WebinarOn Thursday, April 14 at 12:00 p.m. Central, Seyfarth attorneys, Scott Humphrey, Marcus Mintz and Kristine Argentine will present the fourth installment of the 2016 Trade Secrets Webinar series. This program will focus on trade secret and client relationship considerations in the banking and finance industry, with a particular focus on a firm’s relationship with its FINRA members.

The Seyfarth panel will specifically address the following topics:

  • Practical steps financial institutions can implement to protect trade secrets and client relationships.
  • What should you do if your trade secrets are improperly removed or disclosed, or if your former employee is violating his/her restrictive covenant agreements.
  • How do you prosecute a case against a former employee who is a FINRA member.
  • The impact of the Protocol for Broker Recruiting on trade secrets and client relationships.

Our panel consists of attorneys with experience advising clients on restrictive covenant and trade secret issues.

If you have any questions, please contact events@seyfarth.com.

*CLE Credit for this webinar has been awarded in the following states: CA, IL, NJ and NY. CLE Credit is pending for GA, TX and VA. Please note that in order to receive full credit for attending this webinar, the registrant must be present for the entire session.

Registration
There is no cost to attend this program, however, registration is required.

register

shutterstock_113020912A long-running non-compete clause dispute has reached the Louisiana Court of Appeal three times.  Last month, the court affirmed a $600,000 judgment, plus attorneys’ fees and costs, against an ex-employee who assisted his son’s start-up company compete with his father’s former employer.  Pattridge v. Starks, No. 50,351-CA (Louisiana Court of Appeal, Feb. 24, 2016) (Endurall III).

Summary of the case.  Endurall, Inc. — a Louisiana manufacturer and seller of rod guides used in the oil and gas industry to prevent well tubing leaks — terminated the employment of corporate officers Billy Joe Edwards and Jimmy Starks, two of its three 33% stockholders.  The company and the owners of the other 34% sued Billy Joe, Starks and others in a Louisiana state court alleging, in part, that Billy Joe violated his non-competition agreement by helping his son Gregory Edwards make and sell rod guides.

After a trial, the judge ruled that Billy Joe violated his non-compete agreement, that the company’s four shareholders were irreconcilably deadlocked, and that their stock should be auctioned.  That order was affirmed on appeal  (149 So.3d 820 (2014) (Endurall I).  Next, the trial judge permanently enjoined Billy Joe from, or assisting others in, competing in the rod guide industry.  That decision also was upheld (Endurall II ).  The trial court then presided over an evidentiary hearing on damages and awarded $600,000 to the plaintiffs.  In Endurall III, the Court of Appeal affirmed.

The non-compete and confidentiality agreements.  At the time Endurall was created, each shareholder signed a confidentiality agreement.  They acknowledged that the non-competes were an essential condition of their stock purchases, and each promised not to participate in any competitive business for two years after he ceased to own Endurall stock

Billy Joe’s alleged breach of his non-compete.  In 2012, Billy Joe, his son Gregory, and Starks formed Vector Energy Solutions.  Billy Joe was elected vice-president of development.  When Endurall and its other two shareholders learned about Vector, they accused Billy Joe and Starks of disclosing Endurall’s confidential information to Vector.

At the court-ordered auction of Endurall’s stock in 2013, the successful bidders were its two shareholders who were not involved with Vector.  They paid Billy Joe and Starks $1.1 million each for their stock.  Billy Joe went to work for Skye Petroleum which made paraffin products for the oil and gas industry.  He and his wife loaned their son Gregory hundreds of thousands of dollars to start DHE, LLC.[1]  Billy Joe helped to acquire the building (a few blocks from Endurall) where both he and DHE had their offices, and he touted DHE to his Skye Petroleum customers who had a need for rod guides.  In addition, Gregory wrote a letter announcing the creation of his new company, made reference to his work experience with his father, and stated that DHE’s rod guides were superior to those made by Endurall.  Quickly losing customers and sales representatives to DHE, Endurall filed suit.

