When someone has their trade secret recipe or product formula stolen, they come to an intellectual property attorney asking them to fix it. This is unfortunate. Sadly, there is no cure for lost information. A judge can’t put the genie back in the bottle.
If an angry employee posts your customer list to the internet, the court might be able to get him or her to take it down, but it can’t do anything about the people who read it or the copies downloaded by your competitors.
If a former supplier accidentally exposes your secret formula during a presentation at a trade show, you might be able to get some kind of money damages (if you can prove the harm), but you aren’t going to get the attendees to destroy their notes or delete the picture of your formula they took on their iPhones.
Now, a lawsuit may be necessary to address some ongoing harm (like the list on the internet), and it may allow you to recover money damages from the offending employee, supplier, or competitor (assuming they are guilty of some sort of wrongdoing). This is a pretty detailed analysis of the details of your situation and you really would need to sit down with an attorney to figure it out. It will be expensive, distracting, and stressful (as pretty much all lawsuits are). And, I can pretty much guarantee that even if you are victorious you will never me made whole.
You need to prevent the loss in the first place. Not only does actual prevention keep you out of a trade secret lawsuit and make sure the secret stuff stays secret, but the reasonableness of your attempts at prevention will determine whether the court thinks you ever had a trade secret.
Physical and electronic security matter. Think about where most of your confidential information lives. For most businesses, it is in computer files and paper documents. From a security standpoint, you are lucky if it is all still kept in an office building. Most of us don’t have that luxury and are carrying critical information on our laptops and phones and in our briefcases and bags. Regardless of whether it is a room in your building or dozens of electronic devices, you need to be mindful of how people can get in and out of it.
Your office space should be locked. Critical information should be out of sight, preferably in a locked drawer or cabinet, when not in use. Don’t make it easy for someone to stumble onto your plans, customer lists, or proprietary formulas. With an increasing number of us working out of home offices and other shared spaces, you need to give serious thought to keeping your business information separate and protected from loss or misuse. It isn’t that we can’t trust our families, but you would be amazed how easily and innocently information walks away.
(I could tell you an uncomfortable story about my 8 year old foraging for scrap paper on my desk and what cropped up on the back side of one of his masterworks to be shared with all. It wasn’t client related—I am very careful about client stuff, but still.)
Each of your electronic devices should be thought of as another room that needs to be locked up, at least when not in use. Make sure that your office computer and each device you carry are password protected. Don’t share the password. And don’t commingle your business accounts and information with other stuff your family uses (shared e-mail accounts are a terrible idea in business).
Give some serious thought to whether or not you want your business information on your personal devices and those of your employees and independent contractors. It is the nature of the age that most of us are using our smartphones for business and carrying all sorts of business related information, whether it is e-mail and attachments or actual documents and mobile applications. If you are going to allow it, make sure you have a clear policy about the security requirements for those devices, as well as removing or recovering the information when someone leaves or changes devices.
Do It Right Now
Make a list of everywhere that you are storing confidential business information. Depending on how long you’ve been around and how centralized you are, this could be quite a list. You may want to shorten the task by considering categories, like: main office, home office, 2 office PCs, 3 laptops, 5 employee-owned smartphones, 2 cloud storage applications, etc. Now, make sure that each one has reasonable security on it—lock, password, etc.
Invest in an ounce of prevention, because there is no cure. Information, once lost, is impossible to recover.
Want to learn more about trade secrets and how best to manage them? Check out these other trade secret articles: