Recently, a colleague and I were having dinner on a Sunday evening when he got an SMS from a new client operating in the tech space asking to meet urgently. The client appeared to be in panic mode, so my colleague rushed off to meet with him, leaving his unfinished grilled chicken and avocado salad behind.
At the office the next day, the report my colleague gave me when I asked what warranted the urgent meeting between him and the client, made me understand why the client had gone into panic mode.
It was a matter of suspected corporate espionage and unauthorised use of proprietary information. Apparently, the matter was quite severe, given that some of the client's key personnel had resigned without notice, to join a competitor, taking with them valuable information about the client, its business processes and strategies. The client's competitor had even started working on a project using a particular business model some of the client's ex-employees had helped developed whilst under employment with the client. The client was so sure that the ex-employees had disclosed information relating to the business model to the competitor even before terminating their employment with him. He just could not prove it!
The client's reaction reiterated how distasteful it is for proprietary information to fall into the wrong hands. Hence, I would like to shed light on some measures that can be implemented to prevent and or curtail unauthorised use of proprietary information. But first, it is necessary to understand the meaning and nature of proprietary information.
Nature of proprietary information
Proprietary information, also known as confidential information or trade secrets, is information of commercial value that is not in the public domain and which is usually regarded as the property of a party who desires to keep such information secret, confidential or away from the public domain.
Proprietary information can include secret formulae, processes, and methods used in production or goods and services. It can also include business and marketing plans, customer lists, contracts, and particulars of computer systems. In many cases, the knowledge and information that an employee has obtained on the job are considered to be an employer's proprietary information.
For example, the fast food restaurant that sells what most people would agree is the best tasting grilled chicken, may have a secret recipe used to prepare the chicken and would definitely not want the recipe revealed to the public. The technology company that developed that new artificial intelligence technology which makes its business process more efficient than its competitors would not want particular details about the technology or its business process revealed publicly.
Client lists or contact information would also pass as proprietary information in some cases because the owner of the business would not want the list used or shared by the receiver of the information.
Protection of proprietary information
The rationale behind protection of proprietary information is to prevent a receiver of proprietary information or a person who has access to it from using it in such a way that would be detrimental to the owner of the information.
The law has developed over time to protect proprietary information and prevent parties that are in relationships where such information is disclosed, from unlawful, unauthorized and sometimes, illegal use of the information. Such relationships could be partners in joint ventures, employer-employee, investor-investee and auditor-audited relationships. For example, recently an audit was conducted on our firm and the auditors had to sign non-disclosure agreements before commencing the audits, because they were going to have access to proprietary information about our firm which we did not want disclosed.
Where proprietary information is protected, it enables the owner of such information retain a competitive advantage commercially, enabling the owner's business model remain unique and commercially viable and or profitable1. The owner of proprietary information has the exclusive right to its use and enjoyment; and like any other property right, it may be sold, assigned, licensed or used for monetary gain.
Basic requirements for protection of proprietary Information
- The necessary quality of confidence and discretion – It is generally accepted that for proprietary information to be protected, the owner of such information must believe that unauthorised use of the information would affect his position significantly. This must be enough to reasonably require a degree of confidentiality or discretion, and the information must be of such a nature that would not be made available to just anybody2. If the owner of proprietary information knowingly permits it to enter the public domain, he may be deemed to have waived the right to its exclusive use and enjoyment. It is pertinent to note that all a party would be required to demonstrate is that he has taken every reasonable step to keep the information private if such party hopes to enjoy protection under the law. The law does not require absolute secrecy or that a party takes all measures conceivable to maintain secrecy.
- Obligation of confidence - the receiver of proprietary information would usually be expressly or impliedly precluded from disclosing or using it without authorisation. In other words, the information would be given under circumstances that imply an obligation of confidence on the receiver. This is usually under a form of contract between the giver and receiver of the information.
- Unauthorised use of the information – Where information is confidential and given under circumstances that impose the obligations of confidentiality or non-disclosure, a breach would occur if the receiver of the information violates the obligation not to disclose the information or use it in the stipulated way.
How to protect proprietary information
- Execution of confidentially, non-disclosure and non-compete agreements by employees and business partners - Key employees and business partners with access to such information may be required to sign contracts in the form of confidentiality, non-disclosure, or non-compete agreements (Restrictive Contracts). These naturally prohibit them from revealing information to outsiders, using the information for their benefit or competing with an employer or business partner (as the case may be) for a certain period of time due to the advantage access to the information has given them. Restrictive Contracts are usually enforced by the Courts. It is however important to mention that this protection is not automatically guaranteed, as the Courts will have to be satisfied that the restrictions are reasonable bearing in mind length of time, and or the geographical boundaries.
- Establishing good internal control measures - Corporate espionage is an activity that seeks to obtain trade secrets by illegal or restricted methods and companies must develop security systems to protect their proprietary information from being stolen by external or internal parties or competitors. A corporate system for protecting proprietary information would include a comprehensive plan ranging from restricting employee access, to data protection, to securing telephone lines and meeting rooms. In some cases, a Chief Information Officer (CIO) may be appointed to implement such a plan. Employees must also be taught to watch out for signs of corporate espionage and report irregularities to the relevant administrative authorities.
- Other ways of protecting proprietary information include: marking documents as "confidential", prohibiting people from making photocopies of documents that constitute trade secrets or removing them from company premises, limiting access of employees to sensitive materials, creating a written trade secret protection plan, and filing suits for theft of trade secrets.
- Departing employees - Conducting exit interviews with departing employees, securing the return of all information and electronic equipment, and reminding the departing employees of their obligations to maintain confidentiality of trade secrets3.
Remedies available for unauthorised use of proprietary information
A party whose proprietary information has been wrongfully disclosed or used may generally pursue two remedies: injunctive reliefs and damages. An injunction (a court order restraining or compelling certain action) would be the appropriate remedy when the owner of proprietary information desires to prevent its ongoing use by the party who wrongfully used it. Monetary damages on the other hand would be appropriate when unauthorized use of the information results in quantifiable monetary loss to its owner.
The Final Analysis
When the word 'espionage' is mentioned, the images that come to mind most times are images of the activities of the Central Intelligence Agency, the Russian KGB, the Isreali Mossad, even the James Bond movies, and the likes. But yes, espionage does occur in business and professional circles. Imagine investing time and other resources into a business and valuable information relating to the business ends up in the wrong hands or in the hands of a competitor. In this light, the need to implement the necessary safeguards to prevent such espionage or breaches from occurring cannot be over emphasized.
2. Commercial Law- George Etomi
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.