shutterstock_214450246An ex-employee’s former employer sued him for alleged violations of the Kansas Uniform Trade Secrets Act (KUTSA) and the federal Computer Fraud and Abuse Act (CFAA).  The first claim was based on the company’s hunch that he had misappropriated trade secrets and thereby breached his non-disclosure agreement.  Two forensic experts were paid $38,000 to examine the computers and flash drives he had used, looking for evidence that he had used or disclosed confidential information.  The second claim centered on his admission that, shortly before resigning from the company, he had read a top-secret file which was, but should not have been, accessible to employees.  He moved for summary judgment on both claims.  The court granted the motion, holding that (a) payments to the experts did not satisfy the KUTSA requirement of showing an “actual loss caused by misappropriation” (K.S.A. 60-3322(a)), and (b) he was authorized to access the company’s shared files and, therefore, he did not violate the CFAA. Tank Connection, LLC v. Haight, No. 6:13-cv-01392-JTM (D. Kan., Feb. 5, 2016) (Marten, C.J.).

Summary of the case.  Haight was International Sales Manager of Tank Connection, a  manufacturer of large storage tanks.  He signed a confidentiality agreement (but not a non-compete).   With the company’s consent, he downloaded confidential information onto the laptop and flash drives provided to him by the company.  However, he also downloaded company data onto his own flash drives.  Further, he reviewed — but did not copy — the company’s president’s confidential computer file.  Following his resignation, he returned the company’s laptop and what he asserted were all of its flash drives.  Further, he insisted that he had neither disclosed the company’s secrets to his new employer nor used the information, and that he had deleted all of Tank Connection’s data from his personal flash drives.  Concluding that Tank Connection had produced no evidence contrary to his disavowal of trade secret misappropriation, and that reading the shared file was not a violation of the CFAA, the court entered judgment for Haight.

Why the claim of trade secret misappropriation failed.

Tank Connection’s expert witnesses determined that, shortly before Haight’s resignation, he accessed the company’s server and transferred to the company’s laptop and flash drives, and to his own flash drives, a lot of confidential information.  The company contended that “harvesting” of that data circumstantially supported the claim that he had used proprietary information improperly and/or had disclosed it to his new employer.  However, Chief Judge Marten ruled that without any hard evidence of wrongdoing, and in the face of Haight’s unqualified denial of culpability, Tank Connection’s speculation of improper conduct was insufficient to create KUTSA liability.

Tank Connection alleged that its damages from Haight’s “misappropriation” aggregated $1,238,000: $1.2 million that the company had expended for creating, developing and updating the computer programs, plus $38,000 it had paid to the experts.  Chief Judge Marten rejected the $1.2 million claim because the company did not show any loss of data, damage to its computers or programs, unfair competition, or unjust enrichment.  Further, the statutory alternative of assessing “a reasonable royalty” was inapplicable due to the absence of proof that Haight disclosed or used confidential information.

Finally, the court held that payments to computer forensic experts retained by Tank Connection to investigate an alleged but unproved theft of trade secrets were not an “actual loss caused by misappropriation.”  The judge said that the question has not been decided by Kansas judges, and that Connecticut Appellate and Virginia Supreme Court rulings are in diametric opposition to each other.  Concluding that the payments were “not within the traditional realm of tort damages,” and that they were incurred merely in an attempt to ascertain if there had been a theft, the court held that they were not compensable losses under KUTSA.

Why the claim of a CFAA violation failed. 

A few days before Haight resigned, a co-worker brought to his attention a computerized folder containing highly sensitive information intended solely for the eyes of the company president and one administrator.  The company was unaware that incorrect security settings for the folder enabled employees such as Haight to access it.  He admitted that he had looked at it, which constituted a CFAA violation according to Tank Connection, but he insisted that he and other employees regularly viewed shared files in the course of their work and that he did not copy, disclose or use the folder’s contents.

