Insights
Publications

Trade Secret Hygiene for Current Employees

December 31, 2019 Articles
ACCDocket.com

Published on ACCDocket. By Walt Norfleet, Smiths Group plc and Eugene Y. Mar, Farella Braun + Martel LLP

In the first two parts of this series on best practices in protecting trade secrets, we addressed risks raised by the arrival and departure of key employees at companies, and failed potential customer-supplier or acquisition scenarios. In this third and final article, we discuss the importance of maintaining good trade secret hygiene for current employees and recommend a few best practices.

Information security policy

While preparing such a policy in the first instance can be a burdensome challenge, start small. Document basic policies around when employees are permitted to share confidential information outside the company and in what format. It can be helpful to define categories of information, such as public information, internal information, confidential information, and strictly confidential information. Including a menu of characteristics for each classification in your policy along with examples can go a long way in promoting compliance by employees.

You may also want to define protection strategies for each classification. For instance, technical or sales information valuable to a company may require basic password protection access restrictions based on an employee’s “need to know.” More critical information, such as highly valued trade secrets or strategic business information, may be characterized as strictly confidential, requiring more stringent controls, including signoffs from senior leadership prior to sharing.

For technology companies, the importance of documenting key changes to source code and architectural specifications cannot be overstated. Document the primary changes, when they happened, and by whom. Should a company find itself in litigation, being able to establish when particular features were developed will be an important issue.

If your company already has a policy, then be sure to train employees on it on a regular basis.

Train, train, train!

The adage that “you’re only as strong as your weakest link” is particularly true when it comes to training current employees. If one employee carelessly forgets a flash drive containing confidential technical or business files at an airport and compounds the error by failing to encrypt or password link the flash drive, the secrecy around that information could be lost.

Best practices for training come in all shapes and forms. The key is to have an information security policy in place and train employees on its content frequently. Commonly, information security training is done at the time the employee is hired ⁠— during new hire orientation. Additional training could be done during an employee’s performance review, right after a promotion, and when an employee departs.

These trainings can be conducted as an all-hands meeting or a lunch-and-learn. Having a quick guide on the classes of information in your policy, and how each class should be run, can provide a reminder and reference whenever questions come up. Such quick guides may include physical brochures that employees can place on their desks and electronic guides or apps that can help employees classify and mark information appropriately.

Often, companies will forego training because it is burdensome or disruptive to the workflow. To minimize this burden, one best practice is to train employees by having them fill out mandatory, online five- to 10-minute quizzes semi-annually or annually.

The quizzes can, for example, present hypothetical scenarios in the form of a cartoon filmstrip followed by a series of questions asking employees to identify the risks. These brief quizzes can be very effective in reminding employees of information security policies at the company.

Some companies have implemented annual renewals whereby employees have to click through an online portal to:

  • Reaffirm their obligations under their employment contract (including confidentiality); and
  • Complete the information security quiz.

Employees must complete this annual renewal in order to regain access to the company’s storage servers and central document repositories.

Enhancing training by promoting a culture of innovation

For technology companies, effectively competing in the marketplace requires constant innovation. A culture of innovation promotes the importance of protecting that technology, whether that protection is sought through patent protection, copyright, or as a trade secret. The idea is that employees who are invested in developing new technology will be most incentivized to protect them.

To further enhance this culture consider asking employees in their annual reviews to characterize their contributions to company trade secrets — of course being mindful not to share critical information that those viewing the review might not be entitled to see.

Don’t forget the obvious

What can a passerby see when they walk by the windows outside your conference room? What can a visitor see from the lobby? Try it and find out!

Some information security consultants literally walk around the outside of a building and use their mobile phones to photograph what can be seen through a window while casually walking by in a parking lot. These exercises reinforce the importance to employees of maintaining good hygiene practices.

Conclusion

Maintaining good trade secret hygiene doesn’t have to be a burden. Many of the best practices suggested are best implemented as part of semi-annual or annual employee reviews. Implementing these best practices will help minimize the risk of inadvertent disclosure of trade secrets.

In addition, should the company find itself in the position of having to enforce its trade secrets litigation, these best practices will be presented to the judge and jury as the company’s reasonable measures to protect its secret — one of the core legal requirements to proving that trade secrets existed.

About the Authors

Walton Norfleet is IP counsel at Smiths Group plc. He handles a wide variety of IP-related matters and has broad experience in the industrial, energy, medical, and software fields. [email protected]

Eugene Y. Mar leads the technology industry group at Farella Braun + Martel. He specializes in trade secrets, patent, and IP licensing litigation and advises both Fortune 100 and emerging companies on best practices for trade secret protection. [email protected]

Firm Highlights

Publication

Breaking up the Patent Monopoly for the Benefit of Batteries

The patent monopoly is at odds with the global need for battery storage technology. As the world mobilizes towards climate change solutions, companies with battery patents will face increasing pressure to share this critical...

Read More
Publication

Artificial Intelligence Can’t Patent Inventions: So What?

The USPTO’s  recent landmark decision  ( 16/524,350 ) concluding artificial intelligence (AI) cannot be a named patent inventor perhaps sparked fears of super-robots inventing critical technologies that, alas, receive no patent protection. If an...

Read More
Publication

Insights Into the First Patent Trial in Waco, Texas - MV3 Partners v. Roku

A 7-person jury in Waco, Texas, recently returned its verdict in the first patent trial held before Judge Albright: defense verdict, no finding of infringement. In the MV3 Partners v. Roku dispute, MV3 Partners...

Read More
News

Farella Braun Files Amicus Brief in Support of Humanitarian Organizations in Ninth Circuit Appeal of WhatsApp v. NSO

SAN FRANCISCO, December 23, 2020: Northern California legal powerhouse Farella Braun + Martel today submitted an amicus brief in support of civil society organizations in the NSO Group v. WhatsApp appeal pending before the...

Read More
News

Farella Braun + Martel Ranked Among “Best Law Firms” by U.S. News & World Report and Best Lawyers

SAN FRANCISCO, November 5, 2020: Farella Braun + Martel earned national and regional rankings across a number of practice areas in the U.S. News & World Report and Best Lawyers® release of the “Best...

Read More
News

Farella Braun + Martel Elevates Five to Partner

Read More
Publication

Three Steps Licensees Can Take to Protect Their IP Rights in Bankruptcy

During periods of widespread economic disruption such as the present, operating businesses must be able to identify and respond to threats to the financial health of their contracting counterparts in order to protect key...

Read More
News

3 Things To Know After Busy WDTX Patent Judge's 1st Trial

Eugene Mar spoke to Law360 about the  MV3 Partners LLC v. Roku Inc.  case in the article, " 3 Things To Know After Busy WDTX Patent Judge's 1st Trial." In the article, Eugene said he's...

Read More
Event

Cannabis IP: Using Intellectual Property to Protect Your Assets and Grow Your Business

Join Nate Garhart and Ashley Roybal-Reid in the discussion on "Cannabis IP: Using Intellectual Property to Protect Your Assets and Grow Your Business." Intellectual property (IP) is a critical issue in the cannabis industry...

Read More
Publication

How Antitrust and Unfair Competition Laws Affect Platform Providers’ Relationships With ISVs, API Developers, and Scrapers

A wide variety of business and consumer platforms host mutually beneficial ecosystems. But these ecosystems are also fraught with antitrust risk that arises when platforms try to terminate or modify the terms of third-party...

Read More