Damages calculation.  The plaintiffs called an expert damages witness; the defendants did not.  The witness testified that Endurall was injured as “a result of impaired operations” caused by DHE.  He said that the damages amount could be determined by (1) comparing the company’s performance before and after the impairment, or (2) using a discounted future earnings approach.  The “before and after” method, the expert said, considered Endurall’s sales history and gross profits, minus (a) avoidable costs, and (b) variable costs incurred but not due to lost sales.  The discounting approach extrapolated sales data for six years from late 2014, assumed a 14% annual volume increase, and used an “aggressive” time-value-of-money discounting rate.

The expert was cross-examined “rigorously” according to the trial judge, and “ably and thoroughly” in the words of the Court of Appeal.  The expert admitted that, among other suppositions, he presumed that Endurall’s current cost of production would not change and that customers lost to DHE would never return to Endurall.  He conceded that a 14% annual sales increase was not supported by Endurall’s history, and he acknowledged that DHE’s actual sales volume was substantially less than the amount of sales Endurall claimed to have lost to DHE.  However, he said that over time and on average the model he used would be supported.  He concluded that, regardless of which method was employed, Endurall lost approximately $900,000 in profits as a result of sales to customers poached by DHE.

The trial judge decided to award damages only through 2016, not all the way to 2020 as the plaintiffs’ expert witness proposed.  The court reasoned that technological advances might render rod guides obsolete and, in the appellate tribunal’s words, the trial judge “recognized the significant uncertainty and generous assumptions built into [Endurall’s] damages model,” “the volatile nature of Endurall’s business,” and that the “projected sales over time were speculative.”   Even though the trial judge admitted that his computation was “somewhat arbitrary,” the Court of Appeal affirmed because “the record reveals no manifest error . . ., [the] damage award was based on . . . the evidence presented and not on mere speculation,” and “no abuse of discretion” was detected.  By awarding 33% less than the expert’s calculation of lost profits, moreover, the trial court adequately took into account the complexity of computing damages.

Billy Joe contended that damages should not have been awarded beyond 2015 when the two-year non-compete expired.  The Court of Appeal disagreed.  It explained that DJE’s early entry into the market gave Endurall no time to prepare for the competition, and that  Billy Joe could have mitigated Endurall’s losses by delaying assistance to his son.

Takeaways.  Endurall III contains several important lessons.

First, a signatory to a non-competition agreement who assists someone else to compete can be found liable for violating it notwithstanding the signatory’s apparent lack of a personal profit motive.

Second, the decision provides a thoughtful analysis of the difficulties faced by a trial court called upon to compute damages sustained by a well-established market leader at the hands of a start-up competitor assisted by a knowledgeable alleged non-compete clause violator.

Third, the opinion reminds us that calling a damages expert to testify is not always required just because the adversary has such a witness.  Without calling an expert witness, Billy Joe apparently was able to provide “rigorous”, “able” and “thorough” cross-examination of the plaintiffs’ damages expert.  Billy Joe avoided incurring the expense of a testifying expert who, in any event, might have been unnecessary or even potentially counter-productive.

[1] Coincidentally or otherwise, Endurall’s original name was Down Hole Enterprises.

shutterstock_149599301We are pleased to announce the webinar “Data Security & Trade Secret Protection for Lawyers” is now available as a podcast and webinar recording.

In the second installment, Seyfarth attorneys, Richard D. Lutkus and James S. Yu, was joined by Joseph Martinez, Chief Technology Officer and Vice President of Forensics at Innovative Discovery. This program covered considerations that attorneys should take into account when in possession of any client data. Coverage included both technical considerations, best practices and policies, as well as practical advice to steer clear of ethical violations.

As a conclusion to this well-received webinar, we compiled a list of  brief summaries of the more significant cases that were discussed during the webinar:

  • Whether corporate or outside counsel, there are basic steps that can dramatically increase the security of your or your client’s data. Management of data will continue to be a necessity for any entity. Proper policies, protocols, and training should be developed and put into place to protect data in transit and at rest. Use of encryption and access control are both key to proper protection of data.
  • Social engineering is the number one cause of data breaches, leaks, and information theft. Organizations should alert and train employees on following policy, spotting potential social engineering attacks, and having a clear method to escalate potential security risks. Employee awareness, coupled with technological changes towards better security will reduce risk and exposure to liability.
  • Lawyers have an ethical duty to ensure that reasonable steps are taken to protect their client’s and employer’s data. Significant statistics have shown that many law firms and practitioners are behind the curve in terms of information security preparedness. Hackers have recently focused their targets on the lax security practices of law firms to obtain client data or inside information.