Chief Judge Marten observed that the president’s folder was in a shared file, and there was no evidence that Tank Connection told its employees not to open the folder.  He said that, therefore, Haight clearly did not violate the statutory prohibition against accessing a computer “without authorization.”  The difficult question under the CFAA was whether Haight exceeded his authorized computer access.  The judge found persuasive U.S. v. Valle, 807 F.3d 508 (2nd Cir. 2015), which held that an employee’s authority to access a computer file is dispositive in determining that the CFAA has not been violated, regardless of the use to or purpose for which the file is accessed.  Thus, summary judgment was granted on the CFAA claim as well.

Takeaways.  Haight prevailed on the trade secrets misappropriation claim largely because he was authorized to use Tank Connection’s confidential data in the course of his employment, and the company had no evidence that he disclosed or used the data other than for company business.  In the absence of a smoking gun or an eye witness to wrongdoing (Tank Connection had neither), employers often have difficulty disproving an ex-employee’s denial of culpability.  Perhaps Tank Connection might have strengthened its case if it had examined Haight’s personal flash drives before he deleted all of the information on them.

The ruling declining reimbursement of Tank Connection’s expenses for computer forensic experts seems to have been driven by the company’s inability to prove that any misappropriation occurred.  A number of courts have held that amounts paid to such experts, for tasks associated with a pretrial investigation launched because of suspected trade secret theft, are recoverable damages.  However, in those cases typically, the experts concluded that the company’s suspicion was well-founded.  Tank Connection is unusual because reimbursement was sought in the face of a failure to prove any impropriety.  Under these circumstances, the expenses did not qualify as an “actual loss caused by misappropriation.”

Chief Judge Marten’s ruling regarding the scope of the CFAA is another in the litany of disputes pitting a narrow statutory interpretation against a broader one.  Compare such decisions as Valle cited by the court (holding that the Act only prohibits computer hacking by an outsider), with, e.g., Epic Systems Corp. v. Tata Consultancy Services Ltd., No. 14-cv-748 (W.D. Wis., Nov. 18, 2015) (opining that the CFAA also criminalizes “insider hacking,” that is, unauthorized use of data by someone authorized to access the computer).  The conflict in these decisions probably can only be resolved by Congress or the U.S. Supreme Court.

shutterstock_128025575Robert B. Milligan, partner of Seyfarth’s Litigation department and co-chair of the firm’s Trade Secrets, Computer Fraud & Non-Competes practice group, is a moderator on an upcoming webinar presented by The American Bar Association’s IP Law section. The webinar, titled “Trade Secret Protection Best Practices: Hiring Competitors’ Employees and Protecting the Company When Competitors Hire Yours”, will take place on March 15, 2016 from 1:00 – 2:30 pm ET.In today’s highly mobile and competitive world, employees frequently move between companies within the same industry. Rarely a day goes by without a news report of another high-profile theft of important data from a company, or the loss of key employees to competitors. Employee mobility, coupled with the digitalization of company assets, has increased the need for creative and thoughtful protections of valuable company data. It has become extremely easy for employees, especially disgruntled or irresponsible ones, to take and disseminate confidential information to the detriment of their current and former employers. The need to protect company trade secrets and other confidential data against departing employees and to follow best practices when hiring a competitor’s employees has never been greater.

The esteemed panel will present a lively discussion that focuses on:

  • Best practices when hiring new employees
  • Proper employee onboarding – a cradle to grave approach
  • Employing effective non-disclosure and invention assignment agreements and computer access and bring your own device policies
  • Best practices for protecting your company when employees depart
  • Proper exit interview techniques and certifications
  • Reducing risk of disclosure of trade secrets in social media and via online repositories and other electronic means
  • Identifying the unauthorized taking/disclosure of trade secrets through the use of digital forensics
  • Discussion of recent cases/legislation
  • The current circuit split on the Computer Fraud and Abuse Act
  • Trade secret preemption
  • Forum selection/choice of law clauses

Mr. Milligan will be joined by John Francis Marsh (Hahn Loeser & Parks LLP), Pamela S. Passman (President and CEO at CREATe.org) and Russell Beck (Partner at Beck Reed Riden LLP) . The panelists specialize in trade secret litigation and counseling.

