Throughout 2014, Seyfarth Shaw LLP’s dedicated Trade Secrets, Computer Fraud & Non-Competes Practice Group hosted a series of CLE webinars that addressed significant issues facing clients today in this important and ever changing area of law. The series consisted of 10 webinars:
- 2013 National Year in Review: What You Need to Know About the Recent Cases/Developments in Trade Secrets, Non-Compete, and Computer Fraud Law
- Employee Social Networking: Protecting Your Trade Secrets in Social Media
- Barbarians at the Gate: Class Action Avoidance and Mitigation for Data Breach
- Trade Secret and Non-Compete Legislative Update
- International Trade Secrets and Non-Compete Law Update
- Protecting Confidential Information and Client Relationships in the Financial Services Industry
- Ins and Outs of Prosecuting and Defending Trade Secret Injunction Cases
- Protecting Trade Secrets: The Current Landscape, Top Threats, Best Practices for Assessing and Protecting Trade Secrets, Proposed Legislation and Future Scenarios
- How and Why California is Different When it Comes to Trade Secrets and Non-Competes
- Protecting Trade Secrets and Intellectual Property in Business Transactions
As a conclusion to this well-received 2014 webinar series, we compiled a list of key takeaway points for each of the webinars, which are listed below. For those clients who missed any of the programs in this year’s webinar series, the webinars are available on CD upon request or you may click on the title below of each webinar for the online recording. We are pleased to announce that Seyfarth will continue its trade secrets webinar programming in 2015 and has several exciting topics lined up. We will release the 2015 trade secrets webinar series in the coming weeks.
The first webinar of the year, led by Michael Wexler, James McNairy and Joshua Salinas, reviewed noteworthy cases and other legal developments from across the nation in the areas of trade secret and data theft, non-compete enforceability, computer fraud, and the interplay between restrictive covenant agreements and social media activity, as well as provided predictions for what to watch for in 2014.
- While courts continue to struggle with what is the proper scope of trade secret preemption and at what stage in the case it should be applied (e.g., at the motion to dismiss/demurrer vs. summary judgment stage), courts increasingly hold that trade secret claims preempt or “supersede” concurrently pled common law tort claims based on the theft of information.
- The U.S. Supreme Court’s decision in Atlantic Marine Const. Co., Inc. v. U.S. Dist. Court for W. Dist. of Texas, 134 S. Ct. 568 (2013), appears to strengthen the enforceability of forum selection clauses as it held that, where the other requirements for transferring an action exist, courts ordinarily should, except in exceptional circumstances, transfer cases where valid, enforceable forum selection clauses exist. However, because this case did not involve a forum selection clause in an employment agreement, it remains to be seen whether lower courts faced with transfer motions in employment disputes will interpret forum selection clauses in the same manner as the Atlantic Marine court.
- During 2013, courts in Massachusetts, Minnesota, and New York joined the Ninth Circuit’s narrow reading of the Computer Fraud and Abuse Act, limiting its applicability to scenarios where the defendant(s) hacked into or otherwise took affirmative steps to circumvent computer security, finding that violating employer computer usage or access policies alone do not violate the CFAA.
In our second webinar of the series, Scott Schaefers, Justin Beyer and Joshua Salinas addressed the interplay between trade secrets and social media.
- Social Media Privacy Laws are on the Rise. At least 14 states now have laws prohibiting employers from requiring or even asking for access to employees’ or job applicants’ personal social media accounts. Penalties for violations range from nominal administrative fines to much larger damages, including punitive damages and attorneys’ fees. Many of the laws, however, have broad exceptions and loopholes, including required employer access of “nonpersonal” accounts and on suspected data theft or workplace misconduct. To learn more, please see our Social Media Privacy Legislation Desktop Reference.
- Watch Out for Your Trade Secrets. The new legislation may throw wrenches into employer-employee trade secret theft cases. For example, a disloyal employee secretly copies a confidential employer customer list onto his personal LinkedIn account. The employee works in a state that has adopted the new privacy legislation, which has an exemption for suspected data theft. The employer hears unsubstantiated gossip about that list copying, but does not investigate based on the flimsy evidence and for fear of violating the privacy law. The employee later resigns, and uses that list for a competitor. Did the former employer waive a trade secrets claim against the employee because it decided not to investigate, even though it could have? Did that decision amount to an unreasonably insufficient effort to protect its trade secrets?
