Tandy Mathis and Karin McGinnis
Good information governance requires not only protecting the security of sensitive and proprietary information; it often requires pursuing legal action against those who threaten the secrecy and value of a company’s trade secrets. The Defense of Trade Secrets Act (“DTSA”) both provides another tool for companies to pursue misappropriators of trade secrets and makes it more difficult for companies to quickly seize misappropriated trade secrets through court action. Given the challenges of the DTSA, companies should bolster their efforts to limit access to their trade secrets, whether by company employees or outsiders, train employees on appropriate protection of trade secrets, and put in place other means for pursuing misappropriation of trade secrets, such as confidentiality and nondisclosure agreements.
A Federal Forum for Trade Secret Litigation.
Until recently, legislation protecting a company’s trade secrets has primarily been a state law issue, with forty-seven states adopting some form of the Uniform Trade Secrets Act (“UTSA”). Each state’s approach to interpreting and applying the UTSA, however, has led to state-by-state differences. On May 11, 2016, President Obama signed the DTSA into law. The DTSA represents a bipartisan effort to provide protection in one federal statute of trade secrets related to products or services used or intended for use in interstate or foreign commerce. As a result, the DTSA provides parties easier access to the federal court system for claims of misappropriation of trade secrets. This is good news for those who believe that federal courts are better equipped to handle cross-state and international cases as well as more complex litigation over technology. Unlike many state court systems, the federal court system also allows parties to have the same judge throughout the proceedings – a significant advantage over having to convince a new judge of the trade secret status of the information at issue at different stages of the proceedings.
A More Challenging Process for Seizure.
The DTSA, however, also presents new challenges. In addition to allowing an action in federal court, the DTSA seeks to protect the alleged missapropriators from improper seizure of their property. In trade secret litigation, a party can seek an order from the court, often without notice to the other party (an “ex parte” proceeding), permitting seizure of the defendant’s property that is believed to contain the plaintiff’s trade secrets. This property could include computers and other data devices and storage media that contain a whole host of sensitive data unrelated to the trade secrets at issue. Under the DTSA, however, a court cannot order such ex parte seizure unless the court finds from specific facts set forth in a verified complaint or affidavit a whole host of factors that are difficult to meet. These factors include that (i) a court order simply prohibiting the person from use or dissemination of the trade secrets would not be effective because the person would not comply with the injunction; (ii) the person would destroy or otherwise make the property inaccessible if he or she was given notice of the plaintiff’s motion for seizure; (iii) the trade secret owner would suffer immediate injury that could not be remedied otherwise if the property is not seized; (iv) the harm of not granting the order of seizure outweighs the harm to the person against whom seizure would be ordered; (v) the trade secret owner is likely to succeed in showing that the information at issue is in fact a trade secret and that the person against whom seizure is to be ordered either misappropriated the trade secrets or conspired to do so using improper means; and (vi) the person against whom seizure is to be ordered has actual possession of the trade secret and the property to be seized. In addition, the application for seizure must specifically describe the property to be seized, and the plaintiff cannot publicize the request for seizure. Even if a plaintiff can make the required showing, the DTSA requires that any order of seizure be specific, protect the seized property from disclosure and “provide for the narrowest seizure of property.” Further, plaintiffs will not be able to access the seized property unless the court permits it. The DTSA states that the seized property must be delivered to the court and that the court can appoint a special master to isolate the trade secret information and return unrelated property and data to the person from whom it was seized. Only federal law enforcement can seize the property, although law enforcement can request an independent technical expert (presumably such as a computer forensics expert) to assist in the seizure. If the court orders seizure, the plaintiff still must make its case again in a hearing, this time with the defendant present. The process for seizure is significantly more difficult, and less advantageous to the plaintiff, than what has been possible in the past in many state courts. Although state court judges are not bound by the process set forth in the DTSA, we anticipate that many state court judges will be guided by the DTSA’s seizure requirements.
This is disappointing for owners trying to protect their trade secrets, but these high level protections are good news for entities holding sensitive personal information of others. The DTSA not only requires limited seizure of information, it requires the court to keep the information and property secure. The party against whom seizure is ordered or any other person harmed by the order also can move the court to dissolve the order and can recover damages caused by a wrongful or excessive seizure. Further, any party and any person who claims to have an interest in the property seized can ask the court to encrypt the material seized or to be seized.
