Two weeks ago, Congress passed the Defend Trade Secrets Act (DTSA), all but guaranteeing its passage into law. The legislation allows businesses—for the first time—to file claims under federal law against those who misappropriate their confidential information. Here's what that means for the future of business, and a few steps companies can take right away to prepare.
More and more, information assets are what defines a company's competitive value. Historically, businesses relied on the other forms of intellectual property protection—patent, copyright, and trademark—to safeguard their positions in the marketplace. But those protections have limits. Patents require disclosure of the invention, and the patent system is slow.
In many fast-moving markets, products become obsolete before a patent is awarded. And in the past few years, the courts have narrowed what technologies can be patented, making it much harder to get patents on software and business methods, and invalidating thousands of previously issued patents.
Partly as a result of these trends, businesses have come to rely more on confidentiality to protect the value of their innovations. And "trade secrets," as the impending law defines them, encompass a wide range of confidential business information—not just product designs and manufacturing techniques, but also strategic information like client lists and pricing strategies. In general terms, the new law protects any information that derives its value from being secret and is not known to others who might benefit from its use.
But relying on secrecy comes with serious risks—like losing your competitive advantage suddenly and unpredictably. The FBI estimates that U.S. businesses suffer more than $13 billion in trade-secret–related losses every year. That includes when information is deliberately taken, for instance through a malicious system attack, when an employee leaves for a competitor, or when a supplier obtains valuable technology under a confidentiality agreement.
But it's more often lost inadvertently, through employees who share too much with their colleagues—or even simply by logging onto unprotected networks while traveling.
The DTSA elevates the status of trade secrets, wrapping them in the protection of federal law and ensuring that businesses will have access to the legal tools necessary to sustain their competitive advantage.
Trade-secret owners who file suits under the new law will be entitled to recover damages to cover their losses, plus also prevent competitors from making use of wrongfully obtained information. In an emergency, companies can ask to have property seized to prevent trade secrets from being destroyed or taken out of the country.
What's more, businesses will soon be able to plan their trade-secret strategy under a uniform federal system. Until now, trade secrets have been regulated by a patchwork of state laws, providing variable and sometimes unpredictable protections. Information that was protected under Texas law, for example, might not be protected in Illinois. With the passage of the new law, businesses will be able to design their policies to conform to a single nationwide standard.
Unlike other forms of intellectual property protection, trade secrets don’t have to be registered with the government to enjoy full legal protection. But businesses do need to invest in making sure that they know what they have and that practical, cost-effective systems are in place to keep it secret. And if a trade secret gets out despite those efforts, owners need to be ready to take quick and decisive action.
The value of data can be lost permanently if it travels too far without restriction. The DTSA allows courts to craft injunctions that are tailored to preventing a competitor from using illicitly obtained information. But acting early can make all the difference. Cleanup, in other words, is more difficult after the spill spreads too far.
So what can businesses do to prepare?
1. Protect what you've already got. First and foremost, companies should make sure they understand what they own now, before a loss happens, and adopt robust security measures to prevent improper access to their most sensitive data.
Employees should be trained continuously about what information is confidential and how to protect it. Staff departures should be carefully managed to ensure employees don’t take secret information with them (even unwittingly), including information that may be stored on personal mobile devices.
2. Cover your vulnerabilities. At the same time, businesses should build defenses to prevent litigation against them. Young and growing companies that haven't yet developed robust employment practices are especially vulnerable to claims that they've inappropriately hired from a competitor to access confidential information.
Treating information obtained from potential collaborators with caution, under clear and documented procedures, can also help ward off lawsuits that can interfere with business operations.
3. Get clear on the global landscape. It's arguably more important now than ever that businesses pay attention to variations in legal protections across national lines. Although the European Union has also recently passed its own Trade Secret Directive to provide a minimum level of consistency, substantial variations remain among European countries.
And the situation is worse in most of the rest of the world, where practical tools for trade-secret enforcement can be uncertain or nonexistent. That's all the more reason why companies need to carefully craft their contracts and manage cross-border relationships to prevent leaks and encourage respect for the integrity of their data assets.
The new U.S. law, when it goes into effect, won't solve all those problems at once, especially not on a global scale. But it will hopefully push companies to pay closer attention to the new and evolving ways their bottom lines depend on information—and on keeping it secure.
Michael Ng leads Kobre & Kim’s San Francisco Office and is the head of the firm’s Intellectual Property practice group. James Pooley has more than 35 years of experience as a Silicon Valley trial lawyer, with deep knowledge of patents and trade secrets. He served as the deputy director general at World Intellectual Property Organization, where he was responsible for the international patent system.