For more information and registration, please click here.

*This program offers 1.50 hours participatory MCLE credit.

shutterstock_261389492Ever since Iqbal and Twombly, it has become imperative that a complaint filed in federal court contains “sufficient factual matter, accepted as true, to ‘state a claim to relief that is plausible on its face.’”  Ashcroft v. Iqbal, 556 U.S. 662, 678 (2009) (quoting Bell Atl. Corp. v. Twombly, 550 U.S. 554, 570 (2007)).  The Eastern District of Michigan recently reiterated this point in the context of an alleged violation of the Computer Fraud and Abuse Act (“CFAA”), 18 U.S.C. § 1030.  As detailed below, failure to include the requisite factual allegations can and will result in the dismissal of potential CFAA claims.

SUMMARY

In Fabreeka International Holdings, Inc. v. Robert Haley and Armadillo Noise & Vibration LLC, 2015 U.S. Dist. LEXIS 154869 (E.D. MI, Nov. 17, 2015), Fabreeka Intl. Holdings filed suit against its former employee, Robert Haley, and his new employer, alleging that Haley unlawfully accessed its computers to obtain confidential information in violation of the CFAA.  Specifically, Fabreeka alleged that: (1) during the period of his employment, Haley accessed confidential business information stored on Fabreeka’s servers; (2) Haley did not return all of Fabreeka’s confidential information at the time of his resignation; and (3) Haley authored or assisted in authoring proposals for his new employer using Fabreeka’s confidential information for the purpose of undercutting Fabreeka’s prices.

Fabreeka contended that its allegations establish violations under three sections of the CFAA: 18 U.S.C. §§ 1030(a)(2)(C), 1030(a)(4), 1030(a)(5)(B) and (C).

  • Subsection (a)(2) prohibits (1) intentionally accessing a computer (2) without authorization or exceeding authorized access and (3) thereby obtaining information (4) from any protected computer (if the conduct involved an interstate or foreign communication) where (5) there was loss to one or more persons during any one-year period aggregating at least $5,000 in value.
  • Subsection (a)(4) prohibits (1) accessing a “protected computer” (2) without authorization or exceeding such authorization that was granted, (3) “knowingly” and with “intent to defraud,” and thereby (4) furthering the intended fraud and obtaining anything of value, causing (5) a loss to one or more persons during any one-year period aggregating at least $5,000 in value.
  • Subsection (a)(5)(B) prohibits (1) intentionally accessing (2) a protected computer (3) without authorization, and (4) as a result of such conduct, recklessly causes damage. 18 U.S.C. § 1030(a)(5)(B).
  • Subsection (a)(5)(C) prohibits (1) intentionally accessing (2) a protected computer (3) without authorization, and (4) as a result of such conduct, causing damage and loss. 18 U.S.C. § 1030(a)(5)(C).

The District Court dismissed each of these CFAA claims for the following reasons:

  1. There was no dispute that Haley was authorized to access information on the Fabreeka’s servers, including sales and manufacturing data, during his employment at Fabreeka. Since the facts pled established Haley had authorization, the Court held that Fabreeka’s claims subsections (a)(5)(B) and (a)(5)(C), requiring the access be “without authorization,” should be dismissed. This left Fabreeka’s remaining CFAA claims, which the Court said could proceed so long as Fabreeka pled facts that establish Haley exceeded his authorized access.
  2. Fabreeka’s Complaint asserted that Haley misappropriated confidential information based solely on the similarity of proposals submitted by Fabreeka and his new employer. Based off those proposals, Fabreeka offered unsupported conclusions that Haley stole confidential files and assisted in authoring the competitor’s proposal. The Court held that because “[a] pleading must include factual allegations that exceed mere speculation, see Twombly, 550 U.S. at 555, and Fabreeka’s CFAA allegations fail to meet this standard.”

