A few years back, we had a client – a manufacturing
business – that decided to sue an ex-employee for stealing its trade
secrets. Our client had developed a
process that was unique. Using this process, it was able to manufacture certain
products in a very fast and cost-effective way, keeping its prices lower and
its profits higher than its competition.
The ex-employee went to work for a competitor and, according to our
client, shared his knowledge of the secret process with his new employer.
From our first meeting, the client insisted that their
unique process was a closely-guarded secret.
We were told that only a few trusted employees understood or had access
to information about it. Their whole
case was based on that. The problem? When we toured the manufacturing plant, we
discovered that the secret process was described in lists and diagrams posted
on the wall of a room where employees came and went all day, and where plant
visitors were sometimes brought during tours.
In the minds of our client’s upper management, the process was secret,
but in reality it was not kept confidential.
Our case against the ex-employee was much weaker than it would have been
if the company’s valuable information had actually been the closely guarded secret
our client seemed to think it was.
We thought of this case when we reviewed proposed
legislation that creates a federal trade secret claim. We are also very aware of the vulnerability
of companies’ trade secrets in the event of a data
breach. Even absent a data breach, a
company’s failure to secure trade secrets and confidential information within
its internal information management system is the electronic equivalent of posting
that secret process on the plant wall: if everybody can access trade secrets,
they don’t qualify for legal protections.
Here are some practical steps companies can take to
protect confidential information and trade secrets from internal and external
threats:
-
Figure out what trade secrets or confidential and proprietary information you have.
-
Determine where and in what form (i.e., electronic or hard copy) this information is stored.
-
Identify who, inside and outside your organization, needs access to this information, and when.
-
Take appropriate steps to restrict access. Lock the file cabinet, don’t allow confidential documents to be left out on desks, and create protocols for access to electronic files and data.
-
Explain why access to information is being limited, and train employees about the importance of protecting these business assets.
-
Investigate and, if appropriate, take corrective action if unauthorized access or misuse of confidential information is suspected.
-
Don’t lose track of this issue. Trade secrets change. People come and go. Information systems evolve. Through it all, however, confidential and proprietary information has value that should not be put at risk.
Posted by Judy Langevin
