The American Intellectual Property Law Association (AIPLA) will host its annual Trade Secret Law Summit at the American Express Company in New York City’s Financial District on March 21-22, 2019.

Seyfarth is a proud sponsor of the Summit, at which partners Erik Weibust (Vice Chair of AIPLA’s Trade Secret Law Committee) will be speaking on Protection of Trade Secrets in the Social Media Era,  and moderating a panel on Trade Secrets and Restrictive Covenants in the Financial Services Industry, on which Scott Humphrey will be speaking.  Other Seyfarth attendees will include James Yu, Jeremy Cohen, and Dawn Mertineit.

We hope you can join us there.  For more information and to register, please click here.

Seyfarth Shaw Partner Erik Weibust and Associate Alex Meier published a Law360 article about trade secret protections related to social media. Weibust and Meier discuss risks employers face when employees access social media accounts, as well as some e-discovery considerations for social media. To learn more, check out “Trade Secret Protection and Social Media: A 5-Year Update” from Law360 here.

Continuing our annual tradition, we present the top developments/headlines for 2017/2018 in trade secret, computer fraud, and non-compete law.

1. Notable Defend Trade Secrets Act Developments

Just two years after its enactment, the Defend Trade Secrets Act (“DTSA”) continues to be one of the most significant and closely followed developments in trade secret law. The statute provides for a federal civil cause of action for trade secret theft, protections for whistleblowers, and new remedies (e.g., ex parte seizure of property), that were not previously available under state trade secret laws. Continue Reading Top Developments/Headlines in Trade Secret, Computer Fraud, and Non-Compete Law in 2017/2018

Throughout 2017, Seyfarth Shaw’s dedicated Trade Secrets, Computer Fraud & Non-Competes Practice Group hosted a series of CLE webinars that addressed significant issues facing clients today in this important and ever-changing area of law. The series consisted of six webinars:

  1. 2016 National Year in Review: What You Need to Know About the Recent Cases/Developments in Trade Secrets,
    Non-Compete and Computer Fraud Law
  2. Simple Measures for Protecting Intellectual Property and Trade Secrets
  3. Protecting Confidential Information and Client Relationships in the Financial Services Industry
  4. Protecting Your Trade Secrets in the Pharmaceutical Industry
  5. Trade Secret Protection: What Every Employer Needs to Know
  6. Protecting Trade Secrets in the Social Media Age

Continue Reading 2017 Trade Secrets Webinar Series Year in Review

There is no denying that social media continues to transform the way companies conduct business. In light of the rapid evolution of social media, companies today face significant legal challenges on a variety of issues ranging from employee privacy and protected activity to data practices, identity theft, cybersecurity, and protection of intellectual property.

Seyfarth Shaw is pleased to provide you with the 2017–2018 edition of our easy-to-use guide to social media privacy legislation and what employers need to know. The Social Media Privacy Legislation Desktop Reference:

  • Describes the content and purpose of the various states’ new social media privacy laws.
  • Delivers a detailed state-by-state description of each law, listing a general overview, what is prohibited, what is allowed, the remedies for violations, and special notes for each statute.
  • Provides an easy-to-use chart listing on one axis the states that have enacted social media privacy legislation, and on the other, whether each state’s law contains one or more key features.
  • Offers our thoughts on the implications of this legislation in other areas, including trade secret misappropriation, bring your own device issues and concerns, social media discovery and evidence considerations, and use of social media in internal investigations.
  • Concludes with some best practices to assist companies in navigating this challenging area.

How To Get Your Desktop Reference

To request the 2017–2018 Edition of the Social Media Privacy Legislation Desktop Reference as a pdf or hard copy, please click the button below:

In Seyfarth’s final webinar in its series of 2017 Trade Secrets Webinars, Seyfarth attorneys Justin Beyer, Dawn Mertineit, and Ryan Behndleman presented Protecting Trade Secrets in the Social Media Age. The panel focused on how to define and protect trade secrets on social media.

As a conclusion to this well-received webinar, we compiled a summary of takeaways: Continue Reading Webinar Recap! Protecting Trade Secrets in the Social Media Age

Social media and related issues in the workplace can be a headache for employers. There is no denying that social media has transformed the way that companies conduct business. In light of the rapid evolution of social media, companies today face significant legal challenges on a variety of issues, ranging from employee privacy and protected activity to data practices, identity theft, cybersecurity, and protection of intellectual property.

