United States: Protecting Trade Secrets Globally: Comparing The U.S. And EU

Last Updated: July 16 2014
Article by Ann Bevitt, Hanno Timner and Daniel P. Westman

International attention to misappropriation of trade secrets has never been at a higher level. In early May 2014, a U.S. federal grand jury indicted several Chinese military officials for allegedly misappropriating trade secrets from U.S.-based companies; in late May 2014, the European Council announced that it is proceeding with a Directive to strengthen trade secret protection laws throughout the EU; and the U.S. Congress is now seriously considering the Defend Trade Secrets Act which would create an unprecedented federal civil right of action for trade secret misappropriation. When the two legislative bodies which govern the lion's share of the world's economy are paying close attention to trade secrets, it is timely for businesses to compare existing laws protecting trade secrets in the EU with those in the U.S., the proposals for change in both, and to implement or strengthen their corporate trade secret protection programs.

The Current State of the Law in the EU

European companies are increasingly exposed to misappropriation of trade secrets. One in five European companies has been the victim of trade secret misappropriation, or attempts at misappropriation, at least once in the past 10 years, and for two in five European companies, the risk of trade secret misappropriation has increased during the same period.

In Europe, the differences in the level of trade secret protection are significant, with some Member States offering only weak protection by means of fragmented legislation. In addition, there are differences in the scope of protection, the cost of litigation, and the level of enforcement in the differing jurisdictions.

In the responses to the European Commission's consultation on the protection against misappropriation of trade secrets and confidential business information at the beginning of 2013, 62% of respondents felt that divergent national protection of trade secrets against misappropriation had an impact when they were carrying out business across borders in the EU, and over half of the respondents wanted this issue addressed at the EU level. In an attempt to address these issues, the European Council announced on May 26, 2014, that a Directive on the protection of trade secrets and confidential business information from misappropriation and misuse by third parties would be taken up for discussion by the European Parliament.

The aim of the Directive is to harmonize national laws on protection against the misappropriation of trade secrets by establishing a common definition of "trade secret" and ensuring that in cases of unlawful acquisition, use, or disclosure of a trade secret, a sufficient and comparable level of redress across the EU is provided. Before looking at this proposal in more detail, an insight into some of the challenges currently facing a business wishing to protect its trade secrets and confidential business information in the EU can be gained by a brief comparison of the United Kingdom and Germany.

The United Kingdom

The United Kingdom is a common law jurisdiction in which trade secret law is fairly well developed in a body of judicial decisions. For information to be protected, it must be capable of protection, i.e., it must: (i) have the necessary quality of confidence; (ii) have been imparted in circumstances importing an obligation of confidence; and (iii) be subject to unauthorised use, or threatened use, of the information. There are four distinct categories of information and the category into which each piece of information falls will govern the extent to which it can be protected and also the available remedies (e.g., injunction, search orders, delivery up and damages/account of profits). The four categories of information are: (i) trade secrets; (ii) "mere" confidential information; (iii) information which is part of an employee's own general skill and knowledge; and (iv) trivial or public information. Only the first and second categories are capable of protection, and only the first category is protected both during and after employment, in the absence of any expressed restriction relating to such information. Depending on the precise circumstances, an employer may have some or all of the following potential causes of action against an employee who has misused or disclosed trade secrets without permission:

  • Breach of duty under the employment contract (e.g., breach of the implied duties to act in good faith towards the employer, to respect the confidentiality of the employer's trade secrets and confidential business information, not to compete with the employer's business and not to solicit customers from the employer, and/or breach of the fiduciary duties to act in the best interests of the employer, of loyalty, not to profit from his/ her position, and to use information obtained in confidence from the employer only for the benefit of the employer);
  • Breach of post-termination restrictive covenants;
  • Breach of confidence (if the information used/ disclosed is capable of protection (see above); and
  • Database right infringement (a database right will automatically subsist where the employer has made a "substantial investment" in obtaining, verifying, or presenting the contents of the database).

Germany

Germany, on the other hand, is a civil law country and trade and business secrets are protected by several statutes.While there is no separate "Trade Secret Act" in Germany, trade and business secrets are protected under scattered provisions in different laws and regulations, both civil and criminal.

Provisions dealing with the protection of trade and business secrets can be found in various acts including the Act against Unfair Competition (UWG), the Civil Code (BGB), the Criminal Code (StGB), the Commercial Code (HGB), and the Anti-Trust Act (GWB), and are established through Federal Labor Court rulings.

According to the relevant definitions, facts, circumstances, and/or processes qualify as trade or business secrets if: (i) they are related to a particular business enterprise; (ii) they are known only to a limited group of people (and are therefore not public); (iii) they are kept secret for economic purposes; and (iv) the business enterprise has an apparent and legitimate interest in keeping the information secret.

