A few years back, we had a client – a manufacturing business – that decided to sue an ex-employee for stealing its trade secrets. Our client had developed a process that was unique. Using this process, it was able to manufacture certain products in a very fast and cost-effective way, keeping its prices lower and its profits higher than its competition. The ex-employee went to work for a competitor and, according to our client, shared his knowledge of the secret process with his new employer.
From our first meeting, the client insisted that their unique process was a closely-guarded secret. We were told that only a few trusted employees understood or had access to information about it. Their whole case was based on that. The problem? When we toured the manufacturing plant, we discovered that the secret process was described in lists and diagrams posted on the wall of a room where employees came and went all day, and where plant visitors were sometimes brought during tours. In the minds of our client’s upper management, the process was secret, but in reality it was not kept confidential. Our case against the ex-employee was much weaker than it would have been if the company’s valuable information had actually been the closely guarded secret our client seemed to think it was.
We thought of this case when we reviewed proposed legislation that creates a federal trade secret claim. We are also very aware of the vulnerability of companies’ trade secrets in the event of a data breach. Even absent a data breach, a company’s failure to secure trade secrets and confidential information within its internal information management system is the electronic equivalent of posting that secret process on the plant wall: if everybody can access trade secrets, they don’t qualify for legal protections.
Here are some practical steps companies can take to protect confidential information and trade secrets from internal and external threats:
- Figure out what trade secrets or confidential and proprietary information you have.
- Determine where and in what form (i.e., electronic or hard copy) this information is stored.
- Identify who, inside and outside your organization, needs access to this information, and when.
- Take appropriate steps to restrict access. Lock the file cabinet, don’t allow confidential documents to be left out on desks, and create protocols for access to electronic files and data.
- Explain why access to information is being limited, and train employees about the importance of protecting these business assets.
- Investigate and, if appropriate, take corrective action if unauthorized access or misuse of confidential information is suspected.
- Don’t lose track of this issue. Trade secrets change. People come and go. Information systems evolve. Through it all, however, confidential and proprietary information has value that should not be put at risk.
Posted by Judy Langevin