Trade secrets, and the law relating to them, can seem a bit of a ‘black art’, but the basics are very simple. In summary, companies should 1) know what their trade secrets are and 2) take steps to keep them secret.
In England and Wales the protection of trade secrets has in the past been based on the common law principles of confidentiality, but that is soon to change. EU Directive 2016/943 “on the protection of undisclosed know how and business information (trade secrets) against their unlawful acquisition, use and disclosure” has prompted the government to draft new Regulations to ensure that the entire UK is fully compliant with the Directive. This briefing summarises the provisions of the Directive (which should be implemented in all European Union Member States) and gives some brief practical advice for companies with trade secrets.
The Directive provides that ‘trade secret’ means information which: (a) is secret in the sense that it is not, as a body or in the precise configuration and assembly of its components, generally known among or readily accessible to persons within the circles that normally deal with the kind of information in question; (b) has commercial value because it is secret; and (c) has been subject to reasonable steps under the circumstances, by the person lawfully in control of the information, to keep it secret.
It also defines ‘infringing goods’ as goods, the design, characteristics, functioning, production process or marketing of which significantly benefits from trade secrets unlawfully acquired, used or disclosed.
The Directive sets out acts which are prohibited in relation to trade secrets and to infringing goods. In summary, the unauthorised acquisition, use or disclosure of a trade secret will be considered unlawful. This applies not only to the original acquirer of the information, but also to any other person who later obtains the trade secret directly or indirectly and who knew (i.e. a subjective test) or ought to have known (i.e. an objective test) that the trade secret had been acquired unlawfully. Unlawful use of a trade secret includes producing, offering or placing on the market infringing goods, and importing, exporting or storing infringing goods for those purposes.
The definition is set out above. Examples of the type of information which can qualify as a trade secret if kept confidential include commercial data, technological information or product information. Commercial data include customer or supplier information, business plans and market strategies. Technological or product information includes recipes, techniques and know how. Clearly, these types of information have little value if widely known but potentially considerable value if known only to one person in the relevant market. A famous example of a trade secret is the recipe for Coca-Cola. It is hugely valuable as long as it remains secret but would be worthless if everyone knew it (unless, of course, there are further crucial secrets in exactly how to mix the ingredients to replicate the flavour). A more prosaic example is your company’s customer profile. This is valuable to your company because it gives you an informational edge over your competitors, but if your competitors have the same information then it is less valuable.
You can only control secrets that you know about. The first step of a company trade secret policy is to conduct an audit of all information believed to be secret and commercially valuable. Assemble the information and then analyse it to assess whether it is confidential to the company, and whether it has value as a result of that confidentiality. Assuming there are some trade secrets then put in place policies to protect them (see below).
Most companies continue to research, innovate and improve their processes and products and therefore are likely to continue to generate information which could potentially qualify as trade secret. Accordingly, your company’s ongoing trade secret policy should ensure that any new trade secret is recognised as such and falls within the framework set up to protect the existing trade secrets.
Not all trade secrets remain secret and commercially valuable forever, and information no longer considered trade secret need not be subject to the same protections. It is useful to review the designated trade secrets periodically so that any information which is no longer valuable (e.g. the business plan for 2010) or no longer secret (because it was either deliberately or accidentally disclosed) can be re-designated and resources diverted away from protecting it.
The key points to guide your company’s policy are 1) the fewer people know a secret, the less likely it is to be disclosed; and 2) a court will look at what effort a company has expended in protecting information as part of its assessment of whether that information qualifies as a trade secret.
Staff in different departments need to know different things: sales staff need to know about customers but not the recipe, whereas manufacturing staff need to know the recipe but not the customers. Accordingly, try to minimise the number of staff privy to specific information. Restrict access to information physically, electronically and legally to those staff who need to know it in order to discharge their duties.
For example, R&D laboratories should be accessible only to the relevant researchers, and documents detailing trade secrets should be marked as confidential and kept in a safe place (e.g. a safe).
Electronic documents should be protected by passwords and computers should be protected from hacking (we don’t pretend to be IT security experts – your IT consultants will give you best practice on this).
There are three phases to the legal aspect: when staff join, while they are employed, and when they leave.
