Using Non-Disclosure Agreements Offensively and Defensively

Trade Secret Litigation A Case Study LITTLE CORP. V. GOLIATH CO.

Cast of Characters—Little Corp. Larry—President, Chief Executive Officer Curly—Director of Engineering Moe—VP of Engineering Shemp—Consulting Engineer

Cast of Characters—Little Corp. Cruella DeVil - VP of Marketing and later President, CEO

Timeline of Events Before 1995 - 15 year mutually beneficial relationship 3/8/95 - CDA signed, both parties bound by terms 4/24/95 - Little Corp. presents concept to Goliath audience 9/10/95 - Moe fired - “choked” at presentation 11/6/95 - Follow-up meeting with Goliath engineers who challenge Little Corp.’s data and claims. Goliath suggests repositioning technology for internet. 12/1/95 - Shemp fired

Timeline of Events Jan. ‘96 - “New internet Project” announced at Little Corp. Spring ‘96 - Software development slow and product full of bugs June ‘96 - Curly fired July ‘96 - Cruella hired as VP Marketing Sept. ‘96 - Goliath announces future internet product release Nov. ‘96 - Memo from Cruella to Little Corp. Board re: alleged mismanagement of project by Larry 12/2/96 - Larry fired by Board

Timeline of Events December ’96 - Cruella shuts down internet project and writes memo outlining strategy to sue Goliath December ’97 - Goliath internet product beta release June ’98 - Goliath internet product release August ’98 - Little Corp. sues Goliath

General Lessons of Little Corp. v. Goliath Co. Business relationships are between individuals, but legal relationships are not New management Even former allies’ loyalties can be bought/rented . . . Larry - $50,000 Curly - $30,000 Moe - $20,000 Shemp - $110,000

Lessons for CDA Maintain a paper trail of what you disclosed and/or received and when [and who was present] [Accurately] Define how the Confidential Information may be used in as much detail as possible

Lessons for CDA Goliath Corp

Lessons for CDA Goliath

Court Order

Lessons for CDA Maintain a paper trail of what you disclosed and/or received and when [and who was present] [Accurately] Define how the Confidential Information may be used in as much detail as possible Confidentiality obligations terminate in 3 years unless otherwise stated

Lessons for CDA Goliath

Court Order

Lessons for CDA Maintain a paper trail of what you disclosed and/or received and when [and who was present] [Accurately] Define how the Confidential Information may be used in as much detail as possible Confidentiality obligations terminate in 3 years unless otherwise stated Remember that ALL Confidential Information must be marked CONFIDENTIAL, or if disclosed orally, must be designated CONFIDENTIAL and then confirmed as such in writing WITHIN 30 DAYS of the disclosure

Tailoring a Trade Secret Policy and Procedures to Your Company

Developing A Trade Secret Program in 5 “Easy” Steps Appoint the right people to develop P&P Conduct a trade secret audit and inventory Develop and implement the P&P Educate Employees Enforce It

First Step for Developing A Trade Secret P&P Appoint a Trade Secret Compliance Officer Duties: controlling the use of NDAs maintaining logs and records of NDAs track disclosures and receipts of confidential information monitor steps taken to maintain secrecy oversee the implementation and enforcement of the P&P

First Step for Developing A Trade Secret P&P Appoint a P&P Development Team Comprised of: trade secret compliance officer representatives of company departments: information technology human resources training records management security legal

Next Step: Trade Secret Audit and Inventory Reasons for Identifying Company Trade Secrets Know and understand confidential assets Protect confidential assets consistently Reduces risks involving third party trade secrets Meet burden of proof in trade secret litigation often fast track little time to identify and document trade secrets some problems can’t be fixed

Information may be viewed and treated as a trade secret if: Not generally known outside of the company Valuable to the company (or likely would be valuable to competitors), for example: company spent significant effort or money developing the information gives the company a competitive advantage is likely to lead to a commercial product or licensing cannot be easily acquired or duplicated by others a competitor is likely to try to arrive at the same development independently a competitor is likely to design around Measures have been taken to guard the secrecy of the information.

