preserving THe seCreCY oF Trade seCreTs in a digiTal world
Intellectual property Section
Chairs: Cole Carlson – GrayRobinson, P.A. & Ryan M. Corbett – Burr & Forman
data can end up in the
wrong hands via
insufficient policies
and training, viruses,
data thieves, breach, or
F
third-party negligence.
or some clients, the value
of their business lies in
the business’ specific
data or information,
which may or may not be properly
categorized as a trade secret.
A business’ data is a trade secret
as long as it derives independent
economic value and is not generally
known. This data, which can
include a customer list, a special
recipe, or a software algorithm, is
often the result of long hours and
may be the very thing that makes
a business profitable. But failing to
reasonably maintain the secrecy of
the data will leave your client with
no recourse if someone else uses
the data to your client’s detriment.
With technology constantly
evolving, it can be difficult to
determine what steps are necessary
to reasonably preserve the secrecy
of your client’s data and maintain
the data’s trade secret status. Even
so, you must advise your client to
be proactive in securing valuable
data with physical and digital
barriers. Failing to address privacy
and security concerns increases
the likelihood that the data will
become compromised.
Breached data can be expensive
— and sometimes impossible — to
retrieve. Your client will be dragged
through lengthy litigation to either
prove misappropriation or discover
that the secrecy of the data was
not reasonably preserved. Data
can end up in the wrong hands
because of insufficient policies
and training, viruses, data thieves,
breach, or a third-party’s negligence.
Because of the many ways data
can be accessed and exploited,
appropriate measures must be taken
to ensure that the secrecy of the
data is reasonably preserved.
To do so, you should begin by
categorizing your client’s data to
ascertain its value and determine
whether it’s worth protecting.
Next, you must locate the
information and determine any
risks associated with that location.
If the information is contained in
a notebook, physical barriers will
be key to ensuring security. If the
information is stored electronically,
both physical and digital barriers
are necessary. Physical barriers
may include placing information
in a locked surveillance room
or hiring a guard to prevent
unauthorized access. Digital
barriers can include encryption,
virus protection, or access controls.
Finally, your client must limit
individual access to the information.
Creating an Access Control List
(ACL) is a great way to accomplish
this. ACLs can be as simple as
giving someone a key to the
locked room or as complicated as
employing software designed to
create separate logins. Depending
on the method of storage, access
controls can limit a user’s ability
to read or print information. Your
client should also adequately train
those that currently have access
to the information so that they
can prevent unauthorized access.
Failing to reasonably secure
the information can lead to
misappropriation or lack of trade
secret protection, both of which
can be economically detrimental to
your client’s business. In summary,
because of the dangers associated
with failing to reasonably preserve
the secrecy of valuable data, it
is essential that the data is:
(1) categorized to determine
whether it should be secured;
(2) located and that the risks of
the location are
weighed; and
(3) reasonably
secured with
physical and
digital barriers.
Author:
Vanessa Ferguson
– Ferguson Legal
follow the hCba on facebook, twitter, linkedin and instagram.
MAR - APR 2019
|
HCBA LAWYER
43