When staff join it is important to ensure that employment contracts for relevant staff include confidentiality provisions (and possibly non-compete and non-solicitation provisions).
While they are employed it is important to educate staff about what a trade secret is (so they can identify new ones), what the company considers to be trade secret, and the consequences of the secret no longer being secret. The company should monitor compliance with the physical and electronic procedures put in place to protect the trade secrets. There is little purpose in having rules which are not observed.
When staff leave they should be given an exit interview to remind them of their obligation of confidence. In addition, they should return all company property and sign a statement confirming that they have returned all confidential information (physically and electronically).
The same basic rules apply to relations with external contractors. A company should protect its confidential information physically, electronically and legally.
In physical and electronic terms this means much the same as for internally within the company: use physical and digital means to restrict access to the information.
In legal terms this means that companies should always sign non-disclosure agreements (NDAs) before disclosing any confidential information (even if the information does not qualify as a trade secret because it has no commercial value, it might one day become commercially valuable). NDAs should be drafted in as specific terms as possible in relation to what information is disclosed and to whom it is disclosed (i.e. specific individuals), and they should be appropriate for the jurisdiction (i.e. enforceable where the receiver of the trade secret is based).
When the collaboration comes to an end it is vital to ensure that all documents (physical and electronic) containing confidential information are returned or destroyed, and ensure that the NDA continues to be enforceable in relation to information that the collaborators might remember.
The basic principles of restricting access physically and electronically apply. If the general public is permitted onto the premises then it should be only into areas where there is no risk of any confidential information being accidentally disclosed.
Remember, also, that in addition to restricting access by the general public, it is important to prevent staff accidentally releasing confidential information into the public domain. Any documents which contain confidential information should be shredded when disposed of, staff should not work on confidential documents in public spaces, and care taken with electronic access, USB sticks and suchlike.
One of the most useful remedies available in the UK to a trade secret holder is an interim injunction. This is an Order from the Court, obtainable on very short notice, that the person alleged to have stolen the trade secret may not disclose nor use the trade secret until the case has been decided at trial (which might take a year or more to be completed).
Interim injunctions may be awarded by the court as long as there is an arguable case that a trade secret has been stolen by the defendant, and that monetary compensation would not be adequate to compensate the trade secret holder. The interim injunction will remain in place until trial, at which point it will either be converted into a permanent injunction (if the judge holds that the information did qualify as a trade secret and that it was unlawfully acquired) or it will be lifted (if the judge decides that the information did not qualify as a trade secret or it was lawfully acquired). If lifted then the claimant will be liable to the defendant for damage caused to the defendant by the interim injunction.
In order to obtain an interim injunction, especially to prevent further disclosure of the trade secret, a trade secret holder will need to apply to court as quickly as possible. The process will run more smoothly if the trade secret holder is ready with important information easily accessible. For example, it will be important to produce details of the information that the putative defendant was exposed to; a copy of the relevant confidentiality contract (i.e. the employment contract or NDA); details of the policies the company has in place to keep the information secret; the likely value of the information they might have stolen; and the possible damage that the company could suffer if the information is disclosed further.
As discussed above, it is possible to obtain an injunction to prevent the defendant disclosing the trade secret to third parties, and to prevent the use of the trade secret and/or the sale of infringing products.
In addition, the Court can order the defendant to pay damages. In the UK damages are intended to be compensatory, in the case of trade secrets that means that damages are intended to put the claimant in the position it would have been had the trade secret theft not occurred. This can be calculated as the trade secret holder’s lost profit, or account of the defendant’s profits.
Yes. It is important to take care to ensure confidentiality in maintained but in principle it is possible to licence trade secrets as know-how. The licence should compel the licensee to take steps equivalent to those taken by the owner of the trade secrets to protect the confidentiality (i.e. all the points discussed above), and could include provision for the trade secret owner to be able to conduct spot checks on the licensee to ensure that those policies are being enforced. Further, the licensee should be under an obligation to report full details of any suspected breaches of confidence as swiftly as possible to the trade secret owner in order to enable prompt legal action to be taken.
Companies should know what their trade secrets are on an ongoing basis and take steps to maintain their confidentiality. Prompt action should be taken if it is suspected that a trade secret has been stolen.