Join us Tuesday, March 29 at 12:00 p.m. Central. for our next webinar, “New Year, New Progress: 2016 Update on Defend Trade Secrets Act & EU Directive.” To register, click here.

shutterstock_306198371Another year, another attempt at noncompete reform in Massachusetts.  According to the Boston Globe, Massachusetts House Speaker Robert DeLeo announced that lawmakers would unveil a bill limiting the use of noncompete agreements in the Commonwealth.  As we have previously reported, legislators have been attempting to enact noncompete reforms in Massachusetts for years (since at least 2008), to no avail, including a last minute push by outgoing Governor Deval Patrick at the end of his term in 2014.  Thus far, nothing has been accomplished, but the forthcoming bill appears to propose less dramatic restrictions than in the past, so perhaps 2016 is finally the year.

Specifically, Speaker DeLeo’s bill is expected to contain the following restrictions:

  • Noncompete agreements would be limited to 12 months in duration;
  • Employers would be required to notify incoming employees about noncompetes before they accept a job offer; and
  • Noncompetes would be prohibited for low-wage workers like restaurant and retail workers.

More specifics will no doubt be forthcoming, such as whether the restrictions will be retroactive, whether tolling provisions will be permitted beyond the 12 month restriction, the definition of low wage workers, and what, if any, effects this will have on other post-employment restrictive covenants such as nonsolicitation agreements.  We will keep you informed as the bill progresses through the Massachusetts Legislature, and we encourage you to check out our friend Russell Beck’s blog as well for further insights and updates.

Webinar

There’s no doubt that protection of trade secrets is a major concern for most businesses operating in today’s global economy. To address the threat to the trade secrets of US businesses, Senators Orrin Hatch (R-UT) and Christopher Coons (D-DE) introduced the “Defend Trade Secrets Act of 2016” (“DTSA”) in the United States Senate, while Rep. Doug Collins (R-GA) introduced a similar version of the same bill (H.R. 3326) in the United States House of Representatives.  If enacted, the Defend Trade Secrets Act would provide a civil cause of action in federal court to private litigants for “misappropriation of a trade secret that is related to a product or service used in, or intended for use in, interstate or foreign commerce.”

On the other side of the Atlantic, the European Council and representatives of the European Parliament have recently reached a compromise agreement on the European Commission’s proposed Directive to harmonize trade secrets protection throughout the European Union’s 28 member states, and the proposed Directive is now poised for adoption by the European Parliament later this year.

On Tuesday, March 29, 2016 at 12:00 p.m. Central, Seyfarth attorneys, Robert B. Milligan, Justin K. Beyer and Daniel P. Hart will present the third installment of the 2016 Trade Secrets Webinar series. This program will provide attendees with a thorough discussion of the fundamentals as well as updates of the Defend Trade Secrets Act and the proposed EU Trade Secrets Directive. The panel will also provide insight into the limitations and new benefits of the Act and the proposed Directive.

The Seyfarth panel will specifically address the following topics:

  • The background to the proposed Acts and the proposed EU Directive;
  • Key provisions of the proposed Defend Trade Secrets Act and their implications for businesses;
  • Key provisions of the proposed EU Directive and their implications for businesses; and
  • Practical steps that business can take to protect their trade secrets under the proposed Act and Directive.

register

If you have any questions, please contact events@seyfarth.com.

*CLE Credit for this webinar has been awarded in the following states: CA, IL, NJ and NY. CLE Credit is pending for GA, TX and VA. Please note that in order to receive full credit for attending this webinar, the registrant must be present for the entire session.

