In light of the COVID-19 outbreak, companies have changed their core business operations and instituted new practices and procedures in the blink of an eye. The changes, perhaps unknowingly, have created risks that could jeopardize the protection of valuable trade secrets.
A trade secret, as defined by the Uniform Trade Secrets Act (UTSA), is information that derives independent economic value from not being generally known or readily ascertainable by others and that is the subject of reasonable efforts under the circumstances to maintain its secrecy.
Here are five ways the pandemic and its effects could threaten trade secret protection.
1. COVID-19 Innovation
In the wake of the pandemic, many companies have deployed know-how and manufacturing capabilities in new and different ways. From automotive companies manufacturing ventilators to an outdoor goods company making face shields, the contagion drove light-speed innovation. The developments included the use of both existing and new trade secrets.
Much of the innovative activity was accelerated by the health crisis and may not have been accompanied by the typical steps to ensure trade secret protection. For example, it’s possible you disclosed trade secrets to new business partners or customers without an appropriate nondisclosure agreement in place. Alternatively, you may have developed new technology in collaboration with others without clearly defining who owns the resulting intellectual property.
Action steps. As the flurry of activity wanes, it may be prudent to inventory your COVID-19 development activities to identify any potential holes in existing trade secret protection and any steps necessary to protect your new innovations.
2. Information Security
One key component to protecting trade secrets is information security. The fundamentals include, for example, using secure servers to save and communicate sensitive company data, requiring user names and passwords to access information, implementing a shredding policy for confidential information, limiting facility access to those with approved credentials, and so on.
Once put in place, the measures are often taken for granted, operating in the background. But when COVID-19 drove an unprecedented number of companies to a virtual model, any number of the measures may no longer be functioning as intended:
- Employees are likely accessing and using trade secrets in new environments. Their home Internet may not be as secure as your company’s network, exposing sensitive information to hackers or other unwanted intrusions.
- Similar concerns exist if employees, often facing overloaded remote server access, use shortcuts such as personal e-mail accounts or texting to communicate about sensitive business matters.
- Employees are sharing office space with their housemates, which could inadvertently expose company information beyond the appropriate audience.
- Communications that used to occur face-to-face now often occur over unsecure videoconferencing platforms vulnerable to hacking.
- Similarly, “smart home” devices may be “overhearing” confidential conversations.
Action steps. As the emergency of remote working fades into a new normal in which at least some employees continue working remotely and face-to-face communication remains the exception, you should ensure your information security measures are adapted to the virtual environment.
Training employees on how to treat trade secret information is always a critical component of your protection. Strong policies and robust training are even more important now.
Action steps. As a threshold matter, you should ensure annual or other routine trainings aren’t being skipped just because of remote working. The delivery method may have to change, but trainings should not be deferred.
Moreover, you may need to update training modules, policies, and guidelines to account for remote or socially distant work environments. In addition to the usual reminders of ongoing obligations in noncompete agreements or existing company policies, you should remind employees about how to:
- Encrypt sensitive information sent electronically;
- Implement security features for videoconferencing;
- Limit access to printed or downloaded information when sharing workspace with housemates; and
- Recognize scams or phishing schemes targeting company data and devices.
Finally, revisit your HR policies and procedures to ensure a clear process for exit interviews and the collection of company devices and information, even while working remotely.
4. Employee Mobility
Nearly 40 million Americans have lost their jobs in the last several months, and millions more have been furloughed with their return to employment uncertain. In addition to the devastating immediate personal and financial consequences, this unprecedented volume of employee movement jeopardizes trade secrets.
Individuals who had (and may still have) access to your company’s most valuable trade secrets could already be using them—through employment with a competitor or use in a new business venture or, more nefariously, by selling them to a generate a quick profit.
Action steps. For employees who have already been let go, you should consider invoking employment agreement provisions or company policies to insist on the return of any trade secrets or confidential business information remaining in their possession. In addition, sending a letter reminding them of the restrictions on the use or disclosure of trade secrets could have a deterrent effect.
While monitoring where each former employee lands may not be practical (or warranted), focusing on those who had access to critical information is another prudent step. If a competitor hires a former employee who had access to key trade secrets, more vigilance and enforcement efforts will be necessary.
Finally, for future layoffs, revisit your existing agreements and policies, including provisions related to noncompetition and the nondisclosure of confidential and trade secret information, to bolster your rights with respect to any additional employee departures.
5. Potential Delays in Enforcement
Acting quickly in cases of suspected trade secret misappropriation is always critical. Data need to be preserved, often forensically, and lawyers need to be engaged to seek swift relief to prevent the theft or improper distribution and use of the information.
The pandemic makes the timing issues even more important. For example, your ability to investigate and preserve data on company devices may be compromised if employees aren’t located on site. Working quickly can help to prevent key evidence from being lost.
Courts also are moving at a slower pace. Lawyers are seeking and getting extensions. Judges and court staff are dealing with remote work, often juggling their jobs with personal responsibilities at home. Most courts are still closed to in-person hearings in light of social-distancing obligations. All of the factors will likely make it harder to get on a court’s calendar, even in “emergency” scenarios.
Action steps. Having a plan in place to identify potential misappropriation quickly and act expeditiously may help to mitigate some of the unavoidable sluggishness in the system.
As businesses scrambled to deal with COVID-19’s impacts, trade secret protection risks and solutions were probably lost in the shuffle. Acting quickly to assess potential exposure and adjust your policies, procedures, contracts, and information technology environments could have a tremendous impact on the preservation of your company’s most valuable assets.