Under the terminology of the law, technical circumstances and processes (e.g., computer programs) are "trade secrets," while commercial circumstances and processes (e.g., customer lists and business strategies) are "business secrets." However, the level of protection is similar in relation to both categories of confidential information.

Moreover, additional contractual agreements ensuring that trade and business secrets are optimally protected are common. Confidentiality clauses in employment contracts must be transparent and balance the interests of employers (to keep their trade and business secrets confidential) and employees (to use the professional knowledge and experience gained during the employment in their subsequent careers).

In cases of unpermitted use or disclosure of trade and business secrets, an employer may seek civil law and contractual sanctions, including interim injunctions, cease and desist orders, damages, and termination of employment. The most important legal concepts providing for respective remedies are:

  • Breach of the good faith principle pursuant to the Civil Code;
  • Breach of duty under the employment contract; And
  • Breach of a non-competition or confidentiality agreement.

While the relief available in the United Kingdom is limited to civil remedies, in Germany criminal penalties are also available in certain circumstances:

Under the Act against Unfair Competition, the unauthorized use or disclosure of trade or business secrets for the purposes of competition, for personal gain, for the benefit of a third party, or with the intent of causing damage can result in punishments such as imprisonment of up to three years or, alternatively, fines; and

In accordance with the German Criminal Code, the disclosure of trade and business secrets by certain professionals (lawyers, doctors, etc.) is subject to imprisonment of up to one year or, alternatively, fines.

The Proposed EU Directive

The European Commission has recognized the competitive need for harmonization, given that business success is increasingly dependent on know-how and innovation.

The desire to harmonize starts with the basics. The proposal for the Directive defines "trade secret" as information which:

  • Is secret, i.e., is not generally known among or readily accessible to persons within the circles that normally deal with the kind of information in question;
  • Has commercial value because it is a secret; and
  • Has been subject to reasonable steps by the person lawfully in control of the information to keep it secret.

The proposal then sets out the circumstances under which the acquisition, use, and disclosure of a trade secret is unlawful, the key element being the absence of consent of the trade secret holder. Next, it addresses the measures, procedures, and remedies that should be made available to a trade secret holder in cases of unlawful acquisition, use, or disclosure of that trade secret by a third party, including a proposed limitation period of at least one year, but no more than two years, in which to bring claims This is significantly shorter than the current six year limitation period in the UK.

Although harmonization of the various Member State laws on trade secrets is ambitious, there is a general consensus that, for the reasons set out above, it is much needed.

The Current State of the Law in the U.S.

The Uniform Trade Secrets Act (UTSA)

Prior to the promulgation of the Uniform Trade Secrets Act in 1979 by the Uniform Law Commission, an American non-profit organization which drafts uniform legislation for consideration by state legislatures, each state had its own common law of trade secrets set forth in judicial decisions. Today, 47 states have adopted the UTSA in some form. However, some states have seen fit to modify some aspects of the UTSA, so that complete uniformity of trade secret law across the U.S. has not been achieved. Nevertheless, there is a high degree of uniformity in the 47 states which have enacted some version of the UTSA with respect to basic issues, including the definitions of "trade secret," misappropriation by "improper means," and the remedies available. The UTSA defines a trade secret broadly as follows:

"Trade secret" means information, including a formula, pattern, compilation, program, device, method, technique, or process, that:

(i) derives independent economic value, actual or potential, from not being generally known to, and not being readily ascertainable by proper means by, other persons who can obtain economic value from its disclosure or use, and

(ii) is the subject of efforts that are reasonable under the circumstances to maintain its secrecy.

"Improper means" of misappropriation is defined by the UTSA as "theft, bribery, misrepresentation, breach or inducement of a breach of a duty to maintain secrecy, or espionage through electronic or other means." Remedies for misappropriation are well-developed, and may include injunctive relief, damages for lost profits, disgorgement of amounts by which the misappropriator has been unjustly enriched, or a reasonable royalty.

The Defend Trade Secrets Act

Despite the widespread adoption of the UTSA, some businesses and their legal counsel have become frustrated with litigating international trade secret cases in state courts, which unlike the federal courts, do not allow for nationwide service of process. Moreover, seeking discovery across state or national borders can be more complicated in state courts than in federal courts. Accordingly, the Defend Trade Secrets Act has been introduced in Congress to create a federal civil right of action under the Economic Espionage Act of 1996, which until now has provided only criminal remedies for misappropriation. The Defend Trade Secrets Act, Senate Bill 2267, has wide support within the U.S. business community, and bi-partisan political support from its sponsors, Senators Coons (D. Del.) and Hatch (R. Utah).