 

shutterstock_214450246An ex-employee’s former employer sued him for alleged violations of the Kansas Uniform Trade Secrets Act (KUTSA) and the federal Computer Fraud and Abuse Act (CFAA).  The first claim was based on the company’s hunch that he had misappropriated trade secrets and thereby breached his non-disclosure agreement.  Two forensic experts were paid $38,000 to examine the computers and flash drives he had used, looking for evidence that he had used or disclosed confidential information.  The second claim centered on his admission that, shortly before resigning from the company, he had read a top-secret file which was, but should not have been, accessible to employees.  He moved for summary judgment on both claims.  The court granted the motion, holding that (a) payments to the experts did not satisfy the KUTSA requirement of showing an “actual loss caused by misappropriation” (K.S.A. 60-3322(a)), and (b) he was authorized to access the company’s shared files and, therefore, he did not violate the CFAA. Tank Connection, LLC v. Haight, No. 6:13-cv-01392-JTM (D. Kan., Feb. 5, 2016) (Marten, C.J.).

Summary of the case.  Haight was International Sales Manager of Tank Connection, a  manufacturer of large storage tanks.  He signed a confidentiality agreement (but not a non-compete).   With the company’s consent, he downloaded confidential information onto the laptop and flash drives provided to him by the company.  However, he also downloaded company data onto his own flash drives.  Further, he reviewed — but did not copy — the company’s president’s confidential computer file.  Following his resignation, he returned the company’s laptop and what he asserted were all of its flash drives.  Further, he insisted that he had neither disclosed the company’s secrets to his new employer nor used the information, and that he had deleted all of Tank Connection’s data from his personal flash drives.  Concluding that Tank Connection had produced no evidence contrary to his disavowal of trade secret misappropriation, and that reading the shared file was not a violation of the CFAA, the court entered judgment for Haight.

Why the claim of trade secret misappropriation failed.

Tank Connection’s expert witnesses determined that, shortly before Haight’s resignation, he accessed the company’s server and transferred to the company’s laptop and flash drives, and to his own flash drives, a lot of confidential information.  The company contended that “harvesting” of that data circumstantially supported the claim that he had used proprietary information improperly and/or had disclosed it to his new employer.  However, Chief Judge Marten ruled that without any hard evidence of wrongdoing, and in the face of Haight’s unqualified denial of culpability, Tank Connection’s speculation of improper conduct was insufficient to create KUTSA liability.

Tank Connection alleged that its damages from Haight’s “misappropriation” aggregated $1,238,000: $1.2 million that the company had expended for creating, developing and updating the computer programs, plus $38,000 it had paid to the experts.  Chief Judge Marten rejected the $1.2 million claim because the company did not show any loss of data, damage to its computers or programs, unfair competition, or unjust enrichment.  Further, the statutory alternative of assessing “a reasonable royalty” was inapplicable due to the absence of proof that Haight disclosed or used confidential information.

Finally, the court held that payments to computer forensic experts retained by Tank Connection to investigate an alleged but unproved theft of trade secrets were not an “actual loss caused by misappropriation.”  The judge said that the question has not been decided by Kansas judges, and that Connecticut Appellate and Virginia Supreme Court rulings are in diametric opposition to each other.  Concluding that the payments were “not within the traditional realm of tort damages,” and that they were incurred merely in an attempt to ascertain if there had been a theft, the court held that they were not compensable losses under KUTSA.

Why the claim of a CFAA violation failed. 

A few days before Haight resigned, a co-worker brought to his attention a computerized folder containing highly sensitive information intended solely for the eyes of the company president and one administrator.  The company was unaware that incorrect security settings for the folder enabled employees such as Haight to access it.  He admitted that he had looked at it, which constituted a CFAA violation according to Tank Connection, but he insisted that he and other employees regularly viewed shared files in the course of their work and that he did not copy, disclose or use the folder’s contents.

Chief Judge Marten observed that the president’s folder was in a shared file, and there was no evidence that Tank Connection told its employees not to open the folder.  He said that, therefore, Haight clearly did not violate the statutory prohibition against accessing a computer “without authorization.”  The difficult question under the CFAA was whether Haight exceeded his authorized computer access.  The judge found persuasive U.S. v. Valle, 807 F.3d 508 (2nd Cir. 2015), which held that an employee’s authority to access a computer file is dispositive in determining that the CFAA has not been violated, regardless of the use to or purpose for which the file is accessed.  Thus, summary judgment was granted on the CFAA claim as well.