- Have a Social Media Policy. Employers should have compliant social media usage policies. The policy should describe, among other things, what constitutes a “personal” social media account, what types of information belong to the employer, what types of social media activity is permissible, the instances in which the employer may seek to require or request access, and the potential consequences for non-compliance.
The third installment of the series was presented by Robert Milligan, Bart Lazar and John Tomaszewski as they discussed avoidance and mitigation techniques for data breaches, including where the class action bar is going and what potential defenses and strategies companies can employ in such lawsuits.
- A strong data security program requires layers. You can’t rely just on technical safeguards and the IT group. You also need people and processes to help catch the threats which get through the cracks that technology cannot plug. As part of that layering, it isn’t just about the prevention of threats, it is also about detection and early warning of threats. This will allow for the isolation of a threat which has made it through the “front door” before it gets into the safe in the bedroom.
- A company gets a greater return on investment by being prepared for a security breach. Training employees on handling personal information engages them in the process, and raises awareness to reduce the risk of an incident or that an incident will go unnoticed. Developing an incident response protocol and team with defined responsibilities allows a company to be more nimble and efficient when a potential incident occurs. And, as the study we referenced demonstrates, companies that already have an incident response plan in place spend 1/3 less on security incidents than those that do not have an incident response protocol.
- Increasingly courts are becoming more receptive to putative class claims alleging unlawful data breach in violation of statute or under the common law. Article III standing and lack of actual damages continue to be key defenses to such claims but courts are more receptive to creative claims based upon statutory language or contract interpretation. Companies should consider using arbitration agreements with class action waivers, as well as early dispositive motions to attempt to manage the risk of these dangerous and expensive suits.
The fourth webinar in the series, presented by Katherine E. Perrelli, Daniel P. Hart and Dawn Mertineit discussed the significant statutory changes to several jurisdictions’ laws regarding trade secrets and restrictive covenants and pending legislation proposed in additional jurisdictions over the past year.
- Employers should employ a holistic approach to the protection of their trade secrets and confidential information, whether or not Massachusetts bans non-compete restrictions altogether or adopts the Uniform Trade Secrets Act. Utilize non-solicit, non-disclosure and invention assignment agreements; implement entrance and exit interview protocols to educate employees on non-disclosure obligations; create a culture of confidentiality with regular training programs, and various levels of security access to confidential business information; regularly evaluate your trade secret protection policies/protocols; and forensically review computer usage of departing employees with access to confidential information.
- As non-compete and trade secrets law continues to evolve, expect a greater trend toward uniformity in trade secrets law and a continued attempt to regulate trade secrets at the federal level. Review your company’s policies and practices on a regular basis to ensure that they are consistent with the latest developments and continue to take proactive, practical measures to ensure that your trade secrets are subject to reasonable methods to maintain their secrecy.
- Even if your company has operations in a state that does not prohibit employers from requiring employees and applicants to provide social media login information or access, your best bet is to avoid asking employees and applicants for this sort of information (unless account access is necessary to investigate workplace misconduct). More and more states are considering laws prohibiting such actions, and it’s best to be ahead of the curve.
To learn more, please see our 50 State Desktop Reference: What Employers Need to Know About Non-Compete and Trade Secrets Law
The fifth webinar in the 2014 series, presented by Wan Li, Ming Henderson, Justine Turnbull and Daniel Hart, focused on non-compete and trade secret considerations from an international perspective. Specifically, the webinar involved a discussion of non-compete and trade secret issues in Europe, Australia, and China compared to the United States. This 90-minute webinar provided valuable insight for companies who compete in the global economy and must navigate the legal landscape in these countries and ensure protection of their trade secrets and confidential information, including the effective use of non-compete and non-disclosure agreements.
