Phillips Nizer LLP
Phillips Nizer LLP Publications
About Phillips Nizer LLP Phillips Nizer LLP Attorneys Phillips Nizer LLP Industry Teams Phillips Nizer LLP Practice Areas Phillips Nizer LLP News and Events Phillips Nizer LLP Publications
    
About Us Professionals Industry Teams Practice Areas News & Events Publications
Phillips Nizer LLP Publications
 
     Search all
Publications
     Articles
     Legal Alerts
     Newsletters
     Presentations
Home   » »  Publications   » »  Articles   » »  Protecting Trade Secrets in High Technology Companies

Phillips Nizer LLP Articles

Protecting Trade Secrets in High Technology Companies

TECHVISORS SEMINAR
OCTOBER 29, 1996

Introduction -- Trade Secrets, Patents and Copyrights

Technology is one of the most valuable assets that can be protected by trade secret law.

Trade secret law, patents and copyrights each afford some level of protection under appropriate circumstances to certain types of intellectual property or proprietary information; each type of protection has its own requirements and its own limitations to the degree of protection that it affords. For example, marketing and business plans and customer lists and databases may not be protectible under patent or copyright law but nevertheless are valuable, competitively-sensitive, proprietary information that may be protected, with appropriate precautions, as trade secrets. Even then, courts are often reluctant, for example, to protect customer lists where the information is known or readily ascertainable, or where the compilation of the information that they contain is not sophisticated, difficulty or particularly time consuming, or where sufficient steps have not been taken to protect their confidentiality.

Unlike patents, only a sufficient degree of novelty is required to make the information protectible as a property right against unauthorized use, and no showing of uniqueness is required for trade secret protection.

Trade secrets are not, in themselves, registered or recorded. Unlike patents and copyrights, trade secrets are protected by state statutes or at common law.

Patent and copyright protection can co-exist in some forms, with different aspects of the same software program protected by either a copyright or patent.

Patent and trade secret protection are generally mutually exclusive, since the purpose of patent protection is to disclose innovations so that after the term of the patent has expired, the invention is in the public domain. There are exceptions, however. For example, a small, innovative segment or subroutine of a large program can be protected by patent and the rest of the program and the way that the segment or subroutine is interrelated to the rest of the program can be protected as a trade secret. If, on the other hand, the trade secret is at the heart of the program, it must be disclosed to have a valid patent.

On the other hand, in the case of software programs, copyrights and trade secrets, are not necessarily mutually exclusive. For example, in the copyright registration process, trade secrets may be excised from the material being registered if the remaining portion contains "an appreciable amount of the original computer code."

What are Trade Secrets?

The first element in protecting trade secrets is to have an understanding of what material is protectible as a trade secret. Most states base their trade secret law on either the Uniform Trade Secrets Act (California is one such example) or the Restatement of Torts (which is followed in New York, among other states).

The Uniform Trade Secrets Act defines a "trade secret" as "information, including any formula, pattern, compilation, program, device or process, which derives independent value from not being generally known and is the subject of reasonable efforts to maintain its secrecy."

The Restatement of Torts § 757 provides that "[a] trade secret may consist of any formula, device, pattern or compilation of information ... used in one's business and which gives him an opportunity to obtain an advantage over competitors who do not know or use it." In a comment to the Restatement, the point is made that "a substantial element of secrecy must exist, so that, except by the use of improper means, there would be difficulty in acquiring the information." The Restatement also lists a number of factors used to determine whether particular information is a trade secret.

Among the factors that New York courts and federal courts applying New York law have recognized are: (1) the amount of effort and money expended in developing what is sought to be protected; (2) the extent of the measures taken to safeguard the secret; (3) the extent to which the information is known outside the business; (4) the extent to which the information is known to employees and others within the business; (5) the value of the information to the party seeking to protect it and to its competitors; and (6) the ease or difficulty with which the information could be properly acquired and duplicated by others.

Because trade secret claims are often based on the breach of a duty or confidence through the improper disclosure of confidential information, courts have generally found that this additional requirement -- or what courts have referred to an "extra element" beyond the acts of reproduction, performance, distribution or display -- is sufficient to make a trade secret misappropriation claim is different from a copyright infringement claim, and, as a result, they have generally found that trade secrecy claims are not preempted by the exclusive rights that are conferred under federal copyright law Enhanced Computer Solution Inc. v. Rose, 1996 WL 324698 (S.D.N.Y., June 10, 1996); Computer Assoc. Int'l, Inc. v. Altai, Inc., 982 F.2d 693 (2d Cir. 1992).