Takeaways.  Haight prevailed on the trade secrets misappropriation claim largely because he was authorized to use Tank Connection’s confidential data in the course of his employment, and the company had no evidence that he disclosed or used the data other than for company business.  In the absence of a smoking gun or an eye witness to wrongdoing (Tank Connection had neither), employers often have difficulty disproving an ex-employee’s denial of culpability.  Perhaps Tank Connection might have strengthened its case if it had examined Haight’s personal flash drives before he deleted all of the information on them.

The ruling declining reimbursement of Tank Connection’s expenses for computer forensic experts seems to have been driven by the company’s inability to prove that any misappropriation occurred.  A number of courts have held that amounts paid to such experts, for tasks associated with a pretrial investigation launched because of suspected trade secret theft, are recoverable damages.  However, in those cases typically, the experts concluded that the company’s suspicion was well-founded.  Tank Connection is unusual because reimbursement was sought in the face of a failure to prove any impropriety.  Under these circumstances, the expenses did not qualify as an “actual loss caused by misappropriation.”

Chief Judge Marten’s ruling regarding the scope of the CFAA is another in the litany of disputes pitting a narrow statutory interpretation against a broader one.  Compare such decisions as Valle cited by the court (holding that the Act only prohibits computer hacking by an outsider), with, e.g., Epic Systems Corp. v. Tata Consultancy Services Ltd., No. 14-cv-748 (W.D. Wis., Nov. 18, 2015) (opining that the CFAA also criminalizes “insider hacking,” that is, unauthorized use of data by someone authorized to access the computer).  The conflict in these decisions probably can only be resolved by Congress or the U.S. Supreme Court.

shutterstock_128025575Robert B. Milligan, partner of Seyfarth’s Litigation department and co-chair of the firm’s Trade Secrets, Computer Fraud & Non-Competes practice group, is a moderator on an upcoming webinar presented by The American Bar Association’s IP Law section. The webinar, titled “Trade Secret Protection Best Practices: Hiring Competitors’ Employees and Protecting the Company When Competitors Hire Yours”, will take place on March 15, 2016 from 1:00 – 2:30 pm ET.In today’s highly mobile and competitive world, employees frequently move between companies within the same industry. Rarely a day goes by without a news report of another high-profile theft of important data from a company, or the loss of key employees to competitors. Employee mobility, coupled with the digitalization of company assets, has increased the need for creative and thoughtful protections of valuable company data. It has become extremely easy for employees, especially disgruntled or irresponsible ones, to take and disseminate confidential information to the detriment of their current and former employers. The need to protect company trade secrets and other confidential data against departing employees and to follow best practices when hiring a competitor’s employees has never been greater.

The esteemed panel will present a lively discussion that focuses on:

  • Best practices when hiring new employees
  • Proper employee onboarding – a cradle to grave approach
  • Employing effective non-disclosure and invention assignment agreements and computer access and bring your own device policies
  • Best practices for protecting your company when employees depart
  • Proper exit interview techniques and certifications
  • Reducing risk of disclosure of trade secrets in social media and via online repositories and other electronic means
  • Identifying the unauthorized taking/disclosure of trade secrets through the use of digital forensics
  • Discussion of recent cases/legislation
  • The current circuit split on the Computer Fraud and Abuse Act
  • Trade secret preemption
  • Forum selection/choice of law clauses

Mr. Milligan will be joined by John Francis Marsh (Hahn Loeser & Parks LLP), Pamela S. Passman (President and CEO at CREATe.org) and Russell Beck (Partner at Beck Reed Riden LLP) . The panelists specialize in trade secret litigation and counseling.

For more information and registration, please click here.

*This program offers 1.50 hours participatory MCLE credit.

shutterstock_261389492Ever since Iqbal and Twombly, it has become imperative that a complaint filed in federal court contains “sufficient factual matter, accepted as true, to ‘state a claim to relief that is plausible on its face.’”  Ashcroft v. Iqbal, 556 U.S. 662, 678 (2009) (quoting Bell Atl. Corp. v. Twombly, 550 U.S. 554, 570 (2007)).  The Eastern District of Michigan recently reiterated this point in the context of an alleged violation of the Computer Fraud and Abuse Act (“CFAA”), 18 U.S.C. § 1030.  As detailed below, failure to include the requisite factual allegations can and will result in the dismissal of potential CFAA claims.