On September 28th at 12:00 p.m. Central, in Seyfarth’s fifth installment in its Trade Secrets Webinar Series, Seyfarth attorneys Justin Beyer, Ryan Behndleman, and Dawn Mertineit will discuss the relationship between trade secrets and social media.

The panel will specifically address the following topics:

  • The interplay between social media privacy laws and workplace investigations and how developing internal company policy and/or contracts can protect company assets
  • Defining, understanding, and protecting trade secrets in social media
  • How courts are interpreting ownership of social media accounts and whether social media sites constitute property
  • How to prevent trade secret misappropriation or distribution through social media channels
  • The interplay between protection of company information and ownership of company accounts in the social media age

Please join us for this informative webinar.

Cross Posted from California Peculiarities.

Seyfarth Synopsis:  Protecting trade secrets from employee theft requires more than using an NDA when onboarding employees. If businesses want to protect confidential information, they need a cradle-to-grave approach, reiterating employee obligations regularly, including during exit interviews. (Yes, you need to do exit interviews!)

Headline stories in intellectual property theft tend to involve foreign hackers engaged in high-tech attacks to pilfer vast troves of data stored by big businesses or government entities, such as those involving Russian government hackers or the Chinese military. The losses are staggering. In 2009, McAfee estimated that cybercrime cost worldwide economies $1 Trillion. That number was cited by (a then-youthful) President Obama in his first speech on cybersecurity. Since that time, attacks by professionals and nation states have remained at the forefront of both news reports and the public perception. Since then, hack attacks have remained at the forefront of both news reports and the public perception.

But despite the disproportionate attention given to high value, high-tech attacks by outsiders, many U.S. businesses recognize that threats from the inside are just as costly as revealed by a 2014 PricewaterhouseCoopers survey. Nevertheless, “only 49%” of organizations surveyed had “a plan for responding to insider threats.”

Trade secrets are particularly susceptible to theft because they, by definition, consist of secret information with economic value. Company insiders often find that information too tempting to be leave behind when changing employers, or when seeking new employment. Therein lies the problem.

Trade secret theft by employees may not grab as many headlines as neo-Cold War espionage, but the data suggest that employees, not outsiders, pose the greatest threat of loss from trade secret theft. The good news is that a little proactivity by employers will go a long way toward keeping them out of the 49% who lack a plan to prevent leaks.

Of course, in California, obtaining protection is not all that simple. Non-compete agreements are, with very limited exceptions, a non-starter under Business and Professions Code § 16600, so you need special steps to keep your trade secret house in order. And because a California trade secret plaintiff (e.g., a former employer suing its former employee) likely must identify its trade secrets with reasonable particularity before commencing discovery, it pays to invest time on the front end to identify and inventory your trade secret information before litigation arises.

So, what can employers do?

Update Non-Disclosure Agreements to Comply With the DTSA, and See That Employees Know Why NDAs Are Important

Almost all employers (we hope) have confidential/non-disclosure and trade secret protection provisions in their employment agreements. But have these agreements been updated to comply with the recently enacted Defend Trade Secrets Act (“DTSA”) and its important employee/whistleblower notification provisions? And what are employers doing to help ensure compliance with their agreements? Rolling out new agreements is relatively easy. Making sure they are effective takes some doing.

Remember, your organization will not even have trade secrets to protect unless it has made  “efforts reasonable under the circumstances” (under the California Uniform Trade Secrets Act) or has taken “reasonable measures” (under the DTSA) to maintain the secrecy of the information it claims to be a trade secret. Cal. Civ. Code § 3426.1(d); 18 U.S.C. § 1839(3)(A).

Implement Computer Use and Social Media Agreements and Policies

Most trade secret theft occurs via electronic device. Make sure your company has computer use and access policies and agreements that:

  • Set forth that company computers, network, related devices, and information stored therein belong to the company;
  • Indicate that access to company computers and networks are password-protected, with access authorized only for work-related purposes;
  • Make use of data storage/access hierarchies, with the most valuable information being accessible on only a need-to-know basis, with security access redundancies (housed in a highly secure database that requires unique user credentials distinct from the log-in credentials the employee uses to access a computer workstation);
  • Identify which devices are allowed in the workplace—BYOD practices have become popular, but also present challenges in regulating information flow and return. If employees use their own devices to perform work for the company, make clear that the company data on those devices belong to the company;
  • Notify employees that the company reserves the right to inspect devices used for work to ensure that no company data exist on the devices upon termination of employment;
  • Define whether cloud storage may be used by employees, under what terms, and what happens when employment ends;
  • Define whether external storage devices (e.g., thumb drives) are allowed and under what terms; and
  • Identify whether and how employees may use social media associated with their work—trade secrets must never be publicly disclosed, but beware of any overreach that would suppress employee communications protected by the National Labor Relations Act.