One size does not fit all. Requirements for enforceable restrictive covenants vary dramatically from jurisdiction to jurisdiction. Bearing in mind non-compete covenants may be unlawful in certain countries or heavily restricted, employers should carefully tailor agreements to satisfy local legal requirements and appropriately apply local drafting nuances to aid enforceability of any restrictive covenants. In addition, employers should take advantage of other contractual and/or tactical mechanisms as a “belt-and braces” approach, such as, clawbacks and forfeiture of deferred compensation (where permitted), use of garden leave provisions, and strategic use of forum selection and choice-of-law provisions.
Employers should also take practical measures to protect their confidential information and trade secrets, including limiting access to sensitive information, using exit interviews, and (provided that applicable privacy laws are followed) monitoring use of company IT resources and conducting forensic investigations of departing employees’ computer devices.
Drafting a non-compete clause under French labor law requires specific care as courts are particularly critical of the following: duration, the geographical and activities scope, the conditions in which the employer releases the employee from such obligation, the employee’s role, the interests of the company and the financial compensation provided by the clause.
During employment an employee is subject to a general obligation of confidentiality and breach may be subject to civil and criminal sanctions. Only “trade secrets”, however, are protected post-termination under certain circumstances. Employers should therefore enter into a confidentiality agreement to strengthen the protection of the company’s data post-termination. Unlike non-compete covenants, a confidentiality clause does not require any financial compensation and can be unlimited in time and scope, if justified by the nature of the confidential information to protect.
Restrictive covenants are potentially void as an unlawful restraint of trade and are therefore only enforceable if they go no further than is necessary to protect legitimate business interests. In practical terms, this means that such covenants are only likely to be enforceable where they are fairly short in duration, the restriction is narrowly focused on the employee’s own personal activities (e.g. geographical scope) and is specific to the commercial environment. Careful drafting is key especially given the unforgiving nature of the English Courts when it comes to poor drafting even if the intention of the parties is obvious, an unclear clause could be struck out, rather than redacted. Employers should also consider other creative and acceptable ways to aid enforceability, such as, deferring remuneration and varying and reaffirming covenants.
Absent any agreement, only “trade secrets” will be protected after employment. Employers should therefore ensure that employment contracts and/or other free-standing binding agreements provide full coverage for the protection of confidential and other valuable business information post-termination. In addition, employers should also physically protect their confidential information (e.g. encrypting data, installing passwords, secure storage, etc.) and seek to retain control of it to reduce and limit unwanted disclosure and misuse. Physical security can be a more effective and less costly approach in the long-term.
It is possible to protect an organization’s confidential information, customer or client connections, trade secrets and other proprietary interests from inappropriate use by former employees in Australia. To do this detailed consideration is required of the employee’s role and responsibilities and we as their personal situation. Further, protection must not only be included in the written terms of employment but also employed at a very practical level in the business, for example, by password protecting documents, limiting access to confidential information to those who ‘need to know’ and by expressly reminding employees in different forms about the importance of certain information and relationships to the business and their related obligations.
The sixth webinar of the year, led by Scott Humphrey, Jason Stiehl and Rebecca Woods, focused on trade secret and client relationship considerations in the banking and finance industry, with a particular focus on a firm’s relationship with its FINRA members.
- Enforcement of restrictive covenants and confidentiality obligations for FINRA and non-FINRA members are different. Although FINRA allows a former employer to initially file an injunction action before both the Court and FINRA, FINRA, not the Court, will ultimately decide whether to enter a permanent injunction and/or whether the former employer is entitled to damages as a result of the former employee’s illegal conduct.
- Address restrictive covenant enforcement and trade secret protection before a crisis situation arises. An early understanding of the viability of your restrictive covenants and the steps that you have taken to ensure that your confidential information remains confidential will allow you to successfully and swiftly evaluate your legal options when a crisis arises.
- Understand the Protocol for Broker Recruiting’s impact on your restrictive covenant and confidentially requirements. The Protocol significantly limits the use of restrictive covenants and allows departing brokers to take client and account information with them to their new firm.