Conclusion: Businesses Should Implement or Strengthen Trade Secret Protection Programs Now

The international trend of strengthening legal remedies for trade secret misappropriation undoubtedly is a positive development for businesses which own trade secrets. However, legal remedies can only provide relief after trade secrets have been stolen, and after time-consuming and expensive litigation. In every time and place, the best way to safeguard trade secrets is to implement a proactive corporate trade secret protection program that effectively prevents misappropriation in the first place. The heightened international attention to trade secret protection is a wake-up call for companies that have not yet implemented a trade secret protection program to do so, and for revision and strengthening of such programs within businesses that already have them.

While an appropriate trade secret protection program will depend on the nature of each company's business, size, geographic locations, and other factors, every company has regular practices that touch their employees' lives. The lack of discussion of trade secret protection as a part of such regular practices may wrongly convey the message that data security is not important enough to be mentioned. Such regular practices may include:

  • New hire orientation, including training (for managers and non-managers);
  • Distribution of employment agreements (e.g., confidentiality agreements) and employment manuals;
  • Performance evaluations, including awarding bonuses;
  • Annual or other regular refresher training (for managers and non-managers);
  • Messages from executive management ("setting the tone from the top");
  • Postings on internal websites; and
  • Other communications unique to particular organizations.

In an upcoming issue, we will discuss in more detail the converging methods of protecting trade secrets and privacy within the corporate environment, including the essential element of training of the workforce to minimize leakage of valuable data.

Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Morrison & Foerster LLP. All rights reserved

To print this article, all you need is to be registered on Mondaq.com.

Click to Login as an existing user or Register so you can print this article.

Authors
Ann Bevitt
 
In association with
Related Video
Up-coming Events Search
Tools
Print
Font Size:
Translation
Channels
Mondaq on Twitter
 
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).
 
Email Address
Company Name
Password
Confirm Password
Position
Mondaq Topics -- Select your Interests
 Accounting
 Anti-trust
 Commercial
 Compliance
 Consumer
 Criminal
 Employment
 Energy
 Environment
 Family
 Finance
 Government
 Healthcare
 Immigration
 Insolvency
 Insurance
 International
 IP
 Law Performance
 Law Practice
 Litigation
 Media & IT
 Privacy
 Real Estate
 Strategy
 Tax
 Technology
 Transport
 Wealth Mgt
Regions
Africa
Asia
Asia Pacific
Australasia
Canada
Caribbean
Europe
European Union
Latin America
Middle East
U.K.
United States
Worldwide Updates
Check to state you have read and
agree to our Terms and Conditions

Terms & Conditions and Privacy Statement

Mondaq.com (the Website) is owned and managed by Mondaq Ltd and as a user you are granted a non-exclusive, revocable license to access the Website under its terms and conditions of use. Your use of the Website constitutes your agreement to the following terms and conditions of use. Mondaq Ltd may terminate your use of the Website if you are in breach of these terms and conditions or if Mondaq Ltd decides to terminate your license of use for whatever reason.

Use of www.mondaq.com

You may use the Website but are required to register as a user if you wish to read the full text of the content and articles available (the Content). You may not modify, publish, transmit, transfer or sell, reproduce, create derivative works from, distribute, perform, link, display, or in any way exploit any of the Content, in whole or in part, except as expressly permitted in these terms & conditions or with the prior written consent of Mondaq Ltd. You may not use electronic or other means to extract details or information about Mondaq.com’s content, users or contributors in order to offer them any services or products which compete directly or indirectly with Mondaq Ltd’s services and products.

Disclaimer

Mondaq Ltd and/or its respective suppliers make no representations about the suitability of the information contained in the documents and related graphics published on this server for any purpose. All such documents and related graphics are provided "as is" without warranty of any kind. Mondaq Ltd and/or its respective suppliers hereby disclaim all warranties and conditions with regard to this information, including all implied warranties and conditions of merchantability, fitness for a particular purpose, title and non-infringement. In no event shall Mondaq Ltd and/or its respective suppliers be liable for any special, indirect or consequential damages or any damages whatsoever resulting from loss of use, data or profits, whether in an action of contract, negligence or other tortious action, arising out of or in connection with the use or performance of information available from this server.

The documents and related graphics published on this server could include technical inaccuracies or typographical errors. Changes are periodically added to the information herein. Mondaq Ltd and/or its respective suppliers may make improvements and/or changes in the product(s) and/or the program(s) described herein at any time.

Registration

Mondaq Ltd requires you to register and provide information that personally identifies you, including what sort of information you are interested in, for three primary purposes:

  • To allow you to personalize the Mondaq websites you are visiting.
  • To enable features such as password reminder, newsletter alerts, email a colleague, and linking from Mondaq (and its affiliate sites) to your website.
  • To produce demographic feedback for our information providers who provide information free for your use.

Mondaq (and its affiliate sites) do not sell or provide your details to third parties other than information providers. The reason we provide our information providers with this information is so that they can measure the response their articles are receiving and provide you with information about their products and services.