SUMMARY

In Fabreeka International Holdings, Inc. v. Robert Haley and Armadillo Noise & Vibration LLC, 2015 U.S. Dist. LEXIS 154869 (E.D. MI, Nov. 17, 2015), Fabreeka Intl. Holdings filed suit against its former employee, Robert Haley, and his new employer, alleging that Haley unlawfully accessed its computers to obtain confidential information in violation of the CFAA.  Specifically, Fabreeka alleged that: (1) during the period of his employment, Haley accessed confidential business information stored on Fabreeka’s servers; (2) Haley did not return all of Fabreeka’s confidential information at the time of his resignation; and (3) Haley authored or assisted in authoring proposals for his new employer using Fabreeka’s confidential information for the purpose of undercutting Fabreeka’s prices.

Fabreeka contended that its allegations establish violations under three sections of the CFAA: 18 U.S.C. §§ 1030(a)(2)(C), 1030(a)(4), 1030(a)(5)(B) and (C).

  • Subsection (a)(2) prohibits (1) intentionally accessing a computer (2) without authorization or exceeding authorized access and (3) thereby obtaining information (4) from any protected computer (if the conduct involved an interstate or foreign communication) where (5) there was loss to one or more persons during any one-year period aggregating at least $5,000 in value.
  • Subsection (a)(4) prohibits (1) accessing a “protected computer” (2) without authorization or exceeding such authorization that was granted, (3) “knowingly” and with “intent to defraud,” and thereby (4) furthering the intended fraud and obtaining anything of value, causing (5) a loss to one or more persons during any one-year period aggregating at least $5,000 in value.
  • Subsection (a)(5)(B) prohibits (1) intentionally accessing (2) a protected computer (3) without authorization, and (4) as a result of such conduct, recklessly causes damage. 18 U.S.C. § 1030(a)(5)(B).
  • Subsection (a)(5)(C) prohibits (1) intentionally accessing (2) a protected computer (3) without authorization, and (4) as a result of such conduct, causing damage and loss. 18 U.S.C. § 1030(a)(5)(C).

The District Court dismissed each of these CFAA claims for the following reasons:

  1. There was no dispute that Haley was authorized to access information on the Fabreeka’s servers, including sales and manufacturing data, during his employment at Fabreeka. Since the facts pled established Haley had authorization, the Court held that Fabreeka’s claims subsections (a)(5)(B) and (a)(5)(C), requiring the access be “without authorization,” should be dismissed. This left Fabreeka’s remaining CFAA claims, which the Court said could proceed so long as Fabreeka pled facts that establish Haley exceeded his authorized access.
  2. Fabreeka’s Complaint asserted that Haley misappropriated confidential information based solely on the similarity of proposals submitted by Fabreeka and his new employer. Based off those proposals, Fabreeka offered unsupported conclusions that Haley stole confidential files and assisted in authoring the competitor’s proposal. The Court held that because “[a] pleading must include factual allegations that exceed mere speculation, see Twombly, 550 U.S. at 555, and Fabreeka’s CFAA allegations fail to meet this standard.”

In addition, the Court noted that a complaint must state sufficient facts to “raise a reasonable expectation that discovery will reveal evidence” of a claim’s required elements.  Although Fabreeka’s Complaint alleged that Haley and his new employer’s owner communicated on Fabreeka’s computer during Haley’s employment, the Court found that the mere fact that the two discussed Haley joining Armadillo does not support a plausible inference that the two colluded to misappropriate confidential information. Thus, the Court held that it did “ not feel” that Fabreeka’s Complaint “pled sufficient facts to raise a reasonable expectation that further evidence of a CFAA violation will be revealed in discovery.”

  1. Fabreeka’s Complaint implied that the company considers all non-public information confidential. Defendants, on the other hand, claimed that Fabreeka’s proposals cannot be considered confidential because they are transmitted to third parties without any steps to protect the proposals or the information they contain.  The Court noted that the Sixth Circuit previously stated, in the context of trade secrets, that if a company did not take reasonable steps to maintain the confidentiality of alleged trade secrets, a misappropriation claim properly fails. See BDT Products, Inc. v. Lexmark Int’l, Inc., 124 F. App’x 329, 333 (6th Cir. 2005).  Accordingly, the Court held that insofar as Fabreeka’s allegations address confidential material taken, the company’s proposals submitted to customers may not be properly considered secret or confidential.
  2. Finally, the Court held that Fabreeka’s Complaint did not allege that the “damage and loss” allegedly suffered arose from the cost of responding to or from investigation into Haley’s alleged violation. Instead, the Complaint merely recited the elements of the CFAA and asserted there had been “damage and loss.”  The Court held this was insufficient.

