Keeping a secret in the digital era: New legislation on Trade Secrets incoming

In the first of our series on the upcoming Trade Secrets Directive published here last month, my colleague James Froud warned readers that the greatest threat to tech companies' trade secrets getting out is often the very people who work for the company themselves. Whilst this "insider threat" can of course never be eradicated, he explained how the new Trade Secrets Directive from Europe means that companies operating across EU Member States should be able to better manage that risk in the future, provided they get their internal policies and employment contracts in order before the Directive comes into force.

The ease with which individuals are able to 'lift' trade secrets is no doubt a consequence of the increasing role intangible assets play in business, with digital assets that aren't 'bolted down' in the way that physical assets like machinery are very much driving the business. Intellectual property rights such as patents are often chosen as the primary legal defence mechanism but when it comes to protecting confidential and commercially sensitive information, they cannot offer the fullest degree of protection. The patent system is restricted by time limitations for example (both in terms of when the patent application has to be filed, and the duration of such protection, if granted). Furthermore, there are various types of innovation that simply cannot be patented in Europe (in particular computer programs and business methods – which may form the heart of the confidential information that you are trying to protect!).

Against this background, the creation of a harmonised level of protection for such trade secrets across EU Member States for the first time will provide significant advantages (even if they are not defined as an IP "right" in the classical sense). The use of a consistent definition of a trade secret - namely that it covers information which is a) 'secret' i.e. not generally known to people in the wider community who normally deal with that kind of information, b) it has commercial value because it is secret and c) it has been subject to reasonable steps to keep it secret by those who lawfully hold the information – is key to this.

Given that the definition is pretty broad, many new products, algorithms, and technical and commercial information held within technology firms could fall under its scope. Accordingly, the benefits of a harmonised approach to the protection of such information across Europe's Member States will mean that companies should be able to exploit new product lines and increase leverage from existing products once the Directive is fully implemented in two years' time.

Additionally, the new trade secret "right" may be utilised in conjunction with existing IP rights (in particular patents and copyright) to create a stronger portfolio of IP protection for tech assets. However, to be able to take advantage of these developments, companies must ensure that they satisfy the two core elements of the 'trade secret' definition – that any relevant information stays secret and is subject to reasonable steps to keep it 'secret' throughout the supply chain.

So, in addition to getting your employment contracts, policies and procedures in order, tech companies would be well advised to take a look at how their confidential information is dealt with elsewhere (both within, and outside the organisation). These will include the measures in place to protect processes, manuals, software and CRM data at all levels, and of course the contractual provisions with any third parties to whom such information is provided.

Getting the right levels of protection in place sooner rather than later will help to ensure that you can make the most of the new regime.

Robert Williams, an Intellectual Property partner at international law firm Bird & Bird

Image Credit: Shutterstock/Maksim Kabakou