If you do not want us to provide your name and email address you may opt out by clicking here .

If you do not wish to receive any future announcements of products and services offered by Mondaq by clicking here .

Information Collection and Use

We require site users to register with Mondaq (and its affiliate sites) to view the free information on the site. We also collect information from our users at several different points on the websites: this is so that we can customise the sites according to individual usage, provide 'session-aware' functionality, and ensure that content is acquired and developed appropriately. This gives us an overall picture of our user profiles, which in turn shows to our Editorial Contributors the type of person they are reaching by posting articles on Mondaq (and its affiliate sites) – meaning more free content for registered users.

We are only able to provide the material on the Mondaq (and its affiliate sites) site free to site visitors because we can pass on information about the pages that users are viewing and the personal information users provide to us (e.g. email addresses) to reputable contributing firms such as law firms who author those pages. We do not sell or rent information to anyone else other than the authors of those pages, who may change from time to time. Should you wish us not to disclose your details to any of these parties, please tick the box above or tick the box marked "Opt out of Registration Information Disclosure" on the Your Profile page. We and our author organisations may only contact you via email or other means if you allow us to do so. Users can opt out of contact when they register on the site, or send an email to unsubscribe@mondaq.com with “no disclosure” in the subject heading

Mondaq News Alerts

In order to receive Mondaq News Alerts, users have to complete a separate registration form. This is a personalised service where users choose regions and topics of interest and we send it only to those users who have requested it. Users can stop receiving these Alerts by going to the Mondaq News Alerts page and deselecting all interest areas. In the same way users can amend their personal preferences to add or remove subject areas.

Cookies

A cookie is a small text file written to a user’s hard drive that contains an identifying user number. The cookies do not contain any personal information about users. We use the cookie so users do not have to log in every time they use the service and the cookie will automatically expire if you do not visit the Mondaq website (or its affiliate sites) for 12 months. We also use the cookie to personalise a user's experience of the site (for example to show information specific to a user's region). As the Mondaq sites are fully personalised and cookies are essential to its core technology the site will function unpredictably with browsers that do not support cookies - or where cookies are disabled (in these circumstances we advise you to attempt to locate the information you require elsewhere on the web). However if you are concerned about the presence of a Mondaq cookie on your machine you can also choose to expire the cookie immediately (remove it) by selecting the 'Log Off' menu option as the last thing you do when you use the site.

Some of our business partners may use cookies on our site (for example, advertisers). However, we have no access to or control over these cookies and we are not aware of any at present that do so.

Log Files

We use IP addresses to analyse trends, administer the site, track movement, and gather broad demographic information for aggregate use. IP addresses are not linked to personally identifiable information.

Links

This web site contains links to other sites. Please be aware that Mondaq (or its affiliate sites) are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of these third party sites. This privacy statement applies solely to information collected by this Web site.

Surveys & Contests

From time-to-time our site requests information from users via surveys or contests. Participation in these surveys or contests is completely voluntary and the user therefore has a choice whether or not to disclose any information requested. Information requested may include contact information (such as name and delivery address), and demographic information (such as postcode, age level). Contact information will be used to notify the winners and award prizes. Survey information will be used for purposes of monitoring or improving the functionality of the site.

Mail-A-Friend

If a user elects to use our referral service for informing a friend about our site, we ask them for the friend’s name and email address. Mondaq stores this information and may contact the friend to invite them to register with Mondaq, but they will not be contacted more than once. The friend may contact Mondaq to request the removal of this information from our database.

Emails

From time to time Mondaq may send you emails promoting Mondaq services including new services. You may opt out of receiving such emails by clicking below.

*** If you do not wish to receive any future announcements of services offered by Mondaq you may opt out by clicking here .

Security

This website takes every reasonable precaution to protect our users’ information. When users submit sensitive information via the website, your information is protected using firewalls and other security technology. If you have any questions about the security at our website, you can send an email to webmaster@mondaq.com.

Correcting/Updating Personal Information

If a user’s personally identifiable information changes (such as postcode), or if a user no longer desires our service, we will endeavour to provide a way to correct, update or remove that user’s personal data provided to us. This can usually be done at the “Your Profile” page or by sending an email to EditorialAdvisor@mondaq.com.

Notification of Changes

If we decide to change our Terms & Conditions or Privacy Policy, we will post those changes on our site so our users are always aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it. If at any point we decide to use personally identifiable information in a manner different from that stated at the time it was collected, we will notify users by way of an email. Users will have a choice as to whether or not we use their information in this different manner. We will use information in accordance with the privacy policy under which the information was collected.

How to contact Mondaq

You can contact us with comments or queries at enquiries@mondaq.com.

If for some reason you believe Mondaq Ltd. has not adhered to these principles, please notify us by e-mail at problems@mondaq.com and we will use commercially reasonable efforts to determine and correct the problem promptly.