TAKE-AWAY

When asserting claims under the CFAA, it is critical to not only review and pled the necessary elements that form the claims, but to also include the sufficient factual allegations to support those claims.  The Fabreeka decision highlights how more and more courts are cracking down on insufficient pleading, particularly in the context of CFAA suits.  As a plaintiff, do not fall victim to poor or lazy drafting and, as a defendant, carefully review a complaint’s factual allegations with an eye towards a possible motion to dismiss.

shutterstock_149599301We are pleased to announce the webinar “2015 National Year in Review: What You Need to Know About the Recent Cases/Developments in Trade Secrets, Non-Compete and Computer Fraud Law” is now available as a podcast and webinar recording.

In Seyfarth’s first installment of its 2016 Trade Secrets Webinar series, attorneys Robert Milligan, Jesse Coleman and Joshua Salinas reviewed noteworthy cases and other legal developments from across the nation this past year in the areas of trade secrets , non-competes and other restrictive covenants, computer fraud and data theft, as well as provided their predictions for what to watch for in 2016.

As a conclusion to this well-received webinar, we compiled a list of  brief summaries of the more significant cases that were discussed during the webinar:

  • Data breach is a question of when and not if. Companies should ensure they have implemented sufficient information security policies and a data breach response plan. There are limitations in the law and challenges in international misappropriation cases. The best strategy is to try to prevent breach and misappropriation through effective policies, procedures, and agreements, employee training, technology solutions, and continual assessment and improvement.
  • Courts continue to struggle with issues regarding adequacy of consideration for restrictive covenants. Employers who have asked existing employees to sign non-competes or are considering doing the same should evaluate whether consideration should be provided for the non-compete to ensure enforcement under applicable law. Employers should also take into account recent legislative changes in non-compete law in Oregon, New Mexico, Hawaii and Alabama.
  • While the federak circuit court split continues to widen regarding the interpretation of unauthorized access under the Computer Fraud and Abuse Act, the recent decision in U.S. v. Christensen (9th Cir. 2015) may provide employers with a civil cause of action under Penal Code Section 502 in California against employees who misuse company data without permission.

Join us Thursday, February 25 at 12:00 p.m. Central. for our next webinar, “Data Security and Trade Secret Protection for Lawyers.” To register, click here.

shutterstock_275586623By Karla Grossenbacher

Over the past several years, technology has dramatically increased employee accountability in the workplace.  For example, in an office environment, employees are expected to respond to emails immediately because they are either sitting in front of their computers or carrying a mobile device on which they can access their email.  As for employees who work outside the office, the availability of employer-issued phones and, alternatively, the proliferation of BYOD policies, has resulted in off-site employees being generally just a phone call away.  In specific industries in which employees drive motor vehicles while conducting business for the employer, yet another method of accountability exists: Global Positioning Systems (GPS).

For businesses that provide transportation or delivery services, it is not surprising to find that such employers have installed GPS devices in the vehicles used by their employees.  The use of such devices can benefit both the employer and the employee in situations in which delivery status needs to be checked or a vehicle breaks down.  In all likelihood, the employee in these situations is aware that a GPS device has been installed on the company vehicle he or she is driving and that the employee’s movements are being tracked while on duty.  Privacy issues tend to arise, however, when employers use GPS data in connection with investigating  alleged misconduct in the workplace.

There cases in which courts have addressed the legal parameters of an employer’s use of GPS devices to track workers in order to investigate potential misconduct are few but nonetheless instructive.

