Company Confidential

What is confidential information? Just about every employer has information it claims is “confidential” ' typically something unique to the business. But many employers mistakenly believe all of their information is “confidential” under the law. In fact, many standard confidentiality clauses classify everything, including the proverbial kitchen sink, as confidential.

These overbroad notions actually do a disservice to companies ' making it increasingly difficult for courts to determine what is truly confidential and deserves legal protection. Because their analysis is very fact-intensive, courts have actually reached conflicting and sometimes contradictory decisions. As a result, it can be challenging for companies to predict exactly what information will be deemed confidential.

With this complicated landscape ' and a down economy making competitive information even more vulnerable ' now is the time to ensure your confidentiality policies and practices are sound and defendable. Here's a look at the dichotomy between trade secrets and confidential information; the common misconceptions about confidential information; how to make the confidentiality argument; and tips for counsel to preserve confidentiality.

Trade Secrets vs. Confidential Information

There are two types of confidential information: trade secrets and the ubiquitous confidential information.

A trade secret usually includes a formula, drawing, pattern, compilation (possibly including a customer list) program, device, method, technique or process. It is something that has independent economic value, because it is not generally known or readily ascertainable by others. Trade secrets also have some economic value from their disclosure or use.

And, importantly, companies must take reasonable efforts to protect their trade secrets, generally protected under some version of the 1979 Uniform Trade Secret Act (“UTSA”). Since its inception, numerous states have adopted a version of UTSA, and most states simply parrot the language.

But UTSA's trade secret definition clearly does not apply to all types of information that an employer would consider confidential. Some courts have ruled that if a state adopts UTSA, then an employer has no legal protection for confidential information that is not a trade secret. Other courts have taken the opposite approach, finding an employer still has legal protection for trade secrets and confidential information that does not rise to the level of trade secrets. The key is to separate fact from fiction and understand what information can be protected in court.

Common Misconceptions

Beyond mistakenly assuming that if it's confidential, it must be a trade secret, there are other misconceptions regarding confidential information.

Myth: We say it's confidential, so it is. Many companies believe that everything at, about and learned in their workplace is legally confidential and cannot be disclosed to a competitor. But not everything that an employee learns is confidential. If it was, then all employees would have to receive a frontal lobotomy if they left their current employer to join a competitor. Calling something confidential is less important than how an employer actually treats the information.

Myth: All proprietary information is confidential. Just because the employer owns the information does not mean it is confidential. If the information is available from another publicly available source, a court will not treat it as legally confidential.

Myth: The identity of customers and knowledge of their preferences are always private. Many employers believe that the identity of their customers is sacrosanct. Once they expose an employee to their customer base, the argument goes, the employee is not permitted to go to the competition because he/she knows the identity of his/her former employer's customers.

More often than not, this is not true. It can be easier than you think to find out who the customers are for a given product or service. Numerous trade associations, industry and lobbying groups post their membership lists on the Internet. And, there are many organizations dedicated to providing potential customer lists and leads to various types of companies. Unless your company has a secret customer that no one else knows about, the identity of customers alone is probably not confidential.

What's more, many claim knowledge regarding customer preferences (e.g., purchasing preferences) is highly confidential. While this may be true because you would not want your competition to have this type of information, it does not mean that employees should be prevented from going to the competition mainly because they have this information in their heads. If the competition knows who the potential customers are, this type of information could be available simply by asking these particular customers what they like and dislike about a certain product or service.

Myth: Non-compete agreements are easy to enforce, so we don't have to worry about employees taking our confidential information to a competitor. A non-compete agreement
is not automatically enforceable, with some states actually outlawing certain types of non-compete agreements. Even in the states where these agreements are enforced, courts universally disfavor them and require that they be narrowly tailored. In fact, some courts will not enforce a non-compete if it's overbroad. Thus, while non-competes are a great way to protect confidential information, they must be carefully drafted and used only in certain states.

Making the Case for Confidentiality

First, the most important thing is to treat confidential information as actually being confidential. If you are going to claim that client identities or client lists are confidential, then ensure you do not identify your key clients on your website. If a particular document or data compilation is considered to be confidential, stamp it confidential. It's much easier to persuade a jury that a document is confidential when the employer actually designates it as such from the beginning. While this isn't foolproof, you don't want to be on the stand trying to convince a jury that a document is confidential, when the actual word is not on it.

The general rule is that the easier it is to acquire the information, the less confidential the court will consider it to be. Therefore, second ' with courts looking at how much time was spent on developing or compiling the information ' be vigilant in tracking your efforts to develop certain types of information. Think in terms of hours and related resources, using cost-accounting methods to record how much it costs your company to develop and maintain a customer database, central lead network and financial information. This is the type of evidence that jurors and judges look for when deciding if your information is worthy of legal protection.