Trade Secret Audit and Inventory Identify the information the company wishes to protect by type by value to the company by location by storage method Memorialize nonwritten information Include catchall language “purpose of inventory is to identify types of company trade secrets to better inform management, and may not be complete” Describe the value of the secret information to the company Maintain records Develop procedures for documenting Trade secrets identified by inventory Steps taken to maintain secrecy

Trade Secret Audit and Inventory Develop a plan for applying these principles and auditing One approach: group leaders identify and document secrets in their groups, report to compliance officer Identification and protection of trade secrets should be a dynamic, ongoing process. portfolio of trade secrets is constantly changing new confidential information should be documented and protected as it is created or received update annually, if possible Develop procedures for conducting periodic review and update

Where to Look for Trade Secrets Technical Information/Research & Development Production/Process Information Vendor/Supplier Information Quality Control Information Sales & Marketing Information Internal Financial Information Internal Administrative Information Internal Computer Software Any information of strategic or other importance to the company

Third Step: Developing A Trade Secret P&P Basic Goals Courts expect a combination of measures that: keep information secret inside the company prevent or control access to such information by third parties Two separate documents, both tailored to the company

Developing A Trade Secret P&P P&P and Inventory should be done in conjunction with counsel They have done it before Adequate audit and inventory Adequate steps to maintain secrecy Adequate documentation Adequate procedures and enforcement Attorney-client privilege

Developing A Trade Secret Policy Directed to all employees Relatively short Easy to understand Expresses general rules, guidelines, principles, and philosophy Informs employees of the existence of company’s trade secret protection procedures

Developing A Trade Secret Policy State that employees have affirmative obligations to: identify, protect, and maintain secrets access, use, and disclose company secrets only for business purposes, to benefit the company resolve doubts in favor of the company and its best interests, and maintain secrecy comply with applicable laws and regulations honor software licenses and other agreements report violations of the P&P direct doubts and questions about the P&P to management.

Developing Trade Secret Procedures Much more detailed This presentation is the tip of the iceberg Checklist Company’s rules for handling confidential information They should control and standardize procedures for: Identifying trade secrets Handling trade secrets inside the company Trade secrets leaving the company Equipment used in connection with trade secrets People with access to trade secrets

Developing Trade Secret Procedures They should control and standardize procedures for (cont’d): Company’s receipt of third party trade secrets Implementing clean room procedures Company’s engagement in R&D (or other joint projects) with third parties, involving trade secrets Educating company employees regarding the P&P

Developing Trade Secret Procedures State that the definition and scope of potential trade secrets is very broad Include examples of trade secrets Include examples of trade secret materials Company may wish to protect information that does not rise to the level of a trade secret. may designate several levels of confidential information may protect them in different ways

Developing Trade Secret Procedures Establish meanings for terms and use them consistently (and not interchangeably if they have different meanings). For example: Proprietary may include all intellectual property Confidential may be available for licensing and disclosure to third parties Restricted may not be available for licensing and disclosure to third parties without special approval Secret may not be disclosed outside the company without Board approval Top Secret may be known by only a few people maybe no one knows the whole secret

Developing Trade Secret Procedures Develop restrictions applicable to each level of confidentiality “Need to know” matrix Develop rules for labeling confidential information appropriately: Company name Confidentiality statement Copying, disclosure, and use restrictions Only authorized persons may access, use, disclose Label every page

Physical Safeguards Write Procedures for: Creating maintaining, and using a trade secret repository Restricting access to secret information, documents, plants, and facilities Examples……….