Once a product is placed on the market, it is available to your competitors, unless protective measures are taken. The mere fact, however, that a competitor can duplicate a software product by disassembly, decompilation or reverse engineering does preclude the protection that it would otherwise be afforded as a trade secret, particularly where reverse engineering would be time consuming and costly. Software developers typically closely guard the secrecy of the source code for their programs and distribute the software in object code form under a license that includes a provision prohibiting disassembly, decompilation or reverse engineering. Any use of the software in violation of such a prohibition contained within the terms of an enforceable license may subject the user to liability for misappropriation. The typical commercial release and distribution of software object code generally will not destroy the trade secret protection of the program's internal design or engineering, so long as the owner of the software is diligent about protecting its rights and maintaining the secrecy of the program's internal design and engineering.

Virtually all mass-distributed commercial software is protected under copyright law, which, some courts have held, by prohibiting unauthorized reproduction and unauthorized creation of derivative works, prohibits disassembly, which involves making copies of the program in the form of computer files and printouts generated by the disassembler -- that may constitute unauthorized copies -- and modifications and adaptations of the object code copy -- that may constitute unauthorized derivative works. Other courts have said that under certain circumstances, disassembly may fall with the "fair use" defense under the copyright laws. Generally speaking, where the disassembly "is the only means of gaining access to unprotected aspects of a software program" Sega Enter. Ltd. v. Accolade, Inc., 977 F.2d 1510 (9th Cir. 1993) (no license agreement prohibiting disassembly and no claim of trade secrecy was at issue), or "is strictly necessary to achieve compatibility" Atari Games Corp. v. Nintendo, 1993 Copyright L. Dec. 27,114 at 26,548 (N.D. Cal. 1993), courts are more likely to find that the disassembly is subject to a fair use defense under the copyright laws; increasingly, software companies are making interface specifications and other information available to provide for interoperatability and use with third-party applications, a step that may place significant constraints on the availability of a fair use defense.

In cases where a misappropriation of a trade secret is claimed, the court will determine whether the particular information will be protected as a trade secret. Generally speaking, if a product or process is substantially derived from a trade secret, the person who misappropriates the information cannot use it even if it is combined with independently-developed improvements.

What constitutes misappropriation may be defined by statute or developed as a result of case law decided by the courts. For example, to prove the misappropriation of trade secrets under New York law, the party seeking to protect the information must establish that (1) it possessed a trade secret and (2) the other party used the trade secret in breach of an agreement, a confidential relationship or a duty, or as a result of discovery by improper means.

In California, by statute, "misappropriation" is the disclosure or use of trade secret of another without their express or implied consent by someone that knew or had reason to know that his or her knowledge of the trade secret was acquired under circumstances giving rise to a duty to maintain its secrecy or limit its use or knew or had reason to know it was a trade secret and that his or her knowledge of the trade secret was acquired by accident or mistake. Cal. Civil Code § 3426.1.

Trade secret protection, while broad in scope, is easily lost: for example, if the source code for a program is posted on the Internet, any protection it would otherwise enjoy as a trade secret will vanish. If, on the other hand, someone merely threatens or attempts to sell or use a trade secret, but does not make it public, an injunction may lie to recover the information and to prevent its sale or use.

Reasonable measures must be taken to protect trade secrets or any protection that the information might otherwise receive as a trade secret will be lost. What constitutes "reasonable efforts" is decided on a case-by-case basis. A trade secret has no set time limit; it generally lasts until the information is no longer secret. But, a continuing course of conduct to protect a trade secret must be shown.

Steps You Can Take to Protect Trade Secrets

There are a number of steps that your companies can take to protect trade secrets

