Electric Fence: Protecting Proprietary Rights in Collected Energy Data

November 10, 2020 Articles

Like companies in other industries, a growing number of modern energy-related companies are focusing their efforts on data collection and analysis. For example, Enphase – an energy technology company – regularly tracks data about how and when its customers’ homes are using or generating solar energy.[1] As such data collection becomes more widespread, and the resulting data is aggregated, its holders will gain the ability to perform critical, wide-reaching assessments about entire communities’ power use – including power generation, distribution and consumption – an ability which may be very valuable in a competitive marketplace, and may attract interest from competitors.

But how are companies to protect these important data collections? As the companies involved are merely collecting the data – not “inventing” (as would be protected by patent law) or “authoring” it (enabling copyright protection), they cannot rely on traditional registration-based intellectual property protections. Instead, such companies are likely to have to rely on trade secret law to protect this valuable asset from unauthorized third-party use. 

Two key factors affect whether such information may qualify as a trade secret.

1. Confidentiality. Trade secret protectability stems, in part, from the fact that the subject information is kept secret, and is not easily discoverable by competitors. This means that companies must avoid sharing their information with third parties, and must take steps to ensure that such information is protected. 

In this case, that step is complicated by the fact that, in many cases (such as the Enphase example, above), some of the data is already available to individual consumers who use the product or service. However, trade secret protections may still apply to the aggregated data that companies have compiled about patterns of use by large groups of people. 

In order to demonstrate the data’s confidentiality, companies generally must show that they have taken reasonable steps to ensure that it is protected from misuse, by both employees and outside parties. The question as to what is reasonable, however, is open to interpretation, and is evolving with the ever-changing technological environment in which the data resides.

While the analysis seems somewhat circular (i.e., an asset can be protected as a trade secret if it is kept secret), the point is that in the event of unauthorized disclosure or use, such disclosure will only be actionable if steps have been taken to protect the data.

2. Nature and value of the information. Not all confidential information possessed by a company is a trade secret. Confidential data only qualifies for trade secret protection if it has “independent economic value” as a result of its secrecy. When assessing whether such value is present, California courts generally consider (1) the extent to which the owner derives value from the information’s secrecy; ( the extent to which others could obtain economic benefits from the data; (3) the amount of time, money, or labor that the owner spent to develop the information, and (4) the amount of time, money, or labor that would be saved by a competitor by using the information. See CACI 4412; Altavion v. Konica Minolta Sys. Lab., Inc., (2014) Cal.App.4th 26, 62.

Thus, companies claiming that certain information is a trade secret must be able to demonstrate not only that they spent time and effort developing, aggregating, or assembling that information, but also that they and their competitors would find that aggregated information to have economic value.

As energy companies, like many of their peers in other industries, begin to perform more data collection and analysis, it will be important to keep the above factors in mind, to determine how such data can be protected. Many different measures are available, including but not limited to:

  • allowing employee access to the data only on a need-to-know basis;
  • using employee nondisclosure agreements with defined consequences (including procedural consequences) for unauthorized sharing;
  • ending access for departing employees and employees that no longer need access;
  • including confidentiality protections in contracts under which the data is shared;
  • using technology-based gatekeeping measures; and
  • employing other methods to ensure secrecy and protection from disclosure.

But the “reasonable” steps to be taken are not one-size-fits-all. Indeed, what is reasonable for a small company will almost necessarily differ from what is reasonable for a multinational corporation. Moreover, the nature of the data itself could further affect the definition of reasonable measures. Data incorporating consumer personal information, for example, could require a different level of protection (though, as noted previously, the distinct privacy issues related to such data are beyond the scope of this article).

And while the battle over a trade secret may be won or lost well before any claim against an unauthorized user, any disclosure in breach of a contractual obligation requires immediate action (likely in court, using sealed pleadings) if there is any hope of rebottling the genie. 

In the end, as energy (and other) companies become more focused on capitalizing on data, they will need to take steps to protect their data collections, and to limit their exposure. Companies seeking to understand and spot potential (or actual) risks, and to demonstrate the reasonableness of their security measures, should act to define and track the ways in which such information is being used, and their processes to protect confidentiality. Those processes should factor in industry guidance, and the evolving body of court decisions that will continue to define the “reasonable” security measures necessary to protect the value of a company’s trade secret data collections.

[1] This type of data collection also implicates interesting tangential privacy issues not addressed in this article.

Firm Highlights


Privacy During Bankruptcy Proceedings: Why It Matters

During these particularly trying times resulting from the COVID-19 pandemic, businesses of all sizes have been concerned about the future. As a result, considering potential liquidation or restructuring through bankruptcy is inevitably starting to...

Read More

PSDcast – Is Energy Companies' Customer Data a Trade Secret?

We often focus on the privacy issues involved in data collection – and they are critically important – while neglecting the idea of data as a tangible and valuable resource (and how to protect...

Read More

Marine Plastic Pollution: How Global Extended Producer Responsibility Can Help

Nearly nine million tons of plastic waste flow into our oceans each year, arriving in many ways—ranging from polluted rivers and waterways to the wastewater from our washing machines. Once in the ocean, this pervasive...

Read More

US Govt. Promises Additional Offshore Wind Lease Sales, Offers Greater Certainty

John Ugai spoke to  Net-Zero Business Daily for the article "US Govt. Promises Additional Offshore Wind Lease Sales, Offers Greater Certainty." Read his commentary and the full article here .

Read More

Data Center Business Deals Gone Bad, and the Risks of the “Known in the Industry” Defense

Exploring business partnerships often involves or even requires sharing highly confidential trade secret information. The data center industry is no exception, and its participants have in recent years faced litigation focused around the intellectual...

Read More

Undergoing Bankruptcy Proceedings? Here’s How to Make Sure PII Maintains Its Value

Due to the COVID-19 pandemic, some businesses are considering potential liquidation or restructuring through bankruptcy. Companies in this situation should keep privacy concerns in mind, because the handling of personal data in bankruptcy proceedings...

Read More

Proposition 24: California’s Ever-Evolving Privacy Landscape

Next Tuesday is election day, and this year, California voters are deciding whether to support another statewide privacy initiative – the California Privacy Rights Act (CPRA) (Proposition 24).  This measure would expand on the...

Read More

Top 10 Practical Business Implications Arising From the Passage of the CPRA

California’s Proposition 24 passed as expected, and the new California Privacy Rights Act will change the privacy landscape created by the California Consumer Protection Act (CCPA), which went into effect only months ago. While...

Read More

Arbitration Agreements in Privacy Disputes: The Wyze Decision and the CCPA

Earlier this year, a number of individuals brought a lawsuit in the United States District Court for the Western District of Washington against Washington-based company Wyze Labs, Inc (Wyze), which manufactures “smart” home cameras...

Read More

What to Know About Taking a Data Center Company Public Through a SPAC

A recent IPO by InterPrivate IV Infratech Partners, a digital infrastructure-focused special purpose acquisition company, or SPAC, raised $250 million. Its impressive fundraising and management team, led by former CyrusOne CTO Kevin Timmons, may cause privately...

Read More