(July 2018) Pass me the invisible ink James…
Mention spies and you may think of James Bond scaling a building in the dead of night, but when it comes to commercial espionage it’s more likely to be Jim in product development, who has a new job with a competitor, or a cyber specialist sitting a thousand miles away, acting on commission to hack into your server.
And for any business thinking they don’t have any secrets to steal, the target is as likely to be your business plan or customer database, as the Coca Cola secret recipe or the physics behind a new technology.
The protection of trade secrets is an international issue and new legislation has come into force in the UK, which marks an important shift in emphasis, placing the burden on business to prove they protected their corporate intelligence.
The Trade Secrets (Enforcement, etc) Regulations 2018 came into force in June, implementing the EU Trade Secrets Directive, which is designed to harmonise the protection of confidential corporate information across the Eurozone. In the UK, trade secrets have previously been protected through case law, and the new legislation will sit alongside rather than replace this.
The big difference is that the new legislation offers a statutory definition of what constitutes a trade secret. It describes it as being information that is secret, has commercial value because it is secret, and that reasonable steps have been taken to keep it secret.
This is a narrower definition than previously, where it was about showing that information was recognisably confidential and was imparted in circumstances that a reasonable person would recognise as being in confidence. Now it’s about proving its inherently secret nature and how it has been protected.
We will have to wait and see how the courts interpret the Directive’s requirement for ‘reasonable steps’ to be taken to protect information, but what is clear is that businesses will have to review all aspects of confidentiality across the company, and their processes with employees, suppliers and customers. If there are outdated or few procedures in place, then it’s time to get this high on the agenda, ideally as part of an overall review of IP.
The review should include non-disclosure agreements and confidentiality provisions in both supplier and client contracts. Restricting access to information internally is also important; ideally trade secrets should be stored using encryption and password protection, with clear protocols as to how such information may be used. Alongside, some simple steps such as applying a ‘confidential’ watermark to relevant documents can help shift the culture towards appreciating the value of such information.