  • Selective Dissemination of Information - The single least expensive and most effective means of protection for any form of confidential information is selective dissemination -- make information available on a "need to know" basis; use legends to identify and restrict the use of documents containing trade secrets such as "TRADE SECRET: This document contains proprietary and confidential information. Unauthorized use or circulation is strictly prohibited." Where possible, designate a single, secure location for confidential documents; give access only to employees who need to know; maintain control over the making of copies, use numbered copies where possible, or mark each page with the name of the person to whom the copy is assigned, and maintain a log; also consider using watermarked copies of documents containing trade secrets and affixing the watermark to the page in a way so that unauthorized copies are more readily identifiable
  • Employee Confidentiality Agreements - At a minimum, employees whose job responsibilities bring them into contact with trade secrets should be required to sign an employee confidentiality agreement; many technology-based companies require all employees to sign such agreements without regard to their positions (some courts have said that all employees must sign confidentiality agreements, others have only required that those individuals that are in contact with the trade secret be aware of its confidentiality -- the safest course to follow is to obtain confidentiality agreements from all employees)
  • The most critical element of any confidentiality agreement is a clear identification, at least by category, of what information you regard to be proprietary and confidential; provide a general definition and give examples specific to your business
  • Other key elements include:
  • a promise by the employee to keep your company's proprietary information in confidence except to the extent necessary to perform his or her duties for your company
  • a promise to return all proprietary and confidential information upon termination of employment
  • a representation that the employee is not subject to any other agreement or obligation that would be breached by his or her employment
  • the employee's consent to injunctive relief and specific performance in the event of a breach
  • Policy Statements - The orientation process, the company's employee manual and periodic memoranda should be used to inform your employees and to remind them periodically of your company's policies regarding trade secrets and other confidential information
  • Exit Interviews - Conduct exit interviews with departing employees:
  • Discuss the employee's new position and any potential involvement with competing products or technologies
  • Review the terms of the confidentiality agreement that the employee signed at the time of his or her employment
  • Discuss the types of information that your company regards as trade secrets and focus in particular on categories of confidential information that the employee may be have participated in developing or been exposed to
  • Address the specific steps that your company may take if it believes that a former employee has misappropriated a trade secret
  • Discuss any potential problems that could arise in the employee's new position and answer any questions that the employee may have as to his or her responsibilities with regard to anything that the employee may have learned while employed by your company
  • Review the materials that the employee is taking from the company and confirm that all proprietary material has been returned
  • Prepare a memorandum to the file of the points that were covered during the exit interview; include a checklist of each of the routine items and the details of anything that is out of the ordinary; this last step is important
  • Confidentiality Agreements with Independent Contractors - Independent contractors and temporary personnel working on site should also be required to sign confidentiality agreements
  • Non-Disclosure Agreements - Non-disclosure agreements with suppliers, customers and potential business partners are also critical to protecting trade secrets. Some of the key elements are:
  • include a clear identification of the confidential information being disclosed and the purpose for its disclosure
  • where appropriate, include a disclaimer that no license to the material is being granted by the agreement
  • include an agreement by the recipient to maintain the confidential material in confidence, to use it only for the purpose for which it was disclosed and to limit its disclosure only to designated employees who have signed confidentiality agreements
  • include an agreement by the recipient to notify you immediately of any unauthorized use and to help remedy any breach
  • include an agreement by the recipient to return the materials on demand
  • Effective Computer Security Systems - The ability to transmit information electronically, through internal networks, remote access, on the Internet and on floppy disks makes it critical that you create appropriate safeguards to protect company secrets in electronic form. Access to computers storing trade secrets can provide access to the trade secrets themselves. Key elements of an effective computer security system include:
  • Password-protection of confidential information
  • Purging passwords of departing employees
  • Legending confidential information stored in electronic form
  • For highly sensitive information, developing a screen in which the user affirmatively agrees to confidentiality as a condition of access
  • Utilizing multi-security level document management systems and routinely reviewing access logs for unusual activity
  • Restricting the use of internal e-mail messages, given back-up and retention protocols and the risks of local storage and inadvertent transmission to an unintended recipient and the ability of a recipient to copy and retransmit
  • Not placing confidential information or trade secrets on the same terminals and storage devices that are used for Internet access, given the fact that "firewalls" are not foolproof
  • Not transferring trade secrets or confidential information to outside computer systems where the information can be copied, backed up or stored in an environment that is not secure
  • Confirming that copies of confidential information and trade secrets in electronic form are purged or returned once an authorized user no longer requires access
  • Securing print-outs and storage media
  • Deleting files before computer equipment is sold or disposed of

There are but a few examples of the many steps that can and should be taken; often, the most obvious security procedures are the most frequently overlooked

  • Review and Update Trade Secret Protection Measures on a Regular Basis - Lastly, as companies grow and change and implement new technologies, it is important for them to review their trade secret protection measures to be sure that they are adequate and up-to-date
Phillips Nizer LLP on LinkedIn
© Copyright 2003-2012 Phillips Nizer LLP