Insights
Publications

Trade Secret Hygiene for Current Employees

December 31, 2019 Articles
ACCDocket.com

Published on ACCDocket. By Walt Norfleet, Smiths Group plc and Eugene Y. Mar, Farella Braun + Martel LLP

In the first two parts of this series on best practices in protecting trade secrets, we addressed risks raised by the arrival and departure of key employees at companies, and failed potential customer-supplier or acquisition scenarios. In this third and final article, we discuss the importance of maintaining good trade secret hygiene for current employees and recommend a few best practices.

Information security policy

While preparing such a policy in the first instance can be a burdensome challenge, start small. Document basic policies around when employees are permitted to share confidential information outside the company and in what format. It can be helpful to define categories of information, such as public information, internal information, confidential information, and strictly confidential information. Including a menu of characteristics for each classification in your policy along with examples can go a long way in promoting compliance by employees.

You may also want to define protection strategies for each classification. For instance, technical or sales information valuable to a company may require basic password protection access restrictions based on an employee’s “need to know.” More critical information, such as highly valued trade secrets or strategic business information, may be characterized as strictly confidential, requiring more stringent controls, including signoffs from senior leadership prior to sharing.

For technology companies, the importance of documenting key changes to source code and architectural specifications cannot be overstated. Document the primary changes, when they happened, and by whom. Should a company find itself in litigation, being able to establish when particular features were developed will be an important issue.

If your company already has a policy, then be sure to train employees on it on a regular basis.

Train, train, train!

The adage that “you’re only as strong as your weakest link” is particularly true when it comes to training current employees. If one employee carelessly forgets a flash drive containing confidential technical or business files at an airport and compounds the error by failing to encrypt or password link the flash drive, the secrecy around that information could be lost.

Best practices for training come in all shapes and forms. The key is to have an information security policy in place and train employees on its content frequently. Commonly, information security training is done at the time the employee is hired ⁠— during new hire orientation. Additional training could be done during an employee’s performance review, right after a promotion, and when an employee departs.

These trainings can be conducted as an all-hands meeting or a lunch-and-learn. Having a quick guide on the classes of information in your policy, and how each class should be run, can provide a reminder and reference whenever questions come up. Such quick guides may include physical brochures that employees can place on their desks and electronic guides or apps that can help employees classify and mark information appropriately.

Often, companies will forego training because it is burdensome or disruptive to the workflow. To minimize this burden, one best practice is to train employees by having them fill out mandatory, online five- to 10-minute quizzes semi-annually or annually.

The quizzes can, for example, present hypothetical scenarios in the form of a cartoon filmstrip followed by a series of questions asking employees to identify the risks. These brief quizzes can be very effective in reminding employees of information security policies at the company.

Some companies have implemented annual renewals whereby employees have to click through an online portal to:

  • Reaffirm their obligations under their employment contract (including confidentiality); and
  • Complete the information security quiz.

Employees must complete this annual renewal in order to regain access to the company’s storage servers and central document repositories.

Enhancing training by promoting a culture of innovation

For technology companies, effectively competing in the marketplace requires constant innovation. A culture of innovation promotes the importance of protecting that technology, whether that protection is sought through patent protection, copyright, or as a trade secret. The idea is that employees who are invested in developing new technology will be most incentivized to protect them.

To further enhance this culture consider asking employees in their annual reviews to characterize their contributions to company trade secrets — of course being mindful not to share critical information that those viewing the review might not be entitled to see.

Don’t forget the obvious

What can a passerby see when they walk by the windows outside your conference room? What can a visitor see from the lobby? Try it and find out!

Some information security consultants literally walk around the outside of a building and use their mobile phones to photograph what can be seen through a window while casually walking by in a parking lot. These exercises reinforce the importance to employees of maintaining good hygiene practices.

Conclusion

Maintaining good trade secret hygiene doesn’t have to be a burden. Many of the best practices suggested are best implemented as part of semi-annual or annual employee reviews. Implementing these best practices will help minimize the risk of inadvertent disclosure of trade secrets.

In addition, should the company find itself in the position of having to enforce its trade secrets litigation, these best practices will be presented to the judge and jury as the company’s reasonable measures to protect its secret — one of the core legal requirements to proving that trade secrets existed.

About the Authors

Walton Norfleet is IP counsel at Smiths Group plc. He handles a wide variety of IP-related matters and has broad experience in the industrial, energy, medical, and software fields. [email protected]

Eugene Y. Mar leads the technology industry group at Farella Braun + Martel. He specializes in trade secrets, patent, and IP licensing litigation and advises both Fortune 100 and emerging companies on best practices for trade secret protection. [email protected]

Firm Highlights

News

Farella Lawyers Recognized in The Best Lawyers in America® 2024 Edition

Read More
News

Farella Braun + Martel Attorneys Named to 2023 Northern California Super Lawyers and Rising Stars

Thirty-eight Farella Braun + Martel lawyers were named to the Super Lawyers and Rising Stars lists of top attorneys in Northern California for 2023. 2023 Farella Northern California Super Lawyers: Carly Alameda – Business...

Read More
Publication

It Wasn’t Me, It Was the AI: Intellectual Property and Data Privacy Concerns With Nonprofits’ Use of Artificial Intelligence Systems

In today's rapidly changing technological landscape, artificial intelligence (AI) is making headlines and being discussed constantly. To be sure, AI provides a powerful tool to nonprofits in creating content and exploiting for countless cost-effective...

Read More
Publication

AI and Trade Secrets: A Complicated Friendship

Excitement has been growing for decades around the development, training, and use of generative AI, but this past year the excitement escalated into a frenzy. Everyone is considering how AI impacts their business. This article...

Read More
News

Farella Braun + Martel Earns 2024 Best Law Firms® Rankings

Read More
Publication

Takeaways From the Proposed PREVAIL Act

Two proposed bills recently introduced in Congress have the potential to greatly impact the current patent litigation landscape. The bills are titled the Promoting and Respecting Economically Vital American Innovation Leadership (PREVAIL) Act and the Patent...

Read More
Publication

Fair Use Question Goes to Trial in AI Copyright Lawsuit – Thomson Reuters v. Ross Intelligence

On September 25, 2023, a United States Circuit Judge determined that fact questions surrounding issues of fair use and tortious interference required a jury to decide media conglomerate Thomson Reuters’s lawsuit against Ross Intelligence...

Read More
News

Farella Lawyers Recognized as 2023 IP STARS by Managing Intellectual Property

Farella Braun + Martel intellectual litigation partners Daniel Callaway , James Day , Jeffrey Fisher , Winston Liaw , and Eugene Mar were recognized by Managing Intellectual Property in the 2023 edition of IP...

Read More
Publication

What Patent Bills Would Mean for Infringement Litigation

Two bills recently introduced in Congress could significantly affect the current patent litigation landscape. The bipartisan bills are titled the Patent Eligibility Restoration Act of 2023 and the Promoting and Respecting Economically Vital American...

Read More
News

USAA Wins Patent Agreement With Discover, Vows To Keep Going After Banks

Eugene Mar spoke to American Banker for the article, "USAA Wins Patent Agreement With Discover, Vows To Keep Going After Banks." Link (subscription required): https://www.americanbanker.com/news/usaa-wins-patent-agreement-with-discover-vows-to-keep-going-after-banks Eugene said this becomes a business decision for a...

Read More