Congress has finally passed the anticipated Defend Trade Secrets Act of 2016 (DTSA). The bill, which is now on its way to the White House and is expected to be signed by President Obama, will be effective immediately once it is signed into law. 

The Backdrop

In the last few years, Congress and the Obama administration have paid increasing attention to the impact of trade secret misappropriation on the U.S. economy. In 2013, the Obama administration released its report, “Administration Strategy on Mitigating the Theft of U.S. Trade Secrets.” The report observed that “[e]merging trends indicate that the pace of economic espionage and trade secret theft against U.S. corporations is accelerating. . . . Advancements in technology, increased mobility, rapid globalization, and the anonymous or pseudonymous nature of the Internet create growing challenges in protecting trade secrets.” The report warned private enterprises “to consider whether their approaches to protecting trade secrets keeps pace with technology and the evolving techniques to acquire trade secrets enabled by technology.” Against this backdrop, Congress turned its attention to the topic, issuing several versions of federal legislation designed to tackle cyber-enabled theft. These efforts culminated with the DTSA.

The Amendments

Currently, section 1832 of The Economic Espionage Act of 1996 (EEA) criminalizes trade secret misappropriation. The EEA allows for both civil and criminal proceedings by the U.S. Department of Justice, but does not provide a federal private right of action. The DTSA amends the EEA by establishing the first ever federal private right of action for trade secret misappropriation.

While largely modeled on the Uniform Trade Secrets Act (UTSA), which 48 states have adopted, the DTSA is distinct from the UTSA in a number of ways. The DTSA provides a federal private right of action for trade secret misappropriation claims based on products or services used in or intended for use in interstate or foreign commerce.  While the DTSA provides remedies similar to those found in various state law trade secret provisions—including injunctive relief, actual damages, unjust enrichment, reasonable royalty, exemplary damages for willful and malicious misappropriation, and attorneys’ fees, the DTSA also allows for the court’s ex parte civil seizure of property necessary to prevent the propagation or dissemination of trade secrets. The DTSA provides a three-year statute of limitations and does not preempt existing state laws.

What Is Protected and What Is Prohibited?

The basic protections and prohibitions of the DTSA are similar to those of the UTSA. Under the DTSA, the term “trade secret” means all forms and types of financial, business, scientific, technical, economic, or engineering information, including patterns, plans, compilations, program devices, formulas, designs, prototypes, methods, techniques, processes, procedures, programs, or codes, whether tangible or intangible, and regardless of whether or how stored, compiled, or memorialized physically, electronically, graphically, photographically, or in writing if: (a) the owner has taken reasonable measures to keep such information secret; and (b) the information derives independent economic value, actual or potential, from not being generally known to, and not being readily ascertainable through proper means by another person who can obtain economic value from the disclosure or use of the information.

Under the DTSA, “misappropriation” means (a) the acquisition of a trade secret of another by a person who knows or has reason to know that the trade secret was acquired by improper means; or (b) the disclosure or use of a trade secret without consent by a person who (i) used improper means to acquire the trade secret; (ii) or knew or had reason to know that the knowledge of the trade secret was (I) derived by improper means, (II) acquired under circumstances giving rise to a duty to maintain secrecy or limit use, or (III) derived from a person who owed a duty to maintain secrecy; or (iii) the person knew or had reason to know the trade secret was a trade secret and had knowledge that the trade secret was acquired by accident or mistake. Under the DTSA, “improper means” include theft, bribery, misrepresentation, breach or inducement of a breach of a duty to maintain secrecy, and espionage through electronic or other means. But, the term does not include reverse engineering, independent derivation, or any other lawful means of acquisition.

The DTSA provides immunity for disclosures made to the government or in a court filing, including provisions allowing for the use of such information in connection with retaliation claims by employees against their employers. These provisions require employers to notify their employees of these immunities in any contract or agreement that governs the use of a trade secret or other confidential information. The failure to comply with this notice requirement could preclude the employer from recovering exemplary damages or attorneys’ fees.

What Should Employers Do?

Employers should be aware of the possible perils that may result from the mobility of employees between employers. Employees who move to new companies (many of whom are digitally integrated) can bring or take (either unwittingly or intentionally) valuable trade secrets that expose employers to potential loss and/or liability. Employers should consider taking the following steps to protect against trade secret misappropriation:

  • Review and identify your company’s trade secrets.
  • Assess the value of these trade secrets (and the potential impact of their loss).
  • Examine the ways in which those secrets may be exposed or threatened (confidentiality is absolutely key to maintaining protection).
  • Take measures to secure trade secrets through protective onboarding and offboarding strategies and workplace policies and procedures, including:
    • Update offer letters and nondisclosure, confidentiality, invention and assignment, nonsolicitation (where enforceable), and return of property agreements (be sure all immunity notice requirements are met).
    • Update and implement effective “bring your own device” (BYOD) and data security policies and practices.
    • Use exit interviews.
    • Consider implementing forensic review where appropriate.
    • Follow up with former employees after they have left employment (e.g., with obligations reminders and/or cease and desist demands).

Congressional passage of the Defend Trade Secrets Act of 2016 reflects the reality that, as technology evolves, strategies for safeguarding the information of U.S. companies must evolve.