In Elgin v. Coca-Cola Bottling Co. (E.D.Mo. 2005), the employer attached a GPS device to a company-owned vehicle used by the employee to service vending machines after a cash shortage was reported on a number of machines.  Although the employee was cleared of any wrongdoing in the investigation, when he found out that a GPS device had been installed on the company vehicle he drove during the investigation, he filed a claim for intrusion upon seclusion under state law.  The court rejected this claim, noting that the vehicle was owned by the employer and the only information potentially revealed by the alleged “intrusion” was the whereabouts of the company vehicle.  In another case, Tubbs v. Wynne Transport (S.D. Texas 2007), the court dismissed an invasion of privacy claim against an employer who had used information gathered by a GPS device that had been installed as a matter of course on a company-owned vehicle driven by the employee to perform his duties as a truck driver.  The court did not, however, provide any substantive analysis regarding its decision to dismiss the claim.

Elgin and Tubbs both involved employers attaching GPS devices to company-owned vehicles.  The balance between the employer’s interest in rooting out misconduct and the employee’s individual privacy rights shifts, however, when an employee’s personal vehicle is at issue — even if it is used for work purposes.  In Cunningham v. New York Department of Labor (NY Ct. App. 2013), a state employee was under investigation for falsifying time records and voucher information related to work travel and had used his personal vehicle during work hours in connection with some of the suspected misconduct.  As part of its investigation into the alleged misconduct, the employer had a GPS device installed on the employee’s personal vehicle to gather information about his movements during periods in which he was suspected of misconduct.  The employee was ultimately discharged and filed suit to exclude the GPS data from evidence at his disciplinary hearing based on federal and state constitutional grounds.

The New York Court of Appeals held that installation of the GPS device on the employee’s personal vehicle was an unreasonable search under constitutional law principles.  Although the Court held the search was reasonable at its inception because the employer had a reasonable suspicion that the employee was engaging in workplace misconduct, the search was unreasonable in its scope because it had not been designed to obtain only the information the employer needed to determine if workplace misconduct had occurred.  Rather, the employer had monitored the employee’s personal vehicle 24/7, as opposed to only during working hours, and made no attempt to remove the device prior to the employee’s scheduled vacation.  The Court concluded that “[w]here an employer conducts a GPS search without making a reasonable effort to avoid tracking an employee outside of business hours, the search as a whole must be considered unreasonable.”

However, the extent to which a personal vehicle is used for work purposes can alter the analysis.  In two cases involving the revocation of a New York City taxi cab driver’s license for over-charging passengers, two New York city state courts held that taxi drivers had no legitimate expectation of privacy in GPS data gathered from the Taxi Technology System (TTS) installed on the cabs.  The court also held that, even if the drivers had a legitimate expectation of privacy in the data, the city had a legitimate interest in determining whether or not the driver was overcharging passengers and had narrowly tailored its search to obtain information from the TTS only during the driver’s work hours.  In these two cases, even though the cabs were personally owned by the drivers, the court found that the cab drivers had limited privacy rights with respect to the vehicles because they were open to public use and subject to regulation by the state.  The regulatory authority required that all city cabs have the TTS equipment installed and drivers were required to use the system to transmit information regarding location, trip and fare information to the regulatory authority.

The takeaway from these cases is that, although an employer appears to be on solid ground attaching a GPS device to a company-owned vehicle and using data gathered by the device in an investigation of workplace misconduct, especially where the employee is aware the device is on the vehicle and the information is only being gathered while the employee is on duty, caution should be taken in attaching a GPS device to a personal vehicle used by the employee for work purposes.  Employers also need to be mindful of complying with state laws regarding electronic surveillance.  California, Connecticut, Delaware and Texas all have laws requiring either notice or consent prior to placing a GPS on another person’s motor vehicle.

As the foothold of technology sinks deeper into the terrain of the workplace, the privacy issues confronted by employers will only grow in complexity.  However, courts have been reticent about making broad pronouncements about the intersection of law and technology in the workplace.  As the Supreme Court stated in United States v. Kwon, a case involving a state employer’s review of an employee’s text messages on a state-issued pager, “[t]he judiciary risks error by elaborating too fully on the Fourth Amendment implications of emerging technology before its role society has become clear.”  This restraint, while understandable, can leave employers with unanswered questions about how to balance the competing interests of legitimate business needs and individual privacy concerns in the workplace, particularly where technology is involved.   Perhaps in 2016, the courts will offer more guidance in this area.  Stay tuned.