Build a Culture of Confidentiality—Make Sure Employees Know What The Company Regards as Confidential and Then Remind Them Routinely

Employees need to understand what information your company considers confidential.  Educating employees on this subject should start at the beginning of employment, continue  throughout employment,  and recur at the end of employment. Tools that can help in this regard include:

  • Onboarding procedures to emphasize the importance of company confidential information;
  • Including in NDAs an express representation that the employee does not possess and will not use while in your employ confidential information belonging to any former employer or other third party;
  • Using yearly (or more frequent) brief interactive e-modules emphasizing the importance of maintaining the confidentiality of company information;
  • Requiring that the employee sit for an exit interview; and
  • Requiring that the employee certify in writing, during exit interviews, that they have returned all company information and property (the employee may provide property on the spot or make statements about what will be returned—you should inventory all such indicated property and information).

Properly Exiting Employees—Particularly for High Risk Employees—Matters!

Not all employees present the same risk of loss. Generally, the loftier an employee is in the corporate hierarchy the greater the threat that that employee will expose company confidential information. The following recommendations are for mid-to-high risk departing employees:

  • The person conducting the exit interview must be prepared—use a checklist;
  • “Preparedness” for higher-risk employees will include (1) identifying, before the exit interview, the trade secret and confidential information the employee routinely accessed and used during employment, (2) reviewing for unusual activity the departing employee’s computer and work activities (including card key facility access data, where available) in the days and weeks leading up to their exit, (3) using an exit certification as noted above, and (4) inquiring where the employee is going and what position the employee will hold;
  • Where initial investigation warrants, discreetly interview company-friendly co-workers of the departing employee to identify potentially suspicious conduct;
  • Immediately shut down the departing employee’s access to company computers, networks, and other data repositories (e.g., cloud or other off-site storage). Cutting off access to company computer and data may be warranted before exiting the employee, depending on the perceived risk of data theft;
  • Send a reminder-of-obligations letter to the now former employee, reciting ongoing obligations to the company and attaching, where useful, a copy of the NDA the employee has signed;
  • Consider notifying the new employer, but tread carefully here to avoid overstepping or providing a basis to be accused of interfering with the employment relationship between your former employee and the new employer; and
  • Depending on the threat level you perceive, consider having a departing employees’ emails preserved and their electronic devices forensically imaged.

With best practices in place, protecting your company’s trade secrets should be more like routine, but vigilant maintenance, than preparing to do cyber battle with foreign states. Organizations understandably focus on creating the next “big thing,” increasing sales, and building investor value, but slowing down enough to be purposeful in protecting intellectual property is a must.

By Jeffrey A. Berman and Candice T. Zee

The National Labor Relation Board (“Board”) issued its latest decision on social media issues on August 22, 2014.  In Triple Play Sports Bar & Grille, 361 NLRB No. 31 (2014), the Board ruled that a Facebook discussion regarding an employer’s tax withholding calculations and an employee’s “like” of the discussion constituted concerted activities protected by the National Labor Relations Act (“Act”).  The Board also held that the employer’s internet and blogging policy violated the Act.

The employer, Triple Play Sports Bar and Grille, is a bar and restaurant.  In 2011, at least two employees discovered that they owed more in state income taxes than they expected.  Employees discussed the situation at work and complained to Triple Play, which had planned a staff meeting to discuss the employees’ concerns.  Prior to the meeting, a former employee posted the following “status update” to her Facebook page:

Maybe someone should do the owners of Triple Play a favor and buy it from them.  They can’t even do the tax paperwork correctly!!! Now I OWE money…Wtf!!!

Several Facebook friends posted comments in response to the status update, including two of Triple Play’s employees.  One employee commented, “I owe too.  Such an asshole.”  A second employee “Liked” the former employee’s status update, but posted no comment.  When Triple Play discovered that two of its employees had participated in the Facebook discussion, it terminated their employment for disloyalty.

The Board held that Triple Play violated the Act by terminating the employees’ for engaging in activities protected by the NLRA.  In its analysis, the Board first determined that the Facebook discussion at issue should not be analyzed under the Atlantic Steel Co., 245 NLRB 814 (1979) standard.  To determine whether an employee loses the Act’s protection under Atlantic Steel, the Board balances four factors: (1) the place of the discussion; (2) the subject matter of the discussion; (3) the nature of the employee’s outburst; and (4) whether the outburst was provoked by the employer’s unfair labor practices.  The Board noted that the first factor alone supported its conclusion that Atlantic Steel’s framework is tailored for workplace confrontations with the employer, and not for the type of employee activities in this case.

