It is often said that every crisis also presents an opportunity. The current COVID-19 pandemic presents the chance to revise and improve protective strategies for trade secrets. It’s an opportunity that should not be ignored. As the situation stabilizes and employers plan to re-open their offices, many employees will continue to work remotely as a health precaution (or simply because it’s now possible). In planning for your company’s return to the office, now is the perfect time to use recent experiences to identify any weakness in your trade secret policies by comparing them to the work-from-home reality. As we emerge from the crisis, collect real-world data from your employees to identify the security shortcuts and vulnerabilities that are putting your trade secrets at risk, and use this time to remedy them.
Practical tips for post-pandemic trade secret security:
- Develop a checklist for returning employees to determine if they have printed or downloaded any trade secret or confidential materials at home. Have employees confirm that they have now returned any such materials.
- Canvass employees about what resources they needed to work productively from home. For example, what devices did they use – was it only employer-issued laptops and smart phones, or did they also use personal devices? Were any of those devices shared with other family members? What about flash drives and other portable storage devices? What about home printers that have memory storage of recent print jobs? This information can all be used to update and strengthen your written policies regarding trade secret protections to be implemented when employees work remotely.
- Take inventory of all new IT practices that may have been put in place during the crisis to enable remote access to trade secret information. In addition to measures used by your own IT teams, find out whether employees used any personal work-arounds and security shortcuts to make it easier to do their jobs remotely. Identify areas of weakness and the measures you can take to tighten security, including shutting down any access points that simply cannot be made secure.
- Update written work-from-home policies, including policies detailing the proper handling of all trade secret and confidential information.
- Remind employees that they must comply with all workplace policies governing the proper handling of confidential and trade secret information, even when working from home. Among other things, employees must maintain trade secret materials in a secure location (both physically and electronically), and ensure that confidential conversations cannot be overheard – even by family members.
- Finally, document in writing all of the measures you have taken to ensure the continued protection of trade secret information. This will create the record needed to establish that you have consistently taken reasonable measures to maintain secrecy, and help to establish that any inadvertent trade secret disclosures were mere aberrations, in violation of corporate policy and practice.
Remember that in order to maintain legal rights in a trade secret, the owner must make “reasonable efforts under the circumstances” to keep it a secret. By any measure, recent circumstances have been extraordinary. While courts will likely take the highly unusual situation of the pandemic into account, that leeway only extends so far – and it will not provide a good excuse for those who fail to identify and correct security vulnerabilities after the emergency has passed.
Because every business is unique, there is no one-size-fits-all solution for the protection of trade secrets. The critical point is to implement protective measures that are reasonable in light of your business’s resources and operations. Thus, you should consult with legal counsel to determine whether your individual policies and practices are appropriately matched to your unique circumstances.