Trade secrets, whether technical information, like designs or a formula, or commercial, like customer lists or business procedures, can be valuable assets, perhaps the most valuable assets, of a business.
The risk of illegal use or loss of trade secrets has never been so high. And with the continuing development of technology, this risk is increasing. In our digital world, information is now easier to access, disseminate and store, so trade secrets are also easier to steal, or to simply be disclosed so that they are no longer secret.
Loss of information could be as a result of a deliberate appropriation or use by an employee, or some other person with access, or by a "hacker", or it could simply arise because the information "leaks".
With electronic storage and communication of information via email etc, this is now extremely easy, and often difficult to detect. As well as electronic transmission, the enormous volume of information that can be stored on the hard disk of a laptop computer can be simply and easily physically removed with the computer.
A "trade secret" is a form of confidential information, but the expression does not yet have a settled meaning at law.1
There are a number of factors to be considered in determining whether information is confidential information, or a trade secret. The factors, originally consolidated by Robert Dean in The Law of Trade Secrets and Personal Secrets, (2002, 2nd ed), have recently been quoted by the New South Wales Court of Appeal in Del Casale & Ors v Artedomus (Aust.) Pty Limited  NSW CA 172 [Del Casale]. In that case, Hodgson JA commented that "...the stronger these factors are in any particular case, the more likely it is that the particular information will be treated as a trade secret that [an] employee is not entitled to divulge..."
NEED TO GUARD SECRETS
One of the factors quoted in Del Casale is the extent of measures taken to guard the secrecy of the information. The question then becomes, to what extent does the information have to be protected before it can be considered a trade secret? It has been said that for information to be a trade secret it must be "jealously guarded".2
In the United States of America, a regime for the protection of trade secrets is set down in the Uniform Trade Secrets Act3. In order to be afforded the protection of the Act, the subject information must be "the subject of efforts that are reasonable under the circumstances to maintain its secrecy" (the "Reasonableness Requirement").4
The Reasonableness Requirement has been held to be satisfied where:
- confidentiality agreements are used,
- employees are advised of the existence of a trade secret,
- access to the information is limited to access on a need to know basis,
- hard copies of documents are kept under lock and key, or in the case of digital copies, are password protected.
In the absence of similar statutory guidance in Australia, a final determination of whether particular information constitutes a trade secret will not be made until the information is misused and litigation is commenced. Only then can the courts consider whether the owner has done enough to keep the information secret.
SO WHAT IS ENOUGH?
How is information to be "jealously guarded" so that it is confidential or a trade secret?
Some factors taken into account by an Australian Court5 include:
- the extent to which the secret is known by the employees and others involved in the employer's business;
- the extent of measures taken by the employer to guard the secrecy of the information;
- the ease or difficulty with which the information could be properly acquired or duplicated by others.
Although these guidelines are general and each case will turn on its own facts, the message to businesses is clear: unless a business is serious about maintaining the confidentiality of its trade secrets, and takes active and adequate steps, the information may not qualify as a trade secret.
The ease with which information can be transferred electronically must be considered.
The measures which should be taken by a business will depend very much on the type of business and information that is to be kept confidential. Obviously, the measures that are needed in a large organisation, with a large number of employees, are likely to be more extensive and complicated than those for small businesses.
Some very brief "throw-away" suggestions are that a business should:
- have an express and published policy for confidentiality of information and provide training to make the policy effective;
- require employees and persons having access to confidential information to sign confidentiality agreements;
- mark documents as "Confidential";
- avoid copying confidential documents (physically or electronically) unnecessarily;
- maintain a record of confidential documents (including copies) and information;
- warn employees and contractors, and explain the need to retain confidentiality, and the consequences of failure;
- maintain security, including physical possession and security, and electronic passwords, virus protection and other expedients such as separate databases and computers for sensitive information;
- implement a security incident reporting and response system;
- conduct audits of files of high risk employees or others, and random audits to ascertain compliance with any confidentiality policies and any information that has been disclosed electronically;
- check and be selective about information revealed to the public through marketing materials and trade shows etc;
- obtain specialist security or IT advice about the appropriate methods of protection;
- obtain legal advice and a review of documents and confidentiality agreements.
These are only a few of the practical expedients which could be appropriate. The best protection for trade secrets may be to develop a culture of awareness of the need to preserve confidentiality and to minimise the risk of inadvertent or deliberate loss.
1 GlaxoSmithKline Australia Pty Ltd v Ritchie & Anor (No 2)  VSC 25.
2 Stephenson, Jorgan & Harrison Ltd v McDonald & Evans  69 RPC 10 at 16.
3 Uniform Trade Secrets Act §1(4)(ii) (amended 1985), 14 U.L.A. 538 (2005).
4 For a discussion of the application of the Reasonableness Requirement in the digital world, see Rowe, Elizabeth A 'Rethinking Reasonable Efforts'
5 Ansell Rubber Co Pty Ltd v Allied Rubber Industries Pty Ltd  VR 37 at 50.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.