In addition, the Court noted that a complaint must state sufficient facts to “raise a reasonable expectation that discovery will reveal evidence” of a claim’s required elements.  Although Fabreeka’s Complaint alleged that Haley and his new employer’s owner communicated on Fabreeka’s computer during Haley’s employment, the Court found that the mere fact that the two discussed Haley joining Armadillo does not support a plausible inference that the two colluded to misappropriate confidential information. Thus, the Court held that it did “ not feel” that Fabreeka’s Complaint “pled sufficient facts to raise a reasonable expectation that further evidence of a CFAA violation will be revealed in discovery.”

  1. Fabreeka’s Complaint implied that the company considers all non-public information confidential. Defendants, on the other hand, claimed that Fabreeka’s proposals cannot be considered confidential because they are transmitted to third parties without any steps to protect the proposals or the information they contain.  The Court noted that the Sixth Circuit previously stated, in the context of trade secrets, that if a company did not take reasonable steps to maintain the confidentiality of alleged trade secrets, a misappropriation claim properly fails. See BDT Products, Inc. v. Lexmark Int’l, Inc., 124 F. App’x 329, 333 (6th Cir. 2005).  Accordingly, the Court held that insofar as Fabreeka’s allegations address confidential material taken, the company’s proposals submitted to customers may not be properly considered secret or confidential.
  2. Finally, the Court held that Fabreeka’s Complaint did not allege that the “damage and loss” allegedly suffered arose from the cost of responding to or from investigation into Haley’s alleged violation. Instead, the Complaint merely recited the elements of the CFAA and asserted there had been “damage and loss.”  The Court held this was insufficient.

TAKE-AWAY

When asserting claims under the CFAA, it is critical to not only review and pled the necessary elements that form the claims, but to also include the sufficient factual allegations to support those claims.  The Fabreeka decision highlights how more and more courts are cracking down on insufficient pleading, particularly in the context of CFAA suits.  As a plaintiff, do not fall victim to poor or lazy drafting and, as a defendant, carefully review a complaint’s factual allegations with an eye towards a possible motion to dismiss.

shutterstock_149599301We are pleased to announce the webinar “2015 National Year in Review: What You Need to Know About the Recent Cases/Developments in Trade Secrets, Non-Compete and Computer Fraud Law” is now available as a podcast and webinar recording.

In Seyfarth’s first installment of its 2016 Trade Secrets Webinar series, attorneys Robert Milligan, Jesse Coleman and Joshua Salinas reviewed noteworthy cases and other legal developments from across the nation this past year in the areas of trade secrets , non-competes and other restrictive covenants, computer fraud and data theft, as well as provided their predictions for what to watch for in 2016.

As a conclusion to this well-received webinar, we compiled a list of  brief summaries of the more significant cases that were discussed during the webinar:

  • Data breach is a question of when and not if. Companies should ensure they have implemented sufficient information security policies and a data breach response plan. There are limitations in the law and challenges in international misappropriation cases. The best strategy is to try to prevent breach and misappropriation through effective policies, procedures, and agreements, employee training, technology solutions, and continual assessment and improvement.
  • Courts continue to struggle with issues regarding adequacy of consideration for restrictive covenants. Employers who have asked existing employees to sign non-competes or are considering doing the same should evaluate whether consideration should be provided for the non-compete to ensure enforcement under applicable law. Employers should also take into account recent legislative changes in non-compete law in Oregon, New Mexico, Hawaii and Alabama.
  • While the federak circuit court split continues to widen regarding the interpretation of unauthorized access under the Computer Fraud and Abuse Act, the recent decision in U.S. v. Christensen (9th Cir. 2015) may provide employers with a civil cause of action under Penal Code Section 502 in California against employees who misuse company data without permission.

Join us Thursday, February 25 at 12:00 p.m. Central. for our next webinar, “Data Security and Trade Secret Protection for Lawyers.” To register, click here.

shutterstock_275586623By Karla Grossenbacher

Over the past several years, technology has dramatically increased employee accountability in the workplace.  For example, in an office environment, employees are expected to respond to emails immediately because they are either sitting in front of their computers or carrying a mobile device on which they can access their email.  As for employees who work outside the office, the availability of employer-issued phones and, alternatively, the proliferation of BYOD policies, has resulted in off-site employees being generally just a phone call away.  In specific industries in which employees drive motor vehicles while conducting business for the employer, yet another method of accountability exists: Global Positioning Systems (GPS).

