Keep your secrets safe from thieves
Shortly before an engineer resigned from US chip design company Cadence Design Systems, the information technology department noticed that large packets of data had been transmitted out of the company’s computer system. Investigations revealed that much of Cadence’s proprietary software code was stored on the engineer’s home computer. Here the copyright notices were being stripped off and the code illegally incorporated into products sold by Avant!, a competing software company founded by four other former Cadence employees.
Trade-secret theft like this is causing increasing concern in boardrooms. While most incidents go unreported or even unnoticed, many believe it is a significant drain on corporate profits. The American society for Industrial Security estimates that over a 17-month period during 1997-98 the loss of trade secrets and other proprietary information cost US businesses alone nearly $45bn.
A trade secret can be any formula, pattern, device, technique, program, process or method capable of providing the owner with a competitive advantage that has not been publicly revealed. Examples include the recipe for Coco-Cola and the source code of Microsoft Windows. If a company suspects that one of its secrets is under threat, it can apply for an injunction to stop, say, an employee from disclosing it, or anyone to whom the secret has already been disclosed from using it. The company can also seek damages for losses incurred. A successful court action requires the company to demonstrate that the information was truly secret and that its disclosure would result in loss. The extent of the loss must be quantified.
Moreover, courts are unsympathetic if a company has failed to take adequate measures to protect its secrets. Since many trade secrets are disclosed accidentally, rather than stolen, this can be an important point. Brian Coggio, a partner at New York law firm Pennie & Edmonds, says: “Many employers, even sophisticated companies, fail to identify trade secrets and take proper precautions to protect them. Indeed, many employees leave the company without realising what secret information they possess.” As a result, companies should ensure that staff always know when they are handling restricted information.
Confidential documents should be marked as such and sensitive data made available on a need-to-know basis. Companies should also take measures to protect their electronic integrity. “For example, marketing departments may post information on the web about products still under development,” says Mr Coggio. “Or hackers may gain access through a computer to information that would otherwise be strictly protected.” The law assumes employees to have an implied duty of trust and confidence to their employer. This prevents them from removing or disclosing, without authority, any proprietary information belonging to their employer, such as client lists and pricing information.
Since many employees may not realise their obligation, companies are also advised to spell it out in employee terms and conditions. For employees regularly handling sensitive information it is prudent to include “gardening leave” provisions in the employment contract. This enables the employer to insist that any notice period is spent on paid leave, isolating the employee from confidential information before departure. But what happens when an employee leaves the company?
Since the implied duty of confidence ends when employment ends, employers may want to consider including an express provision prohibiting the disclosure of confidential information after the employee has left. Establishing the line between confidential information belonging to the employer and the acquired know-how of an employee, however, can be problematic. “the courts have great difficult in drawing that distinction and there is no clear test that enables you to do it,” says Paul Goulding QC, of Blackstone Chambers in London.
Any dispute, therefore, will be argued on the facts of the case. Such matters can be particularly problematic where employees have left to establish a rival business or have been recruited by a competitor. There has, for example, been a spate of legal cases in the US recently where companies have sought to prevent former employees moving to competitors.
In October Amazon.com tried to stop Christopher Zyda, its former chief financial officer, from joining rival eBay. Amazon argued that Mr Zyda would “inevitably disclose” the company’s trade secrets, since he was “uniquely and intimately familiar with Amazon’s most confidential financial data, financial plans, cost and pricing information both for vendors and customers and the company’s short- and long-term business strategies”. Amazon won a temporary injunction to stop Mr Zyda joining eBay but the case was subsequently thrown out by a federal court.
The concept of inevitable disclosure is less familiar to UK courts. But companies may be able to prevent an employee joining a competitor for a limited period of time, so long as the employee’s contract includes a restrictive covenant to that effect. Given the value attached to trade secrets, many jurisdictions have also introduced criminal sanctions for trade secret misuse.
In many European countries, including France and Germany, it is a criminal offence to disclose trade secrets without permission. In the US, the 1996 Economic Espionage Act has led to numerous prosecutions and hundreds of investigations for trade secret misuse. In 1997 the UK Law Commission published a consultation paper provisionally proposing that a criminal offence for using or disclosing a trade secret without authority should also be introduced in the UK. The commission pointed out that, since trade secrets do not constitute “property” for the purposes of the Theft Act 1968, they cannot be stolen under UK criminal law.
So while anyone stealing trade secrets written on paper, or stored on a floppy disc, may be charged with the theft of the storage medium, they cannot be charged for stealing the secret itself. Clearly this does not reflect the true value of what was stolen. Although the report has been shelved, pending the outcome of a more general report on fraud, few doubt that a criminal offence will be introduced in the UK too.
Smith McKeithen, general counsel at Cadence, has no doubts about the efficacy of criminal sanctions. Last year the Santa Clara County Superior court ordered Avant! To pay more than $195m in criminal fines and financial restitution to Cadence. “Additionally,” says Mr McKeithen, “a number of the individuals involved were given prison sentences and one is now serving two years in the notorious San Quentin prison.”
Financial Times: 07.01.2002