- Use of cloud-based services is increasing, including in the financial services industry. This creates different risks for protecting trade secrets with potential theft, exposure, or loss from cloud providers, hackers, and rogue or sloppy employees. A comprehensive and preventative slate of measures should be considered in order to ensure protection from each of these threats and to manage and mitigate the consequences of a compromise of protected information. “Analog” protections, such as confidentiality agreements, employee training, and basic security safeguards remain relevant. “Cloud” protections should be added, however, and include maximizing technology-based security features, negotiating savvy and strong vendor agreements, and obtaining properly-scaled cyber-insurance coverage. The compromise of proprietary information that includes personal information may trigger federal and/or state breach notification obligations.
In the seventh installment, Justin K. Beyer, Dawn Mertineit, and James Yu discussed practical steps employers can take to protect trade secrets during an employee’s employment and after, best practices employers should take upon discovering or suspecting that an employee has misappropriated its data, best practices employers should take in onboarding a competitor’s former employee to minimize the likelihood of being sued, and strategic considerations when faced with defending a trade secret misappropriation case.
- Employers can best protect their trade secrets by instituting robust training, policies and procedures aimed at educating its work force as to what constitutes confidential information and that this information belongs to the employer, not the employee. By utilizing confidentiality, invention assignment, and reasonable restrictive covenants, as well as implementing onboarding and off-boarding protocols, educating employees on non-disclosure obligations, educating employees on that data which the employer considers confidential, clearly marking the most sensitive data, and restricting access to confidential information, both systemically and through hardware and software blocks, employers can both educate and prevent misappropriation.
- If an employee voluntarily resigns his or her employment with the company, the employer should already have in place a specific protocol to ensure that the employee does not misappropriate company trade secrets. Such steps include questioning the employee on where he intends to go, evaluating whether to shut off access to emails and company systems prior to the expiration of the notice period, requesting a return of company property, including if the company utilizes a BYOD policy, and reminding the employee of his or her continuing obligations to the company. Likewise, companies should have robust onboarding policies in place to help avoid suit, such as attorney review of restrictive covenants, offer letters that specifically disclaim any desire to receive confidential information from competitors, and monitoring of the employee after hire to ensure that they are not breaching any confidentiality or non-solicitation obligations to the former employer.
- If a company finds itself embroiled in litigation based on either theft of its trade secrets or allegations that it either stole or received stolen trade secrets, it is important to take swift action, including interviewing the players, preserving the evidence, and utilizing forensic resources to ascertain the actual theft or infection (if you are on the defense side). Companies defending against trade secret litigation also need to analyze and consider whether an agreed injunction is in its best interests, while it investigates the allegations. These types of cases tend to be fast and furious and the internal business must be made aware of the impact this could have on its customer base and internal resources.
In our eighth installment, Robert B. Milligan, Daniel Hart, along with the CREATe.org’s CEO Pamela Passman and Marissa Michel, the Director in PriceWaterhouseCoopers’ Forensic Services Group, took a rigorous look at the issue or trade secret theft and discussed insights from a recent PwC – CREATe.org report: Economic Impact of Trade Secret Theft: A ramework for ompanies to afeguard rade ecrets and itigate potential threats.
- Theft of trade secrets poses a substantial threat to companies throughout the world and will likely remain a significant challenge in the next 10-15 years as companies face increasing threats from competitors, malicious insiders, nation states, transnational organized crime, and hacktivists.
- Companies should carefully assess their existing trade secrets portfolio and the steps needed to protect their trade secrets by following a detailed and comprehensive 5-step framework: (1) identifying their trade secrets, (2) assessing the threats to their trade secrets portfolio and possible exposures, (3) analyzing the relative priorities of their trade secrets to assess which trade secrets require the highest level of protection, (4) assessing the likely economic impact that would be caused by a theft of trade secrets, and (5) secure the trade secrets portfolio by implementing a management system (including policies, protocols, training, and other measures across the organization).
- Effective protection of trade secrets requires a coordinated and deliberative effort across all business units in a company, including IT, HR, legal, and other business leaders. The only way to effectively protect a company’s trade secrets portfolio is to carefully analyze the threats to the company’s trade secrets and thoughtfully develop a comprehensive and customized strategy with buy-in from all stakeholders across the organization.
