the of the immunity provisions within the text of every such contract, the DTSA provides that employers will be considered in compliance with the notice requirement if they simply provide a “cross-reference” in such contracts to something it calls a “policy document.” According to the DTSA, this policy document must: (1) be provided to the employee or contractor (presumably concurrently with the execution of the contract or agreement); and (2) set forth the employer’s whistleblower policy.

While an employer’s option of only referencing a policy document relieves the burden of including lengthy notice provisions in every agreement, it sheds no light on the what must be included in that document. Ideally, a detailed policy document should identify which individuals are protected, what conduct is protected, and should provide instructions on how to report possible violations of law to appropriate authorities. But, as with providing such notice in contracts themselves, anything less than a complete recitation of the immunity provisions of the DTSA carries risk. Thus, the safest course for an employer to take in crafting its policy document would be to include the entirety of the immunity provisions of the DTSA.

Recommendations

There are several things employers can do to ensure compliance with the DTSA notice requirements, and to minimize the risk of losing the ability to recover exemplary damages and attorney’s fees in future trade secret litigation:

  • Review and update all agreements with employees and contractors which reference confidentiality to ensure that appropriate language is included in all of such agreements going forward.
  • Create a DTSA policy document to be given to every employee and contractor with every contract which references confidentiality.
  • Require all suppliers, vendors, and any other contractors whose employees have access to trade secrets or confidential information to provide appropriate notice to their employees.
  • Verify compliance with the DTSA notice requirements by having counsel review all standard contracts and company policy documents to make sure they contain the required language.