Third, don't classify information that is old and has no historical value as confidential. We live in a digital age where information becomes stale within days, if not minutes.

Fourth, don't make a trade secret publicly available. However, if it's confidential, information can still be publicly available and warrant some legal protection. For example, a list of customers' names may be available on the internet. But, if an employee steals a list of these names and uses it to compete, the employer is still injured. In these cases, courts treat the list as proprietary and find that the employee can be liable for stealing and using the list.

Preserving Confidentiality

Once you make the argument for confidentiality, there are strategies you can use to gain ground in preserving critical company information and strengthening your argument in court.

Train your employees. It's a no-brainer to ensure everyone signs confidentiality/non-disclosure policies explicitly outlining what's confidential and what cannot be disclosed outside the workplace or to a competitor. But it is also important to train employees at orientation time about how to treat such private information and the importance of preventing breaches. This is good evidence that a company took reasonable steps to protect its secrets.

Use non-compete and non-solicitation agreements. Failure to use a non-compete or non-solicitation agreement can be used against you. It shows that the information truly is not confidential if you have not taken the basic measures to protect it. Have your employees agree to a non-compete or non-solicitation, and ensure it is enforceable in your particular jurisdiction. Often, these agreements alone can provide all the protection an employer needs to protect its confidential information. But, at the same time, as discussed, it's important to ensure non-competes are legal in your jurisdiction and drafted to maximize their potential enforceability. An overbroad non-compete is worthless.

Limit access to your confidential information. Of course, third parties should not have access to your confidential information unless there is a non-disclosure or a confidentiality agreement in place. Similarly, you should not allow third parties to freely roam your workplace. Implement a security protocol for visitors. Juries expect companies, at a minimum, to put these security measures into place. For your employees, make sure that truly confidential information is not disseminated to employees who do not need to know about it. Also, consider storing your really confidential information on a separate network that only certain employees can access. Again, this will help convince a jury that you took extra care to protect your most sensitive information.

Watch your Web sites. There are numerous instances where companies have claimed that information is confidential, only to later discover that it is actually live on their site. So, be very careful of what you post. Ensure that someone outside of your technical group monitors what is posted so you can avoid these types of embarrassing and costly situations.

Eliminate confidential information at home. Telecommunicating can present dangers for possible breaches. If a lot of your employees work from home, you need to be careful about them keeping all kinds of information on their home computers. Once the confidential information leaves your workplace, it is difficult to track. Consider adopting a policy where employees are not permitted to store company information on their home computers.

Restrict/prohibit use of flash drives. Flash drives also can jeopardize confidential information. It is very easy to copy an e-mail with a confidential attachment from a work computer to a flash drive and then take that information home. Think about setting up your computers so they are not able to download information to flash drives. This may prevent a lot of future headaches.

Go old-school ' use paper. Consider disseminating confidential information via the old-school paper way rather than through e-mails with attachments. Once you click “send,” you lose track. If you have a confidential report or other document you want to discuss with employees at a meeting, hand it out to them at the meeting and then collect it back. This way you can verify the information does not wind up in the wrong hands ' also demonstrating to the court you are taking extreme measures to treat this information as being truly confidential.

Adopt a document retention and destruction policy. How you discard your trade secrets and confidential information can be as important as how you maintain them. Don't just dump your secrets in the trash. Shred them, burn them or do something to make sure they don't fall into the wrong hands. This is another reasonable step to protect your information.

Utilize exit interviews effectively. Whenever employees leave, ask them if they have your information on any personal computers or flash drives. Remind them of their obligation to return all of this information. (Many times employees have this information at their homes ' for purely innocent reasons ' and forget that it's there.) Also, when employees intentionally take your secrets, juries like to hear that the employer reminded the employee of their obligation to return information during an exit interview. This preempts the “I didn't realize that I had it” defense.

Call the Feds. Stealing confidential information and trade secrets may be a crime. Under federal law, the Computer Fraud and Abuse Act and the Economic Espionage Act may be violated when employees steal confidential information and/or trade secrets. If an employee steals your secrets, you may be able to file a criminal complaint and really increase the pressure.

Conclusion

Properly classifying your confidential information and putting crucial protections in place will ultimately be your company's best defense.

David J. Walton ([email protected]) is a member in Cozen O'Connor's Labor & Employment Practice Group. Vice-chair of the firm's E-Discovery Task Force, Walton recently won a $7 million jury verdict on behalf of a U.S. company whose trade secrets were stolen by former employees.