For businesses that provide transportation or delivery services, it is not surprising to find that such employers have installed GPS devices in the vehicles used by their employees.  The use of such devices can benefit both the employer and the employee in situations in which delivery status needs to be checked or a vehicle breaks down.  In all likelihood, the employee in these situations is aware that a GPS device has been installed on the company vehicle he or she is driving and that the employee’s movements are being tracked while on duty.  Privacy issues tend to arise, however, when employers use GPS data in connection with investigating  alleged misconduct in the workplace.

There cases in which courts have addressed the legal parameters of an employer’s use of GPS devices to track workers in order to investigate potential misconduct are few but nonetheless instructive.

In Elgin v. Coca-Cola Bottling Co. (E.D.Mo. 2005), the employer attached a GPS device to a company-owned vehicle used by the employee to service vending machines after a cash shortage was reported on a number of machines.  Although the employee was cleared of any wrongdoing in the investigation, when he found out that a GPS device had been installed on the company vehicle he drove during the investigation, he filed a claim for intrusion upon seclusion under state law.  The court rejected this claim, noting that the vehicle was owned by the employer and the only information potentially revealed by the alleged “intrusion” was the whereabouts of the company vehicle.  In another case, Tubbs v. Wynne Transport (S.D. Texas 2007), the court dismissed an invasion of privacy claim against an employer who had used information gathered by a GPS device that had been installed as a matter of course on a company-owned vehicle driven by the employee to perform his duties as a truck driver.  The court did not, however, provide any substantive analysis regarding its decision to dismiss the claim.

Elgin and Tubbs both involved employers attaching GPS devices to company-owned vehicles.  The balance between the employer’s interest in rooting out misconduct and the employee’s individual privacy rights shifts, however, when an employee’s personal vehicle is at issue — even if it is used for work purposes.  In Cunningham v. New York Department of Labor (NY Ct. App. 2013), a state employee was under investigation for falsifying time records and voucher information related to work travel and had used his personal vehicle during work hours in connection with some of the suspected misconduct.  As part of its investigation into the alleged misconduct, the employer had a GPS device installed on the employee’s personal vehicle to gather information about his movements during periods in which he was suspected of misconduct.  The employee was ultimately discharged and filed suit to exclude the GPS data from evidence at his disciplinary hearing based on federal and state constitutional grounds.

The New York Court of Appeals held that installation of the GPS device on the employee’s personal vehicle was an unreasonable search under constitutional law principles.  Although the Court held the search was reasonable at its inception because the employer had a reasonable suspicion that the employee was engaging in workplace misconduct, the search was unreasonable in its scope because it had not been designed to obtain only the information the employer needed to determine if workplace misconduct had occurred.  Rather, the employer had monitored the employee’s personal vehicle 24/7, as opposed to only during working hours, and made no attempt to remove the device prior to the employee’s scheduled vacation.  The Court concluded that “[w]here an employer conducts a GPS search without making a reasonable effort to avoid tracking an employee outside of business hours, the search as a whole must be considered unreasonable.”

However, the extent to which a personal vehicle is used for work purposes can alter the analysis.  In two cases involving the revocation of a New York City taxi cab driver’s license for over-charging passengers, two New York city state courts held that taxi drivers had no legitimate expectation of privacy in GPS data gathered from the Taxi Technology System (TTS) installed on the cabs.  The court also held that, even if the drivers had a legitimate expectation of privacy in the data, the city had a legitimate interest in determining whether or not the driver was overcharging passengers and had narrowly tailored its search to obtain information from the TTS only during the driver’s work hours.  In these two cases, even though the cabs were personally owned by the drivers, the court found that the cab drivers had limited privacy rights with respect to the vehicles because they were open to public use and subject to regulation by the state.  The regulatory authority required that all city cabs have the TTS equipment installed and drivers were required to use the system to transmit information regarding location, trip and fare information to the regulatory authority.

