Employees leave businesses for competitors. It happens all the time.
Employees also take with them important information from their previous employer. It happens more often than you would think.
A recent case illustrates how one employer’s failure to protect its own information in any meaningful way affected, and may have even lost, its rights to protect that information.
In CGW v. Weldcote, CGW is the employer in deep water. It employed Joseph O’Mera as its president for almost two decades. When O’Mera eventually left CGW to join Weldcote, a competitor, he took with him a flash drive containing CGW’s transaction information. This information included pricing, costs, and identities of suppliers. O’Mera also offered jobs to other employees of CGW, and asked them to collect additional information from CGW before leaving.
When CGW attempted to sue Weldcote and O’Mera for theft of trade secrets, it filed for a preliminary injunction to stop any further use of the information during the trial process. The court denied that preliminary injunction because CGW would be unlikely to win its claim of theft of trade secrets.
How could CGW have gone so wrong when clearly their former president took valuable information? They didn’t protect the information in the first place.
A piece of information only qualifies as a trade secret if it meets certain requirements. One of the most important is that you have to have made reasonable efforts to maintain its secrecy. In other words, you can’t claim trade secret protection in the files you let everyone freely see. Secrets must be treated like secrets. In this case, CGW failed to treat the information as a secret in almost every way imaginable.
Here are some of the things that the employer neglected, and according to the court, would have made a difference in its trade secret theft claim:
- Create an internal policy regarding confidentiality that specifically requires employees to keep your valued information confidential.
- Have employees and contractors sign non-disclosure agreements covering your valued information.
- Restrict internal access to trade secrets to only those employees with a need to know – using gatekeepers, passwords, privileges, and physical barriers as necessary.
- Implement exit processes for departing employees, where all data is required to be returned and access to information is revoked.
- When hiring data security personnel, ensure they have the proper background and experience, and/or provide the proper training.
- Use encryption as appropriate for the sensitivity of the data.
- If contractual protections expire, renew them in a timely fashion.
- Be clear to employees about what is considered company property, company trade secrets, and confidential information.
This case is a great illustrator of the many processes and template agreements that can add up to proper protection of company information. While CGW may have an additional chance at trial to prove that it protected its information, losing a preliminary injunction is a big enough blow that companies should take note.