Physical Safeguards Write Procedures for Controlling: Dividing and coding information Visitors/tours Identity badges and/or access cards Movement of information Areas where secret information is kept Shredding or other destruction DON’T FORGET THE GARBAGE Physical and e-copies Technological copy protections Copying & copies Employees who work outside the office: materials access storage Hours and monitoring access to information or facilities Information in plain view

Physical Safeguards Write Procedures for: Installing security measures with varying degrees of security based on the level of confidential information kept in each area, e.g.: automatic locks fingerprint and retinal readers voice recognition changing locks and security codes periodically fences Signs security guards and dogs television monitors alarms

Procedural Safeguards Write Procedures for: Assuring that access to trade secret information is on a need-to-know basis Bringing or using at work: Cameras IPODS Controlling disclosures in: Speeches Technical papers Business and marketing documents

Procedural Safeguards Write Procedures for: Scrubbing old computers before disposing of them or donating them to charity Distributing trade secret information depending on level of confidentiality Not by email (including text messaging and instant messaging)

Procedural Safeguards Write Procedures for: The end of the day: log out of computer lock up secret documents lock the office make sure everyone is gone from the division lock the division offices sign out

Procedural Safeguards Write Procedures for: Safeguarding documents Labeling Securing Copying Screening Tracking

Write Procedures for Electronic Data and Electronic Devices Network and information access, firewalls Encryption of communications Use of computers, fax machines, photocopiers, etc. Monitoring Storage Copying and downloading Transmission Tracking and logging access Automatic legends copying restrictions secrecy restrictions

Write Procedures for Information Leaving the Company What information can be disclosed Who can disclose it Who has authorized access How and when Participation in Open Source/Standards Bodies Marking trade secret information Encryption Email (including text messaging and instant messaging): no personal email software or accounts for business or personal communications at the office require copying the boss The use peer-to-peer applications

Write Procedures for Information Leaving the Company Monitoring employee communications, consistent with privacy laws law may require informing employees that phone and email (including text messaging and instant messaging) will be monitored some countries may not allow monitoring Monitoring email attachment size Monitoring third parties who have received company secrets Using content filtering tools that automatically encrypt, block, hold Monitoring vendors with access to secrets

Write Procedures for Information Leaving the Company Shipping NDAs Agreements with third parties (e.g., license agreements, collaboration agreements, joint venture agreements)

Write Procedures for Controlling People First line of defense: disclose trade secrets only on a need-to-know basis  Second line: ensure that everyone with a need-to-know has executed a confidentiality agreement Third line: confidentiality agreements should be executed with all employees with potential access to trade secrets 

Write Procedures for Controlling People Employee intake procedures Employee exit procedures Develop procedures for requiring employees who create information or inventions to: assign IP to the company license previous inventions to the company agree to injunctive relief for breaches of the agreement Current employees may need new consideration, and new agreement and consideration may be needed after material change in job (e.g., a promotion)

Write Procedures for Receiving Third Party Secrets Assume third party information is confidential Handling unsolicited third party information Voluntarily receiving third party information Using company NDA versus third party NDA Reverse engineering/clean room

Write Procedures for Education Develop programs to educate employees about: the importance of trade secrets the P&P the potential consequences of violating the P&P Implementing such education, and followup

What is worse than having no P&P?

Worse: Not enforcing it Develop rules and procedures to enforce the P&P: Develop an enforcement plan Incorporate the P&P into company code of conduct Develop rules for when and how: employees should be disciplined employees should be terminated criminal prosecution should be sought Enforce P&P consistently to avoid defenses in litigation to reduce likelihood of claims of discrimination

Questions?

Speaker Information Laura Masurovsky is an experienced intellectual property litigator with more than 25 years of practice in federal and state courts. She concentrates on complex patent and trade secrets litigation involving a wide range of technologies including pharmaceuticals, medical devices, wireless communication, computer hardware and software, e-commerce, and consumer electronics.

Disclaimer These materials are public information and have been prepared solely for educational and entertainment purposes to contribute to the understanding of U.S. intellectual property law. These materials reflect only the personal views of the authors and are not a source of legal advice. It is understood that each case is fact specific, and that the appropriate solution in any case will vary. Therefore, these materials may or may not be relevant to any particular situation. Thus, the authors and Finnegan, Henderson, Farabow, Garrett & Dunner, LLP cannot be bound either philosophically or as representatives of their various present and future clients to the comments expressed in these materials. The presentation of these materials does not establish any form of attorney-client relationship with the authors or Finnegan, Henderson, Farabow, Garrett & Dunner, LLP. While every attempt was made to ensure that these materials are accurate, errors or omissions may be contained therein, for which any liability is disclaimed.