The takeaway from these cases is that, although an employer appears to be on solid ground attaching a GPS device to a company-owned vehicle and using data gathered by the device in an investigation of workplace misconduct, especially where the employee is aware the device is on the vehicle and the information is only being gathered while the employee is on duty, caution should be taken in attaching a GPS device to a personal vehicle used by the employee for work purposes.  Employers also need to be mindful of complying with state laws regarding electronic surveillance.  California, Connecticut, Delaware and Texas all have laws requiring either notice or consent prior to placing a GPS on another person’s motor vehicle.

As the foothold of technology sinks deeper into the terrain of the workplace, the privacy issues confronted by employers will only grow in complexity.  However, courts have been reticent about making broad pronouncements about the intersection of law and technology in the workplace.  As the Supreme Court stated in United States v. Kwon, a case involving a state employer’s review of an employee’s text messages on a state-issued pager, “[t]he judiciary risks error by elaborating too fully on the Fourth Amendment implications of emerging technology before its role society has become clear.”  This restraint, while understandable, can leave employers with unanswered questions about how to balance the competing interests of legitimate business needs and individual privacy concerns in the workplace, particularly where technology is involved.   Perhaps in 2016, the courts will offer more guidance in this area.  Stay tuned.

shutterstock_242263660As January quickly passed by and new projects increase by the day, there is still a golden opportunity to capitalize on some low-hanging fruit to immediately improve your company’s practices and add immediate value to your company.  The opportunity lies in improving your company’s restrictive covenant and confidentiality agreements and confidentiality policies.  Below are five tips that you can employ immediately to improve your company’s agreements/policies and practices.

First, make sure your company is using confidentiality agreements and confidentiality policies with your employees.  You may be surprised to learn how many companies do not ask their employees to sign such agreements.  When those companies later seek to explore their options against employees who have joined competitors, their options are significantly narrowed.  Also, your company should not rely solely on employee handbook policies or other similar policies.  While your company may not use non-compete or non-solicitation covenants with your workforce, at a minimum, companies should use non-disclosure agreements with their employees.  There is really no excuse not to ask employees to sign such agreements.

Additionally, companies should consider using the maximum legally permissible restrictive covenants in their jurisdictions, including non-competes and non-solicitation of customers and employees as applicable, with their workforces; otherwise, companies are leaving a competitive advantage at the table.  While some companies may elect not to use non-compete agreements because such covenants are viewed as not supportive of their company “culture,” companies should carefully survey what their competitors are doing and determine whether they are putting themselves at a disadvantage in the talent market.

Second, spend some time with the business leaders in departments that create your company’s confidential information to make sure that your company’s non-disclosure agreement provides sufficient descriptions of the information that each department considers high value confidential information.  Oftentimes, companies give little thought to the categories of information described in the non-disclosure agreement or have no description of the information whatsoever.  While your company should not provide the secret information in the agreement, your company should at least describe the category of information in which it belongs and some specifics so that the category is easily identifiable by employees.  The value in describing the information in more detail is that the employee then understands what the company deems confidential, and it also provides the company a better chance in the courtroom to hold a former employee accountable if he or she misappropriates such information.

Third, review your company’s restrictive covenant and confidentiality agreements to make sure that they do not unnecessarily limit the company’s rights.  In one recent case, an employer lost its trade secret suit because its non-disclosure agreement defined confidential information as only that information which had been marked confidential.  The court found that the trade secret claim failed because the information in dispute had not been marked confidential.  The trade secret claim may have proceeded if the contract had not unnecessarily restricted the term “confidential” information to only signify information labeled confidential.  While labeling information as confidential indicates that such information may be subject to reasonable secrecy measures to support a classification as a trade secret, it is typically not dispositive as to whether contract and trade secret claims can be pursued for the theft of company information.

