Posted By: Stephen Timmer
Aha! You are a computer and software salesperson that has finally found the angle necessary to break through and win the business of the fastest and steadily growing law firm in the country. You are sitting in a coffee shop with free and unsecured wi-fi when this epiphany comes to you; deciding that you cannot wait until you get to your office to enter this information, you use and an app on your smartphone that links to client database at your office computer. As luck would have it, your unscrupulous rival from the other computer and software company happens to be in the coffee shop that day as well. Your competitor decides to hack into your phone, using the same unsecured wi-fi signal, to see what you have gotten so excited about. He makes his way to the app that connects to your computer database and finds the note about winning the business at the law firm. Being the opportunist that your competitor is, he sets up a meeting with the business manager of the firm, uses “your epiphany” to lock up the firm in an exclusive multi-year deal to purchase their computers and software from his company.
Sadly, the possibility of a scenario like this occurring is all too real. The ever-growing demand for information to be available and accessible is making the vulnerability of a company’s trade secrets a conundrum to be dealt with. In Allied Portables v. Youmans, a case that was heard in the Federal District Court of Middle District of Florida, a former employee gained access to the company’s business software from a home computer in an attempt to prevent the manager of business operations from using the software. Allied also accused the former employee of having unauthorized access to their customer list. As wireless technologies continue to proliferate, we can only expect situations like this to become more common for businesses to deal with. Businesses will be leaning even more on their legal representation for answers on how to deal with the demand for accessible information and the protection of their trade secrets; attorneys will need to ask themselves how much the law can do to help their business clients. Perhaps the solution lies in reimagining policies regarding technology use in the workplace in order to mitigate their chances of having trade secrets exposed.
What is a Trade Secret?
For those unfamiliar with what a trade secret is, it is one of the most common ways in which businesses work to protect certain classified information. A trade secret is defined as information that is valuable to a business, typically because it gives the business a competitive advantage and it is not public knowledge. Trade secrets are not public knowledge because measures are taken to maintain their secrecy. A big part of the appeal of trade secrets as a method to protecting valuable information is that they do not require formal paperwork to be drawn up and submitted like copyright and patent protection.
So what can be classified as information valuable to a business that gives it a competitive edge? For starters a formula or an algorithm can be a trade secret. A classic example of a formula being a trade secret is the one used to make Coca-Cola. The recipe for Coca-Cola is such a well kept secret that there is even speculation as to how they keep the recipe a secret. In the world of technology, Google has one of the closest guarded secrets in its industry, the algorithm for its search engine. Google’s algorithm is a mathematical program that is at the heart of how Google’s search engine finds the results of a search. One way in which it is rumored that Google maintains the secrecy of its algorithm is the number of times each year Google changes it; it rumored to change anywhere from 500-600 times per year. A trade secret can also be something as simple as a list of clients that are exclusive to you or the schematics to a new gadget that your company plans on rolling out, but have not made public yet.
When is a trade secret not a trade secret anymore? Simple, when that information is made public. If a company fails to take what are perceived as adequate steps to protect information that it deems valuable, then that information is no longer protected as a secret. Back when the iPhone 4 was in testing, Apple experienced this very problem. How one obtains a trade secret matters a great deal, especially if it is gained by questionable means. Congress addressed this problem with the Economic Espionage Act of 1996; the law criminalizes the theft of trade secrets either by foreign agent and the common theft of trade secrets, regardless of the party that benefits. One of the legitimate ways in which a trade secret can be revealed is reverse engineering; this occurs when someone dissects a machine or software to figure out how it is put together. If the person can figure out how the secret behind the company’s machine or software in doing so, it is not a trade secret anymore. Courts have recognized reverse engineering as a legitimate way to gain a trade secret. Unfortunately, the amazing innovations in IoT technology are making the protection of trade secrets more problematic.
Trade Secrets & the Law
There are a number of legal mechanisms available to businesses seeking to protect their trade secrets. One such mechanism is “inevitable disclosure”; businesses employ this when a former employee possesses knowledge of a trade secret and if there is a threat that the trade secret(s) will be used against that business. In a case between sport drink rivals back in the 1990’s, the judge enjoined the executive that left one of the sport drink rivals to work for the other, due to his knowledge of the company’s distribution, marketing and pricing plans. Unfortunately, this does nothing to stop a business’ employee from intercepting confidential trade secrets being transmitted over unsecure communication medium, such as many Wi-Fi networks and Bluetooth. Under inevitable disclosure doctrine, you have to know the employee that has access to that information; utilizing the aforementioned communication protocols opens up that access to many people.
One of the requirements that businesses must meet to have confidential information protected as a trade secret is to take steps to protect that information from being disseminated. One such company that was a party to an appeal to the Second Circuit Court of Appeals in 1994 did just that. An employee, who signed an employment agreement prohibiting employees from retaining any confidential information, left the company to join a competitor. The information the employee retained was source code vital to the creation of their proprietary software. In this scenario, the Circuit Court certified the matter regarding trade secret misappropriation to the Texas Supreme Court for consideration, what if the information taken by the employee was intercepted from an unsecured method of communication? Would the Circuit Court have looked at the information as public information because the company failed to take reasonable methods to safeguard the information?
In 2016, Congress took a step towards a uniform protection of businesses’ trade secrets with the passage of the Defend Trade Secrets Act (DTSA). The Act provides a more liberal definition of what a trade secret is and how it can be misappropriated. It defines a trade secret as “all forms and types of financial, business, scientific, technical, economic or engineering information…if the owner has taken reasonable measures to keep such information secret and the information derives independent economic value, actual or potential, from not being generally being known to, and not being readily ascertainable means by another person who can obtain economic value from the disclosure or use of that information.” The DTSA allows for injunctive relief or the prevention of that information from being used if it can be established that the trade secret was gained by improper means. Considering that hacking is established as an improper means of gaining access to someone else’s computer, it goes without saying that it would likely be seen as an improper means of gaining a trade secret. While this law is a great step in the right direction, it leaves wiggle room for someone to argue that information is not a trade secret if reasonable steps are not taken to protect it. As established, there are many Wi-Fi networks that are not properly secured and Bluetooth protocols. With the proliferation of an interconnected world thanks largely to wireless communication, it is impossible to put the genie back in the bottle at this point.
While the law has improved injunctive methods for businesses to prevent the dissemination of their trade secrets, thanks in large part to the DTSA, an ounce of prevention is still worth more than a pound of cure. The convenience of wireless communication protocols in regards to productivity is making it more of a reality that businesses are dealing with; information needs to be accessible to its employees. Investment in encrypted communication methods will help to mitigate the chances of unwanted guests snooping around in their secret stash of information that makes their businesses go. Here’s to a safer and more secure Internet for the professional world.