What is confidential information? Just about every employer has information it claims is “confidential” ' typically something unique to the business. But many employers mistakenly believe all of their information is “confidential” under the law. In fact, many standard confidentiality clauses classify everything, including the proverbial kitchen sink, as confidential.

These overbroad notions actually do a disservice to companies ' making it increasingly difficult for courts to determine what is truly confidential and deserves legal protection. Because their analysis is very fact-intensive, courts have actually reached conflicting and sometimes contradictory decisions. As a result, it can be challenging for companies to predict exactly what information will be deemed confidential.

With this complicated landscape ' and a down economy making competitive information even more vulnerable ' now is the time to ensure your confidentiality policies and practices are sound and defendable. Here's a look at the dichotomy between trade secrets and confidential information; the common misconceptions about confidential information; how to make the confidentiality argument; and tips for counsel to preserve confidentiality.

Trade Secrets vs. Confidential Information

There are two types of confidential information: trade secrets and the ubiquitous confidential information.

A trade secret usually includes a formula, drawing, pattern, compilation (possibly including a customer list) program, device, method, technique or process. It is something that has independent economic value, because it is not generally known or readily ascertainable by others. Trade secrets also have some economic value from their disclosure or use.

And, importantly, companies must take reasonable efforts to protect their trade secrets, generally protected under some version of the 1979 Uniform Trade Secret Act (“UTSA”). Since its inception, numerous states have adopted a version of UTSA, and most states simply parrot the language.

But UTSA's trade secret definition clearly does not apply to all types of information that an employer would consider confidential. Some courts have ruled that if a state adopts UTSA, then an employer has no legal protection for confidential information that is not a trade secret. Other courts have taken the opposite approach, finding an employer still has legal protection for trade secrets and confidential information that does not rise to the level of trade secrets. The key is to separate fact from fiction and understand what information can be protected in court.

Common Misconceptions

Beyond mistakenly assuming that if it's confidential, it must be a trade secret, there are other misconceptions regarding confidential information.

Myth: We say it's confidential, so it is. Many companies believe that everything at, about and learned in their workplace is legally confidential and cannot be disclosed to a competitor. But not everything that an employee learns is confidential. If it was, then all employees would have to receive a frontal lobotomy if they left their current employer to join a competitor. Calling something confidential is less important than how an employer actually treats the information.

Myth: All proprietary information is confidential. Just because the employer owns the information does not mean it is confidential. If the information is available from another publicly available source, a court will not treat it as legally confidential.

Myth: The identity of customers and knowledge of their preferences are always private. Many employers believe that the identity of their customers is sacrosanct. Once they expose an employee to their customer base, the argument goes, the employee is not permitted to go to the competition because he/she knows the identity of his/her former employer's customers.

More often than not, this is not true. It can be easier than you think to find out who the customers are for a given product or service. Numerous trade associations, industry and lobbying groups post their membership lists on the Internet. And, there are many organizations dedicated to providing potential customer lists and leads to various types of companies. Unless your company has a secret customer that no one else knows about, the identity of customers alone is probably not confidential.

What's more, many claim knowledge regarding customer preferences (e.g., purchasing preferences) is highly confidential. While this may be true because you would not want your competition to have this type of information, it does not mean that employees should be prevented from going to the competition mainly because they have this information in their heads. If the competition knows who the potential customers are, this type of information could be available simply by asking these particular customers what they like and dislike about a certain product or service.

Myth: Non-compete agreements are easy to enforce, so we don't have to worry about employees taking our confidential information to a competitor. A non-compete agreement
is not automatically enforceable, with some states actually outlawing certain types of non-compete agreements. Even in the states where these agreements are enforced, courts universally disfavor them and require that they be narrowly tailored. In fact, some courts will not enforce a non-compete if it's overbroad. Thus, while non-competes are a great way to protect confidential information, they must be carefully drafted and used only in certain states.

Making the Case for Confidentiality

First, the most important thing is to treat confidential information as actually being confidential. If you are going to claim that client identities or client lists are confidential, then ensure you do not identify your key clients on your website. If a particular document or data compilation is considered to be confidential, stamp it confidential. It's much easier to persuade a jury that a document is confidential when the employer actually designates it as such from the beginning. While this isn't foolproof, you don't want to be on the stand trying to convince a jury that a document is confidential, when the actual word is not on it.

The general rule is that the easier it is to acquire the information, the less confidential the court will consider it to be. Therefore, second ' with courts looking at how much time was spent on developing or compiling the information ' be vigilant in tracking your efforts to develop certain types of information. Think in terms of hours and related resources, using cost-accounting methods to record how much it costs your company to develop and maintain a customer database, central lead network and financial information. This is the type of evidence that jurors and judges look for when deciding if your information is worthy of legal protection.

