- customer or pricing lists (Cytodyne Techs., Inc. v. Biogenic Techs., Inc., 216 F.R.D. 553 (M.D. Fla. 2003)),
- proprietary software (telSPACE, LLC v. Coast to Coast Cellular, Inc., No. 2:13-CV-01477 RSM, 2014 WL 4364851 (W.D. Wash. Sept. 3, 2014)),
- unique formulas or products (Del Monte Fresh Produce Co. v. Dole Food Co., Inc., 136 F. Supp. 2d 1271 (S.D. Fla. 2001)), and
- specially developed processes and custom machinery (Premier Lab Supply, Inc. v. Chemplex Indus., Inc., 10 So. 3d 202 (Fla. 4th Dist. Ct. App. 2009)).
The Reasonableness Standard
Because reasonableness is inherently subjective, proving or disproving whether reasonable steps were taken to maintain the secrecy of a trade secret is a complex issue in trade secret litigation that frequently prevents parties from prevailing on summary judgment. What is considered reasonable in any given case may change based on geographic location, era, industry, or simply the makeup of the venire. By way of example, digital security measures that may have been state of the art 20 years ago and that any fact finder would have then found to constitute “reasonable efforts” to protect a trade secret would likely be considered obsolete and ineffective today.
Although this standard is inherently variable and must in practice be examined on a case-by-case basis, decades of case law tell us what measures tend to be considered “reasonable.” Companies seeking to maintain trade secret protection for their information or products should generally take the following steps, which are often considered reasonable if not necessary to preserve secrecy: (1) require those with access to the trade secret to sign a nondisclosure or confidentiality agreement; (2) restrict access to especially sensitive materials on a need-to-know basis; (3) maintain state-of-the-art physical and digital security measures to protect the location or locations where the trade secrets are stored; and (4) where possible, for example in the case of software or documents, clearly label the materials as trade secret or confidential (or both).
Potential Impacts of the COVID-19 Era on the “Reasonableness” Determination
The onset of the COVID-19 pandemic in the United States and the lockdown, mandated business closures, and quarantine measures put in place around the country forced much of the nation’s workforce into remote work, with some estimating that as much as 40 to 60 percent of the workforce was working from home in the April to June period of 2020, as noted by a Stanford University economist and a Gallup poll. A company’s workforce working remotely creates novel challenges for the protection of trade secrets, particularly because, in many cases, the transition to working from home was abrupt, mandated by the government with limited advance notice, and may not have given employers sufficient time to implement best practices safeguards to protect their data.
For example, more employees are using their personal computers or cell phones on home VPN or wireless networks, which may be more susceptible to hacking. Likewise, confidential meetings that would have occurred in secure conference rooms are now being conducted via Zoom or other web-based videoconference platforms, which have themselves notoriously been the victims of security breaches. Finally, employees are likely taking confidential and proprietary files home and accessing them in their homes with minimal oversight. All of these circumstances create opportunities for purposeful or inadvertent disclosure of material that otherwise might be considered a trade secret, particularly in the case of employees who are less technologically savvy and may have difficulty adapting to the security requirements of these newer technologies.
The consequence for companies could be severe if their remote employees are engaged in behaviors that could jeopardize confidentiality and trade secret protection for the companies’ most valuable data or products. That’s where the question of reasonableness comes in. Is a company that maintains its pre-pandemic security measures making “reasonable efforts” to protect its trade secret, or must it do more? Has the standard changed, and if so, what are the new best practices?
What might the impact of these changed circumstances be on a fact finder’s assessment of whether a company took reasonable steps to protect a trade secret? On the one hand, it is foreseeable that a jury might impose stricter standards on companies to implement policies to protect their data in an environment where there are clearly more opportunities for inadvertent or advertent disclosures. On the other hand, a jury could conclude that there’s only so much a company can be expected to do in times like these, particularly if the vulnerability at issue in any given case stems from government-mandated business closures.
These are the types of questions that we can expect to see play out in courtrooms across the United States over the next several years, and both in-house and outside counsel will learn a tremendous amount from the decisions of judges and juries as to what constitutes a “reasonable effort to maintain secrecy” in a novel and unprecedented situation.