Whether it is Google, Fonterra or a small technology company, businesses of all sizes need policies and practices that best align the identification, protection and use of intellectual property (IP) assets with their commercial objectives.
An important part of those policies and practices is how the business deals with its trade secrets. Like any confidential information, trade secrets are valuable because they are secret. That value is lost if the trade secret falls into the public domain or, in some cases, becomes known by a competitor.
Your policies and practices should address how your business:
- identifies trade secrets and determines what, if anything, should be done with them
- keeps its trade secrets confidential, not only because of their inherent value, but because those policies and practices may, themselves, strengthen the business's trade secret rights
- decides when and how trade secrets should be disclosed (if ever).
Identifying trade secrets
An IP policy should establish a process for identifying new or improved products and processes developed within your business.
This can be achieved in different ways. Some businesses require that staff provide formal written notifications of any developments. Some provide financial incentives by rewarding staff that notify it of developments that are eventually implemented by the business. Others make it a responsibility of managers to identify developments in regular staff meetings. Whatever approach is taken, it must be actively managed to overcome, what is often, a natural inclination of staff to underestimate the significance of developments they have made within their field of expertise.
Where developments are identified, a number of IP rights may be relevant, including rights in inventions (such as the right to seek a patent), rights in designs and rights copyright works. However, initially at least, the value of any invention, design or other work will be in its confidentiality. Early disclosure or use is likely to prevent patent or design protection and will close options for maintaining the development as a trade secret or strategically releasing the development to the market. Therefore, new developments should be kept secret until the business makes a considered decision about what to do with them.
Policies for deciding what to do with a new developments must be tailored for each business and its technologies and markets. Businesses like Apple, Samsung or pharmaceutical companies will have policies that are weighted in favour of patenting, often in an effort to ring-fence a core product with as much protection as possible. For others, a more flexible approach will be needed depending on the nature of the development. For example, an improvement to a manufacturing process that is only used within the business, may be best kept as a trade secret. On the other hand, if competitors could work out that improvement by looking at the resulting product in the market, it may be better to seek patent protection. Other factors to consider may include, whether it is practical to identify an infringer if a patent was obtained, what are the local IP laws in the relevant markets, what is the product's likely market life, do investors, licensees or commercial partners require formal protection and (as always) are the costs justified.
Protecting trade secrets
In New Zealand, trade secret rights can be enforced if the trade secret has a 'character of confidence'. This means it must actually be secret or confidential and must have been disclosed in a situation where a confidentiality obligation has been agreed or can be implied.
In the United States, the Uniform Trade Secret Act (UTSA) expressly requires that, for a trade secret to be enforceable, the business must have made reasonable efforts to keep it confidential.
Therefore, well implemented policies and practices should help establish that the business's trade secrets have the necessary character of confidence. And, if you are doing business in the US, they can help establish that you have made sufficient efforts to keep that information confidential to meet the US's legislative requirements.
Wherever your business is operating, the UTSA requirements for keeping trade secrets confidential provide a useful bench mark for assessing whether a company is placing suitable protections on its confidential information. Types of requirements identified in relation to the USTA include:
- appropriately allocating responsibility for confidentiality within the business
- maintaining a register of trade secrets (however, consideration should be given to the risk of such a register being lost or stolen)
- limiting internal access to trade secrets to people within the business who have 'a need to know'. This may include dividing access to internal databases between different sections of the business.
- educating staff about confidentiality and ensuring employment agreements include suitable confidentiality obligations
- ensuring trade secrets are securely stored, either electronically or in hard copy
- limiting physical access to laboratories or other locations
- ensuring IT systems are appropriately secure, that logons are used, security is regularly updated and restrictions are placed on emailing or sharing data, including through mobile devices
- ensuring visitors sign confidentiality obligations and are not able to visit secured areas or carry recording devices.
These requirements are not absolute and some protections are more relevant in some circumstances than others. However, what is important is that the business acts consistently over time in its protection of its trade secrets. Strong IP policies and practices will help your business do this.
Disclosing trade secrets
Disclosing trade secrets or confidential information is, to some extent, an essential part of most businesses. This may be when seeking investment, entering collaborations, contracting with suppliers or distributors, tendering or simply by releasing products to market.
Therefore, an IP policy needs to include sensible procedures for the disclosure or sharing of trade secrets. These may include:
- requiring all visitors execute an approved confidentiality acknowledgement;
- requiring that an approved confidentiality agreement be executed in relation to all disclosures; and
- setting requirements for senior management or board approval for disclosures of certain information or any disclosure that is inconsistent with the policy.
When deciding whether to make a disclosure, the business must consider the relevant information, who it is being disclosed to and how it will be used. Different considerations will be relevant if, for example, the information is disclosed to:
- a potential customer in a tender who could simply use the information it itself or pass it to a competing tenderer;
- a government agency that may be required to release the information under the Official Information Act or its foreign equivalent; or
- an offshore entity that is subject to its own local law which, in countries such as Brazil, may limit how long information can remain confidential.
Recognising these considerations may result in the business not disclosing the trade secret at all, requiring that specific terms and conditions apply to the disclosure, or that the amount of information disclosed is limited or does not include a key element. In other situations, the business' recognition of these considerations may simply mean it is aware of what is at stake and can make an informed decision about the release of its trade secrets.
Trade secrets form a large part of most companies' IP. Actively managing them is as important as actively managing registered IP portfolios.