The DTSA also adds a new exception to protect whistleblowers who disclose trade secrets in the course of reporting unlawful conduct to authorities. Specifically, the DTSA provides immunity under both federal and state trade secret law if the individual discloses the trade secret in confidence to a government official or to an attorney “solely for the purpose of reporting or investigating a suspected violation of the law.” An individual also is immune from liability if the disclosure of the trade secret is made under seal in a complaint or other document filed in a lawsuit or other proceeding. Filing under seal means that the information is not accessible to the general public, like other court filings. Employers who want to be able to recover exemplary damages and attorney’s fees for an employee’s violation of the DTSA must provide employees notice of the whistleblower exemption in any contract or agreement with the employee governing the use of trade secrets or other confidential information if such contract or agreement is entered into after the DTSA’s enactment.
The Elimination of the Inevitable Disclosure Doctrine.
The DTSA also delivered another blow to employers—the elimination of injunctions that prevent employees from taking jobs with competitors based on their knowledge of trade secrets. In doing so, the DTSA appears to have resolved the “inevitable disclosure” controversy that had been ongoing since the doctrine was first introduced in 1995 by the Seventh Circuit Court of Appeals. Under the UTSA, the court can issue an injunction to stop “actual or threatened misappropriation” of a trade secret. In Pepsico v. Redmond, the court issued a temporary injunction against a senior executive from starting work with a direct competitor; the court explained that the UTSA permitted an injunction when the “defendant’s new employment will inevitably lead him to rely on the plaintiff’s trade secrets.” This came to be known as the “inevitable disclosure doctrine.” Where evidence of bad faith is present, the inevitable disclosure doctrine allows a court to prevent an employee from working for a competitor based on the employee’s knowledge of trade secrets, without any evidence of “actual or threatened misappropriation,” if it is “inevitable” that the trade secrets will be disclosed in performance of the job. Not surprisingly, this doctrine was widely condemned by jurisdictions where policy and law strongly favor workforce mobility. Other states accepted the doctrine, but most courts would not issue an injunction for “threatened” misappropriation based solely on knowledge of trade secrets. However, these courts were willing to infer a “threat” if the former employee had engaged in some bad behavior such as refusing to return confidential documents. This discrepancy led to inconsistency and unpredictability for businesses trying to protect their trade secrets as well as often restricted employees’ ability to accept employment with a competing business where there is no actual or threatened misappropriation.
The DTSA resolves the inevitable disclosure doctrine controversy in favor of employee mobility – a federal court is prohibited from issuing any injunction under the DTSA against “entering into an employment relationship.” As a result, a business seeking to protect its trade secrets cannot seek an injunction under the DTSA to prevent a former employee from working for a competitor. However, the court may place conditions on the employment in an effort to protect trade secrets, but only where there is “evidence of threatened misappropriation and not merely on the information the person knows.”
It is important to note that the DTSA does not preempt state law – trade secret plaintiffs may still bring state law claims in state court and the DTSA will co-exist with its state law counter-parts without affecting state law or policy on non-compete agreements. The DTSA also does not modify or preempt the federal Economic Espionage Act.
It remains to be seen how federal courts will construe the provisions of the DTSA and what impact the law will have on a company’s ability to protect its trade secrets. It is clear that a company’s best weapon against trade secret misappropriation is to prevent unauthorized access to or use of its trade secrets in the first place. That will require tighter controls and security. Companies also may increasingly have to rely on strong confidentiality and noncompetition agreements to protect sensitive information. That in turn will require careful consideration of the legal requirements in drafting such agreements.
With two decades of experience as a practicing attorney, Karin McGinnis, CIPP US, has handled a wide variety of privacy and data security matters for her clients, with a special emphasis on privacy and data security issues in the workplace. Ms. McGinnis’ privacy and data security experience includes counseling and litigation regarding misappropriation of trade secrets, violation of the Computer Fraud and Abuse Act and state computer trespass laws, common law privacy torts, discovery challenges posed by the Stored Communications Act, privacy of consumer financial information under Gramm-Leach-Bliley, and confidentiality rights concerning mental health consumers. Ms. McGinnis also handles a wide variety of data breach matters for her clients, including those involving PCI-DSS compliance, and has worked with the USSS and the FBI in investigating potential cyber-crime. She has assisted clients with drafting and creating data breach procedures, mobile device policies and agreements, FACTA Red Flag policies and procedures, online privacy policies, international ethics hotlines, international data transfer agreements, vendor agreements, and employee data security training. Ms. McGinnis is co-chair of the firm’s Privacy and Data Security Group.