Additionally, companies operating in states that permit non-compete and non-solicitation agreements should consider using such agreements with their employees in those states even if those companies’ corporate headquarters are in jurisdictions where non-competes are typically void in the employment context, such as California.  Simply put, just because your company is headquartered in California does not mean that you should not ask your employees in Florida to sign non-compete and non-solicitation agreements governed by Florida law.  Additionally, some companies have been successful in using forum selection and choice of law provisions to bind employees who work in jurisdictions where restrictive covenants are limited to non-competes and non-solicitation covenants in the company’s home forum, particularly where such employees are provided access to trade secrets and maintain well-established relationships with company clients.  A company should also consider whether to use a prevailing party provision for attorney’s fees and costs for actions brought on or related to the agreement.

Fourth, take into account some recent developments in state non-compete law to make sure that your company’s agreement is compliant.  For example, Oregon has limited the duration of employee non-competes to two years effective January 1, 2016.  Hawai’i has banned the use of non-compete and non-solicit agreements with technology works effective July 1, 2015.  Alabama has made it easier to enforce non-compete agreements with a revised statute that became effective January 1, 2016.  Also, in Alabama, non-competes of one year will now be presumed to be enforceable.  Additionally, Illinois and Pennsylvania have special requirements for the roll-out of non-compete agreements with existing employees, including providing consideration apart from continued employment alone, to enforce such agreements.  The Wisconsin Supreme Court recently has found that continued employment was adequate consideration for non-compete agreements entered into after the inception of employment. There are also active movements in Utah and Washington to restrict the use of non-compete agreements.

Fifth, critically examine which employees and third parties your company asks to sign restrictive covenant and confidentiality agreements and be mindful of third-party scrutiny.  Regulators, legislators, and employee groups are scrutinizing the use of restrictive covenant agreements.  While some employers may not be using such agreements enough, particularly with the right people (i.e., executives, engineers, R&D personnel, sales representatives, among others), other companies may be accused of overreaching in asking all employees to sign non-compete agreements.  While the janitor does not necessarily need to sign a non-compete, he or she probably should sign a non-disclosure agreement in certain instances.  Also, your company should perform an audit or ensure one has been performed to see if your company has signed agreements with key employees, particularly high level executives and employees who may be flight risks.

Companies should think critically about who they are asking to sign such agreements and who they should be asking to sign such agreements (e.g., appropriate restrictive covenants and non-disclosure agreements with vendors and contractors).  We have found that while some companies may have solid agreements with employees, the same high value information may be provided to contractors and vendors without similar protections, which erodes the confidentiality protections placed on the information.  Government agencies such as the NLRB, SEC, and EEOC are actively scrutinizing employer confidentiality restrictions, so companies should be mindful to provide examples of confidential information instead of broad undefined labels, to not prohibit disclosure of information protected by Section 7 of the National Labor Relations Act (such as concerted activity involving discussions of conditions of employment or wages), and to not prohibit participation in government investigations or including similar provisions which impede the ability of employees to act as whistleblowers.

As many have already broke their New Year’s resolutions as we move into February, there is still an opportunity for you to add value to your organization by addressing these critical issues and providing useful recommendations to your organization.  Don’t wait.  Act today and reach for this low-hanging fruit.

WebinarOn Thursday, February 25, 2016 at 12:00 p.m. Central, Seyfarth attorneys, Richard D. Lutkus and James S. Yu, will be joined by Joseph Martinez, Chief Technology Officer and Vice President of Forensics at Innovative Discovery to present the second installment of the 2016 Trade Secrets Webinar series. This program will cover considerations that attorneys should take into account when in possession of any client data. Coverage will include both technical considerations, best practices and policies, as well as practical advice to steer clear of ethical violations.

The panel will specifically address the following topics that often arise in trade secret investigations and litigation:

  • Information Storage, Retention, and Remediation
  • Device Management
  • Phishing and Social Engineering
  • Security Considerations
  • Cloud Storage and Ethical Considerations

There is no cost to attend this program, however, registration is required.

If you have any questions, please contact events@seyfarth.com.

*CLE Credit for this webinar has been awarded in the following states: CA, IL, NJ and NY. CLE Credit is pending for GA, TX and VA. Please note that in order to receive full credit for attending this webinar, the registrant must be present for the entire session.

register