Authors
In the world of trade secrets and confidential information, it is often the recipe for Coca-Cola that is held up as the classic example. Since its launch in 1886, the various iterations of Coca-Cola have spawned many other ‘cola’ imitators. However, many consumers are convinced by a belief in its distinctive taste, perhaps due to its highly effective ability to protect its confidential formula.
The inherent value in doing so is unquantifiable, but Coca-Cola’s considerable success in the soft drinks market over more than a century is a reward for its ability to exploit this mystery as part of an effective branding exercise.
This business strategy has worked for decades and has been emulated in many other sectors. Yet, in an age where the employment market is considerably more fluid and with the latest trend for flexible and hybrid working arrangements, it is significantly more challenging to prevent breaches and leaks of valuable proprietary information. But secrecy protection is not just something for large companies. Almost every company has its secret recipe.
Equally, there are recurrent concerns around the influx of mobile and smart devices over the last 25 years, resulting in skyrocketing potential for breaches. “I tend to say in my future life, I wouldn't become a lawyer anymore,” jokes Julia Dönch, an Intellectual Property (IP) partner at CMS Germany. “I would just travel on the high-speed train in Germany, first class, and collect all the pieces of trade secrets that are accessible via phone calls, emails and so on. I think there's still a long way to go to have a culture that really protects trade secrets.”
The impact of hybrid working arrangements
The COVID-19 pandemic has accelerated these developments, with a high proportion of the workforce now working remotely and more people seeking different challenges as part of the ‘Great Resignation’ phenomenon, the trend in which large numbers of employees are voluntarily resigning.
The pandemic resulted in an upswing of firefighting to help businesses remain up and running in a coherent way, and now they are attempting to find their way back to a new normal. This shift towards a hybrid between office and home working has frequently resulted in “perhaps not the same level of safeguards and rigour around access to confidential information,” according to Tom Scourfield, Co-Head of the CMS IP Group.
Creating secure working practices is notably more challenging outside of the office environment. The potential for leaks is substantially heightened especially as the loyalty dynamic between employer and employee has also diminished. “One of the things we saw during the pandemic was the erosion of the so-called social contract between the employee and their employer,” explains Tom Scourfield. “It is basically a reduction in the level of trust between them. So, when there's an opportunity to take information, that was more likely to arise in the last few years, particularly for those who are leaving as part of the so-called Great Resignation.”
Typically, problems are often encountered at mid-level seniority, where employees might tend to feel that they can move to a competitor organisation and share confidential information with impunity. Mid-level employees can, of course, be extremely valuable, but not understand their legal obligations in the same way as more senior colleagues. “I think that when you're talking about the Chief Scientist or the Chief Technology Officer, they are sufficiently experienced to understand that the information does not belong to them,” explains Hannah Netherton, a partner in the Employment team at CMS UK.
The recent work-from-home mandates and social distancing laws have also clearly impacted the way businesses operate, not just internally but in the way they interact with other organisations. Those that brokered new business partnerships during the COVID pandemic may have struggled to implement agreements that are as clearly understood as in previous years. A lack of understanding over confidentiality has become a real issue during this period.
This has been given additional emphasis, because of the value of data. As part of business partnerships, joint ventures and co-operations, there is the ability to share and leverage data within strict legal parameters. Yet often there is not sufficient recognition of the value of the trade secret or dataset, and how that can be safely shared with a business partner.
Raising the standards
Although clear protocols for handling confidential information might make a business feel more secure, it is regular and consistent training for all staff that typically raises necessary levels of awareness.
Businesses should be explicit about what their expectations are, for example, whether it is permissible to print documents at home or send files to a personal email address. Policies and training should be refreshed at least annually to ensure full engagement and to account for any regulatory changes.
It is important to deter employees from taking sensitive information to new employers, but also equally important to prevent new employees from using confidential information from former employers. Some might have a tendency to want to replicate their success at the new business.
Those responsible for hiring and onboarding should be aware of these risks. New hires must be educated to understand that some of the knowledge and information they have absorbed through previous employment is not theirs to share.
“There are plenty of examples of trade secrets that have come across with individuals in design, construction, engineering and various other areas, where a few people in smaller circles knew full-well what was happening, but the organisation as a whole did not. And unfortunately, the law doesn't particularly care if the legal team doesn't know about this risk,” comments Tom Scourfield.
Rogier de Vrey, Head of IP at CMS Netherlands adds: “Maybe in bigger companies there is a good culture, but there are of course different sets of people or different departments. And they don’t always talk to each other or know what the others are doing. There may be disruption and there may be leakage in between those lines.”
Hannah Netherton agrees that many businesses are anxious about the consequences of leakage: “Many of my clients are worried about inadvertently taking on another organisation’s confidential information and trade secrets. They don't want it. Often, they have taken someone on in the knowledge that they've got a great network of people or the skills and experience, but they will be rebuilding whatever it is from scratch and in a different way. If that is their strategy, they need to do so in a way that is unimpeachable.”
Julia Dönch warns of the consequences of failing to have appropriate processes and mechanisms in place: “A lawsuit as a result of the disclosure of a recipe or other trade secrets could lead to significant financial and reputational damage.”
Deterrence and positive persuasion
Explicit protocols and technology solutions that monitor and detect potential breaches can be effective. However, these can have a negative impact if the workforce feels it is under constant surveillance.
Businesses should therefore build cultural change based on the positive reinforcement of good behaviours. Rogier de Vrey says a client recently sought to develop a more constructive and progressive approach to protecting its intellectual property and trade secrets: “They are trying to empower their people by creating labs to foster new thinking and develop inventions. The aim is to make them a part of the inventive power of the company. So instead of penalising employees for doing something wrong, they try to make them proud and let them share the burden of good protection.”
It is no longer feasible to build a protective fence around an organisation when the workforce is so scattered at any one time. Frequently updated policies and training programmes, along with the latest technology solutions may help shield the business. Yet, a positive culture that rewards innovation and a collective interest in guarding trade secrets deliver much longer-term results.