A
crucial component of any startups intellectual portfolio is the strategy
surrounding the protection of trade secrets. Globalization and a
increasing public concern has led the federal government to develop a
comprehensive strategy to protect against trade secret theft. What is clear
from the report, Administration Strategy on Mitigating the Theft
of U.S. Trade Secrets however, is that while public policies aimed at protecting the nation’s
economy through protection of trade secrets are part of the equation, an
equal—and arguably more vital—component of that protection comes from the
private sector. The report contains examples of thefts of trade secrets which
are instructive.
The
report laid out five “Strategy Action Items” for protecting U.S. trade secrets.
One of these items focused on the promotion of voluntary best practices by
private industry.( See Report section 5 ) The report reflects that while
the public sector is taking action to increase the security of U.S. trade
secrets, responsibility falls primarily upon the private sector. Numerous
factors—including the globalization of our economy and the trend towards employees
working remotely—will contribute to an increasingly high risk of trade secret
misappropriation. Self examination of the value of your IP portfolio and
specifically trade secrets will be invaluable to any start up.
The
report emphasizes the importance that “companies need to consider whether their
approaches to protecting trade secrets keeps pace with technology and the
evolving techniques to acquire trade secrets enabled by technology.” This means
it is important to regularly audit information/data security policies to ensure
they provide adequate protection. For example, does a business have a policy of
allowing employees to access email and company files from their personal
smartphones and laptops (known as “Bring Your Own Device” or BYOD policies)? If
so, it is critically important to regularly evaluate the
topics that are addressed in such policies to make sure they are in line with
the state of technology. For instance, a BYOD policy in 2008 would likely not
have addressed cloud networks, but by 2010, cloud networks should have been a
central concern, given that they cause a wider distribution of data onto
devices not completely controlled by the company. No longer does a would-be
thief need to break into the company vault to steal the secret formula.
Instead, if that formula was contained on a company-controlled server, but then
accessed remotely and stored onto an outside cloud network, the thief would
simply need to access the cloud—a significantly less-protected storage space.
This example illustrates why it is important to ensure that policies reflect
the current state of technology, since trade secret thieves are generally more
tech-savvy than an average business.
The
report also recognized that industry best-practices should encompass a holistic
approach to protect trade secrets via a wide array of vulnerabilities. Not only
is it important to stay current on technology, but companies must also not
forget about the basics. Protecting trade secrets requires a broad approach
with numerous focal points. The report identified a number of “best practice
target areas,” and three in particular are worth mentioning. The first is
“R&D compartmentalization,” which concentrates on the compartmentalization
of processes, components and personnel. By compartmentalization, a security
breach of one sector will leave the others unaffected, and helps to prevent a
total breach. Secondly, the company should continue to focus on physical
security policies. While it may seem a bit antiquated, the old-school practices
of hiring security guards, installing security systems and setting up
surveillance cameras still remain an effective and necessary component of a
comprehensive protection strategy. Lastly, HR policies should also be utilized
to provide enhanced protection. Running permissible background screens on
employees—particularly those with access to trade secrets—is critical, as are
robust confidentiality, non-disclosure and non-solicitation agreements.
Moreover, while there is a general presumption against non-compete agreements,
they are typically permissible when drafted narrowly to focus on protection of
trade secrets.
Of
course, no single strategy will be sufficient by itself. Rather, the
combination of these various approaches is critical to ensuring a comprehensive
strategy of trade secret protection. Businesses that have not recently
conducted a thorough evaluation of their comprehensive strategy should strongly
consider doing so to protect their proprietary information.
Len Goldstein, Denver Business Attorney at Law
No comments:
Post a Comment