Third, don't classify information that is old and has no historical value as confidential. We live in a digital age where information becomes stale within days, if not minutes.

Fourth, don't make a trade secret publicly available. However, if it's confidential, information can still be publicly available and warrant some legal protection. For example, a list of customers' names may be available on the internet. But, if an employee steals a list of these names and uses it to compete, the employer is still injured. In these cases, courts treat the list as proprietary and find that the employee can be liable for stealing and using the list.

Preserving Confidentiality

Once you make the argument for confidentiality, there are strategies you can use to gain ground in preserving critical company information and strengthening your argument in court.

Train your employees. It's a no-brainer to ensure everyone signs confidentiality/non-disclosure policies explicitly outlining what's confidential and what cannot be disclosed outside the workplace or to a competitor. But it is also important to train employees at orientation time about how to treat such private information and the importance of preventing breaches. This is good evidence that a company took reasonable steps to protect its secrets.

Use non-compete and non-solicitation agreements. Failure to use a non-compete or non-solicitation agreement can be used against you. It shows that the information truly is not confidential if you have not taken the basic measures to protect it. Have your employees agree to a non-compete or non-solicitation, and ensure it is enforceable in your particular jurisdiction. Often, these agreements alone can provide all the protection an employer needs to protect its confidential information. But, at the same time, as discussed, it's important to ensure non-competes are legal in your jurisdiction and drafted to maximize their potential enforceability. An overbroad non-compete is worthless.

Limit access to your confidential information. Of course, third parties should not have access to your confidential information unless there is a non-disclosure or a confidentiality agreement in place. Similarly, you should not allow third parties to freely roam your workplace. Implement a security protocol for visitors. Juries expect companies, at a minimum, to put these security measures into place. For your employees, make sure that truly confidential information is not disseminated to employees who do not need to know about it. Also, consider storing your really confidential information on a separate network that only certain employees can access. Again, this will help convince a jury that you took extra care to protect your most sensitive information.

Watch your Web sites. There are numerous instances where companies have claimed that information is confidential, only to later discover that it is actually live on their site. So, be very careful of what you post. Ensure that someone outside of your technical group monitors what is posted so you can avoid these types of embarrassing and costly situations.

Eliminate confidential information at home. Telecommunicating can present dangers for possible breaches. If a lot of your employees work from home, you need to be careful about them keeping all kinds of information on their home computers. Once the confidential information leaves your workplace, it is difficult to track. Consider adopting a policy where employees are not permitted to store company information on their home computers.

Restrict/prohibit use of flash drives. Flash drives also can jeopardize confidential information. It is very easy to copy an e-mail with a confidential attachment from a work computer to a flash drive and then take that information home. Think about setting up your computers so they are not able to download information to flash drives. This may prevent a lot of future headaches.

Go old-school ' use paper. Consider disseminating confidential information via the old-school paper way rather than through e-mails with attachments. Once you click “send,” you lose track. If you have a confidential report or other document you want to discuss with employees at a meeting, hand it out to them at the meeting and then collect it back. This way you can verify the information does not wind up in the wrong hands ' also demonstrating to the court you are taking extreme measures to treat this information as being truly confidential.

Adopt a document retention and destruction policy. How you discard your trade secrets and confidential information can be as important as how you maintain them. Don't just dump your secrets in the trash. Shred them, burn them or do something to make sure they don't fall into the wrong hands. This is another reasonable step to protect your information.

Utilize exit interviews effectively. Whenever employees leave, ask them if they have your information on any personal computers or flash drives. Remind them of their obligation to return all of this information. (Many times employees have this information at their homes ' for purely innocent reasons ' and forget that it's there.) Also, when employees intentionally take your secrets, juries like to hear that the employer reminded the employee of their obligation to return information during an exit interview. This preempts the “I didn't realize that I had it” defense.

Call the Feds. Stealing confidential information and trade secrets may be a crime. Under federal law, the Computer Fraud and Abuse Act and the Economic Espionage Act may be violated when employees steal confidential information and/or trade secrets. If an employee steals your secrets, you may be able to file a criminal complaint and really increase the pressure.

Conclusion

Properly classifying your confidential information and putting crucial protections in place will ultimately be your company's best defense.

David J. Walton ([email protected]) is a member in Cozen O'Connor's Labor & Employment Practice Group. Vice-chair of the firm's E-Discovery Task Force, Walton recently won a $7 million jury verdict on behalf of a U.S. company whose trade secrets were stolen by former employees.