Safeguarding trade secrets

The five key types of protective measures

Protective measures at the top of the C-suite agenda

Which of the following practices would be most effective in preventing any of the potential threats to trade secrets? (% of responses)

Enhancing cybersecurity efforts

More than four in five respondents identify cybersecurity as a vital component of their companies’ successful trade secret protection strategy. Cybersecurity is regarded as particularly important by executives in industries where the costs of a data breach are high, including the finance, energy and natural resources, manufacturing, and technology, media and telecommunications sectors. 1
https://www.ibm.com/security/digital-assets/cost-data-breach-report/#/

Survey respondents rank basic cybersecurity measures such as digital watermarks and encryption of confidential materials as among the most effective measures firms can take to protect trade secrets, with one in five respondents ranking these as the most important measures overall. 2
https://akki-greatlearning.medium.com/advanced-cyber-security-innovations-and-updates-for-2020-65b8d48fc256 Other cyber risk mitigation efforts to consider include providing sufficient training for all employees on cybersecurity best practices, planning incident-response scenarios and regularly revisiting the company’s overall cybersecurity strategy. Such measures are expected to remain at the top of executives’ agendas. Indeed, one-fifth of all surveyed respondents’ companies plan to roll out these measures over the next two years.

Employee regulation

Importance of staff off-boarding measures

Our survey finds that firms have, on the whole, already implemented key cybersecurity measures to shore up their trade secrets against threats from external actors. Looking ahead, however, firms are increasingly turning to measures to prevent threats from within. With employees posing a growing threat as a source of trade secret disclosure, company executives are increasingly focused on preventing threats from disgruntled or departing employees. 4
https://blog.lighthouseglobal.com/prevent-ip-theft-during-a-covid-rif-dont-let-your-trade-secrets-depart-with-employees;

A third of the surveyed executives report plans to implement surveillance of employees’ communications and electronic activity. Willingness to snoop is highest in China, Singapore and the United States. Respondents in Europe are less likely to report such plans due to the complexities of balancing surveillance with the requirements of restrictive data protection regulations. Employee surveillance is a top priority for executives in the technology, media and telecommunications sector, where 36% of respondents plan to implement surveillance over the next two years, reflecting growing tensions between employers and employees in the technology sector in recent years.

Employees in the spotlight

Four of the top five measures that companies are planning to implement over the next two years focus on minimising employee leaks

Bolstering contracts and business procedures

A notable line of defence for businesses with trade secrets is strengthening policies and procedures to maintain confidentiality. 7
https://www.lexology.com/library/detail.aspx?g=0330e373-3f7e-4b38-9f63-d472baaf27b1   This is the second most effective countermeasure, according to 46% of survey respondents. Useful agreements range from non-disclosure agreements, work-for-hire, non-competition and non-solicitation obligations. However, while respondents recognise the effectiveness of these measures, over half also agree that their organisations’ contractual protections to safeguard intangible assets are currently insufficient to protect their business, suggesting that more still needs to be done in this space.

“These confidentiality contracts are pretty standard, but where you see failure to do this is with smaller start-ups, especially at a very early stage,” says Professor Matt Marx from Cornell University. This is evident in our survey findings, which reveal an almost 30% gap between small companies’ and more established companies’ implementation of confidentiality agreements and policies. 8 Small companies are defined as those with annual revenue below $500m or less; larger companies are defined as those with annual revenue greater than $500m  A common example is the case against Facebook by Tyler and Cameron Winklevoss, who argued that Facebook founder Mark Zuckerberg stole the idea of the social networking platform from them. Their argument fell short because they were unable to prove that they had taken reasonable steps to maintain confidentiality and ultimately could not prove that theft had occurred.

Restricting access to confidential information

A more obvious proactive strategy for safeguarding intangible assets is limiting access to confidential information. However, only 55% of the surveyed executives report that their firms currently employ this strategy. The more people who have access to confidential information, the higher the threat of theft. Despite this, 13% of executives' companies do not plan to implement such measures. Companies that are thinking about this are increasingly restricting physical and digital access to important documents, limiting access to “need-to-know” personnel or even destroying old information that is no longer needed. 9
https://www.hoover.org/sites/default/files/corporatecybersecurityrealism.pdf  If companies cannot limit access, they need to clearly communicate the importance of keeping certain information confidential through regular reminders, training and clear labelling of confidential material.

Integrating trade secrets into company culture

Over ten years ago it was common for trade secret protection to be a matter for firms’ legal teams, with the rest of the business kept out of the loop. This approach is evolving. 10
https://www.forbes.com/2010/02/19/protecting-trade-secrets-leadership-managing-halligan-haas.html?sh=522fbce81372; https://www.ipwatchdog. com/2020/01/03/four-things-c-suite-executives-need-to-know-about-patents/id=117516/  A third of the surveyed executives cite the introduction of a company-wide trade secret culture as one of the most effective measures to ensure trade secret protection. As part of this corporate culture, survey respondents (33%) are turning to employee incentives to push forward trade secret protection. This may include trade secret – specific measures, such as implementing a reward scheme for employees who identify new trade secrets or who raise concerns about gaps in security. It may also extend to broader measures designed to boost employee satisfaction, have a healthy “speak up, listen up” culture and minimise the incidence of disgruntled employees. 11
https://www.lexology.com/library/detail.aspx?g=0330e373-3f7e-4b38-9f63-d472baaf27b1; https://www.workforce.com/uk/news/hr-takes-steps-toprotect- trade-secrets

Each approach has a significant impact on safeguarding trade secrets but there are clear links between them. Companies that are looking to maximise legal protection in trade secret theft cases need to be able to prove that they have taken reasonable steps to protect their trade secrets, which will involve implementing a diverse combination of relevant elements of each approach to maximise resilience. 12
https://www.uschamber.com/co/start/startup/how-to-define-and-protect-trade-secrets  This will allow companies to cover any potential threat vectors – from the digital to the physical – while building proof that reasonable protective steps are being taken.