The ninth webinar this year, presented by Robert B. Milligan, James D. McNairy and D. Joshua Salinas, focused on recent legal developments in California trade secret and non-compete law and how it is similar to and diverse from other jurisdictions, which included: a discussion of the California Uniform Trade Secrets Act, trade secret identification requirements, remedies, and the interplay between trade secret law and Business and Professions Code Section 16600, which codifies California’s general prohibition of employee non-compete agreements. The panel discussed how these latest developments impact litigation and deals involving California companies.
- While California has rejected the inevitable disclosure doctrine, threatened misappropriation can be a viable theory for relief when there is evidence of data theft and intent to use company data.
- California’s recent appellate decision in Altavion, Inc. v. Konica Minolta Sys. Laboratory, Inc., 226 Cal. App. 4th 26 (2014) has broadened the scope of trade secret protectable information to include ideas.
- Federal district courts in California have increasingly elected to enforce forum selection clauses in non-compete agreements of California employees and found that enforcement of such clauses does not violate California’s strong public policy of employee mobility. See, e.g., Hegwer v. American Hearing and Associates, 2012 WL 629145 (N.D. Cal., Feb. 27, 2012) (granting motion to dismiss California action based upon Pennsylvania forum selection law clause – alleged illegality of non-compete irrelevant to enforcement of forum selection clause); Hartstein v. Rembrandt IP Solutions, 2012 WL 3075084 (N.D. Cal., July 30, 2012) (court agrees to enforce Pennsylvania forum selection clause, disregarding ultimate affect that Pennsylvania court will enforce improper non-compete clause against California citizen).
- The recent decision in Cellular Accessories For Less, Inc. v. Trinitas LLC, No. CV 12–06736 D, DP (SHx), 2014 WL 4627090 (C.D. Cal. Sept. 16, 2014) illustrates that LinkedIn contacts and other social media connections could be protectable as trade secrets if the methods used to compile the contact information are “sophisticated,” “difficult,” or “particularly time consuming.” Nonetheless, the purported trade secret holder will also have to establish that the contacts were not made public.
In the final installment of our 2014 Trade Secrets Webinar Series, Seyfarth attorneys Michael Baniak and Randy Bruchmiller focused on considerations involving protecting trade secrets and intellectual property in business transactions, including, mergers and acquisitions, joint ventures and other collaborative arrangements.
- The protection of intellectual property is critical in joint venture and other agreements in order to protect what, many times, is some of the most important assets of the company. These protections may include protecting the confidentiality of the information and addressing what rights each party will have in the intellectual property after the transaction or venture.
- Companies should protect their trade secrets at every level of the employee hierarchy. Executives and high-level employees usually have employment agreements that address confidentiality and the handling of trade secret information. Mid-level managers and lower level employees are often over-looked. It is important to have all employees enter into confidentiality agreements and, in many cases, intellectual property assignment agreements.
- Regardless of what protections are put in place, it is very important to be aware of law changes in the states where the company has employees and to revise agreements to address any changes in the law.
2015 Trade Secret Webinar Series
Beginning in January 2015, we will begin another series of trade secret webinars. The first webinar of 2015 will be “2014 National Year in Review: What You Need to Know About the Recent Cases/Developments in Trade Secrets, Non-Compete, and Computer Fraud Law.” To receive an invitation to this webinar or any of our future webinars, please sign up for our Trade Secrets, Computer Fraud & Non-Competes mailing list by clicking here.
Seyfarth Trade Secrets, Computer Fraud & Non-Compete attorneys are happy to discuss presenting similar presentations to your groups for CLE credit.
Michael Wexler is Chair and Robert Milligan is Co-Chair of the Trade Secrets, Computer Fraud & Non-Compete Practice Group. If you have any questions, please contact Michael Wexler at firstname.lastname@example.org /(312) 460-5559, Robert Milligan at email@example.com /(310) 201-1579, the Seyfarth Shaw attorney with whom you work or any Trade Secrets, Computer Fraud & Non-Compete attorney on our website (www.seyfarth.com/tradesecrets). You may also access our blog, Trading Secrets, at www.tradesecretslaw.com.