Instead, the Board applied the standards set forth by the US Supreme Court in the Jefferson Standard and Linn cases.  In Jefferson Standard, the Court upheld the discharge of employees who publicly attacked the quality of their employer’s product and business practices without relating their criticisms to a labor controversy.  NLRB v. Electrical Workers Local 1229 (Jefferson Standard), 346 US 464 (1953).  In Linn, the Court limited state-law remedies for defamation in the course of a union-organizing campaign to instances where the complainant could show that “the defamatory statements were circulated with malice” and caused damage.  Linn v. Plant Guards Local 114, 383 US 53, 64-65 (1966).

Applying Jefferson Standard and Linn to the facts of the case, the Board determined that both the employees’ comments and “like” in response to the Facebook post constituted a dialogue among employees about working conditions that was protected by the Act. The Board determined that the evidence did not establish that the discussion was directed to the general public. Although the record did not establish the former employee’s privacy settings on Facebook, the Board noted that the comments were posted on an individual’s personal page rather than a company page providing information on its products or services. The Board concluded that the employees’ comments were not “so disloyal as to lose the Act’s protection” because they did not disparage their employers products or services, or undermine its reputation. The Board also held that the comments were not defamatory, but simply a statement of a negative personal opinion of Respondent’s owner.

The Board also found that the Triple Play’s Internet/Blogging policy in the employee handbook violated Section 8(a)(1) of the Act. The policy warned that “engaging in inappropriate discussions about the company, management, and/or co-workers, the employee may be violating the law and is subject to disciplinary action, up to and including termination of employment.”

The Board held that the policy was overly broad and unlawfully chilled employees in the exercise of their Section 7 rights. It further noted that Triple Play’s subsequent termination of the employees who engaged in the Facebook discussion further demonstrated the employer’s improper prohibition of Section 7 activity. The Board ordered Triple Play to discontinue using the policy.

In his dissent, Member Miscimarra agreed with his colleagues that Triple Play unlawfully discharged the employees and questioned them about their Facebook activity. He disagreed, however with the finding that the Internet/Blogging policy violated the Act. Member Miscrimarra noted that the language of the policy did not expressly or implicitly restrict Section 7 activity, and was not applied to restrict protected activity. Specifically, Triple Play did not apply or refer to the policy when it discharged the employees.

What does this mean for employers? Employers must tread lightly before disciplining employees for social media comments that might appear to be critical of their employer. Employers should also review their social media policies to make sure that they are not in violation of the Act. Remember, the employees in this case were not a part of any union or labor organization.

On Thursday, March 6, 2014 at 12:00 p.m. Central, Michael Wexler, Jim McNairy and Josh Salinas will present Seyfarth’s first installment of its 2014 Trade Secrets Webinar series. They will review noteworthy cases and other legal developments from across the nation this past year in the areas of trade secret and data theft, non-compete enforceability, computer fraud, and the interplay between restrictive covenant agreements and social media activity, as well as provide their predictions for what to watch for in 2014.

The panel will specifically address the following topics:

  • Significant federal and state court non-compete, computer fraud, and trade secret decisions, including recent developments concerning how information may lose its protected status as “secret,” damages under the Computer Fraud and Abuse Act, procedural requirements when presenting employees with restrictive covenant agreements, and attorneys’ fees and sanctions for trade secret misappropriation claims brought in bad faith;
  • Important legislative efforts, including efforts to strengthen federal criminal trade secret laws, recent states’ legislative proposals concerning non-compete enforceability, and enhanced social media privacy protection laws;
  • Noteworthy jury trial verdicts, criminal prosecutions, and criminal sentences for trade secret misappropriation, data theft, and computer fraud;
  • Trade secret preemption and courts’ difficulties in grappling with whether the theft of non-trade secret information is actionable in tort;
  • Prominent social media cases discussing when social media activity may violate non-solicitation agreements.

There is no cost to access this program, however, registration is required.

If you have any questions, please contact events@seyfarth.com.

 *CLE credit is available. Seyfarth has applied for CLE credit in IL, NY, and CA. If you would like us to pursue CLE credit in any additional states, please contact events@seyfarth.com. Please note that in order to receive full credit for attending this webinar, the registrant must be present for the entire session.